fix: fix SAML app console issues (#6969)

2025-02-03 21:48:55 -05:00 · 2025-01-22 17:31:30 +08:00 · 2025-01-22 17:31:30 +08:00 · 2633723861
commit 2633723861
parent e2d6302d58
2 changed files with 18 additions and 13 deletions
--- a/packages/console/src/pages/ApplicationDetails/SamlApplicationDetailsContent/utils.ts
+++ b/packages/console/src/pages/ApplicationDetails/SamlApplicationDetailsContent/utils.ts
@ -21,7 +21,7 @@ export const parseSamlApplicationResponseToFormData = (
    nameIdFormat,
    encryptSamlAssertion: encryption?.encryptAssertion ?? false,
    encryptThenSignSamlAssertion: encryption?.encryptThenSign ?? false,
-    certificate: encryption?.certificate,
+    certificate: encryption?.certificate ?? '',
  };
 };

@ -55,14 +55,19 @@ export const parseFormDataToSamlApplicationRequest = (
      acsUrl: acsUrlData,
      nameIdFormat,
      ...cond(
-        encryptSamlAssertion &&
+        encryptSamlAssertion
+          ? cond(
              certificate && {
-            certificate: {
+                encryption: {
                  encryptAssertion: encryptSamlAssertion,
                  certificate,
                  encryptThenSign: encryptThenSignSamlAssertion,
                },
              }
+            )
+          : {
+              encryption: null,
+            }
      ),
    }),
  };
--- a/packages/schemas/src/foundations/jsonb-types/saml-application-configs.ts
+++ b/packages/schemas/src/foundations/jsonb-types/saml-application-configs.ts
@ -51,14 +51,14 @@ export const samlEncryptionGuard = z
 export type SamlEncryption = z.input<typeof samlEncryptionGuard>;

 export enum NameIdFormat {
-  /** The Identity Provider can determine the format. */
-  Unspecified = 'urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified',
-  /** Returns the email address of the user. */
-  EmailAddress = 'urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress',
  /** Uses unique and persistent identifiers for the user. */
  Persistent = 'urn:oasis:names:tc:SAML:2.0:nameid-format:persistent',
+  /** Returns the email address of the user. */
+  EmailAddress = 'urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress',
  /** Uses unique and transient identifiers for the user, which can be different for each session. */
  Transient = 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient',
+  /** The Identity Provider can determine the format. */
+  Unspecified = 'urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified',
 }

 export const nameIdFormatGuard = z.nativeEnum(NameIdFormat);