PLT-4041 Make SAML FirstName and LastName optional (#3951)

6 files changed, 9 insertions, 22 deletions

diff --git a/i18n/en.json b/i18n/en.json
index 50e7525f1..d0c5b85a1 100644
--- a/i18n/en.json
+++ b/i18n/en.json
@@ -3104,10 +3104,6 @@
     "translation": "Invalid Email attribute. Must be set."
   },
   {
-    "id": "model.config.is_valid.saml_first_name_attribute.app_error",
-    "translation": "Invalid First Name attribute. Must be set."
-  },
-  {
     "id": "model.config.is_valid.saml_idp_cert.app_error",
     "translation": "Identity Provider Public Certificate missing. Did you forget to upload it?"
   },
@@ -3120,10 +3116,6 @@
     "translation": "SAML SSO URL must be a valid URL and start with http:// or https://."
   },
   {
-    "id": "model.config.is_valid.saml_last_name_attribute.app_error",
-    "translation": "Invalid Last Name attribute. Must be set."
-  },
-  {
     "id": "model.config.is_valid.saml_private_key.app_error",
     "translation": "Service Provider Private Key missing. Did you forget to upload it?"
   },
diff --git a/model/config.go b/model/config.go
index cb2d100bc..b111322a1 100644
--- a/model/config.go
+++ b/model/config.go
@@ -1048,14 +1048,6 @@ func (o *Config) IsValid() *AppError {
 			return NewLocAppError("Config.IsValid", "model.config.is_valid.saml_username_attribute.app_error", nil, "")
 		}
 
-		if len(*o.SamlSettings.FirstNameAttribute) == 0 {
-			return NewLocAppError("Config.IsValid", "model.config.is_valid.saml_first_name_attribute.app_error", nil, "")
-		}
-
-		if len(*o.SamlSettings.LastNameAttribute) == 0 {
-			return NewLocAppError("Config.IsValid", "model.config.is_valid.saml_last_name_attribute.app_error", nil, "")
-		}
-
 		if *o.SamlSettings.Verify {
 			if len(*o.SamlSettings.AssertionConsumerServiceURL) == 0 || !IsValidHttpUrl(*o.SamlSettings.AssertionConsumerServiceURL) {
 				return NewLocAppError("Config.IsValid", "model.config.is_valid.saml_assertion_consumer_service_url.app_error", nil, "")
diff --git a/utils/config.go b/utils/config.go
index bb21e50c1..a42b608b2 100644
--- a/utils/config.go
+++ b/utils/config.go
@@ -296,6 +296,9 @@ func getClientConfig(c *model.Config) map[string]string {
 		if *License.Features.SAML {
 			props["EnableSaml"] = strconv.FormatBool(*c.SamlSettings.Enable)
 			props["SamlLoginButtonText"] = *c.SamlSettings.LoginButtonText
+			props["FirstNameAttributeSet"] = strconv.FormatBool(*c.SamlSettings.FirstNameAttribute != "")
+			props["LastNameAttributeSet"] = strconv.FormatBool(*c.SamlSettings.LastNameAttribute != "")
+			props["NicknameAttributeSet"] = strconv.FormatBool(*c.SamlSettings.NicknameAttribute != "")
 		}
 
