1
import { vi, expect, test, afterEach } from 'vitest';
2
import { useEnv } from '@directus/env';
3
import { isLoginRedirectAllowed } from './is-login-redirect-allowed.js';
5
vi.mock('@directus/env');
11
test('isLoginRedirectAllowed returns true with no redirect', () => {
12
const redirect = undefined;
13
const provider = 'local';
15
expect(isLoginRedirectAllowed(redirect, provider)).toBe(true);
18
test('isLoginRedirectAllowed returns false with invalid redirect', () => {
19
const redirect = 123456;
20
const provider = 'local';
22
expect(isLoginRedirectAllowed(redirect, provider)).toBe(false);
25
test('isLoginRedirectAllowed returns true for allowed URL', () => {
26
const provider = 'local';
28
vi.mocked(useEnv).mockReturnValue({
29
[`AUTH_${provider.toUpperCase()}_REDIRECT_ALLOW_LIST`]:
30
'http://external.example.com,https://external.example.com,http://external.example.com:8055/test',
31
PUBLIC_URL: 'http://public.example.com',
34
expect(isLoginRedirectAllowed('http://public.example.com', provider)).toBe(true);
35
expect(isLoginRedirectAllowed('http://external.example.com', provider)).toBe(true);
36
expect(isLoginRedirectAllowed('https://external.example.com', provider)).toBe(true);
37
expect(isLoginRedirectAllowed('http://external.example.com:8055/test', provider)).toBe(true);
40
test('isLoginRedirectAllowed returns false for denied URL', () => {
41
const provider = 'local';
43
vi.mocked(useEnv).mockReturnValue({
44
[`AUTH_${provider.toUpperCase()}_REDIRECT_ALLOW_LIST`]: 'http://external.example.com',
45
PUBLIC_URL: 'http://public.example.com',
48
expect(isLoginRedirectAllowed('https://external.example.com', provider)).toBe(false);
49
expect(isLoginRedirectAllowed('http://external.example.com:8055', provider)).toBe(false);
50
expect(isLoginRedirectAllowed('http://external.example.com/test', provider)).toBe(false);
53
test('isLoginRedirectAllowed returns true for relative paths', () => {
54
const provider = 'local';
56
vi.mocked(useEnv).mockReturnValue({
57
[`AUTH_${provider.toUpperCase()}_REDIRECT_ALLOW_LIST`]: 'http://external.example.com',
58
PUBLIC_URL: 'http://public.example.com',
61
expect(isLoginRedirectAllowed('/admin/content', provider)).toBe(true);
62
expect(isLoginRedirectAllowed('../admin/content', provider)).toBe(true);
63
expect(isLoginRedirectAllowed('./admin/content', provider)).toBe(true);
65
expect(isLoginRedirectAllowed('http://public.example.com/admin/content', provider)).toBe(true);
68
test('isLoginRedirectAllowed returns false if missing protocol', () => {
69
const provider = 'local';
71
vi.mocked(useEnv).mockReturnValue({
72
[`AUTH_${provider.toUpperCase()}_REDIRECT_ALLOW_LIST`]: 'http://example.com',
73
PUBLIC_URL: 'http://example.com',
76
expect(isLoginRedirectAllowed('//example.com/admin/content', provider)).toBe(false);
77
expect(isLoginRedirectAllowed('//user@password:example.com/', provider)).toBe(false);