github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-05-30 02:18:09 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

FIX: Correctly redirect after external login on subfolder sites (#10529)

Browse Source
This commit is contained in:
David Taylor
2020-08-26 15:52:21 +01:00
committed by GitHub
parent 996d5f3b17
commit 4351fa435e
2 changed files with 28 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
spec/requests/omniauth_callbacks_controller_spec.rb
View File

@ -545,6 +545,19 @@ RSpec.describe Users::OmniauthCallbacksController do
expect(cookie_data["destination_url"]).to eq('/t/123')
end
it "redirects to internal origin on subfolder" do
set_subfolder "/subpath"
post "/auth/google_oauth2?origin=http://test.localhost/subpath/t/123"
get "/auth/google_oauth2/callback"
expect(response.status).to eq 302
expect(response.location).to eq "http://test.localhost/subpath/t/123"
cookie_data = JSON.parse(response.cookies['authentication_data'])
expect(cookie_data["destination_url"]).to eq('/subpath/t/123')
end
it "never redirects to /auth/ origin" do
post "/auth/google_oauth2?origin=http://test.localhost/auth/google_oauth2"
get "/auth/google_oauth2/callback"
@ -556,6 +569,19 @@ RSpec.describe Users::OmniauthCallbacksController do
expect(cookie_data["destination_url"]).to eq('/')
end
it "never redirects to /auth/ origin on subfolder" do
set_subfolder "/subpath"
post "/auth/google_oauth2?origin=http://test.localhost/subpath/auth/google_oauth2"
get "/auth/google_oauth2/callback"
expect(response.status).to eq 302
expect(response.location).to eq "http://test.localhost/subpath"
cookie_data = JSON.parse(response.cookies['authentication_data'])
expect(cookie_data["destination_url"]).to eq('/subpath')
end
it "redirects to relative origin" do
post "/auth/google_oauth2?origin=/t/123"
get "/auth/google_oauth2/callback"