 		if *License.Features.Cluster {
diff --git a/webapp/components/admin_console/saml_settings.jsx b/webapp/components/admin_console/saml_settings.jsx
index 9fb78f472..fe8acaf16 100644
--- a/webapp/components/admin_console/saml_settings.jsx
+++ b/webapp/components/admin_console/saml_settings.jsx
@@ -455,7 +455,7 @@ export default class SamlSettings extends AdminSettings {
                     helpText={
                         <FormattedMessage
                             id='admin.saml.firstnameAttrDesc'
-                            defaultMessage='The attribute in the SAML Assertion that will be used to populate the first name of users in Mattermost.'
+                            defaultMessage='(Optional) The attribute in the SAML Assertion that will be used to populate the first name of users in Mattermost.'
                         />
                     }
                     value={this.state.firstNameAttribute}
@@ -474,7 +474,7 @@ export default class SamlSettings extends AdminSettings {
                     helpText={
                         <FormattedMessage
                             id='admin.saml.lastnameAttrDesc'
-                            defaultMessage='The attribute in the SAML Assertion that will be used to populate the last name of users in Mattermost.'
+                            defaultMessage='(Optional) The attribute in the SAML Assertion that will be used to populate the last name of users in Mattermost.'
                         />
                     }
                     value={this.state.lastNameAttribute}
diff --git a/webapp/components/user_settings/user_settings_general.jsx b/webapp/components/user_settings/user_settings_general.jsx
index 07af50059..abf94fa6b 100644
--- a/webapp/components/user_settings/user_settings_general.jsx
+++ b/webapp/components/user_settings/user_settings_general.jsx
@@ -630,7 +630,7 @@ class UserSettingsGeneralTab extends React.Component {
             let extraInfo;
             let submit = null;
             if (this.props.user.auth_service === '' ||
-                 (this.props.user.auth_service === 'ldap' &&
+                 ((this.props.user.auth_service === 'ldap' || this.props.user.auth_service === Constants.SAML_SERVICE) &&
                   (global.window.mm_config.FirstNameAttributeSet === 'false' || global.window.mm_config.LastNameAttributeSet === 'false'))) {
                 inputs.push(
                     <div
@@ -765,7 +765,7 @@ class UserSettingsGeneralTab extends React.Component {
         if (this.props.activeSection === 'nickname') {
             let extraInfo;
             let submit = null;
-            if (this.props.user.auth_service === 'ldap' && global.window.mm_config.NicknameAttributeSet === 'true') {
+            if ((this.props.user.auth_service === 'ldap' || this.props.user.auth_service === Constants.SAML_SERVICE) && global.window.mm_config.NicknameAttributeSet === 'true') {
                 extraInfo = (
                     <span>
                         <FormattedMessage
diff --git a/webapp/i18n/en.json b/webapp/i18n/en.json
index 7d502351f..344696b24 100644
--- a/webapp/i18n/en.json
+++ b/webapp/i18n/en.json
@@ -563,7 +563,7 @@
   "admin.saml.enableTitle": "Enable Login With SAML:",
   "admin.saml.encryptDescription": "When true, Mattermost will decrypt SAML Assertions encrypted with your Service Provider Public Certificate.",
   "admin.saml.encryptTitle": "Enable Encryption:",
-  "admin.saml.firstnameAttrDesc": "The attribute in the SAML Assertion that will be used to populate the first name of users in Mattermost.",
+  "admin.saml.firstnameAttrDesc": "(Optional) The attribute in the SAML Assertion that will be used to populate the first name of users in Mattermost.",
   "admin.saml.firstnameAttrEx": "Ex \"FirstName\"",
   "admin.saml.firstnameAttrTitle": "First Name Attribute:",
   "admin.saml.idpCertificateFileDesc": "The public authentication certificate issued by your Identity Provider.",
@@ -575,7 +575,7 @@
   "admin.saml.idpUrlDesc": "The URL where Mattermost sends a SAML request to start login sequence.",
   "admin.saml.idpUrlEx": "Ex \"https://idp.example.org/SAML2/SSO/Login\"",
   "admin.saml.idpUrlTitle": "SAML SSO URL:",
-  "admin.saml.lastnameAttrDesc": "The attribute in the SAML Assertion that will be used to populate the last name of users in Mattermost.",
+  "admin.saml.lastnameAttrDesc": "(Optional) The attribute in the SAML Assertion that will be used to populate the last name of users in Mattermost.",
   "admin.saml.lastnameAttrEx": "Ex \"LastName\"",
   "admin.saml.lastnameAttrTitle": "Last Name Attribute:",
   "admin.saml.localeAttrDesc": "(Optional) The attribute in the SAML Assertion that will be used to populate the language of users in Mattermost.",