Change SAML SSO to dynamically retrieve XML from IdP

Currently, Nexus SSO requires the user to manually go to the Identity Provider to retrieve the SAML XML metadata. Then, populate that in a value (sso.idp_data.idpMetadata). The chart runs an init job to setup SSO and could easily reach out to the entityDescriptor for the IdP to retrieve the XML it needs. Convert the sso.idp_data.idpMetadata field to sso.idpMetadataUrl or sso.idpEntityDescriptorUrl (entityDescriptor is the standard name for the metadata in SAML).

The script would then use curl to retrieve the XML from the url and add the value to the idpMetadata field prior to configuring Nexus. In the Big Bang chart, the plan is to bring the SAML entityDescriptor URL to the global level, which can then be passed down to Nexus.

NOTE: If the retrieval of the metadata fails, the container should exit with a non-zero code to indicate a problem. This will provide an extra check that the IdP has been setup correctly and is reachable by the application.

Edited Dec 06, 2022 by Michael McLeroy

Admin message

Change SAML SSO to dynamically retrieve XML from IdP