refactor(editor): Extract SAML, OIDC, and LDAP from Settings Store into SSO Store (no-changelog) (#16276)

Author: alexgrozav

packages/frontend/editor-ui/src/components/SSOLogin.vue

@@ -2,19 +2,21 @@
 import { useSSOStore } from '@/stores/sso.store';
 import { useI18n } from '@n8n/i18n';
 import { useToast } from '@/composables/useToast';
-import { useSettingsStore } from '@/stores/settings.store';
+import { useRoute } from 'vue-router';
 
 const i18n = useI18n();
 const ssoStore = useSSOStore();
 const toast = useToast();
-const settingsStore = useSettingsStore();
+const route = useRoute();
 
 const onSSOLogin = async () => {
 	try {
 		const redirectUrl = ssoStore.isDefaultAuthenticationSaml
-			? await ssoStore.getSSORedirectUrl()
-			: settingsStore.settings.sso.oidc.loginUrl;
-		window.location.href = redirectUrl;
+			? await ssoStore.getSSORedirectUrl(
+					typeof route.query?.redirect === 'string' ? route.query.redirect : '',
+				)
+			: ssoStore.oidc.loginUrl;
+		window.location.href = redirectUrl ?? '';
 	} catch (error) {
 		toast.showError(error, 'Error', error.message);
 	}

packages/frontend/editor-ui/src/init.test.ts

@@ -3,12 +3,18 @@ import { useCloudPlanStore } from '@/stores/cloudPlan.store';
 import { useSourceControlStore } from '@/stores/sourceControl.store';
 import { useNodeTypesStore } from '@/stores/nodeTypes.store';
 import { useRootStore } from '@n8n/stores/useRootStore';
-import { initializeAuthenticatedFeatures, initializeCore } from '@/init';
+import { state, initializeAuthenticatedFeatures, initializeCore } from '@/init';
 import { createTestingPinia } from '@pinia/testing';
 import { setActivePinia } from 'pinia';
 import { useSettingsStore } from '@/stores/settings.store';
 import { useVersionsStore } from '@/stores/versions.store';
 import { AxiosError } from 'axios';
+import merge from 'lodash/merge';
+import { SETTINGS_STORE_DEFAULT_STATE } from '@/__tests__/utils';
+import { STORES } from '@n8n/stores';
+import { useSSOStore } from '@/stores/sso.store';
+import { UserManagementAuthenticationMethod } from '@/Interface';
+import { EnterpriseEditionFeature } from '@/constants';
 
 const showMessage = vi.fn();
 
@@ -31,19 +37,32 @@ describe('Init', () => {
 	let usersStore: ReturnType<typeof useUsersStore>;
 	let nodeTypesStore: ReturnType<typeof useNodeTypesStore>;
 	let versionsStore: ReturnType<typeof useVersionsStore>;
+	let ssoStore: ReturnType<typeof useSSOStore>;
 
 	beforeEach(() => {
-		setActivePinia(createTestingPinia());
+		setActivePinia(
+			createTestingPinia({
+				initialState: {
+					[STORES.SETTINGS]: merge({}, SETTINGS_STORE_DEFAULT_STATE),
+				},
+			}),
+		);
+
 		settingsStore = useSettingsStore();
 		cloudPlanStore = useCloudPlanStore();
 		sourceControlStore = useSourceControlStore();
 		nodeTypesStore = useNodeTypesStore();
 		usersStore = useUsersStore();
 		versionsStore = useVersionsStore();
 		versionsStore = useVersionsStore();
+		ssoStore = useSSOStore();
 	});
 
 	describe('initializeCore()', () => {
+		beforeEach(() => {
+			state.initialized = false;
+		});
+
 		afterEach(() => {
 			vi.clearAllMocks();
 		});
@@ -63,6 +82,28 @@ describe('Init', () => {
 
 			expect(settingsStoreSpy).toHaveBeenCalledTimes(1);
 		});
+
+		it('should initialize ssoStore with settings SSO configuration', async () => {
+			const saml = { loginEnabled: true, loginLabel: '' };
+			const ldap = { loginEnabled: false, loginLabel: '' };
+			const oidc = { loginEnabled: false, loginUrl: '', callbackUrl: '' };
+
+			settingsStore.userManagement.authenticationMethod = UserManagementAuthenticationMethod.Saml;
+			settingsStore.settings.sso = { saml, ldap, oidc };
+			settingsStore.isEnterpriseFeatureEnabled[EnterpriseEditionFeature.Saml] = true;
+
+			await initializeCore();
+
+			expect(ssoStore.initialize).toHaveBeenCalledWith({
+				authenticationMethod: UserManagementAuthenticationMethod.Saml,
+				config: { saml, ldap, oidc },
+				features: {
+					saml: true,
+					ldap: false,
+					oidc: false,
+				},
+			});
+		});
 	});
 
