mirror of
https://github.com/0rangebananaspy/authelia.git
synced 2024-09-14 22:47:21 +07:00
Remove artifacts of only_basic_auth query param
This commit is contained in:
parent
a0aab77449
commit
9559bff5de
|
@ -2,12 +2,19 @@
|
||||||
import BluebirdPromise = require("bluebird");
|
import BluebirdPromise = require("bluebird");
|
||||||
import Endpoints = require("../../../../shared/api");
|
import Endpoints = require("../../../../shared/api");
|
||||||
import Constants = require("../../../../shared/constants");
|
import Constants = require("../../../../shared/constants");
|
||||||
|
import Util = require("util");
|
||||||
|
|
||||||
export function validate(username: string, password: string,
|
export function validate(username: string, password: string,
|
||||||
redirectUrl: string, onlyBasicAuth: boolean, $: JQueryStatic): BluebirdPromise<string> {
|
redirectUrl: string, $: JQueryStatic): BluebirdPromise<string> {
|
||||||
return new BluebirdPromise<string>(function (resolve, reject) {
|
return new BluebirdPromise<string>(function (resolve, reject) {
|
||||||
const url = Endpoints.FIRST_FACTOR_POST + "?" + Constants.REDIRECT_QUERY_PARAM + "=" + redirectUrl
|
let url: string;
|
||||||
+ "&" + Constants.ONLY_BASIC_AUTH_QUERY_PARAM + "=" + onlyBasicAuth;
|
if (redirectUrl != undefined) {
|
||||||
|
const redirectParam = Util.format("%s=%s", Constants.REDIRECT_QUERY_PARAM, redirectUrl);
|
||||||
|
url = Util.format("%s?%s", Endpoints.FIRST_FACTOR_POST, redirectParam);
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
url = Util.format("%s", Endpoints.FIRST_FACTOR_POST);
|
||||||
|
}
|
||||||
|
|
||||||
$.ajax({
|
$.ajax({
|
||||||
method: "POST",
|
method: "POST",
|
||||||
|
|
|
@ -17,8 +17,7 @@ export default function (window: Window, $: JQueryStatic,
|
||||||
$(UISelectors.PASSWORD_FIELD_ID).val("");
|
$(UISelectors.PASSWORD_FIELD_ID).val("");
|
||||||
|
|
||||||
const redirectUrl = QueryParametersRetriever.get(Constants.REDIRECT_QUERY_PARAM);
|
const redirectUrl = QueryParametersRetriever.get(Constants.REDIRECT_QUERY_PARAM);
|
||||||
const onlyBasicAuth = QueryParametersRetriever.get(Constants.ONLY_BASIC_AUTH_QUERY_PARAM) ? true : false;
|
firstFactorValidator.validate(username, password, redirectUrl, $)
|
||||||
firstFactorValidator.validate(username, password, redirectUrl, onlyBasicAuth, $)
|
|
||||||
.then(onFirstFactorSuccess, onFirstFactorFailure);
|
.then(onFirstFactorSuccess, onFirstFactorFailure);
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
|
@ -13,7 +13,7 @@ describe("test FirstFactorValidator", function () {
|
||||||
const jqueryMock = JQueryMock.JQueryMock();
|
const jqueryMock = JQueryMock.JQueryMock();
|
||||||
jqueryMock.jquery.ajax.returns(postPromise);
|
jqueryMock.jquery.ajax.returns(postPromise);
|
||||||
|
|
||||||
return FirstFactorValidator.validate("username", "password", "http://redirect", false, jqueryMock.jquery as any);
|
return FirstFactorValidator.validate("username", "password", "http://redirect", jqueryMock.jquery as any);
|
||||||
});
|
});
|
||||||
|
|
||||||
function should_fail_first_factor_validation(errorMessage: string) {
|
function should_fail_first_factor_validation(errorMessage: string) {
|
||||||
|
@ -27,7 +27,7 @@ describe("test FirstFactorValidator", function () {
|
||||||
const jqueryMock = JQueryMock.JQueryMock();
|
const jqueryMock = JQueryMock.JQueryMock();
|
||||||
jqueryMock.jquery.ajax.returns(postPromise);
|
jqueryMock.jquery.ajax.returns(postPromise);
|
||||||
|
|
||||||
return FirstFactorValidator.validate("username", "password", "http://redirect", false, jqueryMock.jquery as any)
|
return FirstFactorValidator.validate("username", "password", "http://redirect", jqueryMock.jquery as any)
|
||||||
.then(function () {
|
.then(function () {
|
||||||
return BluebirdPromise.reject(new Error("First factor validation successfully finished while it should have not."));
|
return BluebirdPromise.reject(new Error("First factor validation successfully finished while it should have not."));
|
||||||
}, function (err: Error) {
|
}, function (err: Error) {
|
||||||
|
|
|
@ -48,7 +48,7 @@ export default function (req: express.Request, res: express.Response): BluebirdP
|
||||||
JSON.stringify(groupsAndEmails));
|
JSON.stringify(groupsAndEmails));
|
||||||
authSession.userid = username;
|
authSession.userid = username;
|
||||||
authSession.first_factor = true;
|
authSession.first_factor = true;
|
||||||
const redirectUrl = req.query[Constants.REDIRECT_QUERY_PARAM] != "undefined"
|
const redirectUrl = req.query[Constants.REDIRECT_QUERY_PARAM] !== "undefined"
|
||||||
// Fuck, don't know why it is a string!
