diff --git a/services/web/app/src/Features/Errors/Errors.js b/services/web/app/src/Features/Errors/Errors.js index 1bb0636a4e..521143ebd1 100644 --- a/services/web/app/src/Features/Errors/Errors.js +++ b/services/web/app/src/Features/Errors/Errors.js @@ -134,6 +134,12 @@ class SAMLMissingSignatureError extends SAMLAuthenticationError { class SAMLInvalidResponseError extends SAMLAuthenticationError {} +class SAMLResponseAlreadyProcessedError extends SAMLInvalidResponseError { + constructor() { + super('saml response already processed') + } +} + class SAMLLoginFailureError extends SAMLAuthenticationError { get i18nKey() { return 'saml_login_failure' @@ -290,6 +296,7 @@ module.exports = { SAMLInvalidResponseError, SAMLLoginFailureError, SAMLEmailNotRecognizedError, + SAMLResponseAlreadyProcessedError, SLInV2Error, ThirdPartyIdentityExistsError, ThirdPartyUserNotFoundError, diff --git a/services/web/frontend/extracted-translations.json b/services/web/frontend/extracted-translations.json index 6879d5ff4f..483c1a2ef9 100644 --- a/services/web/frontend/extracted-translations.json +++ b/services/web/frontend/extracted-translations.json @@ -391,6 +391,7 @@ "first_x_days_free_after_that_y_per_year": "", "fit_to_height": "", "fit_to_width": "", + "fix_issues": "", "fold_line": "", "folder_location": "", "following_paths_conflict": "", @@ -1013,6 +1014,7 @@ "resync_completed": "", "resync_message": "", "resync_project_history": "", + "retry_test": "", "reverse_x_sort_order": "", "revert_pending_plan_change": "", "review": "", @@ -1029,6 +1031,7 @@ "saml_login_identity_mismatch_error": "", "saml_login_identity_not_found_error": "", "saml_missing_signature_error": "", + "saml_response": "", "save": "", "save_or_cancel-cancel": "", "save_or_cancel-or": "", @@ -1153,7 +1156,13 @@ "sso_configuration": "", "sso_configuration_not_finalized": "", "sso_configuration_saved": "", + "sso_error_invalid_external_user_id": "", + "sso_error_missing_external_user_id": "", + "sso_error_missing_firstname_attribute": "", + "sso_error_missing_lastname_attribute": "", + "sso_error_response_already_processed": "", "sso_explanation": "", + "sso_here_is_the_data_we_received": "", "sso_is_disabled": "", "sso_is_disabled_explanation_1": "", "sso_is_disabled_explanation_2": "", @@ -1170,6 +1179,7 @@ "sso_test_interstitial_info_1": "", "sso_test_interstitial_info_2": "", "sso_test_interstitial_title": "", + "sso_test_result_error_message": "", "start_a_free_trial": "", "start_by_adding_your_email": "", "start_free_trial": "", diff --git a/services/web/frontend/stylesheets/modules/group-settings.less b/services/web/frontend/stylesheets/modules/group-settings.less index 41a6089f33..fee29880f8 100644 --- a/services/web/frontend/stylesheets/modules/group-settings.less +++ b/services/web/frontend/stylesheets/modules/group-settings.less @@ -257,3 +257,28 @@ h3.group-settings-title { flex-shrink: 0; } } + +.saml-response-xml-wrapper { + padding: 4px 0; + overflow: hidden; + background-color: @neutral-10; + + .saml-response-xml { + font-family: monospace; + white-space: pre-wrap; + font-size: 12px; + word-break: break-word; + padding-inline-start: 32px; + height: 32px; + + &.view-more { + height: auto; + } + + li::marker { + font-size: 10px; + color: @gray-light; + width: 10px; + } + } +} diff --git a/services/web/locales/en.json b/services/web/locales/en.json index a728de533c..39358fa13c 100644 --- a/services/web/locales/en.json +++ b/services/web/locales/en.json @@ -597,6 +597,7 @@ "first_x_days_free_after_that_y_per_year": "First <0>__trialLen__ days free, after that <0>__price__ per year", "fit_to_height": "Fit to height", "fit_to_width": "Fit to width", + "fix_issues": "Fix issues", "fold_line": "Fold line", "folder_location": "Folder location", "folders": "Folders", @@ -1533,6 +1534,7 @@ "resync_completed": "Resync completed!", "resync_message": "Resyncing project history can take several minutes depending on the size of the project.", "resync_project_history": "Resync Project History", + "retry_test": "Retry test", "return_to_login_page": "Return to Login page", "reverse_x_sort_order": "Reverse __x__ sort order", "revert_pending_plan_change": "Revert scheduled plan change", @@ -1556,6 +1558,7 @@ "saml_login_identity_mismatch_error": "Sorry, you are trying to log in to Overleaf as __email__ but the identity returned by your identity provider is not the correct one for this Overleaf account.", "saml_login_identity_not_found_error": "Sorry, we were not able to find an Overleaf account set up for single sign-on with this identity provider.", "saml_missing_signature_error": "Sorry, the information received from your identity provider is not signed (both response and assertion signatures are required). Please contact your administrator for more information.", + "saml_response": "SAML Response:", "save": "Save", "save_20_percent_by_paying_annually": "Save 20% by paying annually", "save_30_percent_or_more": "save 30% or more", @@ -1711,7 +1714,13 @@ "sso_configuration": "SSO configuration", "sso_configuration_not_finalized": "Your configuration has not been finalized.", "sso_configuration_saved": "SSO configuration has been saved", + "sso_error_invalid_external_user_id": "The SAML attribute provided by your IdP that uniquely identifies your user has an invalid format, a string is expected. Attribute: <0>__expecting__", + "sso_error_missing_external_user_id": "The SAML attribute provided by your IdP that uniquely identifies your user is either missing or under a different name than the one you configured. Expecting: <0>__expecting__", + "sso_error_missing_firstname_attribute": "The SAML attribute that specifies the user’s first name is either missing or under a different name than the one you configured. Expecting: <0>__expecting__", + "sso_error_missing_lastname_attribute": "The SAML attribute that specifies the user’s last name is either missing or under a different name than the one you configured. Expecting: <0>__expecting__", + "sso_error_response_already_processed": "The SAML response’s InResponseTo is invalid. This can happen if it either did’nt match that of the SAML request, or the login took too long to process and the request has expired.", "sso_explanation": "Set up single sign-on for your group. This sign in method will be optional for group members unless Managed Users is enabled. <0>Learn more about Overleaf Group SSO.", + "sso_here_is_the_data_we_received": "Here is the data we received in the SAML response:", "sso_integration": "SSO integration", "sso_integration_info": "Overleaf offers a standard SAML-based Single Sign On integration.", "sso_is_disabled": "SSO is disabled", @@ -1731,6 +1740,7 @@ "sso_test_interstitial_info_1": "<0>Before starting this test, please ensure you’ve <1>configured Overleaf as a Service Provider in your IdP, and authorized access to the Overleaf service.", "sso_test_interstitial_info_2": "Clicking <0>Test configuration will redirect you to your IdP’s login screen. <1>Read our documentation for full details of what happens during the test. And check our <2>SSO troubleshooting advice if you get stuck.", "sso_test_interstitial_title": "Let’s test your SSO configuration", + "sso_test_result_error_message": "The test hasn’t worked this time, but don’t worry — errors can usually be quickly addressed by adjusting the configuration settings. Our <0>SSO troubleshooting guide provides help with some of the common causes of testing errors.", "sso_title": "Single sign-on", "sso_user_denied_access": "Cannot log in because __appName__ was not granted access to your __provider__ account. Please try again.", "standard": "Standard",