diff --git a/.travis.yml b/.travis.yml index 6e5919d..efb0983 100644 --- a/.travis.yml +++ b/.travis.yml @@ -1,3 +1,3 @@ language: node_js node_js: - - "0.10" + - "8" diff --git a/README.md b/README.md index f6b0e10..3c16b88 100644 --- a/README.md +++ b/README.md @@ -23,6 +23,7 @@ Many of these options are borrowed from node's [url documentation](http://nodejs - `proxyValidate` Path to validate PGT (not implemented) - `proxy` Path to obtain a proxy ticket - `login` Path to the CAS login + - `agentOptions` - Options used when making requests to the CAS server ([see request's docs here](https://www.npmjs.com/package/request#using-optionsagentoptions)) ## Usage diff --git a/lib/configure.js b/lib/configure.js index 2933d5f..7967458 100644 --- a/lib/configure.js +++ b/lib/configure.js @@ -12,7 +12,8 @@ var defaults = { proxy: '/cas/proxy', login: '/cas/login', logout: '/cas/logout' - } + }, + agentOptions : {}, }; module.exports = function(options){ diff --git a/lib/proxy-ticket.js b/lib/proxy-ticket.js index 8db6e3f..44e279a 100644 --- a/lib/proxy-ticket.js +++ b/lib/proxy-ticket.js @@ -21,7 +21,7 @@ module.exports = function(options){ options.query.pgt = req.session.pgt; options.pathname = options.paths.proxy; - request.get(url.format(options), function(err, res, body){ + request.get(url.format(options), { agentOptions : options.agentOptions }, function(err, res, body){ if (err || res.statusCode !== HttpStatus.OK) return redirectToLogin(options, req, res); if (/(.*)<\/cas:proxyTicket>/.exec(body)){ diff --git a/lib/service-validate.js b/lib/service-validate.js index a4e7010..f731b5a 100644 --- a/lib/service-validate.js +++ b/lib/service-validate.js @@ -50,7 +50,7 @@ module.exports = function (overrides) { if (storedSession && storedSession.st && (storedSession.st === ticket)) { return next(); } else { - validateService(res, formatUrl(options), function (casBody) { + validateService(res, formatUrl(options), options.agentOptions, function (casBody) { validateCasResponse(req, res, ticket, casBody, options, next); }); } @@ -58,7 +58,7 @@ module.exports = function (overrides) { }); // cookie session } else { - validateService(res, formatUrl(options), function (casBody) { + validateService(res, formatUrl(options), options.agentOptions, function (casBody) { validateCasResponse(req, res, ticket, casBody, options, next); }); } @@ -66,10 +66,11 @@ module.exports = function (overrides) { }; }; -function validateService(res, url, callback) { - - request.get(url, function(casErr, casRes, casBody){ +function validateService(res, url, agentOptions, callback) { + request.get(url, { agentOptions : agentOptions }, function(casErr, casRes, casBody){ if (casErr || casRes.statusCode !