codeant-ai-for-open-source[bot] commented on PR #38606:
URL: https://github.com/apache/superset/pull/38606#issuecomment-4047940314
## **Sequence Diagram**
This PR enables full SAML login handling in the frontend by using bootstrap
auth data to render provider buttons when SAML auth is configured. It also
updates backend auth handling so federated SAML flow skips recaptcha and
accepts the SAML ACS post without CSRF blocking.
```mermaid
sequenceDiagram
participant User
participant Frontend
participant Backend
participant IdP
User->>Backend: Request login page
Backend->>Backend: Build bootstrap config for auth type
Backend-->>Frontend: Return AUTH_TYPE and AUTH_PROVIDERS
Frontend-->>User: Render SAML provider sign in buttons
User->>Backend: Select SAML provider login
Backend->>IdP: Redirect to SAML authentication
IdP->>Backend: Post SAML response to ACS endpoint
Backend->>Backend: Process ACS post without CSRF check
Backend-->>User: Complete login and redirect to app
```
---
*Generated by [CodeAnt AI](https://codeant.ai)*
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
