feat(front): UI for saml autoprovisioning and group mapping (#109)

## 📝 Description
- Adds option to enable SAML JIT user provisioning and Group mapping
page
- Adds implementation of the internal_api okta service

![image](https://github.com/user-attachments/assets/eb56c66a-0451-4aef-a55a-92088756ce57)


![image](https://github.com/user-attachments/assets/38c8bc33-8a48-474a-b52e-9702a05c7ab6)


![image](https://github.com/user-attachments/assets/f1119f24-3a27-4f88-a900-a5baac96c819)


## ✅ Checklist
- [x] I have tested this change
- [ ] This change requires documentation update

---------

Co-authored-by: VeljkoMaksimovic <[email protected]>

Author: hamir-suspect

ee/rbac/lib/internal_api/guard.pb.ex

@@ -65,6 +65,25 @@ defmodule InternalApi.Guard.Operation.Name do
   field(:ManageDeploymentTargets, 22)
 end
 
+defmodule InternalApi.Guard.ChangeEmailRequest do
+  @moduledoc false
+
+  use Protobuf, syntax: :proto3, protoc_gen_elixir_version: "0.13.0"
+
+  field(:requester_id, 1, type: :string, json_name: "requesterId")
+  field(:user_id, 2, type: :string, json_name: "userId")
+  field(:email, 3, type: :string)
+end
+
+defmodule InternalApi.Guard.ChangeEmailResponse do
+  @moduledoc false
+
+  use Protobuf, syntax: :proto3, protoc_gen_elixir_version: "0.13.0"
+
+  field(:email, 1, type: :string)
+  field(:msg, 2, type: :string)
+end
+
 defmodule InternalApi.Guard.ResetPasswordRequest do
   @moduledoc false
 
@@ -536,6 +555,8 @@ defmodule InternalApi.Guard.Guard.Service do
     InternalApi.Guard.ResetPasswordRequest,
     InternalApi.Guard.ResetPasswordResponse
   )
+
+  rpc(:ChangeEmail, InternalApi.Guard.ChangeEmailRequest, InternalApi.Guard.ChangeEmailResponse)
 end
 
 defmodule InternalApi.Guard.Guard.Stub do

ee/rbac/lib/internal_api/okta.pb.ex

@@ -11,6 +11,7 @@ defmodule InternalApi.Okta.OktaIntegration do
   field(:idempotency_token, 6, type: :string, json_name: "idempotencyToken")
   field(:saml_issuer, 7, type: :string, json_name: "samlIssuer")
   field(:sso_url, 8, type: :string, json_name: "ssoUrl")
+  field(:jit_provisioning_enabled, 9, type: :bool, json_name: "jitProvisioningEnabled")
 end
 
 defmodule InternalApi.Okta.SetUpRequest do
@@ -24,6 +25,7 @@ defmodule InternalApi.Okta.SetUpRequest do
   field(:saml_certificate, 4, type: :string, json_name: "samlCertificate")
   field(:saml_issuer, 5, type: :string, json_name: "samlIssuer")
   field(:sso_url, 6, type: :string, json_name: "ssoUrl")
+  field(:jit_provisioning_enabled, 7, type: :bool, json_name: "jitProvisioningEnabled")
 end
 
 defmodule InternalApi.Okta.SetUpResponse do
@@ -50,6 +52,48 @@ defmodule InternalApi.Okta.GenerateScimTokenResponse do
   field(:token, 1, type: :string)
 end
 
