From d28be9e3f83dbc369c47825b4e36b56779d0a91a Mon Sep 17 00:00:00 2001 From: Timo Hocker <35867059+TimoHocker@users.noreply.github.com> Date: Tue, 4 Jan 2022 13:39:00 +0100 Subject: [PATCH] fix unreliable 'successful' flag, don't set content-type on leave_open --- lib/AuthHandler.ts | 5 +++-- package.json | 2 +- test/spec/AuthHandler.ts | 29 ++++++++++++++++++++++++++++- 3 files changed, 32 insertions(+), 4 deletions(-) diff --git a/lib/AuthHandler.ts b/lib/AuthHandler.ts index 55dc4c7..f9ce4b6 100644 --- a/lib/AuthHandler.ts +++ b/lib/AuthHandler.ts @@ -86,7 +86,7 @@ class AuthRequest { data, leave_open }: AccessSettings): Promise { - this.default_header (typeof redirect_to !== 'string'); + this.default_header (typeof redirect_to !== 'string' && !leave_open); const at = await auth.sign ( 'access_token', @@ -122,6 +122,8 @@ class AuthRequest { result.refresh_token_id = rt.id; } + this._is_successful = true; + if (typeof redirect_to === 'string') { this.response.setHeader ('Location', redirect_to); this.response.statusCode = 302; @@ -135,7 +137,6 @@ class AuthRequest { this.response.end (JSON.stringify (res)); } - this._is_successful = true; return result; } diff --git a/package.json b/package.json index 6531354..518bb2b 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "@sapphirecode/auth-server-helper", - "version": "2.1.2", + "version": "2.1.3", "main": "dist/index.js", "author": { "name": "Timo Hocker", diff --git a/test/spec/AuthHandler.ts b/test/spec/AuthHandler.ts index 7a8df90..b70c7c2 100644 --- a/test/spec/AuthHandler.ts +++ b/test/spec/AuthHandler.ts @@ -5,6 +5,7 @@ * Created by Timo Hocker , January 2021 */ +/* eslint-disable max-lines */ import http, { IncomingMessage, ServerResponse } from 'http'; import { to_b64 } from '@sapphirecode/encoding-helper'; import auth from '../../lib/Authority'; @@ -55,7 +56,8 @@ describe ('auth handler', () => { beforeAll (() => { clock_setup (); - const ah = create_auth_handler ((req) => { + // eslint-disable-next-line complexity, max-lines-per-function + const ah = create_auth_handler (async (req) => { if (!req.is_basic && !req.is_bearer) { let body_auth = false; try { @@ -94,6 +96,14 @@ describe ('auth handler', () => { redirect_to: '/redirected' }); } + else if (req.user === 'leave' && req.password === 'open') { + req.response.setHeader ('Content-Type', 'text/plain'); + await req.allow_access ({ + access_token_expires_in: expires_seconds, + leave_open: true + }); + req.response.end ('custom response'); + } else { req.deny (); } @@ -320,4 +330,21 @@ describe ('auth handler', () => { error_description: 'unknown authorization type' }); }); + + it ('should not set content-type when leave-open is specified', async () => { + const resp1 = await get ({ authorization: 'Basic leave:open' }); + expect (resp1.statusCode) + .toEqual (200); + expect (resp1.headers['content-type']) + .toEqual ('text/plain'); + expect (resp1.body) + .toEqual ('custom response'); + let signature = ''; + for (const c of resp1.headers['set-cookie'] as string[]) { + if (c.includes ('cookie_jar=')) + signature = c.replace ('cookie_jar=', ''); + } + expect (signature).not.toEqual (''); + check_token (signature, 'access_token'); + }); });