Merge commit from fork

* fix(saml): cross-tenant account takeover via SAML domain claiming

* chore(changelog): add PR #

* fix(api): bind SAML tokens to validated domain

- Reject SAML assertions with mismatched email domains
- Issue SAML tokens from the validated ACS tenant
- Add regression coverage for cross-tenant SAML token issuance

* fix(api): resolve SAML tenant inside RLS context

- Load the SAML tenant relation before leaving the RLS transaction
- Avoid lazy tenant lookups during the SAML ACS finish flow

---------

Co-authored-by: Pepe Fagoaga <pepe@prowler.com>
This commit is contained in:
Adrián Peña
2026-06-19 13:38:51 +02:00
committed by GitHub
parent 218f64595a
commit bf3b5c2ba7
5 changed files with 362 additions and 51 deletions
+8
View File
@@ -28,6 +28,14 @@ All notable changes to the **Prowler API** are documented in this file.
---
## [1.31.3] (Prowler v5.30.3)
### 🔐 Security
- SAML logins now link to an existing account only when the asserted email domain matches the ACS endpoint and the user is already a member of that domain's tenant, fixing a cross-tenant account takeover [(GHSA-h8m9-jgf8-vwvp)](https://github.com/prowler-cloud/prowler/security/advisories/GHSA-h8m9-jgf8-vwvp) [(#XXXXX)](https://github.com/prowler-cloud/prowler/pull/XXXXX)
---
## [1.31.2] (Prowler v5.30.2)
### 🔄 Changed