+defmodule InternalApi.Okta.SetUpGroupMappingRequest do
+  @moduledoc false
+
+  use Protobuf, syntax: :proto3, protoc_gen_elixir_version: "0.13.0"
+
+  field(:org_id, 1, type: :string, json_name: "orgId")
+  field(:default_role_id, 2, type: :string, json_name: "defaultRoleId")
+  field(:mappings, 3, repeated: true, type: InternalApi.Okta.GroupMapping)
+end
+
+defmodule InternalApi.Okta.SetUpGroupMappingResponse do
+  @moduledoc false
+
+  use Protobuf, syntax: :proto3, protoc_gen_elixir_version: "0.13.0"
+end
+
+defmodule InternalApi.Okta.DescribeGroupMappingRequest do
+  @moduledoc false
+
+  use Protobuf, syntax: :proto3, protoc_gen_elixir_version: "0.13.0"
+
+  field(:org_id, 1, type: :string, json_name: "orgId")
+end
+
+defmodule InternalApi.Okta.DescribeGroupMappingResponse do
+  @moduledoc false
+
+  use Protobuf, syntax: :proto3, protoc_gen_elixir_version: "0.13.0"
+
+  field(:default_role_id, 1, type: :string, json_name: "defaultRoleId")
+  field(:mappings, 2, repeated: true, type: InternalApi.Okta.GroupMapping)
+end
+
+defmodule InternalApi.Okta.GroupMapping do
+  @moduledoc false
+
+  use Protobuf, syntax: :proto3, protoc_gen_elixir_version: "0.13.0"
+
+  field(:semaphore_group_id, 1, type: :string, json_name: "semaphoreGroupId")
+  field(:okta_group_id, 2, type: :string, json_name: "oktaGroupId")
+end
+
 defmodule InternalApi.Okta.ListRequest do
   @moduledoc false
 
@@ -115,6 +159,18 @@ defmodule InternalApi.Okta.Okta.Service do
   rpc(:ListUsers, InternalApi.Okta.ListUsersRequest, InternalApi.Okta.ListUsersResponse)
 
   rpc(:Destroy, InternalApi.Okta.DestroyRequest, InternalApi.Okta.DestroyResponse)
+
+  rpc(
+    :SetUpGroupMapping,
+    InternalApi.Okta.SetUpGroupMappingRequest,
+    InternalApi.Okta.SetUpGroupMappingResponse
+  )
+
+  rpc(
+    :DescribeGroupMapping,
+    InternalApi.Okta.DescribeGroupMappingRequest,
+    InternalApi.Okta.DescribeGroupMappingResponse
+  )
 end
 
 defmodule InternalApi.Okta.Okta.Stub do

ee/rbac/lib/internal_api/organization.pb.ex

@@ -27,21 +27,6 @@ defmodule InternalApi.Organization.Member.Role do
   field(:ADMIN, 2)
 end
 
-defmodule InternalApi.Organization.Quota.Type do
-  @moduledoc false
-
-  use Protobuf, enum: true, syntax: :proto3, protoc_gen_elixir_version: "0.13.0"
-
-  field(:MAX_PEOPLE_IN_ORG, 0)
-  field(:MAX_PARALELLISM_IN_ORG, 1)
-  field(:MAX_PROJECTS_IN_ORG, 7)
-  field(:MAX_PARALLEL_E1_STANDARD_2, 2)
-  field(:MAX_PARALLEL_E1_STANDARD_4, 3)
-  field(:MAX_PARALLEL_E1_STANDARD_8, 4)
-  field(:MAX_PARALLEL_A1_STANDARD_4, 5)
-  field(:MAX_PARALLEL_A1_STANDARD_8, 6)
-end
-
 defmodule InternalApi.Organization.OrganizationContact.ContactType do
   @moduledoc false
 
@@ -129,23 +114,6 @@ defmodule InternalApi.Organization.CreateResponse do
   field(:organization, 2, type: InternalApi.Organization.Organization)
 end
 
