techies/authelia
1
0
Fork 0
mirror of https://github.com/0rangebananaspy/authelia.git synced 2024-09-14 22:47:21 +07:00
Code Issues Projects Releases Wiki Activity

Merge pull request from clems4ever/verify-redirect

Browse Source 
Support 'redirect' parameter in /api/verify endpoint to support Traefik
This commit is contained in:
Clément Michaud 2017-12-06 13:46:25 +01:00 committed by GitHub
commit 8a1f38f2f1
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
13 changed files with 244 additions and 65 deletions
.travis.ymlREADME.md
doc
api_data.jsapi_data.jsonapi_project.jsapi_project.json
example/nginx/portal
nginx.conf
server
src/lib
ErrorReplies.ts
routes/verify
get.ts
test/routes/verify
get.test.ts
shared
api.ts
test/features
authelia.feature
step_definitions
authelia.ts

1
.travis.yml
View File

@ -23,6 +23,7 @@ addons:
- mx1.mail.example.com
- mx2.mail.example.com
- public.example.com
- authelia.example.com
before_install:
- npm install -g npm@'>=2.13.5'

6
README.md
View File

@ -4,9 +4,9 @@
[![Build](https://travis-ci.org/clems4ever/authelia.svg?branch=master)](https://travis-ci.org/clems4ever/authelia)
[![Gitter](https://img.shields.io/gitter/room/badges/shields.svg)](https://gitter.im/authelia/general?utm_source=share-link&utm_medium=link&utm_campaign=share-link)
**Authelia** is a complete HTTP 2-factor authentication server for proxies like
nginx. It has been made to work with nginx [auth_request] module and is currently
used in production to secure internal services in a small docker swarm cluster.
**Authelia** is a complete HTTP 2-factor authentication server for proxies like
Nginx or Traefik. It has been designed to be proxy agnostic so that you can
use whichever proxy supporting authentication forwarding.
# Table of Contents
1. [Features summary](#features-summary)