|
// Fuck, don't know why it is a string!
|
||||||
? req.query[Constants.REDIRECT_QUERY_PARAM]
|
? req.query[Constants.REDIRECT_QUERY_PARAM]
|
||||||
: undefined;
|
: undefined;
|
||||||
|
@ -79,8 +79,9 @@ export default function (req: express.Request, res: express.Response): BluebirdP
|
||||||
}
|
}
|
||||||
else if (authMethod == "two_factor") {
|
else if (authMethod == "two_factor") {
|
||||||
let newRedirectUrl = Endpoint.SECOND_FACTOR_GET;
|
let newRedirectUrl = Endpoint.SECOND_FACTOR_GET;
|
||||||
if (redirectUrl !== "undefined") {
|
if (redirectUrl) {
|
||||||
newRedirectUrl += "?redirect=" + encodeURIComponent(redirectUrl);
|
newRedirectUrl += "?" + Constants.REDIRECT_QUERY_PARAM + "="
|
||||||
|
+ encodeURIComponent(redirectUrl);
|
||||||
}
|
}
|
||||||
logger.debug(req, "Redirect to '%s'", newRedirectUrl, typeof redirectUrl);
|
logger.debug(req, "Redirect to '%s'", newRedirectUrl, typeof redirectUrl);
|
||||||
res.send({
|
res.send({
|
||||||
|
|
|
@ -26,5 +26,5 @@ html
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
script(src="/js/authelia.min.js")
|
script(src="/js/authelia.js")
|
||||||
block entrypoint
|
block entrypoint
|
|
@ -1,4 +1 @@
|
||||||
|
|
||||||
|
|
||||||
export const ONLY_BASIC_AUTH_QUERY_PARAM = "only_basic_auth";
|
|
||||||
export const REDIRECT_QUERY_PARAM = "redirect";
|
export const REDIRECT_QUERY_PARAM = "redirect";
|
|
@ -2,18 +2,12 @@ Feature: User can access certain subdomains with basic auth
|
||||||
|
|
||||||
@need-registered-user-john
|
@need-registered-user-john
|
||||||
Scenario: User is redirected to service after first factor if allowed
|
Scenario: User is redirected to service after first factor if allowed
|
||||||
When I visit "https://auth.test.local:8080/?redirect=https%3A%2F%2Fbasicauth.test.local%3A8080%2Fsecret.html&only_basic_auth=true"
|
When I visit "https://auth.test.local:8080/?redirect=https%3A%2F%2Fbasicauth.test.local%3A8080%2Fsecret.html"
|
||||||
And I login with user "john" and password "password"
|
And I login with user "john" and password "password"
|
||||||
Then I'm redirected to "https://basicauth.test.local:8080/secret.html"
|
Then I'm redirected to "https://basicauth.test.local:8080/secret.html"
|
||||||
|
|
||||||
@need-registered-user-john
|
@need-registered-user-john
|
||||||
Scenario: Redirection after first factor fails if basic_auth not allowed. It redirects user to first factor.
|
Scenario: Redirection after first factor fails if basic_auth not allowed. It redirects user to first factor.
|
||||||
When I visit "https://auth.test.local:8080/?redirect=https%3A%2F%2Fadmin.test.local%3A8080%2Fsecret.html&only_basic_auth=true"
|
|
||||||
And I login with user "john" and password "password"
|
|
||||||
Then I'm redirected to "https://auth.test.local:8080/?redirect=https%3A%2F%2Fadmin.test.local%3A8080%2Fsecret.html"
|
|
||||||
|
|
||||||
@need-registered-user-john
|
|
||||||
Scenario: User is redirected to second factor after first factor
|
|
||||||
When I visit "https://auth.test.local:8080/?redirect=https%3A%2F%2Fadmin.test.local%3A8080%2Fsecret.html"
|
When I visit "https://auth.test.local:8080/?redirect=https%3A%2F%2Fadmin.test.local%3A8080%2Fsecret.html"
|
||||||
And I login with user "john" and password "password"
|
And I login with user "john" and password "password"
|
||||||
Then I'm redirected to "https://auth.test.local:8080/secondfactor?redirect=https%3A%2F%2Fadmin.test.local%3A8080%2Fsecret.html"
|
Then I'm redirected to "https://auth.test.local:8080/?redirect=https%3A%2F%2Fadmin.test.local%3A8080%2Fsecret.html"
|
||||||
|
|
Loading…
Reference in New Issue
Block a user