const route = (r) => `/${options.route[r]}`; // eslint-disable-line security/detect-object-injection
// Service discovery
- this.on(['GET', 'HEAD'], route('metadata'), this.handlerGetMeta.bind(this));
+ this.on(['GET'], route('metadata'), this.handlerGetMeta.bind(this));
// Also respond with metadata on well-known oauth2 endpoint if base has no prefix
if ((options?.dingus?.selfBaseUrl?.match(/\//g) || []).length === 3) {
- this.on(['GET', 'HEAD'], '/.well-known/oauth-authorization-server', this.handlerGetMeta.bind(this));
+ this.on(['GET'], '/.well-known/oauth-authorization-server', this.handlerGetMeta.bind(this));
}
// Primary endpoints
this.on('POST', route('userinfo'), this.handlerPostUserInfo.bind(this));
// Information page about service
- this.on(['GET', 'HEAD'], '/', this.handlerGetRoot.bind(this));
+ this.on(['GET'], '/', this.handlerGetRoot.bind(this));
// Give load-balancers something to check
- this.on(['GET', 'HEAD'], route('healthcheck'), this.handlerGetHealthcheck.bind(this));
+ this.on(['GET'], route('healthcheck'), this.handlerGetHealthcheck.bind(this));
// These routes are intended for accessing static content during development.
// In production, a proxy server would likely handle these first.
- this.on(['GET', 'HEAD'], '/static', this.handlerRedirect.bind(this), `${options.dingus.proxyPrefix}/static/`);
- this.on(['GET', 'HEAD'], '/static/', this.handlerGetStaticFile.bind(this), 'index.html');
- this.on(['GET', 'HEAD'], '/static/:file', this.handlerGetStaticFile.bind(this));
- this.on(['GET', 'HEAD'], '/favicon.ico', this.handlerGetStaticFile.bind(this), 'favicon.ico');
- this.on(['GET', 'HEAD'], '/robots.txt', this.handlerGetStaticFile.bind(this), 'robots.txt');
+ this.on(['GET'], '/static', this.handlerRedirect.bind(this), `${options.dingus.proxyPrefix}/static/`);
+ this.on(['GET'], '/static/', this.handlerGetStaticFile.bind(this), 'index.html');
+ this.on(['GET'], '/static/:file', this.handlerGetStaticFile.bind(this));
+ this.on(['GET'], '/favicon.ico', this.handlerGetStaticFile.bind(this), 'favicon.ico');
+ this.on(['GET'], '/robots.txt', this.handlerGetStaticFile.bind(this), 'robots.txt');
// Profile and token management for authenticated sessions
- this.on(['GET', 'HEAD'], '/admin', this.handlerRedirect.bind(this), `${options.dingus.proxyPrefix}/admin/`);
- this.on(['GET', 'HEAD'], '/admin/', this.handlerGetAdmin.bind(this));
+ this.on(['GET'], '/admin', this.handlerRedirect.bind(this), `${options.dingus.proxyPrefix}/admin/`);
+ this.on(['GET'], '/admin/', this.handlerGetAdmin.bind(this));
this.on(['POST'], '/admin/', this.handlerPostAdmin.bind(this));
// Ticket-proffering interface for authenticated sessions
- this.on(['GET', 'HEAD'], '/admin/ticket', this.handlerGetAdminTicket.bind(this));
+ this.on(['GET'], '/admin/ticket', this.handlerGetAdminTicket.bind(this));
this.on(['POST'], '/admin/ticket', this.handlerPostAdminTicket.bind(this));
// User authentication and session establishment
- this.on(['GET', 'HEAD'], '/admin/login', this.handlerGetAdminLogin.bind(this));
+ this.on(['GET'], '/admin/login', this.handlerGetAdminLogin.bind(this));
this.on(['POST'], '/admin/login', this.handlerPostAdminLogin.bind(this));
this.on(['GET'], '/admin/logout', this.handlerGetAdminLogout.bind(this));
// Page for upkeep info et cetera
- this.on(['GET', 'HEAD'], '/admin/maintenance', this.handlerGetAdminMaintenance.bind(this));
+ this.on(['GET'], '/admin/maintenance', this.handlerGetAdminMaintenance.bind(this));
}
const _scope = _fileScope('handlerGetAdminLogin');
this.logger.debug(_scope, 'called', { req, ctx });
- Dingus.setHeadHandler(req, res, ctx);
-
this.setResponseType(this.responseTypes, req, res, ctx);
+ await this.authenticator.sessionOptionalLocal(req, res, ctx);
+
await this.sessionManager.getAdminLogin(res, ctx);
}
initContext(ctx);
- Dingus.setHeadHandler(req, res, ctx);
-
this.setResponseType(this.responseTypes, req, res, ctx);
if (await this.authenticator.sessionRequiredLocal(req, res, ctx, this.loginPath)) {
initContext(ctx);
- Dingus.setHeadHandler(req, res, ctx);
-
this.setResponseType(this.responseTypes, req, res, ctx);
if (await this.authenticator.sessionRequiredLocal(req, res, ctx, this.loginPath)) {
initContext(ctx);
- Dingus.setHeadHandler(req, res, ctx);
-
this.setResponseType(this.responseTypes, req, res, ctx);
if (await this.authenticator.sessionRequiredLocal(req, res, ctx, this.loginPath)) {
Enum.ContentType.TextPlain,
];
- Dingus.setHeadHandler(req, res, ctx);
-
this.setResponseType(responseTypes, req, res, ctx);
await this.authenticator.sessionOptionalLocal(req, res, ctx);
initContext(ctx);
- Dingus.setHeadHandler(req, res, ctx);
-
this.setResponseType(responseTypes, req, res, ctx);
await this.authenticator.sessionOptionalLocal(req, res, ctx);
const _scope = _fileScope('handlerGetHealthcheck');
this.logger.debug(_scope, 'called', { req, ctx });
- Dingus.setHeadHandler(req, res, ctx);
-
this.setResponseType(this.responseTypes, req, res, ctx);
await this.manager.getHealthcheck(res, ctx);
initContext(ctx);
- Dingus.setHeadHandler(req, res, ctx);
-
this.setResponseType(this.responseTypes, req, res, ctx);
if (await this.authenticator.sessionRequiredLocal(req, res, ctx, this.loginPath)) {
/**
* FIXME: This doesn't seem to be working as envisioned. Maybe override render error method instead???
* Intercept this and redirect if we have enough information, otherwise default to framework.
+ * Fixing this will likely have to wait until an e2e test framework is in place.
* The redirect attempt should probably be contained in a Manager method, but here it is for now.
* @param {http.IncomingMessage} req
* @param {http.ServerResponse} res
projects / squeep-indie-auther / blobdiff