Construct commonauth URL with tenant qualified organization path in the sub organization connection creation

Author: ShanChathusanda93

.changeset/large-toys-whisper.md

@@ -0,0 +1,7 @@
+---
+"@wso2is/console": patch
+"@wso2is/admin.connections.v1": patch
+"@wso2is/admin.core.v1": patch
+---
+
+Construct commonauth URL with tenant qualified organization path in the sub organization connection creation

apps/console/java/org.wso2.identity.apps.console.server.feature/resources/deployment.config.json.j2

@@ -82,6 +82,11 @@
     "i18nResourcePath": "{{ console.i18n_resource_path }}",
     "loginCallbackPath": "{{ console.login_callback_path }}",
     "logoutCallbackPath": "{{ console.logout_callback_path }}",
+    "organizations": {
+        "connections": {
+            "useTenantQualifiedOrgPatternCommonauth": {{ console.organizations.connections.use_tenant_qualified_org_pattern_commonauth | default(false) }}
+        }
+    },
     {% if console.proxy_context_path is defined %}
     "proxyContextPath": "{{ console.proxy_context_path }}",
     {% endif %}

apps/console/src/init/app-utils.ts

@@ -266,6 +266,7 @@ export const AppUtils: any = (function() {
                 organizationName: this.getOrganizationName(),
                 organizationPrefix: this.getOrganizationPrefix(),
                 organizationType: this.getOrganizationType(),
+                organizations: _config.organizations,
                 productVersionConfig: _config.ui.productVersionConfig,
                 proxyContextPath: this.getProxyContextPath(),
                 regionSelectionEnabled: _config.regionSelectionEnabled,

apps/console/src/public/deployment.config.json

@@ -265,6 +265,11 @@
     },
     "loginCallbackPath": "",
     "logoutCallbackPath": "",
+    "organizations": {
+        "connections": {
+            "useTenantQualifiedOrgPatternCommonauth": false
+        }
+    },
     "proxyContextPath": "",
     "routePaths": {
         "home": "/getting-started",

features/admin.connections.v1/components/create/enterprise-connection-create-wizard.tsx

@@ -30,9 +30,10 @@ import { ConfigReducerStateInterface } from "@wso2is/admin.core.v1/models/reduce
 import { AppState } from "@wso2is/admin.core.v1/store";
 import { EventPublisher } from "@wso2is/admin.core.v1/utils/event-publisher";
 import { commonConfig } from "@wso2is/admin.extensions.v1";
+import { useGetCurrentOrganizationType } from "@wso2is/admin.organizations.v1/hooks/use-get-organization-type";
 import { IdentityAppsError } from "@wso2is/core/errors";
-import { AlertLevels, IdentifiableComponentInterface,
-    HttpErrorResponseDataInterface
+import { AlertLevels, HttpErrorResponseDataInterface,
+    IdentifiableComponentInterface
 } from "@wso2is/core/models";
 import { addAlert } from "@wso2is/core/store";
 import { URLUtils } from "@wso2is/core/utils";
@@ -163,6 +164,9 @@ export const EnterpriseConnectionCreateWizard: FC<EnterpriseConnectionCreateWiza
     const [ isUserInputIdpNameAlreadyTaken, setIsUserInputIdpNameAlreadyTaken ] = useState<boolean>(undefined);
 
     const config: ConfigReducerStateInterface = useSelector((state: AppState) => state.config);
+    const currentOrganizationId: string = useSelector((state: AppState) => state.organization.organization.id);
+
+    const { isSubOrganization } = useGetCurrentOrganizationType();
 
     const dispatch: Dispatch = useDispatch();
     const { t } = useTranslation();
@@ -298,7 +302,14 @@ export const EnterpriseConnectionCreateWizard: FC<EnterpriseConnectionCreateWiza
                 { "key": "ClientSecret", "value": values?.clientSecret?.toString() },
                 { "key": "OAuth2AuthzEPUrl", "value": values?.authorizationEndpointUrl?.toString() },
                 { "key": "OAuth2TokenEPUrl", "value": values?.tokenEndpointUrl?.toString() },
-                { "key": "callbackUrl", "value": config?.deployment?.customServerHost + "/commonauth" }
+                {
+                    "key": "callbackUrl",
+                    "value": isSubOrganization() &&
+                        config?.deployment?.organizations?.connections?.useTenantQualifiedOrgPatternCommonauth
+                        ? `${config?.deployment?.serverOrigin}/t/${config?.deployment?.tenant}` +
+                          `/${config?.deployment?.organizationPrefix}/${currentOrganizationId}/commonauth`
+                        : `${config?.deployment?.customServerHost}/commonauth`
+                }
             ];
             // Certificates: bind the JWKS URL if exists otherwise pem
             identityProvider[ "certificate" ][ "jwksUri" ] = values.jwks_endpoint ?? EMPTY_STRING;

features/admin.connections.v1/components/edit/forms/authenticators/saml-authenticator-form.tsx

