Added a POST route to the SSO routes to support SAML login callbacks #10690
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What does it do?
This PR creates a route that accepts a POST request for SAML login to work with Strapi.
Why is it needed?
TL;DR
We need to add an additional route to this file in the Strapi SSO code to allow SAML login. Instead of sending a
GET
request to the route:Services like OKTA and OneLogin, i.e SAML SSO login strategies send a
POST
request there. This results in a405
error being thrown.Method not allowed
.Details
It turns out that the
passport-saml
auth strategy is sending aPOST
request to the route/connect/:provider
instead of the expectedGET
request. This was causing all login attempts to fail, throwing a 405 error. The issue was tracked to this routes.js file. After adding the code below to the array:the SSO feature worked again.
How to test it?
Attempt to perform login with a provider like OneLogin or Okta. This currently exists on Strapi v3.x.x and v4.x-next