Auth: saml enabled check. (#17960)

pkg/api/login.go

@@ -38,7 +38,7 @@ func (hs *HTTPServer) LoginView(c *models.ReqContext) {
 	viewData.Settings["loginHint"] = setting.LoginHint
 	viewData.Settings["passwordHint"] = setting.PasswordHint
 	viewData.Settings["disableLoginForm"] = setting.DisableLoginForm
-	viewData.Settings["samlEnabled"] = isSamlEnabled()
+	viewData.Settings["samlEnabled"] = hs.Cfg.SAMLEnabled
 
 	if loginError, ok := tryGetEncryptedCookie(c, LoginErrorCookieName); ok {
 		deleteCookie(c, LoginErrorCookieName)
@@ -63,15 +63,6 @@ func (hs *HTTPServer) LoginView(c *models.ReqContext) {
 	c.Redirect(setting.AppSubUrl + "/")
 }
 
-func isSamlEnabled() bool {
-	enabledCmd := models.IsSAMLEnabledCommand{}
-	if err := bus.Dispatch(&enabledCmd); err != nil {
-		return false
-	}
-
-	return enabledCmd.Result
-}
-
 func tryOAuthAutoLogin(c *models.ReqContext) bool {
 	if !setting.OAuthAutoLogin {
 		return false

pkg/setting/setting.go

@@ -252,6 +252,9 @@ type Cfg struct {
 	LoginMaxLifetimeDays         int
 	TokenRotationIntervalMinutes int
 
+	// SAML Auth
+	SAMLEnabled bool
+
 	// Dataproxy
 	SendUserHeader bool
 
@@ -812,6 +815,9 @@ func (cfg *Cfg) Load(args *CommandLineArgs) error {
 		return err
 	}
 
+	// SAML auth
+	cfg.SAMLEnabled = iniFile.Section("auth.saml").Key("enabled").MustBool(false)
+
 	// anonymous access
 	AnonymousEnabled = iniFile.Section("auth.anonymous").Key("enabled").MustBool(false)
 	AnonymousOrgName, err = valueAsString(iniFile.Section("auth.anonymous"), "org_name", "")