@@ -22,6 +22,7 @@ import Typography from "@oxygen-ui/react/Typography";
 import { ConfigReducerStateInterface } from "@wso2is/admin.core.v1/models/reducer-state";
 import { AppState } from "@wso2is/admin.core.v1/store";
 import { identityProviderConfig } from "@wso2is/admin.extensions.v1";
+import { useGetCurrentOrganizationType } from "@wso2is/admin.organizations.v1/hooks/use-get-organization-type";
 import { isFeatureEnabled } from "@wso2is/core/helpers";
 import { FeatureAccessConfigInterface, TestableComponentInterface } from "@wso2is/core/models";
 import { DropdownChild, Field, Form, composeValidators } from "@wso2is/form";
@@ -164,6 +165,10 @@ export const SamlAuthenticatorSettingsForm: FunctionComponent<SamlSettingsFormPr
     );
 
     const config: ConfigReducerStateInterface = useSelector((state: AppState) => state.config);
+    const currentOrganizationId: string = useSelector((state: AppState) => state.organization.organization.id);
+
+    const { isSubOrganization } = useGetCurrentOrganizationType();
+
     const { t } = useTranslation();
 
     const [ formValues, setFormValues ] = useState<SamlPropertiesInterface>({} as SamlPropertiesInterface);
@@ -242,7 +247,11 @@ export const SamlAuthenticatorSettingsForm: FunctionComponent<SamlSettingsFormPr
         { key: 25, text: "Custom Authentication Context Class", value: "Custom Authentication Context Class" }
     ];
 
-    const authorizedRedirectURL: string = config?.deployment?.customServerHost + "/commonauth";
+    const authorizedRedirectURL: string = isSubOrganization() &&
+        config?.deployment?.organizations?.connections?.useTenantQualifiedOrgPatternCommonauth
+        ? `${config?.deployment?.serverOrigin}/t/${config?.deployment?.tenant}` +
+          `/${config?.deployment?.organizationPrefix}/${currentOrganizationId}/commonauth`
+        : `${config?.deployment?.customServerHost}/commonauth`;
 
     /**
      * ISAuthnReqSigned, IsLogoutReqSigned these two fields states will be used by other

features/admin.core.v1/configs/app.ts

@@ -202,6 +202,7 @@ export class Config {
             idpConfigs: window[ "AppUtils" ]?.getConfig()?.idpConfigs,
             loginCallbackUrl: window[ "AppUtils" ]?.getConfig()?.loginCallbackURL,
             organizationPrefix: window["AppUtils"]?.getConfig()?.organizationPrefix,
+            organizations: window["AppUtils"]?.getConfig()?.organizations,
             regionSelectionEnabled: window[ "AppUtils" ]?.getConfig()?.regionSelectionEnabled,
             serverHost: window[ "AppUtils" ]?.getConfig()?.serverOriginWithTenant,
             serverOrigin: window[ "AppUtils" ]?.getConfig()?.serverOrigin,

modules/core/src/models/config.ts

@@ -122,6 +122,10 @@ export interface CommonDeploymentConfigInterface<T = Record<string, unknown>, S
      * usage: `/${organizationPrefix}/<org_id>` - `/o/<org_id>`
      */
     organizationPrefix: string;
+    /**
+     * Organization-level configurations.
+     */
+    organizations?: OrganizationsConfigInterface;
     /**
      * Host of the Identity Sever.
      * ex: https://localhost:9443
@@ -162,6 +166,15 @@ export interface CommonDeploymentConfigInterface<T = Record<string, unknown>, S
     tenantPrefix: string;
 }
 
+/**
+ * Organizations configuration interface.
+ */
+export interface OrganizationsConfigInterface {
+    connections?: {
+        useTenantQualifiedOrgPatternCommonauth?: boolean;
+    };
+}
+
 /**
  * Tenant context interface.
  */