69
doc/api_data.js
View File

@ -20,7 +20,7 @@ define({ "api": [
}
},
"description": "<p>Serves the login page and create a create a cookie for the client.</p>",
"filename": "src/server/endpoints.ts",
"filename": "shared/api.ts",
"groupTitle": "Authentication"
},
{
@ -56,7 +56,7 @@ define({ "api": [
}
},
"description": "<p>Log out the user and redirect to the URL.</p>",
"filename": "src/server/endpoints.ts",
"filename": "shared/api.ts",
"groupTitle": "Authentication"
},
{
@ -80,7 +80,7 @@ define({ "api": [
}
},
"description": "<p>Serves the second factor page</p>",
"filename": "src/server/endpoints.ts",
"filename": "shared/api.ts",
"groupTitle": "Authentication"
},
{
@ -145,7 +145,7 @@ define({ "api": [
}
},
"description": "<p>Verify credentials against the LDAP.</p>",
"filename": "src/server/endpoints.ts",
"filename": "shared/api.ts",
"groupTitle": "Authentication",
"header": {
"fields": {
@ -169,7 +169,7 @@ define({ "api": [
"group": "PasswordReset",
"version": "1.0.0",
"description": "<p>Start password reset request.</p>",
"filename": "src/server/endpoints.ts",
"filename": "shared/api.ts",
"groupTitle": "PasswordReset",
"header": {
"fields": {
@ -240,7 +240,7 @@ define({ "api": [
"group": "PasswordReset",
"version": "1.0.0",
"description": "<p>Serve a page that requires the username.</p>",
"filename": "src/server/endpoints.ts",
"filename": "shared/api.ts",
"groupTitle": "PasswordReset",
"header": {
"fields": {
@ -277,7 +277,7 @@ define({ "api": [
}
},
"description": "<p>Set a new password for the user.</p>",
"filename": "src/server/endpoints.ts",
"filename": "shared/api.ts",
"groupTitle": "PasswordReset",
"header": {
"fields": {
@ -301,7 +301,7 @@ define({ "api": [
"group": "PasswordReset",
"version": "1.0.0",
"description": "<p>Start password reset request.</p>",
"filename": "src/server/endpoints.ts",
"filename": "shared/api.ts",
"groupTitle": "PasswordReset",
"header": {
"fields": {
@ -366,7 +366,7 @@ define({ "api": [
"group": "TOTP",
"version": "1.0.0",
"description": "<p>Serves the TOTP registration page that displays the secret. The secret is a QRCode and a base32 secret.</p>",
"filename": "src/server/endpoints.ts",
"filename": "shared/api.ts",
"groupTitle": "TOTP",
"header": {
"fields": {
@ -437,7 +437,7 @@ define({ "api": [
"group": "TOTP",
"version": "1.0.0",
"description": "<p>Initiates the identity validation</p>",
"filename": "src/server/endpoints.ts",
"filename": "shared/api.ts",
"groupTitle": "TOTP",
"header": {
"fields": {
@ -521,7 +521,7 @@ define({ "api": [
"group": "Success 302",
"optional": false,
"field": "Redirect",
"description": "<p>to the URL that has been stored during last call to /verify.</p>"
"description": "<p>to the URL that has been stored during last call to /api/verify.</p>"
}
]
}
@ -549,7 +549,7 @@ define({ "api": [
}
},
"description": "<p>Verify TOTP token. The user is authenticated upon success.</p>",
"filename": "src/server/endpoints.ts",
"filename": "shared/api.ts",
"groupTitle": "TOTP",
"header": {
"fields": {
@ -579,7 +579,7 @@ define({ "api": [
"group": "Success 302",
"optional": false,
"field": "Redirect",
"description": "<p>to the URL that has been stored during last call to /verify.</p>"
"description": "<p>to the URL that has been stored during last call to /api/verify.</p>"
