diff --git a/client/src/lib/firstfactor/FirstFactorValidator.ts b/client/src/lib/firstfactor/FirstFactorValidator.ts index b7bda3b4..175f3c2c 100644 --- a/client/src/lib/firstfactor/FirstFactorValidator.ts +++ b/client/src/lib/firstfactor/FirstFactorValidator.ts @@ -2,12 +2,19 @@ import BluebirdPromise = require("bluebird"); import Endpoints = require("../../../../shared/api"); import Constants = require("../../../../shared/constants"); +import Util = require("util"); export function validate(username: string, password: string, - redirectUrl: string, onlyBasicAuth: boolean, $: JQueryStatic): BluebirdPromise { + redirectUrl: string, $: JQueryStatic): BluebirdPromise { return new BluebirdPromise(function (resolve, reject) { - const url = Endpoints.FIRST_FACTOR_POST + "?" + Constants.REDIRECT_QUERY_PARAM + "=" + redirectUrl - + "&" + Constants.ONLY_BASIC_AUTH_QUERY_PARAM + "=" + onlyBasicAuth; + let url: string; + if (redirectUrl != undefined) { + const redirectParam = Util.format("%s=%s", Constants.REDIRECT_QUERY_PARAM, redirectUrl); + url = Util.format("%s?%s", Endpoints.FIRST_FACTOR_POST, redirectParam); + } + else { + url = Util.format("%s", Endpoints.FIRST_FACTOR_POST); + } $.ajax({ method: "POST", diff --git a/client/src/lib/firstfactor/index.ts b/client/src/lib/firstfactor/index.ts index fc897ff1..91de7e00 100644 --- a/client/src/lib/firstfactor/index.ts +++ b/client/src/lib/firstfactor/index.ts @@ -17,8 +17,7 @@ export default function (window: Window, $: JQueryStatic, $(UISelectors.PASSWORD_FIELD_ID).val(""); const redirectUrl = QueryParametersRetriever.get(Constants.REDIRECT_QUERY_PARAM); - const onlyBasicAuth = QueryParametersRetriever.get(Constants.ONLY_BASIC_AUTH_QUERY_PARAM) ? true : false; - firstFactorValidator.validate(username, password, redirectUrl, onlyBasicAuth, $) + firstFactorValidator.validate(username, password, redirectUrl, $) .then(onFirstFactorSuccess, onFirstFactorFailure); return false; } diff --git a/client/test/firstfactor/FirstFactorValidator.test.ts b/client/test/firstfactor/FirstFactorValidator.test.ts index 49e4f232..acae7c0d 100644 --- a/client/test/firstfactor/FirstFactorValidator.test.ts +++ b/client/test/firstfactor/FirstFactorValidator.test.ts @@ -13,7 +13,7 @@ describe("test FirstFactorValidator", function () { const jqueryMock = JQueryMock.JQueryMock(); jqueryMock.jquery.ajax.returns(postPromise); - return FirstFactorValidator.validate("username", "password", "http://redirect", false, jqueryMock.jquery as any); + return FirstFactorValidator.validate("username", "password", "http://redirect", jqueryMock.jquery as any); }); function should_fail_first_factor_validation(errorMessage: string) { @@ -27,7 +27,7 @@ describe("test FirstFactorValidator", function () { const jqueryMock = JQueryMock.JQueryMock(); jqueryMock.jquery.ajax.returns(postPromise); - return FirstFactorValidator.validate("username", "password", "http://redirect", false, jqueryMock.jquery as any) + return FirstFactorValidator.validate("username", "password", "http://redirect", jqueryMock.jquery as any) .then(function () { return BluebirdPromise.reject(new Error("First factor validation successfully finished while it should have not.")); }, function (err: Error) { diff --git a/server/src/lib/routes/firstfactor/post.ts b/server/src/lib/routes/firstfactor/post.ts index ae772f4a..b7ba0432 100644 --- a/server/src/lib/routes/firstfactor/post.ts +++ b/server/src/lib/routes/firstfactor/post.ts @@ -48,7 +48,7 @@ export default function (req: express.Request, res: express.Response): BluebirdP JSON.stringify(groupsAndEmails)); authSession.userid = username; authSession.first_factor = true; - const redirectUrl = req.query[Constants.REDIRECT_QUERY_PARAM] != "undefined" + const redirectUrl = req.query[Constants.REDIRECT_QUERY_PARAM] !