Merge pull request #138 from pjvds/no-follow-option
Don't follow redirects opt-out
This commit is contained in:
commit
631ab09b5b
|
@ -29,7 +29,8 @@ exports.OAuth= function(requestUrl, accessUrl, consumerKey, consumerSecret, vers
|
|||
"Connection" : "close",
|
||||
"User-Agent" : "Node authentication"}
|
||||
this._clientOptions= this._defaultClientOptions= {"requestTokenHttpMethod": "POST",
|
||||
"accessTokenHttpMethod": "POST"};
|
||||
"accessTokenHttpMethod": "POST",
|
||||
"followRedirects": true};
|
||||
this._oauthParameterSeperator = ",";
|
||||
};
|
||||
|
||||
|
@ -352,6 +353,7 @@ exports.OAuth.prototype._performSecureRequest= function( oauth_token, oauth_toke
|
|||
request= this._createClient(parsedUrl.port, parsedUrl.hostname, method, path, headers);
|
||||
}
|
||||
|
||||
var clientOptions = this._clientOptions;
|
||||
if( callback ) {
|
||||
var data="";
|
||||
var self= this;
|
||||
|
@ -367,7 +369,7 @@ exports.OAuth.prototype._performSecureRequest= function( oauth_token, oauth_toke
|
|||
callback(null, data, response);
|
||||
} else {
|
||||
// Follow 301 or 302 redirects with Location HTTP header
|
||||
if((response.statusCode == 301 || response.statusCode == 302) && response.headers && response.headers.location) {
|
||||
if((response.statusCode == 301 || response.statusCode == 302) && clientOptions.followRedirects && response.headers && response.headers.location) {
|
||||
self._performSecureRequest( oauth_token, oauth_token_secret, method, response.headers.location, extra_params, post_body, post_content_type, callback);
|
||||
}
|
||||
else {
|
||||
|
|
152
tests/oauth.js
152
tests/oauth.js
|
@ -24,6 +24,12 @@ DummyRequest.prototype.end= function(){
|
|||
}
|
||||
|
||||
vows.describe('OAuth').addBatch({
|
||||
'When newing OAuth': {
|
||||
topic: new OAuth(null, null, null, null, null, null, "PLAINTEXT"),
|
||||
'followRedirects is enabled by default': function (oa) {
|
||||
assert.equal(oa._clientOptions.followRedirects, true)
|
||||
}
|
||||
},
|
||||
'When generating the signature base string described in http://oauth.net/core/1.0/#sig_base_example': {
|
||||
topic: new OAuth(null, null, null, null, null, null, "HMAC-SHA1"),
|
||||
'we get the expected result string': function (oa) {
|
||||
|
@ -471,7 +477,7 @@ vows.describe('OAuth').addBatch({
|
|||
oa._createClient= op;
|
||||
}
|
||||
}
|
||||
}
|
||||
},
|
||||
},
|
||||
'PUT' : {
|
||||
'if no callback is passed' : {
|
||||
|
@ -717,6 +723,78 @@ vows.describe('OAuth').addBatch({
|
|||
oa._createClient= op;
|
||||
}
|
||||
}
|
||||
},
|
||||
'and followRedirect is true' : {
|
||||
'it should (re)perform the secure request but with the new location' : function(oa) {
|
||||
var op= oa._createClient;
|
||||
var psr= oa._performSecureRequest;
|
||||
var responseCounter = 1;
|
||||
var callbackCalled = false;
|
||||
var DummyResponse =function() {
|
||||
if( responseCounter == 1 ){
|
||||
this.statusCode= 301;
|
||||
this.headers= {location:"http://redirectto.com"};
|
||||
responseCounter++;
|
||||
}
|
||||
else {
|
||||
this.statusCode= 200;
|
||||
}
|
||||
}
|
||||
DummyResponse.prototype= events.EventEmitter.prototype;
|
||||
DummyResponse.prototype.setEncoding= function() {}
|
||||
|
||||
try {
|
||||
oa._createClient= function( port, hostname, method, path, headers, sshEnabled ) {
|
||||
return new DummyRequest( new DummyResponse() );
|
||||
}
|
||||
oa._performSecureRequest= function( oauth_token, oauth_token_secret, method, url, extra_params, post_body, post_content_type, callback ) {
|
||||
if( responseCounter == 1 ) {
|
||||
assert.equal(url, "http://originalurl.com");
|
||||
}
|
||||
else {
|
||||
assert.equal(url, "http://redirectto.com");
|
||||
}
|
||||
return psr.call(oa, oauth_token, oauth_token_secret, method, url, extra_params, post_body, post_content_type, callback )
|
||||
}
|
||||
|
||||
oa._performSecureRequest("token", "token_secret", 'POST', 'http://originalurl.com', {"scope": "foobar,1,2"}, null, null, function() {
|
||||
// callback
|
||||
assert.equal(responseCounter, 2);
|
||||
callbackCalled= true;
|
||||