}
]
}
@ -607,7 +607,7 @@ define({ "api": [
}
},
"description": "<p>Complete authentication request of the U2F device.</p>",
"filename": "src/server/endpoints.ts",
"filename": "shared/api.ts",
"groupTitle": "U2F",
"header": {
"fields": {
@ -637,13 +637,13 @@ define({ "api": [
"group": "Success 302",
"optional": false,
"field": "Redirect",
"description": "<p>to the URL that has been stored during last call to /verify.</p>"
"description": "<p>to the URL that has been stored during last call to /api/verify.</p>"
}
]
}
},
"description": "<p>Complete U2F registration request.</p>",
"filename": "src/server/endpoints.ts",
"filename": "shared/api.ts",
"groupTitle": "U2F",
"header": {
"fields": {
@ -679,7 +679,7 @@ define({ "api": [
"name": "RequestU2FRegistration",
"group": "U2F",
"version": "1.0.0",
"filename": "src/server/endpoints.ts",
"filename": "shared/api.ts",
"groupTitle": "U2F",
"header": {
"fields": {
@ -745,7 +745,7 @@ define({ "api": [
"group": "U2F",
"version": "1.0.0",
"description": "<p>Serves the U2F registration page that asks the user to touch the token of the U2F device.</p>",
"filename": "src/server/endpoints.ts",
"filename": "shared/api.ts",
"groupTitle": "U2F",
"header": {
"fields": {
@ -850,7 +850,7 @@ define({ "api": [
}
},
"description": "<p>Initiate an authentication request using a U2F device.</p>",
"filename": "src/server/endpoints.ts",
"filename": "shared/api.ts",
"groupTitle": "U2F",
"header": {
"fields": {
@ -908,7 +908,7 @@ define({ "api": [
}
},
"description": "<p>Initiate a U2F device registration request.</p>",
"filename": "src/server/endpoints.ts",
"filename": "shared/api.ts",
"groupTitle": "U2F",
"header": {
"fields": {
@ -926,11 +926,24 @@ define({ "api": [
},
{
"type": "get",
"url": "/verify",
"url": "/api/verify",
"title": "Verify user authentication",
"name": "VerifyAuthentication",
"group": "Verification",
"version": "1.0.0",
"parameter": {
"fields": {
"Parameter": [
{
"group": "Parameter",
"type": "String",
"optional": false,
"field": "redirect",
"description": "<p>Optional parameter set to the url where the user is redirected if access is refused. It is mainly used by Traefik that does not control the redirection itself.</p>"
}
]
}
},
"success": {
"fields": {
"Success 204": [
@ -945,18 +958,26 @@ define({ "api": [
},
"error": {
"fields": {
"Error 302": [
{
"group": "Error 302",
"optional": false,
"field": "redirect",
"description": "<p>The user is redirected if redirect parameter is provided.</p>"
}
],
"Error 401": [
{
"group": "Error 401",
"optional": false,
"field": "status",
"description": "<p>The user is not authenticated.</p>"
"description": "<p>The user get an error if access failed</p>"
}
]
}
},
"description": "<p>Verify that the user is authenticated, i.e., the two factors have been validated</p>",
"filename": "src/server/endpoints.ts",
"description": "<p>Verify that the user is authenticated, i.e., the two factors have been validated. If the user is authenticated the response headers Remote-User and Remote-Groups are set. Remote-User contains the user id of the currently logged in user and Remote-Groups a comma separated list of assigned groups.</p>",
"filename": "shared/api.ts",
"groupTitle": "Verification",
"header": {
"fields": {

