@@ -144,12 +144,7 @@ describe('Authentication API (OIDC)', () => {
144144 expect ( cookie ) . to . match ( / S e c u r e / )
145145 } )
146146
147- /* Reflecting https://github.com/solid/web-access-control-spec#referring-to-origins-ie-web-apps
148- where the cookie implies that the user is logged in
149- */
150-
151147 describe ( 'and performing a subsequent request' , ( ) => {
152- // If the user is not logged on, then fail 401 Unauthenticated
153148 describe ( 'without that cookie' , ( ) => {
154149 let response
155150 before ( done => {
@@ -165,32 +160,28 @@ describe('Authentication API (OIDC)', () => {
165160 } )
166161 } )
167162
168- // TODO User not authorized test here
169-
170- // If the Origin header is not present, the succeed 200 OK
171- describe ( 'with that cookie but without origin' , ( ) => {
163+ describe ( 'with that cookie and a non-matching origin' , ( ) => {
172164 let response
173165 before ( done => {
174166 alice . get ( '/' )
175167 . set ( 'Cookie' , cookie )
168+ . set ( 'Origin' , bobServerUri )
176169 . end ( ( err , res ) => {
177170 response = res
178171 done ( err )
179172 } )
180173 } )
181174
182- it ( 'should return a 200 ' , ( ) => {
183- expect ( response ) . to . have . property ( 'status' , 200 )
175+ it ( 'should return a 401 ' , ( ) => {
176+ expect ( response ) . to . have . property ( 'status' , 401 )
184177 } )
185178 } )
186179
187- // Clear cut case
188- describe ( 'with that cookie and a matching origin' , ( ) => {
180+ describe ( 'with that cookie but without origin' , ( ) => {
189181 let response
190182 before ( done => {
191183 alice . get ( '/' )
192184 . set ( 'Cookie' , cookie )
193- . set ( 'Origin' , aliceServerUri )
194185 . end ( ( err , res ) => {
195186 response = res
196187 done ( err )
@@ -202,11 +193,11 @@ describe('Authentication API (OIDC)', () => {
202193 } )
203194 } )
204195
205- // If the Origin is allowed by the ACL, then succeed 200 OK
206- describe ( 'without that cookie but with a matching origin' , ( ) => {
196+ describe ( 'with that cookie and a matching origin' , ( ) => {
207197 let response
208198 before ( done => {
209199 alice . get ( '/' )
200+ . set ( 'Cookie' , cookie )
210201 . set ( 'Origin' , aliceServerUri )
211202 . end ( ( err , res ) => {
212203 response = res
@@ -219,38 +210,34 @@ describe('Authentication API (OIDC)', () => {
219210 } )
220211 } )
221212
222- // Fail 403 Origin Unauthorized
223- describe ( 'without that cookie and a matching origin' , ( ) => {
213+ describe ( 'without that cookie but with a matching origin' , ( ) => {
224214 let response
225215 before ( done => {
226216 alice . get ( '/' )
227- . set ( 'Origin' , bobServerUri )
217+ . set ( 'Origin' , aliceServerUri )
228218 . end ( ( err , res ) => {
229219 response = res
230220 done ( err )
231221 } )
232222 } )
233223
234- it ( 'should return a 403 ' , ( ) => {
235- expect ( response ) . to . have . property ( 'status' , 403 )
224+ it ( 'should return a 401 ' , ( ) => {
225+ expect ( response ) . to . have . property ( 'status' , 401 )
236226 } )
237227 } )
238-
239- // TODO Does this really make sense?
240- describe ( 'with that cookie and a non-matching origin' , ( ) => {
228+ describe ( 'without that cookie and a matching origin' , ( ) => {
241229 let response
242230 before ( done => {
243231 alice . get ( '/' )
244- . set ( 'Cookie' , cookie )
245232 . set ( 'Origin' , bobServerUri )
246233 . end ( ( err , res ) => {
247234 response = res
248235 done ( err )
249236 } )
250237 } )
251238
252- it ( 'should return a 403 ' , ( ) => {
253- expect ( response ) . to . have . property ( 'status' , 403 )
239+ it ( 'should return a 401 ' , ( ) => {
240+ expect ( response ) . to . have . property ( 'status' , 401 )
254241 } )
255242 } )
256243 } )
0 commit comments