Merge pull request #262 from auth0/fix/sso-binding-methods

fix(react): use full saml urn format for sso binding methods

Author: rax7389

packages/react/src/components/auth0/my-organization/shared/idp-management/sso-provider-create/provider-configure/__tests__/samlp-sso-configure-form.test.tsx

@@ -0,0 +1,108 @@
+import { screen, waitFor } from '@testing-library/react';
+import userEvent from '@testing-library/user-event';
+import React from 'react';
+import { vi, describe, it, expect, beforeEach } from 'vitest';
+
+import type { SamlpConfigureFormHandle } from '@/components/auth0/my-organization/shared/idp-management/sso-provider-create/provider-configure/samlp-sso-configure-form';
+import { SamlpProviderForm } from '@/components/auth0/my-organization/shared/idp-management/sso-provider-create/provider-configure/samlp-sso-configure-form';
+import { createMockI18nService, renderWithProviders } from '@/tests/utils';
+
+describe('SamlpProviderForm', () => {
+  beforeEach(() => {
+    vi.clearAllMocks();
+
+    createMockI18nService().translator('idp_management.create_sso_provider.provider_configure');
+  });
+
+  describe('binding method', () => {
+    describe('URN format', () => {
+      it('should use full SAML URN format for default binding method value', async () => {
+        const formRef = React.createRef<SamlpConfigureFormHandle>();
+        renderWithProviders(<SamlpProviderForm ref={formRef} idpConfig={null} />);
+
+        await waitFor(() => {
+          const data = formRef.current?.getData();
+          expect(data?.bindingMethod).toBe('urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST');
+        });
+      });
+
+      it('should preserve initial binding method value with full URN format', async () => {
+        const formRef = React.createRef<SamlpConfigureFormHandle>();
+        const initialData = {
+          bindingMethod: 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect',
+          metadataUrl: 'https://example.com/metadata',
+        };
+
+        renderWithProviders(
+          <SamlpProviderForm ref={formRef} idpConfig={null} initialData={initialData} />,
+        );
+
+        await waitFor(() => {
+          const data = formRef.current?.getData();
+          expect(data?.bindingMethod).toBe('urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect');
+        });
+      });
+    });
+
+    describe('rendering', () => {
+      it('should render binding method field in advanced settings', async () => {
+        const user = userEvent.setup();
+        renderWithProviders(<SamlpProviderForm idpConfig={null} />);
+
+        const accordionTrigger = screen.getByRole('button', {
+          name: 'fields.samlp.advanced_settings.title',
+        });
+        await user.click(accordionTrigger);
+
+        expect(
+          screen.getByText('fields.samlp.advanced_settings.request_protocol_binding.label'),
+        ).toBeInTheDocument();
+      });
+    });
+  });
+
+  describe('advanced settings', () => {
+    describe('sign request', () => {
+      it('should render signature algorithm fields when sign request is enabled', async () => {
+        const user = userEvent.setup();
+        renderWithProviders(<SamlpProviderForm idpConfig={null} />);
+
+        expect(
+          screen.queryByText('fields.samlp.advanced_settings.sign_request_algorithm.label'),
+        ).not.toBeInTheDocument();
+
+        const accordionTrigger = screen.getByRole('button', {
+          name: 'fields.samlp.advanced_settings.title',
+        });
+        await user.click(accordionTrigger);
+
+        const checkbox = screen.getByRole('checkbox');
+        await user.click(checkbox);
+
+        expect(
+          screen.getByText('fields.samlp.advanced_settings.sign_request_algorithm.label'),
+        ).toBeInTheDocument();
+        expect(
+          screen.getByText('fields.samlp.advanced_settings.sign_request_algorithm_digest.label'),
+        ).toBeInTheDocument();
+      });
+    });
+  });
+
+  describe('form dirty state', () => {
+    it('should call onFormDirty when form becomes dirty', async () => {
+      const user = userEvent.setup();
+      const onFormDirty = vi.fn();
+      renderWithProviders(<SamlpProviderForm idpConfig={null} onFormDirty={onFormDirty} />);
+
+      const metadataUrlField = screen.getByPlaceholderText(
+        'fields.samlp.meta_data_url.placeholder',
+      );
+      await user.type(metadataUrlField, 'https://example.com/metadata');
+
+      await waitFor(() => {
+        expect(onFormDirty).toHaveBeenLastCalledWith(true);
+      });
+    });
+  });
+});

packages/react/src/components/auth0/my-organization/shared/idp-management/sso-provider-create/provider-configure/samlp-sso-configure-form.tsx

@@ -62,8 +62,8 @@ const DIGEST_ALGORITHMS = [
 ] as const;
 
 const BINDING_METHODS = [
-  { value: 'HTTP-Redirect', label: 'HTTP-Redirect' },
-  { value: 'HTTP-POST', label: 'HTTP-POST' },
+  { value: 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect', label: 'HTTP-Redirect' },
+  { value: 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST', label: 'HTTP-POST' },
 ] as const;
 
 export interface SamlpConfigureFormHandle {
@@ -103,7 +103,7 @@ export const SamlpProviderForm = React.forwardRef<
       signSAMLRequest: samlpData?.signSAMLRequest || false,
       signatureAlgorithm: samlpData?.signatureAlgorithm || 'rsa-sha256',
       digestAlgorithm: samlpData?.digestAlgorithm || 'sha256',
-      bindingMethod: samlpData?.bindingMethod || 'HTTP-POST',
+      bindingMethod: samlpData?.bindingMethod || 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST',
     },
   });