authenticate: handle XHR redirect flow (#387)

- authenticate: add cors preflight check support for sign_in endpoint - internal/httputil: indicate responses that originate from pomerium vs the app - proxy: detect XHR requests and do not redirect on failure. - authenticate: removed default session duration; should be maintained out of band with rpc.
2025-07-17 00:36:09 +02:00 · 2019-11-14 19:37:31 -08:00 · 2019-11-14 19:37:31 -08:00 · 00c29f4e77
commit 00c29f4e77
parent 9030bd32cb
11 changed files with 128 additions and 35 deletions
--- a/internal/httputil/handlers_test.go
+++ b/internal/httputil/handlers_test.go
@ -35,3 +35,34 @@ func TestHealthCheck(t *testing.T) {
 		})
 	}
 }
+
+func TestRedirect(t *testing.T) {
+	t.Parallel()
+	tests := []struct {
+		name   string
+		method string
+
+		url  string
+		code int
+
+		wantStatus int
+	}{
+		{"good", http.MethodGet, "https://pomerium.io", http.StatusFound, http.StatusFound},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+
+			r := httptest.NewRequest(tt.method, "/", nil)
+			w := httptest.NewRecorder()
+
+			Redirect(w, r, tt.url, tt.code)
+			if w.Code != tt.wantStatus {
+				t.Errorf("code differs. got %d want %d body: %s", w.Code, tt.wantStatus, w.Body.String())
+			}
+			if w.Result().Header.Get(HeaderPomeriumResponse) == "" {
+				t.Errorf("pomerium header not found")
+			}
+		})
+	}
+}