Make sure samlLogin includes client ID and access type

wazo-platform · Jun 25, 2024 · e151644 · e151644
1 parent 9b3bd7c
commit e151644
Showing 1 changed file with 12 additions and 1 deletion.
diff --git a/src/api/auth.ts b/src/api/auth.ts
@@ -16,6 +16,12 @@ type LoginParams = {
   domainName?: string;
 };
 
+type SamlLoginBody = {
+  saml_session_id: string,
+  access_type?: 'online' | 'offline';
+  client_id?: string;
+};
+
 type SendResetPasswordArgs = {
   username?: string,
   email?: string,
@@ -111,10 +117,15 @@ export default ((client: ApiRequester, baseUrl: string): AuthD => ({
 
   logOut: (token: Token): Promise<LogoutResponse> => client.delete(`${baseUrl}/token/${token}`, null, {}, ApiRequester.successResponseParser),
   samlLogIn: async (samlSessionId: string): Promise<Session | null | undefined> => {
-    const body = {
+    const body: SamlLoginBody = {
       saml_session_id: samlSessionId,
     };
 
+    if (client.clientId) {
+      body.access_type = 'offline';
+      body.client_id = client.clientId;
+    }
+
     return client.post(`${baseUrl}/token`, body).then(Session.parse);
   },
   initiateIdpAuthentication: async (domain: string, redirectUrl: string) => {