fix: add additional supported saml attributes (#690)

## Description
Adds additional supported client attributes

## Related Issue

Fixes #
<!-- or -->
Relates to #

## Type of change

- [ ] Bug fix (non-breaking change which fixes an issue)
- [ ] New feature (non-breaking change which adds functionality)
- [ ] Other (security config, docs update, etc)

## Checklist before merging

- [ ] Test, docs, adr added or updated as needed
- [ ] [Contributor
Guide](https://github.com/defenseunicorns/uds-template-capability/blob/main/CONTRIBUTING.md)
followed

docs/configuration/uds-operator.md

@@ -211,6 +211,8 @@ The SSO spec supports a subset of the Keycloak attributes for clients, but does
 - oauth2.device.authorization.grant.enabled
 - pkce.code.challenge.method
 - client.session.idle.timeout
+- saml.client.signature
+- saml_assertion_consumer_url_post
 
 ## Exemption
 

src/pepr/operator/crd/validators/package-validator.spec.ts

@@ -471,6 +471,8 @@ describe("Test Allowed SSO Client Attributes", () => {
             "oauth2.device.authorization.grant.enabled": "true",
             "pkce.code.challenge.method": "S256",
             "client.session.idle.timeout": "3600",
+            "saml.client.signature": "false",
+            saml_assertion_consumer_url_post: "https://nexus.uds.dev/saml",
           },
         },
       ],

src/pepr/operator/crd/validators/package-validator.ts

@@ -89,6 +89,8 @@ export async function validator(req: PeprValidateRequest<UDSPackage>) {
     "oauth2.device.authorization.grant.enabled",
     "pkce.code.challenge.method",
     "client.session.idle.timeout",
+    "saml.client.signature",
+    "saml_assertion_consumer_url_post",
   ]);
 
   for (const client of ssoClients) {