Commit 9765831 Lois Desplat
committed Apr 23, 2016
1 parent 4047201 commit 9765831 Copy full SHA for 9765831
File tree 2 files changed +18
-9
lines changed
2 files changed +18
-9
lines changed Original file line number Diff line number Diff line change @@ -197,13 +197,16 @@ exports.v2 = function (settings) {
197197 // Authorization callback
198198
199199 state = request . state [ cookie ] ;
200- if ( ! state ) {
201- if ( request . query && request . query . refresh === 1 ) {
200+ if ( ! state ) {
201+ if ( request . query . refresh ) {
202202 return reply ( Boom . internal ( 'Missing ' + name + ' request token cookie' ) ) ;
203- } else {
204- var url = request . connection . info . protocol + '://' + request . info . host + request . url . path + '&refresh=1' ;
205- return reply ( '<html><head><meta http-equiv="refresh" content="0;URL=\'' + url + '\'"></head><body></body></html>' ) ;
206203 }
204+
205+ // Workaround for some browsers where due to CORS and the redirection method,
206+ // it will not send the state cookie along until the request comes directly from the same domain
207+ const newQuery = Object . assign ( { } , request . url . query , { refresh : 1 } ) ;
208+ const refreshUrl = internals . location ( request , protocol , settings . location ) + '?' + internals . queryString ( newQuery ) ;
209+ return reply ( `<html><head><meta http-equiv="refresh" content="0;URL="${ refreshUrl } ) ;
207210 }
208211
209212 reply . unstate ( cookie ) ;
Original file line number Diff line number Diff line change @@ -1471,7 +1471,7 @@ describe('Bell', () => {
14711471 } ) ;
14721472 } ) ;
14731473
1474- it ( 'errors on missing cookie in token step' , ( done ) => {
1474+ it ( 'refreshes & errors on missing cookie in token step' , ( done ) => {
14751475
14761476 const mock = new Mock . V2 ( ) ;
14771477 mock . start ( ( provider ) => {
@@ -1511,11 +1511,17 @@ describe('Bell', () => {
15111511 mock . server . inject ( res . headers . location , ( mockRes ) => {
15121512
15131513 expect ( mockRes . headers . location ) . to . contain ( 'http://localhost:80/login?code=1&state=' ) ;
1514-
15151514 server . inject ( mockRes . headers . location , ( response ) => {
15161515
1517- expect ( response . statusCode ) . to . equal ( 500 ) ;
1518- mock . stop ( done ) ;
1516+ expect ( response . statusCode ) . to . equal ( 200 ) ;
1517+ const newLocation = mockRes . headers . location + '&refresh=1' ;
1518+ expect ( response . payload ) . to . contain ( newLocation ) ;
1519+
1520+ server . inject ( newLocation , ( errorResponse ) => {
1521+
1522+ expect ( errorResponse . statusCode ) . to . equal ( 500 ) ;
1523+ mock . stop ( done ) ;
1524+ } ) ;
15191525 } ) ;
15201526 } ) ;
15211527 } ) ;
You can’t perform that action at this time.
0 commit comments