From 9ce1cacccef60ebb59fa3477eaad6a5d04a24135 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Piotr=20=C5=81oboda?= Date: Wed, 25 Feb 2026 17:53:39 +0100 Subject: [PATCH] chore: update config key to match others --- lib/config.ts | 4 ++-- lib/models/oidc.ts | 5 +++-- lib/types.ts | 4 ++-- 3 files changed, 7 insertions(+), 6 deletions(-) diff --git a/lib/config.ts b/lib/config.ts index 892335d..8828e3a 100644 --- a/lib/config.ts +++ b/lib/config.ts @@ -16,7 +16,7 @@ export class AppConfig { allowedCookieDomains: [], skipCookieDomainSecurity: false, enableSingleSignOn: false, - enableSingleSignOnSignUp: false, + allowSingleSignOnSignups: false, singleSignOnUrl: '', singleSignOnEmailAttribute: 'email', singleSignOnScopes: ['openid', 'email'], @@ -121,7 +121,7 @@ export class AppConfig { static async isSignupAllowed(sso: boolean = false): Promise { await this.loadConfig(); - const areSignupsAllowed = sso ? this.config.auth.enableSingleSignOnSignUp : this.config.auth.allowSignups; + const areSignupsAllowed = sso ? this.config.auth.allowSingleSignOnSignups : this.config.auth.allowSignups; const areThereAdmins = await UserModel.isThereAnAdmin(); return areSignupsAllowed || !areThereAdmins; diff --git a/lib/models/oidc.ts b/lib/models/oidc.ts index 6230ac4..9ef0fb9 100644 --- a/lib/models/oidc.ts +++ b/lib/models/oidc.ts @@ -182,9 +182,10 @@ export class OidcModel { if (!user) { // this will allow admin account creation even if SSO signups are disabled following the foregoing logic - if (!config.auth.enableSingleSignOnSignUp) { - throw new Error('Sign up via SSO is not enabled'); + if (!config.auth.allowSingleSignOnSignups) { + throw new Error('Sign up via SSO is not allowed'); } + throw new Error('There was a problem signing up or logging in!'); } diff --git a/lib/types.ts b/lib/types.ts index f8805be..d852059 100644 --- a/lib/types.ts +++ b/lib/types.ts @@ -159,8 +159,8 @@ export interface Config { skipCookieDomainSecurity: boolean; /** If true, single sign-on will be enabled */ enableSingleSignOn: boolean; - /** If true, single sign-on signups will be enabled overriding allowSignups */ - enableSingleSignOnSignUp: boolean; + /** If true, single sign-on signups will be allowed overriding allowSignups */ + allowSingleSignOnSignups: boolean; /** The Discovery URL (AKA Issuer) of the identity/single sign-on provider */ singleSignOnUrl: string; /** The attribute to prefer as email of the identity/single sign-on provider */