Allow for renaming/disabling of `origin` param.
This commit is contained in:
parent
df95e5c571
commit
867165ab23
|
@ -14,6 +14,7 @@ module OmniAuth
|
|||
base.class_eval do
|
||||
option :setup, false
|
||||
option :skip_info, false
|
||||
option :origin_param, 'origin'
|
||||
end
|
||||
end
|
||||
|
||||
|
@ -200,21 +201,26 @@ module OmniAuth
|
|||
def request_call # rubocop:disable CyclomaticComplexity, MethodLength, PerceivedComplexity
|
||||
setup_phase
|
||||
log :info, 'Request phase initiated.'
|
||||
|
||||
# store query params from the request url, extracted in the callback_phase
|
||||
session['omniauth.params'] = request.GET
|
||||
OmniAuth.config.before_request_phase.call(env) if OmniAuth.config.before_request_phase
|
||||
|
||||
if options.form.respond_to?(:call)
|
||||
log :info, 'Rendering form from supplied Rack endpoint.'
|
||||
options.form.call(env)
|
||||
elsif options.form
|
||||
log :info, 'Rendering form from underlying application.'
|
||||
call_app!
|
||||
elsif !options.origin_param
|
||||
request_phase
|
||||
else
|
||||
if request.params['origin']
|
||||
env['rack.session']['omniauth.origin'] = request.params['origin']
|
||||
if request.params[options.origin_param]
|
||||
env['rack.session']['omniauth.origin'] = request.params[options.origin_param]
|
||||
elsif env['HTTP_REFERER'] && !env['HTTP_REFERER'].match(/#{request_path}$/)
|
||||
env['rack.session']['omniauth.origin'] = env['HTTP_REFERER']
|
||||
end
|
||||
|
||||
request_phase
|
||||
end
|
||||
end
|
||||
|
|
|
@ -300,42 +300,60 @@ describe OmniAuth::Strategy do
|
|||
let(:strategy) { ExampleStrategy.new(app, @options || {}) }
|
||||
|
||||
context 'omniauth.origin' do
|
||||
it 'is set on the request phase' do
|
||||
expect { strategy.call(make_env('/auth/test', 'HTTP_REFERER' => 'http://example.com/origin')) }.to raise_error('Request Phase')
|
||||
expect(strategy.last_env['rack.session']['omniauth.origin']).to eq('http://example.com/origin')
|
||||
context 'disabled' do
|
||||
it 'does not set omniauth.origin' do
|
||||
@options = { :origin_param => false }
|
||||
expect { strategy.call(make_env('/auth/test', 'QUERY_STRING' => 'return=/foo')) }.to raise_error('Request Phase')
|
||||
expect(strategy.last_env['rack.session']['omniauth.origin']).to eq(nil)
|
||||
end
|
||||
end
|
||||
|
||||
it 'is turned into an env variable on the callback phase' do
|
||||
expect { strategy.call(make_env('/auth/test/callback', 'rack.session' => {'omniauth.origin' => 'http://example.com/origin'})) }.to raise_error('Callback Phase')
|
||||
expect(strategy.last_env['omniauth.origin']).to eq('http://example.com/origin')
|
||||
context 'custom' do
|
||||
it 'sets from a custom param' do
|
||||
@options = { :origin_param => 'return' }
|
||||
expect { strategy.call(make_env('/auth/test', 'QUERY_STRING' => 'return=/foo')) }.to raise_error('Request Phase')
|
||||
expect(strategy.last_env['rack.session']['omniauth.origin']).to eq('/foo')
|
||||
end
|
||||
end
|
||||
|
||||
it 'sets from the params if provided' do
|
||||
expect { strategy.call(make_env('/auth/test', 'QUERY_STRING' => 'origin=/foo')) }.to raise_error('Request Phase')
|
||||
expect(strategy.last_env['rack.session']['omniauth.origin']).to eq('/foo')
|
||||
end
|
||||
|
||||
it 'is set on the failure env' do