-defmodule InternalApi.Organization.CreateWithQuotasRequest do
-  @moduledoc false
-
-  use Protobuf, syntax: :proto3, protoc_gen_elixir_version: "0.13.0"
-
-  field(:organization, 1, type: InternalApi.Organization.Organization)
-  field(:quotas, 2, repeated: true, type: InternalApi.Organization.Quota)
-end
-
-defmodule InternalApi.Organization.CreateWithQuotasResponse do
-  @moduledoc false
-
-  use Protobuf, syntax: :proto3, protoc_gen_elixir_version: "0.13.0"
-
-  field(:organization, 1, type: InternalApi.Organization.Organization)
-end
-
 defmodule InternalApi.Organization.UpdateRequest do
   @moduledoc false
 
@@ -420,7 +388,6 @@ defmodule InternalApi.Organization.Organization do
   field(:allowed_id_providers, 13, repeated: true, type: :string, json_name: "allowedIdProviders")
   field(:deny_member_workflows, 14, type: :bool, json_name: "denyMemberWorkflows")
   field(:deny_non_member_workflows, 15, type: :bool, json_name: "denyNonMemberWorkflows")
-  field(:quotas, 8, repeated: true, type: InternalApi.Organization.Quota)
   field(:settings, 16, repeated: true, type: InternalApi.Organization.OrganizationSetting)
 end
 
@@ -450,15 +417,6 @@ defmodule InternalApi.Organization.Member do
   field(:github_uid, 8, type: :string, json_name: "githubUid")
 end
 
-defmodule InternalApi.Organization.Quota do
-  @moduledoc false
-
-  use Protobuf, syntax: :proto3, protoc_gen_elixir_version: "0.13.0"
-
-  field(:type, 1, type: InternalApi.Organization.Quota.Type, enum: true)
-  field(:value, 2, type: :uint32)
-end
-
 defmodule InternalApi.Organization.OrganizationSetting do
   @moduledoc false
 
@@ -468,40 +426,6 @@ defmodule InternalApi.Organization.OrganizationSetting do
   field(:value, 2, type: :string)
 end
 
-defmodule InternalApi.Organization.GetQuotasRequest do
-  @moduledoc false
-
-  use Protobuf, syntax: :proto3, protoc_gen_elixir_version: "0.13.0"
-
-  field(:org_id, 1, type: :string, json_name: "orgId")
-  field(:types, 2, repeated: true, type: InternalApi.Organization.Quota.Type, enum: true)
-end
-
-defmodule InternalApi.Organization.GetQuotaResponse do
-  @moduledoc false
-
-  use Protobuf, syntax: :proto3, protoc_gen_elixir_version: "0.13.0"
-
-  field(:quotas, 1, repeated: true, type: InternalApi.Organization.Quota)
-end
-
-defmodule InternalApi.Organization.UpdateQuotasRequest do
-  @moduledoc false
-
-  use Protobuf, syntax: :proto3, protoc_gen_elixir_version: "0.13.0"
-
-  field(:org_id, 1, type: :string, json_name: "orgId")
-  field(:quotas, 2, repeated: true, type: InternalApi.Organization.Quota)
-end
-
-defmodule InternalApi.Organization.UpdateQuotasResponse do
-  @moduledoc false
-
-  use Protobuf, syntax: :proto3, protoc_gen_elixir_version: "0.13.0"
-
-  field(:quotas, 1, repeated: true, type: InternalApi.Organization.Quota)
-end
-
 defmodule InternalApi.Organization.RepositoryIntegratorsRequest do
   @moduledoc false
 
@@ -719,12 +643,6 @@ defmodule InternalApi.Organization.OrganizationService.Service do
 
   rpc(:Create, InternalApi.Organization.CreateRequest, InternalApi.Organization.CreateResponse)
 
-  rpc(
-    :CreateWithQuotas,
-    InternalApi.Organization.CreateWithQuotasRequest,
-    InternalApi.Organization.CreateWithQuotasResponse
-  )
-
   rpc(:Update, InternalApi.Organization.UpdateRequest, InternalApi.Organization.UpdateResponse)
 
   rpc(:IsValid, InternalApi.Organization.Organization, InternalApi.Organization.IsValidResponse)
@@ -781,18 +699,6 @@ defmodule InternalApi.Organization.OrganizationService.Service do
     InternalApi.Organization.ListSuspensionsResponse
   )
 
