Skip to content
Permalink
Browse files

PRESIDECMS-1664 do not authenticate OPTIONS requests

  • Loading branch information...
DominicWatson committed Sep 4, 2019
1 parent 62a2976 commit 0105a6851d589f2dd2dac4a640969f3fe0a6d3e1
@@ -125,6 +125,45 @@ component extends="testbox.system.BaseSpec"{
expect( callLog[1].requestContext.getInstanceIdForComparison() ).toBe( mockRequestContext.getInstanceIdForComparison() );
} );

it( "should authenticate requests", function(){
var restService = getService();
var restResponse = getRestResponse();
var restRequest = getRestRequest();
var mockRequestContext = getMockRequestContext();

restService.$( "createRestResponse", restResponse );
restService.$( "createRestRequest" , restRequest );
restService.$( "processRequest" );
restService.$( "processResponse" );

restService.onRestRequest( "/blah", mockRequestContext );

var callLog = restService.$callLog().authenticateRequest;

expect( callLog.len() ).toBe( 1 );
expect( callLog[1].restRequest ).toBe( restRequest );
expect( callLog[1].restResponse ).toBe( restResponse );
expect( callLog[1].requestContext.getInstanceIdForComparison() ).toBe( mockRequestContext.getInstanceIdForComparison() );
} );

it( "should NOT authenticate OPTIONS requests", function(){
var restService = getService();
var restResponse = getRestResponse();
var restRequest = getRestRequest( verb="OPTIONS" );
var mockRequestContext = getMockRequestContext();

restService.$( "createRestResponse", restResponse );
restService.$( "createRestRequest" , restRequest );
restService.$( "processRequest" );
restService.$( "processResponse" );

restService.onRestRequest( "/blah", mockRequestContext );

var callLog = restService.$callLog().authenticateRequest;

expect( callLog.len() ).toBe( 0 );
} );


} );

@@ -64,11 +64,13 @@ component {
_announceInterception( "onRestRequest", { restRequest=restRequest, restResponse=restResponse } );

if ( !restRequest.getFinished() ) {
authenticateRequest(
restRequest = restRequest
, restResponse = restResponse
, requestContext = arguments.requestContext
);
if ( restRequest.getVerb() != "OPTIONS" ) {
authenticateRequest(
restRequest = restRequest
, restResponse = restResponse
, requestContext = arguments.requestContext
);
}

if ( !restRequest.getFinished() ) {
processRequest(

0 comments on commit 0105a68

Please sign in to comment.
You can’t perform that action at this time.