|
||||
expect(OmniAuth.config).to receive(:on_failure).and_return(lambda { |env| env })
|
||||
@options = {:failure => :forced_fail}
|
||||
strategy.call(make_env('/auth/test/callback', 'rack.session' => {'omniauth.origin' => '/awesome'}))
|
||||
end
|
||||
|
||||
context 'with script_name' do
|
||||
it 'is set on the request phase, containing full path' do
|
||||
env = {'HTTP_REFERER' => 'http://example.com/sub_uri/origin', 'SCRIPT_NAME' => '/sub_uri'}
|
||||
expect { strategy.call(make_env('/auth/test', env)) }.to raise_error('Request Phase')
|
||||
expect(strategy.last_env['rack.session']['omniauth.origin']).to eq('http://example.com/sub_uri/origin')
|
||||
context 'default flow' do
|
||||
it 'is set on the request phase' do
|
||||
expect { strategy.call(make_env('/auth/test', 'HTTP_REFERER' => 'http://example.com/origin')) }.to raise_error('Request Phase')
|
||||
expect(strategy.last_env['rack.session']['omniauth.origin']).to eq('http://example.com/origin')
|
||||
end
|
||||
|
||||
it 'is turned into an env variable on the callback phase, containing full path' do
|
||||
env = {
|
||||
'rack.session' => {'omniauth.origin' => 'http://example.com/sub_uri/origin'},
|
||||
'SCRIPT_NAME' => '/sub_uri'
|
||||
}
|
||||
it 'is turned into an env variable on the callback phase' do
|
||||
expect { strategy.call(make_env('/auth/test/callback', 'rack.session' => {'omniauth.origin' => 'http://example.com/origin'})) }.to raise_error('Callback Phase')
|
||||
expect(strategy.last_env['omniauth.origin']).to eq('http://example.com/origin')
|
||||
end
|
||||
|
||||
expect { strategy.call(make_env('/auth/test/callback', env)) }.to raise_error('Callback Phase')
|
||||
expect(strategy.last_env['omniauth.origin']).to eq('http://example.com/sub_uri/origin')
|
||||
it 'sets from the params if provided' do
|
||||
expect { strategy.call(make_env('/auth/test', 'QUERY_STRING' => 'origin=/foo')) }.to raise_error('Request Phase')
|
||||
expect(strategy.last_env['rack.session']['omniauth.origin']).to eq('/foo')
|
||||
end
|
||||
|
||||
it 'is set on the failure env' do
|
||||
expect(OmniAuth.config).to receive(:on_failure).and_return(lambda { |env| env })
|
||||
@options = {:failure => :forced_fail}
|
||||
strategy.call(make_env('/auth/test/callback', 'rack.session' => {'omniauth.origin' => '/awesome'}))
|
||||
end
|
||||
|
||||
context 'with script_name' do
|
||||
it 'is set on the request phase, containing full path' do
|
||||
env = {'HTTP_REFERER' => 'http://example.com/sub_uri/origin', 'SCRIPT_NAME' => '/sub_uri'}
|
||||
expect { strategy.call(make_env('/auth/test', env)) }.to raise_error('Request Phase')
|
||||
expect(strategy.last_env['rack.session']['omniauth.origin']).to eq('http://example.com/sub_uri/origin')
|
||||
end
|
||||
|
||||
it 'is turned into an env variable on the callback phase, containing full path' do
|
||||
env = {
|
||||
'rack.session' => {'omniauth.origin' => 'http://example.com/sub_uri/origin'},
|
||||
'SCRIPT_NAME' => '/sub_uri'
|
||||
}
|
||||
|
||||
expect { strategy.call(make_env('/auth/test/callback', env)) }.to raise_error('Callback Phase')
|
||||
expect(strategy.last_env['omniauth.origin']).to eq('http://example.com/sub_uri/origin')
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
Loading…
Reference in New Issue