== "undefined" // Fuck, don't know why it is a string! ? req.query[Constants.REDIRECT_QUERY_PARAM] : undefined; @@ -79,8 +79,9 @@ export default function (req: express.Request, res: express.Response): BluebirdP } else if (authMethod == "two_factor") { let newRedirectUrl = Endpoint.SECOND_FACTOR_GET; - if (redirectUrl !== "undefined") { - newRedirectUrl += "?redirect=" + encodeURIComponent(redirectUrl); + if (redirectUrl) { + newRedirectUrl += "?" + Constants.REDIRECT_QUERY_PARAM + "=" + + encodeURIComponent(redirectUrl); } logger.debug(req, "Redirect to '%s'", newRedirectUrl, typeof redirectUrl); res.send({ diff --git a/server/src/views/layout/layout.pug b/server/src/views/layout/layout.pug index 2c0246a0..3f95cb9b 100644 --- a/server/src/views/layout/layout.pug +++ b/server/src/views/layout/layout.pug @@ -26,5 +26,5 @@ html - script(src="/js/authelia.min.js") + script(src="/js/authelia.js") block entrypoint \ No newline at end of file diff --git a/shared/constants.ts b/shared/constants.ts index 154508de..a566fe0b 100644 --- a/shared/constants.ts +++ b/shared/constants.ts @@ -1,4 +1 @@ - - -export const ONLY_BASIC_AUTH_QUERY_PARAM = "only_basic_auth"; export const REDIRECT_QUERY_PARAM = "redirect"; \ No newline at end of file diff --git a/test/features/basic-auth.feature b/test/features/basic-auth.feature index 34a2ae05..fc8d350d 100644 --- a/test/features/basic-auth.feature +++ b/test/features/basic-auth.feature @@ -2,18 +2,12 @@ Feature: User can access certain subdomains with basic auth @need-registered-user-john Scenario: User is redirected to service after first factor if allowed - When I visit "https://auth.test.local:8080/?redirect=https%3A%2F%2Fbasicauth.test.local%3A8080%2Fsecret.html&only_basic_auth=true" + When I visit "https://auth.test.local:8080/?redirect=https%3A%2F%2Fbasicauth.test.local%3A8080%2Fsecret.html" And I login with user "john" and password "password" Then I'm redirected to "https://basicauth.test.local:8080/secret.html" @need-registered-user-john Scenario: Redirection after first factor fails if basic_auth not allowed. It redirects user to first factor. - When I visit "https://auth.test.local:8080/?redirect=https%3A%2F%2Fadmin.test.local%3A8080%2Fsecret.html&only_basic_auth=true" - And I login with user "john" and password "password" - Then I'm redirected to "https://auth.test.local:8080/?redirect=https%3A%2F%2Fadmin.test.local%3A8080%2Fsecret.html" - - @need-registered-user-john - Scenario: User is redirected to second factor after first factor When I visit "https://auth.test.local:8080/?redirect=https%3A%2F%2Fadmin.test.local%3A8080%2Fsecret.html" And I login with user "john" and password "password" - Then I'm redirected to "https://auth.test.local:8080/secondfactor?redirect=https%3A%2F%2Fadmin.test.local%3A8080%2Fsecret.html" + Then I'm redirected to "https://auth.test.local:8080/?redirect=https%3A%2F%2Fadmin.test.local%3A8080%2Fsecret.html"