 	describe('initializeAuthenticatedFeatures()', () => {

packages/frontend/editor-ui/src/init.ts

@@ -13,25 +13,42 @@ import { useInsightsStore } from '@/features/insights/insights.store';
 import { useToast } from '@/composables/useToast';
 import { useI18n } from '@n8n/i18n';
 import SourceControlInitializationErrorMessage from '@/components/SourceControlInitializationErrorMessage.vue';
+import { useSSOStore } from '@/stores/sso.store';
+import { EnterpriseEditionFeature } from '@/constants';
+import type { UserManagementAuthenticationMethod } from '@/Interface';
 
-let coreInitialized = false;
+export const state = {
+	initialized: false,
+};
 let authenticatedFeaturesInitialized = false;
 
 /**
  * Initializes the core application stores and hooks
  * This is called once, when the first route is loaded.
  */
 export async function initializeCore() {
-	if (coreInitialized) {
+	if (state.initialized) {
 		return;
 	}
 
 	const settingsStore = useSettingsStore();
 	const usersStore = useUsersStore();
 	const versionsStore = useVersionsStore();
+	const ssoStore = useSSOStore();
 
 	await settingsStore.initialize();
 
+	ssoStore.initialize({
+		authenticationMethod: settingsStore.userManagement
+			.authenticationMethod as UserManagementAuthenticationMethod,
+		config: settingsStore.settings.sso,
+		features: {
+			saml: settingsStore.isEnterpriseFeatureEnabled[EnterpriseEditionFeature.Saml],
+			ldap: settingsStore.isEnterpriseFeatureEnabled[EnterpriseEditionFeature.Ldap],
+			oidc: settingsStore.isEnterpriseFeatureEnabled[EnterpriseEditionFeature.Oidc],
+		},
+	});
+
 	void useExternalHooks().run('app.mount');
 
 	if (!settingsStore.isPreviewMode) {
@@ -40,7 +57,7 @@ export async function initializeCore() {
 		void versionsStore.checkForNewVersions();
 	}
 
-	coreInitialized = true;
+	state.initialized = true;
 }
 
 /**

packages/frontend/editor-ui/src/stores/settings.store.ts

@@ -3,11 +3,9 @@ import Bowser from 'bowser';
 import type { IUserManagementSettings, FrontendSettings } from '@n8n/api-types';
 
 import * as eventsApi from '@n8n/rest-api-client/api/events';
-import * as ldapApi from '@n8n/rest-api-client/api/ldap';
 import * as settingsApi from '@n8n/rest-api-client/api/settings';
 import * as promptsApi from '@n8n/rest-api-client/api/prompts';
 import { testHealthEndpoint } from '@/api/templates';
-import type { LdapConfig } from '@n8n/rest-api-client/api/ldap';
 import {
 	INSECURE_CONNECTION_WARNING,
 	LOCAL_STORAGE_EXPERIMENTAL_MIN_ZOOM_NODE_SETTINGS_IN_CANVAS,
@@ -44,9 +42,6 @@ export const useSettingsStore = defineStore(STORES.SETTINGS, () => {
 			enabled: false,
 		},
 	});
-	const ldap = ref({ loginLabel: '', loginEnabled: false });
-	const saml = ref({ loginLabel: '', loginEnabled: false });
-	const oidc = ref({ loginEnabled: false, loginUrl: '', callbackUrl: '' });
 	const mfa = ref({ enabled: false });
 	const folders = ref({ enabled: false });
 
@@ -90,16 +85,6 @@ export const useSettingsStore = defineStore(STORES.SETTINGS, () => {
 
 	const publicApiPath = computed(() => api.value.path);
 
-	const isLdapLoginEnabled = computed(() => ldap.value.loginEnabled);
-
-	const ldapLoginLabel = computed(() => ldap.value.loginLabel);
-
-	const isSamlLoginEnabled = computed(() => saml.value.loginEnabled);
-
-	const isOidcLoginEnabled = computed(() => oidc.value.loginEnabled);
-
-	const oidcCallBackUrl = computed(() => oidc.value.callbackUrl);
-
 	const isAiAssistantEnabled = computed(() => settings.value.aiAssistant?.enabled);
 
 	const isAskAiEnabled = computed(() => settings.value.askAi?.enabled);
@@ -182,14 +167,6 @@ export const useSettingsStore = defineStore(STORES.SETTINGS, () => {
 		() => settings.value.workflowCallerPolicyDefaultOption,
 	);
 
