dump_user_details for SAML does not include groups in the attrs_after_parsing

[akkornel]

Describe the Bug

When debugging SAML login with SAML2_DUMP_USER_DETAILS (dump_user_details), in the attrs_after_parsing section, no group information is listed. This happens even if group sync (SAML2_USER_TO_GROUPS) is enabled.

Steps to Reproduce

1. Configure Bookstack for SAML2: As part of the setup, make sure SAML2_GROUP_ATTRIBUTE is defined and SAML2_USER_TO_GROUPS is set to true, so that group sync is enabled.
2. Log in via SAML2, through an IdP that provides groups.
3. Check out the JSON that is returned at the end of the login process.

Expected Behaviour

In the attrs_from_idp part of the JSON, I see my group membership in the appropriate SAML attribute coming from the IdP.

I expect to see the parsed group membership in the attrs_after_parsing part of the JSON, but I do not.

Screenshots or Additional Context

It looks like the problem is within Saml2Service:processLoginCallback. In the JSON dump I see that attrs_after_parsing is coming from a call to getUserDetails, but getUserDetails is not providing a parsed list of groups.

Looking later in Saml2Service:processLoginCallback, I see the groups are being parsed later, after the JSON dump, by a call to getUserGroups.

I'm a new user of Bookstack, so even though I can see the cause of the problem, I don't know the best way of fixing it. Hence the report!

Browser Details

n/a

Exact BookStack Version

23.10.4

[ssddanbrown]

Thanks for reporting @akkornel,
I can see how someone may expect to see the groups within the parsed data when active, so I'll look to parse the groups out earlier if enabled, to allow them to be part of the dumped data.
Have assigned to address for the next feature release.

[ssddanbrown]

This has now been addressed within 1185336, which will be part of the next feature release.
Thanks again @akkornel for raising.

[akkornel]

That's awesome, thanks very much!