From 7d5f8eac87c6a55f3a73ea1e3766d5e7cebca9ed Mon Sep 17 00:00:00 2001
From: Max Peintner <peintnerm@gmail.com>
Date: Thu, 20 Mar 2025 14:54:02 +0100
Subject: [PATCH] fix: seperate route

---
 apps/login/src/app/(login)/saml-post/page.tsx | 45 +++++++++++++++++++
 apps/login/src/app/login/route.ts             | 36 +++------------
 2 files changed, 50 insertions(+), 31 deletions(-)
 create mode 100644 apps/login/src/app/(login)/saml-post/page.tsx

diff --git a/apps/login/src/app/(login)/saml-post/page.tsx b/apps/login/src/app/(login)/saml-post/page.tsx
new file mode 100644
index 0000000000..bc62efa3b4
--- /dev/null
+++ b/apps/login/src/app/(login)/saml-post/page.tsx
@@ -0,0 +1,45 @@
+"use client";
+
+import { useSearchParams } from "next/navigation";
+import { useEffect } from "react";
+
+export default function SamlPost() {
+  const searchParams = useSearchParams();
+
+  const url = searchParams.get("url");
+  const relayState = searchParams.get("RelayState");
+  const samlResponse = searchParams.get("SAMLResponse");
+
+  console.log(relayState, samlResponse);
+
+  useEffect(() => {
+    // Automatically submit the form after rendering
+    const form = document.getElementById("samlForm") as HTMLFormElement;
+    if (form) {
+      form.submit();
+    }
+  }, []);
+
+  if (!url || !relayState || !samlResponse) {
+    return (
+      <p className="text-center">Missing required parameters for SAML POST.</p>
+    );
+  }
+
+  return (
+    <html lang="en">
+      <head>
+        <meta charSet="UTF-8" />
+        <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+        <title>Redirecting...</title>
+      </head>
+      <body>
+        <form id="samlForm" action={url} method="POST">
+          <input type="hidden" name="RelayState" value={relayState} />
+          <input type="hidden" name="SAMLResponse" value={samlResponse} />
+        </form>
+        <p>Redirecting...</p>
+      </body>
+    </html>
+  );
+}
diff --git a/apps/login/src/app/login/route.ts b/apps/login/src/app/login/route.ts
index 6f97f4d638..a3f1108778 100644
--- a/apps/login/src/app/login/route.ts
+++ b/apps/login/src/app/login/route.ts
@@ -473,43 +473,17 @@ export async function GET(request: NextRequest) {
       if (url && binding.case === "redirect") {
         return NextResponse.redirect(url);
       } else if (url && binding.case === "post") {
-        // Create form data after SAML standard
         const formData = {
           RelayState: binding.value.relayState,
           SAMLResponse: binding.value.samlResponse,
         };
 
-        const formHtml = `
-          <!DOCTYPE html>
-          <html lang="en">
-          <head>
-            <meta charset="UTF-8">
-            <meta name="viewport" content="width=device-width, initial-scale=1.0">
-            <title>Redirecting...</title>
-          </head>
-          <body>
-            <form id="samlForm" action="${url}" method="POST">
-              ${Object.entries(formData)
-                .map(
-                  ([key, value]) =>
-                    `<input type="hidden" name="${key}" value="${value}" />`,
-                )
-                .join("\n")}
-            </form>
-            <script>
-              // Automatically submit the form
-              document.getElementById('samlForm').submit();
-            </script>
-          </body>
-          </html>
-        `;
+        const redirectUrl = new URL(request.nextUrl.origin + "/saml-post");
+        redirectUrl.searchParams.set("url", url);
+        redirectUrl.searchParams.set("RelayState", formData.RelayState);
+        redirectUrl.searchParams.set("SAMLResponse", formData.SAMLResponse);
 
-        // Return the HTML response
-        return new NextResponse(formHtml, {
-          headers: {
-            "Content-Type": "text/html",
-          },
-        });
+        return NextResponse.redirect(redirectUrl.toString());
       } else {
         console.log(
           "could not create response, redirect user to choose other account",