From cc68eca2f85d6a49f77daa43fc0d4433bf7851fe Mon Sep 17 00:00:00 2001
From: Aswin V <vaswin91@gmail.com>
Date: Thu, 24 Feb 2022 22:06:25 +0530
Subject: [PATCH] Handle POST binding

---
 pages/api/saml/sso.ts | 38 +++++++++++++++++++++++++-------------
 utils/request.ts      |  6 ++++--
 2 files changed, 29 insertions(+), 15 deletions(-)

diff --git a/pages/api/saml/sso.ts b/pages/api/saml/sso.ts
index 8ddfa37..63d545f 100644
--- a/pages/api/saml/sso.ts
+++ b/pages/api/saml/sso.ts
@@ -4,24 +4,36 @@ import { extractSAMLRequestAttributes } from 'utils';
 export default async function handler(req: NextApiRequest, res: NextApiResponse<string>) {
   switch (req.method) {
     case 'GET':
-      return await processSAMLRequest();
+      return await processSAMLRequest(req, res, false);
+    case 'POST':
+      return await processSAMLRequest(req, res, true);
     default:
       return res.status(405).end(`Method ${req.method} Not Allowed`);
   }
+}
 
-  async function processSAMLRequest() {
-    const relayState = <string>req.query.RelayState;
-    const samlRequest = <string>req.query.SAMLRequest;
+async function processSAMLRequest(req: NextApiRequest, res: NextApiResponse, isPost: boolean) {
+  let samlRequest, relayState, isDeflated;
+  if (isPost) {
+    relayState = req.body.RelayState;
+    samlRequest = req.body.SAMLRequest;
+    isDeflated = false;
+  } else {
+    relayState = req.query.RelayState;
+    samlRequest = req.query.SAMLRequest;
+    isDeflated = true;
+  }
+  try {
+    const { id, audience, acsUrl, providerName } = await extractSAMLRequestAttributes(
+      samlRequest,
+      isDeflated
+    );
+    const params = new URLSearchParams({ id, audience, acsUrl, providerName, relayState });
 
-    try {
-      const { id, audience, acsUrl, providerName } = await extractSAMLRequestAttributes(samlRequest);
-      const params = new URLSearchParams({ id, audience, acsUrl, providerName, relayState });
+    res.redirect(302, `/saml/login?${params.toString()}`);
+  } catch (err) {
+    console.error(err);
 
-      res.redirect(302, `/saml/login?${params.toString()}`);
-    } catch (err) {
-      console.error(err);
-
-      res.status(500).send(`Error parsing SAML request`);
-    }
+    res.status(500).send(`Error parsing SAML request`);
   }
 }
diff --git a/utils/request.ts b/utils/request.ts
index 1f3ed25..4eaf5ed 100644
--- a/utils/request.ts
+++ b/utils/request.ts
@@ -18,8 +18,10 @@ const parseXML = (xml: string): Promise<Record<string, any>> => {
 };
 
 // Parse SAMLRequest attributes
-const extractSAMLRequestAttributes = async (samlRequest: string) => {
-  const request = (await inflateRawAsync(Buffer.from(samlRequest, 'base64'))).toString();
+const extractSAMLRequestAttributes = async (samlRequest: string, isDeflated: boolean) => {
+  const request = isDeflated
+    ? (await inflateRawAsync(Buffer.from(samlRequest, 'base64'))).toString()
+    : Buffer.from(samlRequest, 'base64').toString();
   const result = await parseXML(request);
 
   const attributes = result['samlp:AuthnRequest']['$'];