in saml-authentication-server/src/main/java/jetbrains/buildServer/auth/saml/plugin/SamlSettingsJsonController.java [141:168]
public JsonActionResult<SamlPluginSettingsResponse> getSettings(HttpServletRequest request) {
if (!permissionsManager.canReadSettings(request)) {
return JsonActionResult.forbidden();
}
try {
var samlPluginSettings = settingsStorage.load();
var callbackUrl = this.samlAuthenticationScheme.getCallbackUrl();
samlPluginSettings.setSsoCallbackUrl(callbackUrl.toString());
if (StringUtil.isEmpty(samlPluginSettings.getEntityId())) {
samlPluginSettings.setEntityId(callbackUrl.toString());
}
var response = new SamlPluginSettingsResponse();
response.setSettings(samlPluginSettings);
response.setReadonly(!permissionsManager.canWriteSettings(request));
if (request != null && request.getSession() != null) {
response.setCsrfToken(request.getSession().getAttribute("tc-csrf-token").toString());
}
return JsonActionResult.ok(response);
} catch (IOException e) {
return JsonActionResult.fail(e);
}
}