-  rpc(
-    :UpdateQuotas,
-    InternalApi.Organization.UpdateQuotasRequest,
-    InternalApi.Organization.UpdateQuotasResponse
-  )
-
-  rpc(
-    :GetQuotas,
-    InternalApi.Organization.GetQuotasRequest,
-    InternalApi.Organization.GetQuotaResponse
-  )
-
   rpc(:Destroy, InternalApi.Organization.DestroyRequest, Google.Protobuf.Empty)
 
   rpc(

ee/rbac/lib/internal_api/projecthub.pb.ex

@@ -78,6 +78,7 @@ defmodule InternalApi.Projecthub.Project.Status.State do
   field(:INITIALIZING, 0)
   field(:READY, 1)
   field(:ERROR, 2)
+  field(:ONBOARDING, 3)
 end
 
 defmodule InternalApi.Projecthub.ListKeysetRequest.Direction do
@@ -472,6 +473,7 @@ defmodule InternalApi.Projecthub.CreateRequest do
 
   field(:metadata, 1, type: InternalApi.Projecthub.RequestMeta)
   field(:project, 2, type: InternalApi.Projecthub.Project)
+  field(:skip_onboarding, 3, type: :bool, json_name: "skipOnboarding")
 end
 
 defmodule InternalApi.Projecthub.CreateResponse do
@@ -699,6 +701,23 @@ defmodule InternalApi.Projecthub.GithubAppSwitchResponse do
   field(:metadata, 1, type: InternalApi.Projecthub.ResponseMeta)
 end
 
+defmodule InternalApi.Projecthub.FinishOnboardingRequest do
+  @moduledoc false
+
+  use Protobuf, syntax: :proto3, protoc_gen_elixir_version: "0.13.0"
+
+  field(:metadata, 1, type: InternalApi.Projecthub.RequestMeta)
+  field(:id, 2, type: :string)
+end
+
+defmodule InternalApi.Projecthub.FinishOnboardingResponse do
+  @moduledoc false
+
+  use Protobuf, syntax: :proto3, protoc_gen_elixir_version: "0.13.0"
+
+  field(:metadata, 1, type: InternalApi.Projecthub.ResponseMeta)
+end
+
 defmodule InternalApi.Projecthub.ProjectCreated do
   @moduledoc false
 
@@ -810,6 +829,12 @@ defmodule InternalApi.Projecthub.ProjectService.Service do
     InternalApi.Projecthub.GithubAppSwitchRequest,
     InternalApi.Projecthub.GithubAppSwitchResponse
   )
+
+  rpc(
+    :FinishOnboarding,
+    InternalApi.Projecthub.FinishOnboardingRequest,
+    InternalApi.Projecthub.FinishOnboardingResponse
+  )
 end
 
 defmodule InternalApi.Projecthub.ProjectService.Stub do

ee/rbac/lib/internal_api/rbac.pb.ex

@@ -247,16 +247,18 @@ end
 
 defmodule InternalApi.RBAC.CountMembersRequest do
   @moduledoc false
-  use Protobuf, protoc_gen_elixir_version: "0.13.0", syntax: :proto3
+
+  use Protobuf, syntax: :proto3, protoc_gen_elixir_version: "0.13.0"
 
   field(:org_id, 1, type: :string, json_name: "orgId")
 end
 
 defmodule InternalApi.RBAC.CountMembersResponse do
   @moduledoc false
-  use Protobuf, protoc_gen_elixir_version: "0.13.0", syntax: :proto3
 
-  field(:members, 1, type: :int32, json_name: "members")
+  use Protobuf, syntax: :proto3, protoc_gen_elixir_version: "0.13.0"
+
+  field(:members, 1, type: :int32)
 end
 
 defmodule InternalApi.RBAC.SubjectRoleBinding do