69
doc/api_data.json
View File

@ -20,7 +20,7 @@
}
},
"description": "<p>Serves the login page and create a create a cookie for the client.</p>",
"filename": "src/server/endpoints.ts",
"filename": "shared/api.ts",
"groupTitle": "Authentication"
},
{
@ -56,7 +56,7 @@
}
},
"description": "<p>Log out the user and redirect to the URL.</p>",
"filename": "src/server/endpoints.ts",
"filename": "shared/api.ts",
"groupTitle": "Authentication"
},
{
@ -80,7 +80,7 @@
}
},
"description": "<p>Serves the second factor page</p>",
"filename": "src/server/endpoints.ts",
"filename": "shared/api.ts",
"groupTitle": "Authentication"
},
{
@ -145,7 +145,7 @@
}
},
"description": "<p>Verify credentials against the LDAP.</p>",
"filename": "src/server/endpoints.ts",
"filename": "shared/api.ts",
"groupTitle": "Authentication",
"header": {
"fields": {
@ -169,7 +169,7 @@
"group": "PasswordReset",
"version": "1.0.0",
"description": "<p>Start password reset request.</p>",
"filename": "src/server/endpoints.ts",
"filename": "shared/api.ts",
"groupTitle": "PasswordReset",
"header": {
"fields": {
@ -240,7 +240,7 @@
"group": "PasswordReset",
"version": "1.0.0",
"description": "<p>Serve a page that requires the username.</p>",
"filename": "src/server/endpoints.ts",
"filename": "shared/api.ts",
"groupTitle": "PasswordReset",
"header": {
"fields": {
@ -277,7 +277,7 @@
}
},
"description": "<p>Set a new password for the user.</p>",
"filename": "src/server/endpoints.ts",
"filename": "shared/api.ts",
"groupTitle": "PasswordReset",
"header": {
"fields": {
@ -301,7 +301,7 @@
"group": "PasswordReset",
"version": "1.0.0",
"description": "<p>Start password reset request.</p>",
"filename": "src/server/endpoints.ts",
"filename": "shared/api.ts",
"groupTitle": "PasswordReset",
"header": {
"fields": {
@ -366,7 +366,7 @@
"group": "TOTP",
"version": "1.0.0",
"description": "<p>Serves the TOTP registration page that displays the secret. The secret is a QRCode and a base32 secret.</p>",
"filename": "src/server/endpoints.ts",
"filename": "shared/api.ts",
"groupTitle": "TOTP",
"header": {
"fields": {
@ -437,7 +437,7 @@
"group": "TOTP",
"version": "1.0.0",
"description": "<p>Initiates the identity validation</p>",
"filename": "src/server/endpoints.ts",
"filename": "shared/api.ts",
"groupTitle": "TOTP",
"header": {
"fields": {
@ -521,7 +521,7 @@
"group": "Success 302",
"optional": false,
"field": "Redirect",
"description": "<p>to the URL that has been stored during last call to /verify.</p>"
"description": "<p>to the URL that has been stored during last call to /api/verify.</p>"
}
]
}
@ -549,7 +549,7 @@
}
},
"description": "<p>Verify TOTP token. The user is authenticated upon success.</p>",
"filename": "src/server/endpoints.ts",
"filename": "shared/api.ts",
"groupTitle": "TOTP",
"header": {
"fields": {
@ -579,7 +579,7 @@
"group": "Success 302",
"optional": false,
"field": "Redirect",
"description": "<p>to the URL that has been stored during last call to /verify.</p>"
"description": "<p>to the URL that has been stored during last call to /api/verify.</p>"
}
]
}
@ -607,7 +607,7 @@
}
},
"description": "<p>Complete authentication request of the U2F device.</p>",
"filename": "src/server/endpoints.ts",
"filename": "shared/api.ts",
"groupTitle": "U2F",
"header": {
"fields": {
@ -637,13 +637,13 @@
"group": "Success 302",
"optional": false,
"field": "Redirect",
"description": "<p>to the URL that has been stored during last call to /verify.</p>"
"description": "<p>to the URL that has been stored during last call to /api/verify.</p>"
}
]
}
},
"description": "<p>Complete U2F registration request.</p>",
"filename": "src/server/endpoints.ts",
"filename": "shared/api.ts",
"groupTitle": "U2F",
"header": {
"fields": {
@ -679,7 +679,7 @@
"name": "RequestU2FRegistration",
"group": "U2F",
"version": "1.0.0",
"filename": "src/server/endpoints.ts",
"filename": "shared/api.ts",
"groupTitle": "U2F",
"header": {
"fields": {
@ -745,7 +745,7 @@
"group": "U2F",
"version": "1.0.0",
"description": "<p>Serves the U2F registration page that asks the user to touch the token of the U2F device.</p>",
"filename": "src/server/endpoints.ts",
"filename": "shared/api.ts",
"groupTitle": "U2F",
"header": {
"fields": {
@ -850,7 +850,7 @@
}
},
"description": "<p>Initiate an authentication request using a U2F device.</p>",
"filename": "src/server/endpoints.ts",
"filename": "shared/api.ts",
"groupTitle": "U2F",
"header": {
"fields": {
@ -908,7 +908,7 @@
}
},
"description": "<p>Initiate a U2F device registration request.</p>",
"filename": "src/server/endpoints.ts",
"filename": "shared/api.ts",
"groupTitle": "U2F",
"header": {
"fields": {
@ -926,11 +926,24 @@
},
{
"type": "get",
"url": "/verify",
"url": "/api/verify",
"title": "Verify user authentication",
"name": "VerifyAuthentication",
"group": "Verification",
"version": "1.0.0",
"parameter": {
"fields": {
"Parameter": [
{
"group": "Parameter",
"type": "String",
"optional": false,
"field": "redirect",
"description": "<p>Optional parameter set to the url where the user is redirected if access is refused. It is mainly used by Traefik that does not control the redirection itself.</p>"
}
]
}
},
"success": {
"fields": {
"Success 204": [
@ -945,18 +958,26 @@
},
"error": {
"fields": {
"Error 302": [
{
"group": "Error 302",
"optional": false,
"field": "redirect",
"description": "<p>The user is redirected if redirect parameter is provided.</p>"
}
],
"Error 401": [
{
"group": "Error 401",
"optional": false,
"field": "status",
"description": "<p>The user is not authenticated.</p>"
"description": "<p>The user get an error if access failed</p>"
}
]
}
},
"description": "<p>Verify that the user is authenticated, i.e., the two factors have been validated</p>",
"filename": "src/server/endpoints.ts",
"description": "<p>Verify that the user is authenticated, i.e., the two factors have been validated. If the user is authenticated the response headers Remote-User and Remote-Groups are set. Remote-User contains the user id of the currently logged in user and Remote-Groups a comma separated list of assigned groups.</p>",
"filename": "shared/api.ts",
"groupTitle": "Verification",
"header": {
"fields": {

