From 028ea9178e1acfc97edcba0b6a596bca0f850058 Mon Sep 17 00:00:00 2001
From: Peter Evans <peter@baserow.io>
Date: Tue, 11 Mar 2025 13:59:31 +0000
Subject: [PATCH] Drop the AB SSO feature flag.

---
 ...nid_connect_authentication_in_the_app.json |  8 +++++++
 .../integrations/appAuthProviderTypes.js      | 19 +++++++++++++++
 .../baserow_enterprise/licenseTypes.js        |  1 +
 .../modules/baserow_enterprise/plugin.js      | 23 ++++++++-----------
 .../userSource/UpdateUserSourceForm.vue       |  4 +++-
 .../modules/core/appAuthProviderTypes.js      |  9 ++++++++
 .../modules/core/plugins/featureFlags.js      |  1 -
 7 files changed, 49 insertions(+), 16 deletions(-)
 create mode 100644 changelog/entries/unreleased/feature/3167_introduced_saml_and_openid_connect_authentication_in_the_app.json

diff --git a/changelog/entries/unreleased/feature/3167_introduced_saml_and_openid_connect_authentication_in_the_app.json b/changelog/entries/unreleased/feature/3167_introduced_saml_and_openid_connect_authentication_in_the_app.json
new file mode 100644
index 000000000..b58caba04
--- /dev/null
+++ b/changelog/entries/unreleased/feature/3167_introduced_saml_and_openid_connect_authentication_in_the_app.json
@@ -0,0 +1,8 @@
+{
+    "type": "feature",
+    "message": "Introduced Saml and OpenID Connect authentication in the application builder.",
+    "domain": "builder",
+    "issue_number": 3167,
+    "bullet_points": [],
+    "created_at": "2025-03-07"
+}
diff --git a/enterprise/web-frontend/modules/baserow_enterprise/integrations/appAuthProviderTypes.js b/enterprise/web-frontend/modules/baserow_enterprise/integrations/appAuthProviderTypes.js
index 7f3b6e418..15c0dca74 100644
--- a/enterprise/web-frontend/modules/baserow_enterprise/integrations/appAuthProviderTypes.js
+++ b/enterprise/web-frontend/modules/baserow_enterprise/integrations/appAuthProviderTypes.js
@@ -12,6 +12,7 @@ import SamlAuthLink from '@baserow_enterprise/integrations/common/components/Sam
 import OIDCAuthLink from '@baserow_enterprise/integrations/common/components/OIDCAuthLink'
 import OpenIdIcon from '@baserow_enterprise/assets/images/providers/OpenID.svg'
 import { PasswordFieldType } from '@baserow/modules/database/fieldTypes'
+import EnterpriseFeatures from '@baserow_enterprise/features'
 
 export class LocalBaserowPasswordAppAuthProviderType extends AppAuthProviderType {
   static getType() {
@@ -146,6 +147,15 @@ export class SamlAppAuthProviderType extends SamlAuthProviderTypeMixin(
   getOrder() {
     return 20
   }
+
+  /**
+   * `SamlAppAuthProviderType` requires the `BUILDER_SSO` feature to be enabled.
+   * @param {Number} workspaceId The workspace id.
+   * @returns {Boolean} True if the provider is disabled, false otherwise.
+   */
+  isDeactivated(workspaceId) {
+    return !this.app.$hasFeature(EnterpriseFeatures.BUILDER_SSO, workspaceId)
+  }
 }
 
 export class OpenIdConnectAppAuthProviderType extends OAuth2AuthProviderTypeMixin(
@@ -229,4 +239,13 @@ export class OpenIdConnectAppAuthProviderType extends OAuth2AuthProviderTypeMixi
   getOrder() {
     return 50
   }
+
+  /**
+   * `OpenIdConnectAppAuthProviderType` requires the `BUILDER_SSO` feature to be enabled.
+   * @param {Number} workspaceId The workspace id.
+   * @returns {Boolean} True if the provider is disabled, false otherwise.
+   */
+  isDeactivated(workspaceId) {
+    return !this.app.$hasFeature(EnterpriseFeatures.BUILDER_SSO, workspaceId)
+  }
 }
diff --git a/enterprise/web-frontend/modules/baserow_enterprise/licenseTypes.js b/enterprise/web-frontend/modules/baserow_enterprise/licenseTypes.js
index d1b2cd7e4..78c7e6339 100644
--- a/enterprise/web-frontend/modules/baserow_enterprise/licenseTypes.js
+++ b/enterprise/web-frontend/modules/baserow_enterprise/licenseTypes.js
@@ -45,6 +45,7 @@ export class EnterpriseWithoutSupportLicenseType extends LicenseType {
       EnterpriseFeaturesObject.ENTERPRISE_SETTINGS,
       EnterpriseFeaturesObject.DATA_SYNC,
       EnterpriseFeaturesObject.CHART_WIDGET,
+      EnterpriseFeaturesObject.BUILDER_SSO,
     ]
   }
 
