Remove Group SAML Discovery Token
Background
Private groups on GitLab aim to prevent someone from trying random URLs to determine if a group exists.
For GroupSAML we allow viewing the SSO page if a saml_discovery_token
is included in the URL.
Changes once enabling GitLab.com sign in
Currently users can't view the SSO page unless they are signed in, since it only manages adding users to the group rather than actually signing users into GitLab.com
Enabling GitLab.com sign-in (https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/8008) changes the behaviour so users can view the SSO page on public groups, by using the token, or when signed in.
Problems
- It is awkward that you can discover private groups just by signing in to a unrelated GitLab.com account.
- Soon we will be redirecting users to the SSO page if they don't have access, such as when their session times out. Without the token this would show a 404 making the UX rather clumsy.
Solution
- Remove use of
saml_discovery_token
- Convey to group admins that enabling SAML SSO will allow their group to be discovered.
- This might be on the settings page or from the docs