From a639fba57a48f4f50ce5b2c2e85f5a41a094a27a Mon Sep 17 00:00:00 2001
From: Jan Krcmar <honza801@gmail.com>
Date: Mon, 3 Nov 2025 15:00:49 +0100
Subject: [PATCH] Fix: avoid throwing MissingSamlUserInfoError when remote/x509
 header is present

Signed-off-by: Jan Krcmar <honza801@gmail.com>
---
 src/fireedge/src/server/routes/entrypoints/App.js | 13 ++++++++-----
 1 file changed, 8 insertions(+), 5 deletions(-)

diff --git a/src/fireedge/src/server/routes/entrypoints/App.js b/src/fireedge/src/server/routes/entrypoints/App.js
index a3f69be8e0..b56dbeb2da 100644
--- a/src/fireedge/src/server/routes/entrypoints/App.js
+++ b/src/fireedge/src/server/routes/entrypoints/App.js
@@ -125,14 +125,17 @@ router.get('*', async (req, res) => {
           httpOnly: true,
           sameSite: 'lax',
         })
-      } else {
-        if (validateAuth && !findHeader) {
+      } else if (validateAuth) {
+        // Remote/x509 auth is configured. If header missing, raise MissingHeaderError.
+        if (!findHeader) {
           throw new MissingHeaderError(JSON.stringify(req.headers))
-        } else {
-          throw new MissingSamlUserInfoError(req?.cookies?.saml_user)
         }
+        // If header is present, continue — remoteUser was already built above.
+      } else {
+        // No remote auth and no saml user info: this is the expected missing SAML info case.
+        throw new MissingSamlUserInfoError(req?.cookies?.saml_user)
       }
-
+      
       const paramsAxios = {
         method: POST,
         url: `${defaultProtocol}://${defaultIP}:${