add ADFS SSO unit and integration tests

Signed-off-by: calculus-ask <a.santhana.k@gmail.com>

Author: calculus-ask

.secrets.baseline

@@ -3,7 +3,7 @@
     "files": "package-lock.json|Cargo.lock|^.secrets.baseline$|scripts/sign_image.sh|scripts/zap|sonar-project.properties|^/Users/brian/dev/github.ibm.com/contextforge-org/sps-pipeline-config/.secrets.baseline$|^./.secrets.baseline$",
     "lines": null
   },
-  "generated_at": "2026-03-30T09:04:40Z",
+  "generated_at": "2026-03-30T18:16:29Z",
   "plugins_used": [
     {
       "name": "AWSKeyDetector"
@@ -164,15 +164,15 @@
         "hashed_secret": "ca45060a53fd8a255d1a83ee8d2f025283ccc66e",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 1116,
+        "line_number": 1119,
         "type": "Secret Keyword",
         "verified_result": null
       },
       {
         "hashed_secret": "910fbf00f58e9bcb095ea26a75cc1d9a3355e671",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 1165,
+        "line_number": 1179,
         "type": "Secret Keyword",
         "verified_result": null
       }
@@ -780,63 +780,63 @@
         "hashed_secret": "25ab86bed149ca6ca9c1c0d5db7c9a91388ddeab",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 942,
+        "line_number": 943,
         "type": "Basic Auth Credentials",
         "verified_result": null
       },
       {
         "hashed_secret": "d08f88df745fa7950b104e4a707a31cfce7b5841",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 1042,
+        "line_number": 1043,
         "type": "Secret Keyword",
         "verified_result": null
       },
       {
         "hashed_secret": "7288edd0fc3ffcbe93a0cf06e3568e28521687bc",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 1045,
+        "line_number": 1046,
         "type": "Secret Keyword",
         "verified_result": null
       },
       {
         "hashed_secret": "8674c9b302d20800e4ab3808f139704d8641a6e3",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 1211,
+        "line_number": 1212,
         "type": "Secret Keyword",
         "verified_result": null
       },
       {
         "hashed_secret": "cff0d14e4337fa8bdb68dfa906f04b0df6fad72f",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 1250,
+        "line_number": 1251,
         "type": "Secret Keyword",
         "verified_result": null
       },
       {
         "hashed_secret": "f865b53623b121fd34ee5426c792e5c33af8c227",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 1298,
+        "line_number": 1299,
         "type": "Secret Keyword",
         "verified_result": null
       },
       {
         "hashed_secret": "acde39840735314af1300688b6c2324ea89770a3",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 1393,
+        "line_number": 1394,
         "type": "Secret Keyword",
         "verified_result": null
       },
       {
         "hashed_secret": "fa9beb99e4029ad5a6615399e7bbae21356086b3",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 1741,
+        "line_number": 1742,
         "type": "Secret Keyword",
         "verified_result": null
       }
@@ -5742,7 +5742,7 @@
         "hashed_secret": "ff37a98a9963d347e9749a5c1b3936a4a245a6ff",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 2052,
+        "line_number": 2075,
         "type": "Secret Keyword",
         "verified_result": null
       }
@@ -6074,7 +6074,7 @@
         "hashed_secret": "920a25ef686c4f7ca6ad23dd109d3ad653161832",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 747,
+        "line_number": 780,
         "type": "Secret Keyword",
         "verified_result": null
       }
@@ -6402,39 +6402,39 @@
         "hashed_secret": "920a25ef686c4f7ca6ad23dd109d3ad653161832",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 42,
+        "line_number": 43,
         "type": "Secret Keyword",
         "verified_result": null
       },
       {
         "hashed_secret": "b44bf05d644c15c4d84f78771de011e3cce924c0",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 59,
+        "line_number": 60,
         "type": "Secret Keyword",
         "verified_result": null
       },
       {
         "hashed_secret": "999a3419d9959d3c39b11dcc67d79c7888b4b765",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 71,
+        "line_number": 72,
         "type": "Secret Keyword",
         "verified_result": null
       },
       {
         "hashed_secret": "bacac952b5cb942687d38a9eda6531d570f88b22",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 84,
+        "line_number": 85,
         "type": "Secret Keyword",
         "verified_result": null
       },
       {
         "hashed_secret": "cd1ecfcd67c8b85800a483d77e550d36727e8925",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 98,
+        "line_number": 99,
         "type": "Secret Keyword",
         "verified_result": null
       }
@@ -9926,23 +9926,23 @@
         "hashed_secret": "920a25ef686c4f7ca6ad23dd109d3ad653161832",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 167,
+        "line_number": 174,
         "type": "Secret Keyword",
         "verified_result": null
       },
       {
         "hashed_secret": "3340ad734a33028b9498d58dc8b49e9c02157b19",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 188,
+        "line_number": 195,
         "type": "Secret Keyword",
         "verified_result": null
       },
       {
         "hashed_secret": "ec09a041656818107eb855453ffbf7327d3bbc9d",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 325,
+        "line_number": 332,
         "type": "Secret Keyword",
         "verified_result": null
       }
@@ -11040,15 +11040,15 @@
         "hashed_secret": "fe1bae27cb7c1fb823f496f286e78f1d2ae87734",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 330,
+        "line_number": 370,
         "type": "Secret Keyword",
         "verified_result": null
       },
       {
         "hashed_secret": "945db841c03e42eef2f3d0a4ff310e2f3b3e59ec",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 414,
+        "line_number": 454,
         "type": "Secret Keyword",
         "verified_result": null
       }

docs/docs/manage/sso-adfs-tutorial.md

@@ -19,7 +19,7 @@ SSO_ADFS_ENABLED=true
 
 # ADFS Configuration
 SSO_ADFS_CLIENT_ID=your-adfs-client-id
-SSO_ADFS_CLIENT_SECRET=your-adfs-client-secret
+SSO_ADFS_CLIENT_SECRET=your-adfs-client-secret  # pragma: allowlist secret
 SSO_ADFS_AUTHORIZATION_URL=https://adfs.ds.example.net/adfs/oauth2/authorize/
 SSO_ADFS_TOKEN_URL=https://adfs.ds.example.net/adfs/oauth2/token/
 SSO_ADFS_ISSUER=https://adfs.ds.example.net/adfs
@@ -222,7 +222,7 @@ Expected response:
 
 **Cause**: The ID token is malformed or not present in the token response.
 
-**Solution**: 
+**Solution**:
 1. Verify that ADFS is configured to return an ID token
 2. Check that the `openid` scope is included in the authorization request
 3. Review ADFS logs for any token generation errors

tests/integration/test_sso_adfs_integration.py

@@ -43,9 +43,9 @@ def cleanup_sso_data(test_db: Session):
     test_db.query(SSOProvider).delete()
     test_db.query(EmailUser).delete()
     test_db.commit()
-    
+
     yield
-    
+
     # Clean up after test
     test_db.query(SSOAuthSession).delete()
     test_db.query(SSOProvider).delete()