add postLogoutUri tests, relative path & full URI

auth0 · Jan 16, 2020 · dbf9a55 · dbf9a55
1 parent eb36924
commit dbf9a55
Showing 1 changed file with 68 additions and 31 deletions.
diff --git a/test/logout.tests.js b/test/logout.tests.js
@@ -95,41 +95,78 @@ describe('logout route', function() {
 
 
   describe('should use postLogoutRedirectUri if present', function() {
-    let baseUrl;
-    const jar = request.jar();
-
-    before(async function() {
-      const middleware = auth({
-        idpLogout: false,
-        clientID: '__test_client_id__',
-        baseURL: 'https://example.org',
-        issuerBaseURL: 'https://test.auth0.com',
-        appSessionSecret: '__test_session_secret__',
-        postLogoutRedirectUri: '/after-logout-in-auth-config',
-        required: false,
+    describe('should allow relative paths, and prepend with baseURL', () => {
+      let baseUrl;
+      const jar = request.jar();
+
+      before(async function() {
+        const middleware = auth({
+          idpLogout: false,
+          clientID: '__test_client_id__',
+          baseURL: 'https://example.org',
+          issuerBaseURL: 'https://test.auth0.com',
+          appSessionSecret: '__test_session_secret__',
+          postLogoutRedirectUri: '/after-logout-in-auth-config',
+          required: false,
+        });
+        baseUrl = await server.create(middleware);
+        await request.post({
+          uri: '/session',
+          json: {
+            openidTokens: {
+              id_token: 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c'
+            }
+          },
+          baseUrl, jar
+        });
       });
-      baseUrl = await server.create(middleware);
-      await request.post({
-        uri: '/session',
-        json: {
-          openidTokens: {
-            id_token: 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c'
-          }
-        },
-        baseUrl, jar
+
+      it('should redirect to postLogoutRedirectUri in auth() config', async function() {
+        const logoutResponse = await request.get({uri: '/logout', baseUrl, jar, followRedirect: false});
+        assert.equal(logoutResponse.headers.location, 'https://example.org/after-logout-in-auth-config');
+      });
+
+      it('should redirect to returnTo in logout query', async function() {
+        const logoutResponse = await request.get({uri: '/logout', qs: {returnTo: '/after-logout-in-logout-query'}, baseUrl, jar, followRedirect: false});
+        assert.equal(logoutResponse.headers.location, 'https://example.org/after-logout-in-logout-query');
       });
     });
 
-    it('should redirect to postLogoutRedirectUri in auth() config', async function() {
-      const logoutResponse = await request.get({uri: '/logout', baseUrl, jar, followRedirect: false});
-      assert.equal(logoutResponse.headers.location, 'https://example.org/after-logout-in-auth-config');
-    });
-
-    it('should redirect to returnTo in logout query', async function() {
-      const logoutResponse = await request.get({uri: '/logout', qs: {returnTo: '/after-logout-in-logout-query'}, baseUrl, jar, followRedirect: false});
-      assert.equal(logoutResponse.headers.location, 'https://example.org/after-logout-in-logout-query');
+    describe('should allow absolute paths', () => {
+      let baseUrl;
+      const jar = request.jar();
+
+      before(async function() {
+        const middleware = auth({
+          idpLogout: false,
+          clientID: '__test_client_id__',
+          baseURL: 'https://example.org',
+          issuerBaseURL: 'https://test.auth0.com',
+          appSessionSecret: '__test_session_secret__',
+          postLogoutRedirectUri: 'https://external-domain.com/after-logout-in-auth-config',
+          required: false,
+        });
+        baseUrl = await server.create(middleware);
+        await request.post({
+          uri: '/session',
+          json: {
+            openidTokens: {
+              id_token: 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c'
+            }
+          },
+          baseUrl, jar
+        });
+      });
+
+      it('should redirect to postLogoutRedirectUri in auth() config', async function() {
+        const logoutResponse = await request.get({uri: '/logout', baseUrl, jar, followRedirect: false});
+        assert.equal(logoutResponse.headers.location, 'https://external-domain.com/after-logout-in-auth-config');
+      });
+
+      it('should redirect to returnTo in logout query', async function() {
+        const logoutResponse = await request.get({uri: '/logout', qs: {returnTo: 'https://external-domain.com/after-logout-in-logout-query'}, baseUrl, jar, followRedirect: false});
+        assert.equal(logoutResponse.headers.location, 'https://external-domain.com/after-logout-in-logout-query');
+      });
     });
-
   });
-
 });