});
|
||||
assert.equal(callbackCalled, true)
|
||||
}
|
||||
finally {
|
||||
oa._createClient= op;
|
||||
oa._performSecureRequest= psr;
|
||||
}
|
||||
}
|
||||
},
|
||||
'and followRedirect is false' : {
|
||||
'it should not perform the secure request with the new location' : function(oa) {
|
||||
var op= oa._createClient;
|
||||
oa.setClientOptions({ followRedirects: false });
|
||||
var DummyResponse =function() {
|
||||
this.statusCode= 301;
|
||||
this.headers= {location:"http://redirectto.com"};
|
||||
}
|
||||
DummyResponse.prototype= events.EventEmitter.prototype;
|
||||
DummyResponse.prototype.setEncoding= function() {}
|
||||
|
||||
try {
|
||||
oa._createClient= function( port, hostname, method, path, headers, sshEnabled ) {
|
||||
return new DummyRequest( new DummyResponse() );
|
||||
}
|
||||
oa._performSecureRequest("token", "token_secret", 'POST', 'http://originalurl.com', {"scope": "foobar,1,2"}, null, null, function(res, data, response) {
|
||||
// callback
|
||||
assert.equal(res.statusCode, 301);
|
||||
});
|
||||
}
|
||||
finally {
|
||||
oa._createClient= op;
|
||||
oa.setClientOptions({followRedirects:true});
|
||||
}
|
||||
}
|
||||
}
|
||||
},
|
||||
'And A 302 redirect is received' : {
|
||||
|
@ -785,6 +863,78 @@ vows.describe('OAuth').addBatch({
|
|||
oa._createClient= op;
|
||||
}
|
||||
}
|
||||
},
|
||||
'and followRedirect is true' : {
|
||||
'it should (re)perform the secure request but with the new location' : function(oa) {
|
||||
var op= oa._createClient;
|
||||
var psr= oa._performSecureRequest;
|
||||
var responseCounter = 1;
|
||||
var callbackCalled = false;
|
||||
var DummyResponse =function() {
|
||||
if( responseCounter == 1 ){
|
||||
this.statusCode= 302;
|
||||
this.headers= {location:"http://redirectto.com"};
|
||||
responseCounter++;
|
||||
}
|
||||
else {
|
||||
this.statusCode= 200;
|
||||
}
|
||||
}
|
||||
DummyResponse.prototype= events.EventEmitter.prototype;
|
||||
DummyResponse.prototype.setEncoding= function() {}
|
||||
|
||||
try {
|
||||
oa._createClient= function( port, hostname, method, path, headers, sshEnabled ) {
|
||||
return new DummyRequest( new DummyResponse() );
|
||||
}
|
||||
oa._performSecureRequest= function( oauth_token, oauth_token_secret, method, url, extra_params, post_body, post_content_type, callback ) {
|
||||
if( responseCounter == 1 ) {
|
||||
assert.equal(url, "http://originalurl.com");
|
||||
}
|
||||
else {
|
||||
assert.equal(url, "http://redirectto.com");
|
||||
}
|
||||
return psr.call(oa, oauth_token, oauth_token_secret, method, url, extra_params, post_body, post_content_type, callback )
|
||||
}
|
||||
|
||||
oa._performSecureRequest("token", "token_secret", 'POST', 'http://originalurl.com', {"scope": "foobar,1,2"}, null, null, function() {
|
||||
// callback
|
||||
assert.equal(responseCounter, 2);
|
||||
callbackCalled= true;
|
||||
});
|
||||
assert.equal(callbackCalled, true)
|
||||
}
|
||||
finally {
|
||||
oa._createClient= op;
|
||||
oa._performSecureRequest= psr;
|
||||
}
|
||||
}
|
||||
},
|
||||
'and followRedirect is false' : {
|
||||
'it should not perform the secure request with the new location' : function(oa) {
|
||||
var op= oa._createClient;
|
||||
oa.setClientOptions({ followRedirects: false });
|
||||
var DummyResponse =function() {
|
||||
this.statusCode= 302;
|
||||
this.headers= {location:"http://redirectto.com"};
|
||||
}
|
||||
DummyResponse.prototype= events.EventEmitter.prototype;
|
||||
DummyResponse.prototype.setEncoding= function() {}
|
||||
|
||||
try {
|
||||
oa._createClient= function( port, hostname, method, path, headers, sshEnabled ) {
|
||||
return new DummyRequest( new DummyResponse() );
|
||||
}
|
||||
oa._performSecureRequest("token", "token_secret", 'POST', 'http://originalurl.com', {"scope": "foobar,1,2"}, null, null, function(res, data, response) {
|
||||
// callback
|
||||
assert.equal(res.statusCode, 302);
|
||||
});
|
||||
}
|
||||
finally {
|
||||
oa._createClient= op;
|
||||
oa.setClientOptions({followRedirects:true});
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue