Skip to content

Commit c8b7d11

Browse files
jaredhansonjaredhanson
committed
Clarify test cases.
1 parent 4a20270 commit c8b7d11

File tree

2 files changed

+71
-0
lines changed

2 files changed

+71
-0
lines changed

test/oauth2.options.test.js

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -365,6 +365,7 @@ describe('OAuth2Strategy', function() {
365365
});
366366
});
367367

368+
// OK
368369
describe('with relative callback URL and trust proxy option', function() {
369370
var strategy = new OAuth2Strategy({
370371
authorizationURL: 'https://www.example.com/oauth2/authorize',
@@ -419,6 +420,7 @@ describe('OAuth2Strategy', function() {
419420
});
420421
});
421422

423+
// OK
422424
describe('handling a request to be redirected for authorization that contains trusted x-forwarded-host header', function() {
423425
var url;
424426

test/oauth2.test.js

Lines changed: 69 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1398,6 +1398,75 @@ describe('OAuth2Strategy', function() {
13981398
});
13991399
}); // that is not trusted by app and sets x-forwarded-proto and x-forwarded-host
14001400

1401+
describe('that is trusted by strategy and sets x-forwarded-proto', function() {
1402+
var strategy = new OAuth2Strategy({
1403+
authorizationURL: 'https://www.example.com/oauth2/authorize',
1404+
tokenURL: 'https://www.example.com/oauth2/token',
1405+
clientID: 'ABC123',
1406+
clientSecret: 'secret',
1407+
callbackURL: '/auth/example/callback',
1408+
proxy: true
1409+
},
1410+
function(accessToken, refreshToken, profile, done) {});
1411+
1412+
1413+
var url;
1414+
1415+
before(function(done) {
1416+
chai.passport.use(strategy)
1417+
.redirect(function(u) {
1418+
url = u;
1419+
done();
1420+
})
1421+
.req(function(req) {
1422+
req.url = '/auth/example';
1423+
req.headers.host = 'www.example.net';
1424+
req.headers['x-forwarded-proto'] = 'https';
1425+
req.connection = {};
1426+
})
1427+
.authenticate();
1428+
});
1429+
1430+
it('should be redirected', function() {
1431+
expect(url).to.equal('https://www.example.com/oauth2/authorize?response_type=code&redirect_uri=https%3A%2F%2Fwww.example.net%2Fauth%2Fexample%2Fcallback&client_id=ABC123');
1432+
});
1433+
}); // that is trusted by strategy and sets x-forwarded-proto
1434+
1435+
describe('that is trusted by strategy and sets x-forwarded-proto and x-forwarded-host', function() {
1436+
var strategy = new OAuth2Strategy({
1437+
authorizationURL: 'https://www.example.com/oauth2/authorize',
1438+
tokenURL: 'https://www.example.com/oauth2/token',
1439+
clientID: 'ABC123',
1440+
clientSecret: 'secret',
1441+
callbackURL: '/auth/example/callback',
1442+
proxy: true
1443+
},
1444+
function(accessToken, refreshToken, profile, done) {});
1445+
1446+
1447+
var url;
1448+
1449+
before(function(done) {
1450+
chai.passport.use(strategy)
1451+
.redirect(function(u) {
1452+
url = u;
1453+
done();
1454+
})
1455+
.req(function(req) {
1456+
req.url = '/auth/example';
1457+
req.headers.host = 'server.internal';
1458+
req.headers['x-forwarded-proto'] = 'https';
1459+
req.headers['x-forwarded-host'] = 'www.example.net';
1460+
req.connection = {};
1461+
})
1462+
.authenticate();
1463+
});
1464+
1465+
it('should be redirected', function() {
1466+
expect(url).to.equal('https://www.example.com/oauth2/authorize?response_type=code&redirect_uri=https%3A%2F%2Fwww.example.net%2Fauth%2Fexample%2Fcallback&client_id=ABC123');
1467+
});
1468+
}); // that is trusted by strategy and sets x-forwarded-proto and x-forwarded-host
1469+
14011470
}); // from behind a secure proxy
14021471

14031472
}); // issuing authorization request

0 commit comments

Comments
 (0)