Merge pull request #133 from ssb-ngi-pointer/tweak-urls
support /login?ssb-http-auth=1
This commit is contained in:
commit
28bded7c52
|
@ -99,7 +99,7 @@ func NewWithSSBHandler(
|
|||
ssb.cookieStore = cookies
|
||||
ssb.bridge = bridge
|
||||
|
||||
m.Get(router.AuthWithSSBLogin).HandlerFunc(ssb.decideMethod)
|
||||
m.Get(router.AuthWithSSBLogin).HandlerFunc(ssb.DecideMethod)
|
||||
m.Get(router.AuthWithSSBServerEvents).HandlerFunc(ssb.eventSource)
|
||||
m.Get(router.AuthWithSSBFinalize).HandlerFunc(ssb.finalizeCookie)
|
||||
|
||||
|
@ -206,8 +206,9 @@ func (h WithSSBHandler) saveCookie(w http.ResponseWriter, req *http.Request, tok
|
|||
return nil
|
||||
}
|
||||
|
||||
// this is the /login landing page which branches out to the different methods based on the query parameters that are present
|
||||
func (h WithSSBHandler) decideMethod(w http.ResponseWriter, req *http.Request) {
|
||||
// this is the /login landing page which branches out to the different methods
|
||||
// based on the query parameters that are present
|
||||
func (h WithSSBHandler) DecideMethod(w http.ResponseWriter, req *http.Request) {
|
||||
queryVals := req.URL.Query()
|
||||
|
||||
var (
|
||||
|
@ -256,7 +257,8 @@ func (h WithSSBHandler) decideMethod(w http.ResponseWriter, req *http.Request) {
|
|||
h.render.Render(w, req, "auth/withssb_server_start.tmpl", http.StatusOK, data)
|
||||
}
|
||||
|
||||
// clientInitiated is called with a client challange (?cc=123) and calls back to the passed client using muxrpc to request a signed solution
|
||||
// clientInitiated is called with a client challange (?cc=123) and calls back to
|
||||
// the passed client using muxrpc to request a signed solution.
|
||||
// if everything checks out it redirects to the admin dashboard
|
||||
func (h WithSSBHandler) clientInitiated(w http.ResponseWriter, req *http.Request, client refs.FeedRef) error {
|
||||
queryParams := req.URL.Query()
|
||||
|
|
|
@ -241,6 +241,39 @@ func TestAuthWithSSBClientInitNotAllowed(t *testing.T) {
|
|||
})
|
||||
}
|
||||
|
||||
func TestAuthWithSSBClientAlternativeRoute(t *testing.T) {
|
||||
ts := setup(t)
|
||||
a, r := assert.New(t), require.New(t)
|
||||
|
||||
// the client isnt a member
|
||||
ts.MembersDB.GetByFeedReturns(roomdb.Member{}, roomdb.ErrNotFound)
|
||||
ts.MockedEndpoints.GetEndpointForReturns(nil, false)
|
||||
|
||||
client, err := keys.NewKeyPair(nil)
|
||||
r.NoError(err)
|
||||
|
||||
cc := signinwithssb.GenerateChallenge()
|
||||
|
||||
urlTo := web.NewURLTo(ts.Router)
|
||||
|
||||
loginURL := urlTo(router.AuthLogin,
|
||||
"ssb-http-auth", 1,
|
||||
"cid", client.Feed.Ref(),
|
||||
"cc", cc,
|
||||
)
|
||||
r.NotNil(loginURL)
|
||||
|
||||
t.Log(loginURL.String())
|
||||
doc, resp := ts.Client.GetHTML(loginURL.String())
|
||||
t.Log()
|
||||
a.Equal(http.StatusForbidden, resp.Code)
|
||||
|
||||
webassert.Localized(t, doc, []webassert.LocalizedElement{
|
||||
// {"#welcome", "AuthWithSSBWelcome"},
|
||||
// {"title", "AuthWithSSBTitle"},
|
||||
})
|
||||
}
|
||||
|
||||
func TestAuthWithSSBClientInitHasClient(t *testing.T) {
|
||||
ts := setup(t)
|
||||
a, r := assert.New(t), require.New(t)
|
||||
|
|
|
@ -237,7 +237,13 @@ func New(
|
|||
bridge,
|
||||
)
|
||||
|
||||
m.Get(router.AuthLogin).Handler(r.StaticHTML("auth/decide_method.tmpl"))
|
||||
m.Get(router.AuthLogin).HandlerFunc(func(w http.ResponseWriter, req *http.Request) {
|
||||
if label := req.URL.Query().Get("ssb-http-auth"); label != "" {
|
||||
authWithSSB.DecideMethod(w, req)
|
||||
} else {
|
||||
r.Render(w, req, "auth/decide_method.tmpl", http.StatusOK, nil)
|
||||
}
|
||||
})
|
||||
|
||||
m.Get(router.AuthFallbackFinalize).HandlerFunc(authWithPassword.Authorize)
|
||||
|
||||
|
|
Loading…
Reference in New Issue