-	const isDefaultAuthenticationSaml = computed(
-		() => userManagement.value.authenticationMethod === UserManagementAuthenticationMethod.Saml,
-	);
-
-	const isDefaultAuthenticationOidc = computed(
-		() => userManagement.value.authenticationMethod === UserManagementAuthenticationMethod.Oidc,
-	);
-
 	const permanentlyDismissedBanners = computed(() => settings.value.banners?.dismissed ?? []);
 
 	const isBelowUserQuota = computed(
@@ -210,21 +187,6 @@ export const useSettingsStore = defineStore(STORES.SETTINGS, () => {
 				!!settings.value.userManagement.showSetupOnFirstLoad;
 		}
 		api.value = settings.value.publicApi;
-		if (settings.value.sso?.ldap) {
-			ldap.value.loginEnabled = settings.value.sso.ldap.loginEnabled;
-			ldap.value.loginLabel = settings.value.sso.ldap.loginLabel;
-		}
-		if (settings.value.sso?.saml) {
-			saml.value.loginEnabled = settings.value.sso.saml.loginEnabled;
-			saml.value.loginLabel = settings.value.sso.saml.loginLabel;
-		}
-
-		if (settings.value.sso?.oidc) {
-			oidc.value.loginEnabled = settings.value.sso.oidc.loginEnabled;
-			oidc.value.loginUrl = settings.value.sso.oidc.loginUrl || '';
-			oidc.value.callbackUrl = settings.value.sso.oidc.callbackUrl || '';
-		}
-
 		mfa.value.enabled = settings.value.mfa?.enabled;
 		folders.value.enabled = settings.value.folders?.enabled;
 
@@ -364,31 +326,6 @@ export const useSettingsStore = defineStore(STORES.SETTINGS, () => {
 		templatesEndpointHealthy.value = true;
 	};
 
-	const getLdapConfig = async () => {
-		const rootStore = useRootStore();
-		return await ldapApi.getLdapConfig(rootStore.restApiContext);
-	};
-
-	const getLdapSynchronizations = async (pagination: { page: number }) => {
-		const rootStore = useRootStore();
-		return await ldapApi.getLdapSynchronizations(rootStore.restApiContext, pagination);
-	};
-
-	const testLdapConnection = async () => {
-		const rootStore = useRootStore();
-		return await ldapApi.testLdapConnection(rootStore.restApiContext);
-	};
-
-	const updateLdapConfig = async (ldapConfig: LdapConfig) => {
-		const rootStore = useRootStore();
-		return await ldapApi.updateLdapConfig(rootStore.restApiContext, ldapConfig);
-	};
-
-	const runLdapSync = async (data: IDataObject) => {
-		const rootStore = useRootStore();
-		return await ldapApi.runLdapSync(rootStore.restApiContext, data);
-	};
-
 	const getTimezones = async (): Promise<IDataObject> => {
 		const rootStore = useRootStore();
 		return await makeRestApiRequest(rootStore.restApiContext, 'GET', '/options/timezones');
@@ -412,8 +349,6 @@ export const useSettingsStore = defineStore(STORES.SETTINGS, () => {
 		userManagement,
 		templatesEndpointHealthy,
 		api,
-		ldap,
-		saml,
 		mfa,
 		isDocker,
 		isDevRelease,
@@ -432,10 +367,6 @@ export const useSettingsStore = defineStore(STORES.SETTINGS, () => {
 		isPreviewMode,
 		publicApiLatestVersion,
 		publicApiPath,
-		isLdapLoginEnabled,
-		ldapLoginLabel,
-		isSamlLoginEnabled,
-		isOidcLoginEnabled,
 		showSetupPage,
 		deploymentType,
 		isCloudDeployment,
@@ -459,8 +390,6 @@ export const useSettingsStore = defineStore(STORES.SETTINGS, () => {
 		isQueueModeEnabled,
 		isMultiMain,
 		isWorkerViewAvailable,
-		isDefaultAuthenticationSaml,
-		isDefaultAuthenticationOidc,
 		workflowCallerPolicyDefaultOption,
 		permanentlyDismissedBanners,
 		isBelowUserQuota,
@@ -474,13 +403,7 @@ export const useSettingsStore = defineStore(STORES.SETTINGS, () => {
 		aiCreditsQuota,
 		experimental__minZoomNodeSettingsInCanvas,
 		partialExecutionVersion,
-		oidcCallBackUrl,
 		reset,
-		testLdapConnection,
-		getLdapConfig,
-		getLdapSynchronizations,
-		updateLdapConfig,
-		runLdapSync,
 		getTimezones,
 		testTemplatesEndpoint,
 		submitContactInfo,