chore: feedback

SpecterOps · Nov 22, 2024 · 0d9afef · 0d9afef
1 parent c9b8bba
commit 0d9afef
Show file tree

Hide file tree

Showing 3 changed files with 3 additions and 5 deletions.
diff --git a/cmd/api/src/api/v2/auth/saml.go b/cmd/api/src/api/v2/auth/saml.go
@@ -31,7 +31,7 @@ import (
 	"github.com/specterops/bloodhound/log"
 	"github.com/specterops/bloodhound/mediatypes"
 	"github.com/specterops/bloodhound/src/api"
-	v2 "github.com/specterops/bloodhound/src/api/v2"
+	"github.com/specterops/bloodhound/src/api/v2"
 	"github.com/specterops/bloodhound/src/auth"
 	"github.com/specterops/bloodhound/src/ctx"
 	"github.com/specterops/bloodhound/src/model"
@@ -227,7 +227,7 @@ func (s ManagementResource) SAMLLoginHandler(response http.ResponseWriter, reque
 			bindingLocation = serviceProvider.GetSSOBindingLocation(binding)
 		}
 
-		// TODO: add actual relay state support
+		// TODO: add actual relay state support - BED-5071
 		if authReq, err := serviceProvider.MakeAuthenticationRequest(bindingLocation, binding, saml.HTTPPostBinding); err != nil {
 			log.Errorf("[SAML] Failed creating SAML authentication request: %v", err)
 			api.WriteErrorResponse(request.Context(), api.BuildErrorResponse(http.StatusInternalServerError, api.ErrorResponseDetailsInternalServerError, request), response)

diff --git a/cmd/api/src/auth/saml.go b/cmd/api/src/auth/saml.go
@@ -28,7 +28,6 @@ import (
 	"github.com/specterops/bloodhound/src/model"
 )
 
-// Todo Verify this is the optimal place for these
 func GetIDPSingleSignOnServiceURL(idp saml.IDPSSODescriptor, bindingType string) (string, error) {
 	for _, singleSignOnService := range idp.SingleSignOnServices {
 		if singleSignOnService.Binding == bindingType {
@@ -39,7 +38,6 @@ func GetIDPSingleSignOnServiceURL(idp saml.IDPSSODescriptor, bindingType string)
 	return "", fmt.Errorf("no SSO service defined that supports the %s binding type", bindingType)
 }
 
-// Todo Verify this is the optimal place for these
 func GetIDPSingleSignOnDescriptor(metadata *saml.EntityDescriptor, bindingType string) (saml.IDPSSODescriptor, error) {
 	for _, idpSSODescriptor := range metadata.IDPSSODescriptors {
 		for _, singleSignOnService := range idpSSODescriptor.SingleSignOnServices {

diff --git a/cmd/api/src/model/auth.go b/cmd/api/src/model/auth.go
@@ -562,7 +562,7 @@ type UserSession struct {
 	User             User `gorm:"constraint:OnDelete:CASCADE;"`
 	UserID           uuid.UUID
 	AuthProviderType SessionAuthProvider
-	AuthProviderID   int32 // This is the SSO Provider ID if SSO session
+	AuthProviderID   int32 // If SSO Session, this will be the child saml or oidc provider id
 	ExpiresAt        time.Time
 	Flags            types.JSONBBoolObject `json:"flags"`