4
doc/api_project.js
View File

@ -1,14 +1,14 @@
define({
"title": "Authelia API documentation",
"name": "authelia",
"version": "2.1.3",
"version": "3.7.0",
"description": "2FA Single Sign-On server for nginx using LDAP, TOTP and U2F",
"sampleUrl": false,
"defaultVersion": "0.0.0",
"apidoc": "0.3.0",
"generator": {
"name": "apidoc",
"time": "2017-06-11T20:41:36.025Z",
"time": "2017-12-04T21:38:44.927Z",
"url": "http://apidocjs.com",
"version": "0.17.6"
}

4
doc/api_project.json
View File

@ -1,14 +1,14 @@
{
"title": "Authelia API documentation",
"name": "authelia",
"version": "2.1.3",
"version": "3.7.0",
"description": "2FA Single Sign-On server for nginx using LDAP, TOTP and U2F",
"sampleUrl": false,
"defaultVersion": "0.0.0",
"apidoc": "0.3.0",
"generator": {
"name": "apidoc",
"time": "2017-06-11T20:41:36.025Z",
"time": "2017-12-04T21:38:44.927Z",
"url": "http://apidocjs.com",
"version": "0.17.6"
}

20
example/nginx/portal/nginx.conf
View File

@ -322,5 +322,25 @@ http {
proxy_pass $upstream_headers;
}
}
server {
listen 443 ssl;
server_name authelia.example.com;
resolver 127.0.0.11 ipv6=off;
set $upstream_endpoint http://authelia;
ssl on;
ssl_certificate /etc/ssl/server.crt;
ssl_certificate_key /etc/ssl/server.key;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
add_header X-Frame-Options "SAMEORIGIN";
location / {
proxy_set_header Host $http_host;
proxy_pass $upstream_endpoint;
}
}
}

9
server/src/lib/ErrorReplies.ts
View File

@ -19,6 +19,15 @@ function replyWithError(req: express.Request, res: express.Response,
};
}
export function redirectTo(redirectUrl: string, req: express.Request,
res: express.Response, logger: IRequestLogger) {
return function(err: Error) {
logger.error(req, "Error: %s", err.message);
logger.debug(req, "Redirecting to %s", redirectUrl);
res.redirect(redirectUrl);
};
}
export function replyWithError400(req: express.Request,
res: express.Response, logger: IRequestLogger) {
return replyWithError(req, res, 400, logger);

17
server/src/lib/routes/verify/get.ts
View File

@ -5,6 +5,7 @@ import ErrorReplies = require("../../ErrorReplies");
import { ServerVariables } from "../../ServerVariables";
import GetWithSessionCookieMethod from "./get_session_cookie";
import GetWithBasicAuthMethod from "./get_basic_auth";
import Constants = require("../../../../../shared/constants");
import { AuthenticationSessionHandler }
from "../../AuthenticationSessionHandler";
@ -50,6 +51,12 @@ function replyWith200(res: Express.Response) {
};
}
function getRedirectParam(req: Express.Request) {
return req.query[Constants.REDIRECT_QUERY_PARAM] != "undefined"
? req.query[Constants.REDIRECT_QUERY_PARAM]
: undefined;
}
export default function (vars: ServerVariables) {
return function (req: Express.Request, res: Express.Response)
: BluebirdPromise<void> {
@ -66,7 +73,15 @@ export default function (vars: ServerVariables) {
.catch(Exceptions.DomainAccessDenied, ErrorReplies
.replyWithError403(req, res, vars.logger))
// The user is not yet authenticated -> 401
.catch(ErrorReplies.replyWithError401(req, res, vars.logger));
.catch(function (err) {
const redirectUrl = getRedirectParam(req);
if (redirectUrl) {
ErrorReplies.redirectTo(redirectUrl, req, res, vars.logger)(err);
}
else {
ErrorReplies.replyWithError401(req, res, vars.logger)(err);
}
});
};
}

37
server/test/routes/verify/get.test.ts
View File

@ -24,11 +24,11 @@ describe("test /api/verify endpoint", function () {
res = ExpressMock.ResponseMock();
req.originalUrl = "/api/xxxx";
req.query = {
redirect: "http://redirect.url"
redirect: "undefined"
};
AuthenticationSessionHandler.reset(req as any);
req.headers.host = "secret.example.com";
const s = ServerVariablesMockBuilder.build(true);
const s = ServerVariablesMockBuilder.build(false);
mocks = s.mocks;
vars = s.variables;
authSession = AuthenticationSessionHandler.get(req as any, vars.logger);
@ -147,9 +147,6 @@ describe("test /api/verify endpoint", function () {
describe("given user tries to access a single factor endpoint", function () {
beforeEach(function () {
req.query = {
redirect: "http://redirect.url"
};
req.headers["host"] = "redirect.url";
mocks.config.authentication_methods.per_subdomain_methods = {
"redirect.url": "single_factor"
@ -220,6 +217,36 @@ describe("test /api/verify endpoint", function () {
});
});
describe("response type 401 | 302", function() {
it("should return error code 401", function() {
mocks.accessController.isAccessAllowedMock.returns(true);
mocks.config.authentication_methods.default_method = "single_factor";
mocks.ldapAuthenticator.authenticateStub.rejects(new Error(
"Invalid credentials"));
req.headers["proxy-authorization"] = "Basic am9objpwYXNzd29yZA==";
return VerifyGet.default(vars)(req as express.Request, res as any)
.then(function () {
Assert(res.status.calledWithExactly(401));
});
});
it("should redirect to provided redirection url", function() {
const REDIRECT_URL = "http://redirection_url.com";
mocks.accessController.isAccessAllowedMock.returns(true);
mocks.config.authentication_methods.default_method = "single_factor";
mocks.ldapAuthenticator.authenticateStub.rejects(new Error(
"Invalid credentials"));
req.headers["proxy-authorization"] = "Basic am9objpwYXNzd29yZA==";
req.query["redirect"] = REDIRECT_URL;
return VerifyGet.default(vars)(req as express.Request, res as any)
.then(function () {
Assert(res.redirect.calledWithExactly(REDIRECT_URL));
});
});
});
describe("with basic auth", function () {
it("should authenticate correctly", function () {
mocks.accessController.isAccessAllowedMock.returns(true);

