keep api/federated-saml but move to api/identity-federation

middleware.ts

@@ -10,6 +10,7 @@ const unAuthenticatedApiRoutes = [
   '/api/health',
   '/api/hello',
   '/api/auth/**',
+  '/api/federated-saml/**',
   '/api/identity-federation/**',
   '/api/logout/**',
   '/api/oauth/**',

npm/src/ee/identity-federation/app.ts

@@ -616,7 +616,7 @@ export class App {
 
     const { publicKey } = await getDefaultCertificate();
 
-    const ssoUrl = `${this.opts.externalUrl}/api/federated-saml/sso`;
+    const ssoUrl = `${this.opts.externalUrl}/api/identity-federation/sso`;
     const entityId = `${this.opts.samlAudience}`;
 
     const xml = saml.createIdPMetadataXML({

npm/test/identity-federation/app.test.ts

@@ -149,7 +149,7 @@ tap.test('Federated SAML App', async () => {
 
     t.ok(response);
     t.match(response.entityId, jacksonOptions.samlAudience);
-    t.match(response.ssoUrl, `${jacksonOptions.externalUrl}/api/federated-saml/sso`);
+    t.match(response.ssoUrl, `${jacksonOptions.externalUrl}/api/identity-federation/sso`);
     t.match(response.x509cert, certs.publicKey);
   });
 

npm/test/identity-federation/data/request.xml

@@ -1 +1 @@
-<samlp:AuthnRequest xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="ONELOGIN_082f89d9-a32a-441d-ae49-ab6fc13fe73b" Version="2.0" IssueInstant="2022-11-29T09:04:48Z" ProviderName="Twilio" Destination="http://localhost:5225/api/federated-saml/sso" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" AssertionConsumerServiceURL="https://twilio.com/saml2/acs"><saml:Issuer>https://twilio.com/saml2/entityId</saml:Issuer><samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress" AllowCreate="true" /><samlp:RequestedAuthnContext Comparison="exact"><saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef></samlp:RequestedAuthnContext></samlp:AuthnRequest>
+<samlp:AuthnRequest xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="ONELOGIN_082f89d9-a32a-441d-ae49-ab6fc13fe73b" Version="2.0" IssueInstant="2022-11-29T09:04:48Z" ProviderName="Twilio" Destination="http://localhost:5225/api/identity-federation/sso" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" AssertionConsumerServiceURL="https://twilio.com/saml2/acs"><saml:Issuer>https://twilio.com/saml2/entityId</saml:Issuer><samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress" AllowCreate="true" /><samlp:RequestedAuthnContext Comparison="exact"><saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef></samlp:RequestedAuthnContext></samlp:AuthnRequest>

pages/api/identity-federation/sso.ts

@@ -0,0 +1 @@
+export { default } from '@ee/identity-federation/api/sso';

pages/idp/select.tsx

@@ -203,7 +203,7 @@ export const getServerSideProps = async ({ query, locale, req }) => {
     const params = new URLSearchParams(paramsToRelay);
     const destination =
       samlFedAppId && fedType !== 'oidc'
-        ? `/api/federated-saml/sso?${params}`
+        ? `/api/identity-federation/sso?${params}`
         : `/api/oauth/authorize?${params}`;
 
     return {