feat(auth): redirect to content-server oauth root by default

Fixes #245.
mozilla · Apr 27, 2015 · 34ad867 · 34ad867
1 parent 55ced67
commit 34ad867
Show file tree

Hide file tree

Showing 2 changed files with 23 additions and 3 deletions.
diff --git a/lib/routes/redirect.js b/lib/routes/redirect.js
@@ -11,9 +11,11 @@ function actionToPathname(action) {
     return 'signup';
   } else if (action === 'force_auth') {
     return 'force_auth';
+  } else if (action === 'signin') {
+    return 'signin';
   }
 
-  return 'signin';
+  return '';
 }
 
 module.exports = {

diff --git a/test/api.js b/test/api.js
@@ -174,18 +174,36 @@ describe('/v1', function() {
         }).done(done, done);
       });
 
-      it('redirects with signin action by default', function(done) {
-        Server.api.get('/authorization?client_id=123&state=321&scope=1')
+      it('redirects `action=signin` to signin', function(done) {
+        Server.api
+        .get('/authorization?client_id=123&state=321&scope=1&action=signin&a=b')
         .then(function(res) {
           assert.equal(res.statusCode, 302);
           var redirect = url.parse(res.headers.location, true);
 
+          assert.equal(redirect.query.client_id, '123');
+          assert.equal(redirect.query.state, '321');
+          assert.equal(redirect.query.scope, '1');
+          // unknown query params are forwarded
+          assert.equal(redirect.query.a, 'b');
           var target = url.parse(config.get('contentUrl'), true);
           assert.equal(redirect.pathname, target.pathname + 'signin');
           assert.equal(redirect.host, target.host);
         }).done(done, done);
       });
 
+      it('redirects no action to contentUrl root', function(done) {
+        Server.api.get('/authorization?client_id=123&state=321&scope=1')
+        .then(function(res) {
+          assert.equal(res.statusCode, 302);
+          var redirect = url.parse(res.headers.location, true);
+
+          var target = url.parse(config.get('contentUrl'), true);
+          assert.equal(redirect.pathname, target.pathname);
+          assert.equal(redirect.host, target.host);
+        }).done(done, done);
+      });
+
       it('redirects `action=force_auth` to force_auth', function(done) {
         var endpoint = '/authorization?action=force_auth&email=' +
           encodeURIComponent(VEMAIL);