13
shared/api.ts
View File

@ -39,7 +39,7 @@
* @apiUse UserSession
* @apiUse InternalError
*
* @apiSuccess (Success 302) Redirect to the URL that has been stored during last call to /verify.
* @apiSuccess (Success 302) Redirect to the URL that has been stored during last call to /api/verify.
*
* @apiDescription Complete U2F registration request.
*/
@ -68,7 +68,7 @@ export const SECOND_FACTOR_U2F_REGISTER_REQUEST_GET = "/api/u2f/register_request
* @apiUse UserSession
* @apiUse InternalError
*
* @apiSuccess (Success 302) Redirect to the URL that has been stored during last call to /verify.
* @apiSuccess (Success 302) Redirect to the URL that has been stored during last call to /api/verify.
* @apiError (Error 403) {none} error No authentication request has been provided.
*
* @apiDescription Complete authentication request of the U2F device.
@ -100,7 +100,7 @@ export const SECOND_FACTOR_U2F_SIGN_REQUEST_GET = "/api/u2f/sign_request";
*
* @apiParam {String} token TOTP token.
*
* @apiSuccess (Success 302) Redirect to the URL that has been stored during last call to /verify.
* @apiSuccess (Success 302) Redirect to the URL that has been stored during last call to /api/verify.
* @apiError (Error 401) {none} error TOTP token is invalid.
*
* @apiDescription Verify TOTP token. The user is authenticated upon success.
@ -270,8 +270,13 @@ export const SECOND_FACTOR_GET = "/secondfactor";
* @apiVersion 1.0.0
* @apiUse UserSession
*
* @apiParam {String} redirect Optional parameter set to the url where the user
* is redirected if access is refused. It is mainly used by Traefik that does
* not control the redirection itself.
*
* @apiSuccess (Success 204) status The user is authenticated.
* @apiError (Error 401) status The user is not authenticated.
* @apiError (Error 302) redirect The user is redirected if redirect parameter is provided.
* @apiError (Error 401) status The user get an error if access failed
*
* @apiDescription Verify that the user is authenticated, i.e., the two
* factors have been validated.

9
test/features/authelia.feature Normal file
View File

@ -0,0 +1,9 @@
Feature: Generic tests on Authelia endpoints
Scenario: /api/verify replies with error when redirect parameter is not provided
When I query "https://authelia.example.com:8080/api/verify"
Then I get error code 401
Scenario: /api/verify redirects when redirect parameter is provided
When I query "https://authelia.example.com:8080/api/verify?redirect=http://login.example.com:8080"
Then I get redirected to "http://login.example.com:8080"

51
test/features/step_definitions/authelia.ts Normal file
View File

@ -0,0 +1,51 @@
import Cucumber = require("cucumber");
import seleniumWebdriver = require("selenium-webdriver");
import Assert = require("assert");
import Request = require("request-promise");
import Bluebird = require("bluebird");
Cucumber.defineSupportCode(function ({ Given, When, Then, Before, After }) {
Before(function () {
this.jar = Request.jar();
})
When("I query {stringInDoubleQuotes}", function (url: string) {
const that = this;
return Request(url, { followRedirect: false })
.then(function(response) {
console.log(response);
that.response = response;
})
.catch(function(err: Error) {
that.error = err;
})
});
Then("I get error code 401", function() {
const that = this;
return new Bluebird(function(resolve, reject) {
if(that.error && that.error.statusCode == 401) {
resolve();
}
else {
if(that.response)
reject(new Error("No error thrown"));
else if(that.error.statusCode != 401)
reject(new Error("Error code != 401"));
}
});
});
Then("I get redirected to {stringInDoubleQuotes}", function(url: string) {
const that = this;
return new Bluebird(function(resolve, reject) {
if(that.error && that.error.statusCode == 302
&& that.error.message.indexOf(url) > -1) {
resolve();
}
else {
reject(new Error("Not redirected"));
}
});
})
});