diff --git a/enterprise/web-frontend/modules/baserow_enterprise/plugin.js b/enterprise/web-frontend/modules/baserow_enterprise/plugin.js
index 013dea214..de56c014f 100644
--- a/enterprise/web-frontend/modules/baserow_enterprise/plugin.js
+++ b/enterprise/web-frontend/modules/baserow_enterprise/plugin.js
@@ -85,10 +85,7 @@ import {
   PhoneNumberFieldType,
   AutonumberFieldType,
 } from '@baserow/modules/database/fieldTypes'
-import {
-  FF_AB_SSO,
-  FF_DASHBOARDS,
-} from '@baserow/modules/core/plugins/featureFlags'
+import { FF_DASHBOARDS } from '@baserow/modules/core/plugins/featureFlags'
 
 export default (context) => {
   const { app, isDev, store } = context
@@ -159,16 +156,14 @@ export default (context) => {
     new LocalBaserowPasswordAppAuthProviderType(context)
   )
 
-  if (app.$featureFlagIsEnabled(FF_AB_SSO)) {
-    app.$registry.register(
-      'appAuthProvider',
-      new SamlAppAuthProviderType(context)
-    )
-    app.$registry.register(
-      'appAuthProvider',
-      new OpenIdConnectAppAuthProviderType(context)
-    )
-  }
+  app.$registry.register(
+    'appAuthProvider',
+    new SamlAppAuthProviderType(context)
+  )
+  app.$registry.register(
+    'appAuthProvider',
+    new OpenIdConnectAppAuthProviderType(context)
+  )
 
   app.$registry.register('roles', new EnterpriseAdminRoleType(context))
   app.$registry.register('roles', new EnterpriseMemberRoleType(context))
diff --git a/web-frontend/modules/builder/components/userSource/UpdateUserSourceForm.vue b/web-frontend/modules/builder/components/userSource/UpdateUserSourceForm.vue
index 93255ea75..2eb0cad00 100644
--- a/web-frontend/modules/builder/components/userSource/UpdateUserSourceForm.vue
+++ b/web-frontend/modules/builder/components/userSource/UpdateUserSourceForm.vue
@@ -147,7 +147,9 @@ export default {
       )
     },
     appAuthProviderTypes() {
-      return this.$registry.getOrderedList('appAuthProvider')
+      return this.$registry
+        .getOrderedList('appAuthProvider')
+        .filter((type) => !type.isDeactivated(this.builder.workspace.id))
     },
     appAuthProviderPerTypes() {
       return Object.fromEntries(
diff --git a/web-frontend/modules/core/appAuthProviderTypes.js b/web-frontend/modules/core/appAuthProviderTypes.js
index c21b8e7e6..adeeaa3a9 100644
--- a/web-frontend/modules/core/appAuthProviderTypes.js
+++ b/web-frontend/modules/core/appAuthProviderTypes.js
@@ -41,4 +41,13 @@ export class AppAuthProviderType extends BaseAuthProviderType {
   handleError(userSource, authProvider, route) {
     return null
   }
+
+  /**
+   * Returns whether the provider is enabled or not.
+   * @param {Number} workspaceId The workspace id.
+   * @returns {Boolean} True if the provider is disabled, false otherwise.
+   */
+  isDeactivated(workspaceId) {
+    return false
+  }
 }
diff --git a/web-frontend/modules/core/plugins/featureFlags.js b/web-frontend/modules/core/plugins/featureFlags.js
index 670410a5a..0941fbd61 100644
--- a/web-frontend/modules/core/plugins/featureFlags.js
+++ b/web-frontend/modules/core/plugins/featureFlags.js
@@ -1,6 +1,5 @@
 const FF_ENABLE_ALL = '*'
 export const FF_DASHBOARDS = 'dashboards'
-export const FF_AB_SSO = 'ab_sso'
 
 /**
  * A comma separated list of feature flags used to enable in-progress or not ready