Added a POST route to the SSO routes to support SAML login callbacks

[kasonde]

What does it do?

This PR creates a route that accepts a POST request for SAML login to work with Strapi.

Why is it needed?

TL;DR

We need to add an additional route to this file in the Strapi SSO code to allow SAML login. Instead of sending a GET request to the route:

/connect/:provider

Services like OKTA and OneLogin, i.e SAML SSO login strategies send a POST request there. This results in a 405 error being thrown. Method not allowed .

Details

It turns out that the passport-saml auth strategy is sending a POST request to the route /connect/:provider instead of the expected GET request. This was causing all login attempts to fail, throwing a 405 error. The issue was tracked to this routes.js file. After adding the code below to the array:

{
  method: 'POST',
  path: '/connect/:provider',
  handler: 'authentication.providerLogin',
}

the SSO feature worked again.

How to test it?

Attempt to perform login with a provider like OneLogin or Okta. This currently exists on Strapi v3.x.x and v4.x-next

[codecov]

Codecov Report

Merging #10690 (8e57f8b) into master (e63fb9d) will not change coverage.
The diff coverage is n/a.

❗ Current head 8e57f8b differs from pull request most recent head 41759d3. Consider uploading reports for the commit 41759d3 to get more accurate results

@@           Coverage Diff           @@
##           master   #10690   +/-   ##
=======================================
  Coverage   58.01%   58.01%           
=======================================
  Files         185      185           
  Lines        6431     6431           
  Branches     1398     1398           
=======================================
  Hits         3731     3731           
  Misses       2236     2236           
  Partials      464      464           

Flag	Coverage Δ
front	∅ <ø> (∅)
unit	58.01% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update e63fb9d...41759d3. Read the comment docs.

[Convly]

LGTM, waiting for the checks to pass 🎉

[derrickmehaffy]

LGTM as well, will prob have to wait for next release since we just did v3.6.6 earlier today

[derrickmehaffy]

Tested using passport-saml for another customer and adding this route fixed the issue. Looking to get this merged ASAP and pushed out in a release.