fix redirect after logging in (#25546)
This commit is contained in:
parent
22a4fed51d
commit
53f5f50b71
|
@ -8,6 +8,7 @@ import url from 'url';
|
|||
export function requestFixture({
|
||||
headers = { accept: 'something/html' },
|
||||
path = '/wat',
|
||||
basePath = '',
|
||||
search = '',
|
||||
payload
|
||||
} = {}) {
|
||||
|
@ -15,6 +16,7 @@ export function requestFixture({
|
|||
raw: { req: { headers } },
|
||||
headers,
|
||||
url: { path, search },
|
||||
getBasePath: () => basePath,
|
||||
query: search ? url.parse(search, { parseQueryString: true }).query : {},
|
||||
payload,
|
||||
state: { user: 'these are the contents of the user client cookie' }
|
||||
|
|
|
@ -44,13 +44,13 @@ describe('BasicAuthenticationProvider', () => {
|
|||
|
||||
it('redirects non-AJAX requests that can not be authenticated to the login page.', async () => {
|
||||
const authenticationResult = await provider.authenticate(
|
||||
requestFixture({ path: '/some-path # that needs to be encoded' }),
|
||||
requestFixture({ path: '/some-path # that needs to be encoded', basePath: '/s/foo' }),
|
||||
null
|
||||
);
|
||||
|
||||
expect(authenticationResult.redirected()).to.be(true);
|
||||
expect(authenticationResult.redirectURL).to.be(
|
||||
'/base-path/login?next=%2Fbase-path%2Fsome-path%20%23%20that%20needs%20to%20be%20encoded'
|
||||
'/base-path/login?next=%2Fs%2Ffoo%2Fsome-path%20%23%20that%20needs%20to%20be%20encoded'
|
||||
);
|
||||
});
|
||||
|
||||
|
|
|
@ -40,7 +40,7 @@ describe('SAMLAuthenticationProvider', () => {
|
|||
});
|
||||
|
||||
it('redirects non-AJAX request that can not be authenticated to the IdP.', async () => {
|
||||
const request = requestFixture({ path: '/some-path' });
|
||||
const request = requestFixture({ path: '/some-path', basePath: '/s/foo' });
|
||||
|
||||
callWithInternalUser
|
||||
.withArgs('shield.samlPrepare')
|
||||
|
@ -61,7 +61,7 @@ describe('SAMLAuthenticationProvider', () => {
|
|||
expect(authenticationResult.redirectURL).to.be('https://idp-host/path/login?SAMLRequest=some%20request%20');
|
||||
expect(authenticationResult.state).to.eql({
|
||||
requestId: 'some-request-id',
|
||||
nextURL: `/test-base-path/some-path`
|
||||
nextURL: `/s/foo/some-path`
|
||||
});
|
||||
});
|
||||
|
||||
|
@ -334,7 +334,7 @@ describe('SAMLAuthenticationProvider', () => {
|
|||
});
|
||||
|
||||
it('initiates SAML handshake for non-AJAX requests if refresh token is used more than once.', async () => {
|
||||
const request = requestFixture({ path: '/some-path' });
|
||||
const request = requestFixture({ path: '/some-path', basePath: '/s/foo' });
|
||||
|
||||
callWithInternalUser
|
||||
.withArgs('shield.samlPrepare')
|
||||
|
@ -372,7 +372,7 @@ describe('SAMLAuthenticationProvider', () => {
|
|||
expect(authenticationResult.redirectURL).to.be('https://idp-host/path/login?SAMLRequest=some%20request%20');
|
||||
expect(authenticationResult.state).to.eql({
|
||||
requestId: 'some-request-id',
|
||||
nextURL: `/test-base-path/some-path`
|
||||
nextURL: `/s/foo/some-path`
|
||||
});
|
||||
});
|
||||
|
||||
|
@ -404,7 +404,7 @@ describe('SAMLAuthenticationProvider', () => {
|
|||
});
|
||||
|
||||
it('initiates SAML handshake for non-AJAX requests if refresh token is expired.', async () => {
|
||||
const request = requestFixture({ path: '/some-path' });
|
||||
const request = requestFixture({ path: '/some-path', basePath: '/s/foo' });
|
||||
|
||||
callWithInternalUser
|
||||
.withArgs('shield.samlPrepare')
|
||||
|
@ -442,7 +442,7 @@ describe('SAMLAuthenticationProvider', () => {
|
|||
expect(authenticationResult.redirectURL).to.be('https://idp-host/path/login?SAMLRequest=some%20request%20');
|
||||
expect(authenticationResult.state).to.eql({
|
||||
requestId: 'some-request-id',
|
||||
nextURL: `/test-base-path/some-path`
|
||||
nextURL: `/s/foo/some-path`
|
||||
});
|
||||
});
|
||||
|
||||
|
|
|
@ -55,7 +55,7 @@ export class BasicAuthenticationProvider {
|
|||
authenticationResult = await this._authenticateViaState(request, state);
|
||||
} else if (authenticationResult.notHandled() && canRedirectRequest(request)) {
|
||||
// If we couldn't handle authentication let's redirect user to the login page.
|
||||
const nextURL = encodeURIComponent(`${this._options.basePath}${request.url.path}`);
|
||||
const nextURL = encodeURIComponent(`${request.getBasePath()}${request.url.path}`);
|
||||
authenticationResult = AuthenticationResult.redirectTo(
|
||||
`${this._options.basePath}/login?next=${nextURL}`
|
||||
);
|
||||
|
|
|
@ -357,7 +357,7 @@ export class SAMLAuthenticationProvider {
|
|||
return AuthenticationResult.redirectTo(
|
||||
redirect,
|
||||
// Store request id in the state so that we can reuse it once we receive `SAMLResponse`.
|
||||
{ requestId, nextURL: `${this._options.basePath}${request.url.path}` }
|
||||
{ requestId, nextURL: `${request.getBasePath()}${request.url.path}` }
|
||||
);
|
||||
} catch (err) {
|
||||
this._options.log(['debug', 'security', 'saml'], `Failed to initiate SAML handshake: ${err.message}`);
|
||||
|
|
Loading…
Reference in a new issue