refactor: method applications apis

logto-io · Nov 8, 2024 · 6fa36c9 · 6fa36c9
1 parent 5bdd23b
commit 6fa36c9
Show file tree

Hide file tree

Showing 4 changed files with 19 additions and 65 deletions.
diff --git a/packages/core/src/routes/applications/application.ts b/packages/core/src/routes/applications/application.ts
@@ -152,17 +152,8 @@ export default function applicationRoutes<T extends ManagementApiRouter>(
     async (ctx, next) => {
       const { oidcClientMetadata, protectedAppMetadata, ...rest } = ctx.guard.body;
 
-      if (EnvSet.values.isDevFeaturesEnabled && rest.type === ApplicationType.SAML) {
-        // SAML apps should always be third-party apps.
-        assertThat(rest.isThirdParty === true, 'application.saml_app_should_always_be_third_party');
-
-        // SAML apps should not manually specify OIDC client metadata, but should be updated automatically.
-        assertThat(
-          !oidcClientMetadata,
-          'application.should_not_specify_saml_app_oidc_client_metadata'
-        );
-
-        // TODO(@darcy): auto create a SAML app proxy record once the table is ready.
+      if (rest.type === ApplicationType.SAML) {
+        throw new RequestError('application.use_saml_app_api');
       }
 
       await Promise.all([
@@ -179,8 +170,7 @@ export default function applicationRoutes<T extends ManagementApiRouter>(
 
       if (rest.isThirdParty) {
         assertThat(
-          rest.type === ApplicationType.Traditional ||
-            (EnvSet.values.isDevFeaturesEnabled && rest.type === ApplicationType.SAML),
+          rest.type === ApplicationType.Traditional,
           'application.invalid_third_party_application_type'
         );
       }
@@ -278,11 +268,8 @@ export default function applicationRoutes<T extends ManagementApiRouter>(
       const { isAdmin, protectedAppMetadata, ...rest } = body;
 
       const pendingUpdateApplication = await queries.applications.findApplicationById(id);
-      if (
-        EnvSet.values.isDevFeaturesEnabled &&
-        pendingUpdateApplication.type === ApplicationType.SAML
-      ) {
-        throw new RequestError('application.saml_app_cannot_be_updated_with_patch');
+      if (pendingUpdateApplication.type === ApplicationType.SAML) {
+        throw new RequestError('application.use_saml_app_api');
       }
 
       // @deprecated

diff --git a/packages/integration-tests/src/tests/api/application/application.secrets.test.ts b/packages/integration-tests/src/tests/api/application/application.secrets.test.ts
@@ -27,20 +27,22 @@ describe('application secrets', () => {
     await Promise.all(applications.map(async ({ id }) => deleteApplication(id).catch(noop)));
   });
 
-  it.each(Object.values(ApplicationType))(
+  // Exclude SAML app since it has different API for operations.
+  it.each(Object.values(ApplicationType).filter((type) => type !== ApplicationType.SAML))(
     'should or not to create application secret for %s applications per type',
     async (type) => {
-      const application = await createApplication('application', type, {
-        ...cond(
+      const application = await createApplication(
+        'application',
+        type,
+        cond(
           type === ApplicationType.Protected && {
             protectedAppMetadata: {
               origin: 'https://example.com',
               subDomain: randomString(),
             },
           }
-        ),
-        ...cond(type === ApplicationType.SAML && { isThirdParty: true }),
-      });
+        )
+      );
       expect(application.secret).toMatch(new RegExp(`^${internalPrefix}`));
 
       // Check the default secret

diff --git a/packages/integration-tests/src/tests/api/application/application.test.ts b/packages/integration-tests/src/tests/api/application/application.test.ts
@@ -36,45 +36,14 @@ describe('application APIs', () => {
   });
 
   it('should throw error when creating a non-third party SAML application', async () => {
-    await expectRejects(
-      createApplication('test-create-saml-app', ApplicationType.SAML, {
-        isThirdParty: false,
-      }),
-      { code: 'application.saml_app_should_always_be_third_party', status: 400 }
-    );
-  });
-
-  it('should throw error when creating a SAML application with OIDC client metadata specified', async () => {
-    await expectRejects(
-      createApplication('test-create-saml-app', ApplicationType.SAML, {
-        isThirdParty: true,
-        oidcClientMetadata: {
-          redirectUris: ['https://example.com'],
-          postLogoutRedirectUris: ['https://example.com'],
-        },
-      }),
-      { code: 'application.should_not_specify_saml_app_oidc_client_metadata', status: 400 }
-    );
-  });
-
-  it('should create SAML third party application successfully and can not be updated with PATCH', async () => {
-    const samlApplication = await createApplication('test-create-saml-app', ApplicationType.SAML, {
-      isThirdParty: true,
+    await expectRejects(createApplication('test-create-saml-app', ApplicationType.SAML), {
+      code: 'application.use_saml_app_api',
+      status: 400,
     });
-
-    expect(samlApplication.type).toBe(ApplicationType.SAML);
-    expect(samlApplication.isThirdParty).toBe(true);
-
-    await expectRejects(
-      updateApplication(samlApplication.id, {
-        name: 'test-update-saml-app',
-      }),
-      { code: 'application.saml_app_cannot_be_updated_with_patch', status: 400 }
-    );
-
-    await deleteApplication(samlApplication.id);
   });
 
+  // TODO: add tests for blocking updating SAML application with `PATCH /applications/:id` API, we can not do it before we implement the `POST /saml-applications` API
+
   it('should create OIDC third party application successfully', async () => {
     const applicationName = 'test-third-party-app';
 

diff --git a/packages/phrases/src/locales/en/errors/application.ts b/packages/phrases/src/locales/en/errors/application.ts
@@ -10,11 +10,7 @@ const application = {
   protected_app_metadata_is_required: 'Protected app metadata is required.',
   protected_app_not_configured:
     'Protected app provider is not configured. This feature is not available for open source version.',
-  saml_app_should_always_be_third_party: 'SAML app should always be a third-party app.',
-  should_not_specify_saml_app_oidc_client_metadata:
-    'Should not specify OIDC client metadata for SAML apps.',
-  saml_app_cannot_be_updated_with_patch:
-    'Use `PATCH /saml-applications/:id` API to update SAML app.',
+  use_saml_app_api: 'Use `METHOD /saml-applications(/*)` API to operate SAML app.',
   cloudflare_unknown_error: 'Got unknown error when requesting Cloudflare API',
   protected_application_only: 'The feature is only available for protected applications.',
   protected_application_misconfigured: 'Protected application is misconfigured.',