== HttpStatus.OK){ + if (casErr) + console.error(casErr); res.send(HttpStatus.UNAUTHORIZED); return; } diff --git a/package.json b/package.json index d9cfcd8..abba686 100644 --- a/package.json +++ b/package.json @@ -31,7 +31,7 @@ "mocha": "~1.9.0", "should": "~1.2.2", "connect": "~2.7.6", - "express": "~3.2.0", + "express": "^4.16.0", "connect-redis": "~1.4.5" }, "bugs": { diff --git a/test/certs/localhost.crt b/test/certs/localhost.crt new file mode 100644 index 0000000..4245fe3 --- /dev/null +++ b/test/certs/localhost.crt @@ -0,0 +1,19 @@ +-----BEGIN CERTIFICATE----- +MIIDLDCCAhQCCQCn4Orv4Cb7tjANBgkqhkiG9w0BAQsFADBXMQswCQYDVQQGEwJB +VTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50ZXJuZXQgV2lkZ2l0 +cyBQdHkgTHRkMRAwDgYDVQQDDAdSb290IENBMB4XDTE4MDczMTAzMzkwNloXDTM4 +MDcyNjAzMzkwNlowWTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUx +ITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDESMBAGA1UEAwwJbG9j +YWxob3N0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvKg72NImqq+9 +gXjfhRcjbI9YOLgt0ctpGilleu0A65A+m3gkNThdpqzbuQw2ur/LpS77d5Bb7ve+ +skDhXmKjpSpmqM9+HHT4TF3GsDSCsqK7u0i44kxmHiAxH3xlOhwC5StMsrGI84CL +ZtVCIVe9InRLVKwbXtMdBkROEgjBd4q7sh0qDxOPqlt4+544wBax1vpuI/J6Apiq ++yb6hKKrJpDYW+9LQXBkyNKi3upvuWYOL8iMdV6QuxD/9zM7UnMYMQhM4WWV0cQu +X9sctj6fsOClboYPmu0L2SXY7G9VJ9i4QgplbZ6CPd8bx4NshNtxoivldLQL6kGz +TUjc/Wl+lwIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQDQJQdz09uFzU8E2Qo7gAyO +P10ZvlV0hI/pIYFqYO58kQMv5uiAadeSrFXdecpmaGhC0R2UQ5mtrCrOq5dv1y3S +ImiCZuVzstm3BNRB8MteYeumP6IQ+GFEfIdHkfoiWxRFG/YJu8m/4OiJtTzBR19a +9kLiuHsM10xl1INOWb9FNXLiNTRndECeyX8wXzwGMia/QgaN76SRbYYvqMDqiMmP +RadmyI4HA0xTykZ3Oq1ZzAhGw2hU19yyZsqU/FhpdsqnGS/zNGuHRJ3i7RXx3wN6 +zQLHk2OJoG6CNj6d6O4gr3cWjtLToEqF40MGE196miEZnB6C8Oh0drCV/XSMGJ7K +-----END CERTIFICATE----- diff --git a/test/certs/localhost.csr b/test/certs/localhost.csr new file mode 100644 index 0000000..ad6455f --- /dev/null +++ b/test/certs/localhost.csr @@ -0,0 +1,17 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIICnjCCAYYCAQAwWTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUx +ITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDESMBAGA1UEAwwJbG9j +YWxob3N0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvKg72NImqq+9 +gXjfhRcjbI9YOLgt0ctpGilleu0A65A+m3gkNThdpqzbuQw2ur/LpS77d5Bb7ve+ +skDhXmKjpSpmqM9+HHT4TF3GsDSCsqK7u0i44kxmHiAxH3xlOhwC5StMsrGI84CL +ZtVCIVe9InRLVKwbXtMdBkROEgjBd4q7sh0qDxOPqlt4+544wBax1vpuI/J6Apiq ++yb6hKKrJpDYW+9LQXBkyNKi3upvuWYOL8iMdV6QuxD/9zM7UnMYMQhM4WWV0cQu +X9sctj6fsOClboYPmu0L2SXY7G9VJ9i4QgplbZ6CPd8bx4NshNtxoivldLQL6kGz +TUjc/Wl+lwIDAQABoAAwDQYJKoZIhvcNAQELBQADggEBACjehq4B6n7kPXO6LqOH +wGcOm1rY9SL3O07SEgZINYovAV744OuoTYz5TyL1rnPgTT59hFBBPUJngYUImaVG ++tIoy+E0IFfDNTpXRfaxJBBijYfPailLSSrGrILbXRCNbHJw1Lq7TXdZ49KLgHY8 +iFKbuauhfalkjHIKbBGSp5GMXASzxhgzn407xY9jOJUpbAtxE1AvmhxFoPFE9Mdn +LBAH8viNNcc5Xul9dSVoH69Axu6haKeHCFvybRqbmDEoA8tE6fGQahe5M4fFVCPl +Sxoc3U+Q2N1i/wEkphuo7WCdsWKFgr0wAeZxkur8NXfMKAhbk/Mr7o+AoS6L5sQt +Fps= +-----END CERTIFICATE REQUEST----- diff --git a/test/certs/localhost.key b/test/certs/localhost.key new file mode 100644 index 0000000..44deca7 --- /dev/null +++ b/test/certs/localhost.key @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpAIBAAKCAQEAvKg72NImqq+9gXjfhRcjbI9YOLgt0ctpGilleu0A65A+m3gk +NThdpqzbuQw2ur/LpS77d5Bb7ve+skDhXmKjpSpmqM9+HHT4TF3GsDSCsqK7u0i4 +4kxmHiAxH3xlOhwC5StMsrGI84CLZtVCIVe9InRLVKwbXtMdBkROEgjBd4q7sh0q +DxOPqlt4+544wBax1vpuI/J6Apiq+yb6hKKrJpDYW+9LQXBkyNKi3upvuWYOL8iM +dV6QuxD/9zM7UnMYMQhM4WWV0cQuX9sctj6fsOClboYPmu0L2SXY7G9VJ9i4Qgpl +bZ6CPd8bx4NshNtxoivldLQL6kGzTUjc/Wl+lwIDAQABAoIBAG1Uobo5r6bjSdOq +lP6wNhtHxzy3n/YhB7vdma3vg8UARwgaTAF7tOpO6tcGuQDo/b+wxpK32k9Wy/DJ +oNHuICArvmq+NLuRHgRDpE2hYMzdeiZDMsISvGthBJbWpGNUsGjW+w/jyxYyvJbP +qA9ipX0+IBnl08bUWdGz6/qPkG8RvBBs1T1nB86ZTuGcz3gqiBOjMsvUvLY8eiO8 +KTZDqrdNzWjKyRBElI15F+S5VhGcqWLlEMtwUwwmpzvk+8GHpW4ZTsV9L8vTVKwN +YdvHzGP+BqgObVTYWALZk38Z7FgQYMhBi4l68wLiqTRChIVcOCIILqMire/4L5Yu +1Mco2gECgYEA6jU5JFyN3qsRFgCEPJqDQ4uRuVc4xazUn1KWoosD79R6v1eQfYTw +ZvcAIilNZ1FyI5x1K7X6M48hbWcqrWHhkbNRBH+iyJTRN/KA2VeoHBQ1x9dVjPGq +G5GvnV0rm6OZ6HE98Jqn1mSdrVgh4vj7zMtfqwSIJshaSeQtajaajNcCgYEAzjYA +sri4uLJ/HQzDbllvu2q+RA2SM7w9GbQ5Aj94tZWz0WqpQkwqwq3YLrUDEEJLynC3 +rVCnRApNpUG8Tzy2QQa+O6MdtRnFJszj+Ez4i5EqYDt1fuQ3EdoKiEmj5nmeHXzT +HgOxfA92yac/SnUIPOn+BZI3DMZouO5jjPFepEECgYEAr6vOOZTmoN8FSNCIX4Cx +9ocIfdGLdtIFBaAH9tF42Xoxu7WtXkjJnSGlyvnZ4iY4C7f+NxQfIG86bnoUi8pA +TG4I1ev6qKLfLyzJMrzKDo2mLUg6FibqJhWneMx6uhoDhlLyV7dZLrl3f578g+en +ztu43Wjfyt86wfPRkLp2QC8CgYAUZtti00vTWjWhViXvwQGA9WqlqQISBEm3RVFu +m4EB1jHYQklEuexxHmoJFPecoDKHcOd7SkOCQ9KyyvIqlMMjY9tmYxkJVedfk13q +rxLYHCCpLLjPOR0JsxzfpwmEP/wYxsTMb2kb8Ru7j8R/RVzvSedL/c9cgDTUNyG6 +TBclAQKBgQCLSesmfnICP5H4ivBr0R9OXFP9FdoPvb8rgmvi7cexZslHxLLSfa5G +Sz7JjEk0avIuICN1kRN5qRhSmmKYJVd7dsgSX+7npyjLNOheR5ac4hbd19tCa0Gu +lvWHlHadePGuhGKRjTJyn3hPdiDEqZ7RuizWC9jKLN7h9084Q+N6rw== +-----END RSA PRIVATE KEY----- diff --git a/test/certs/localhost3000.crt b/test/certs/localhost3000.crt deleted file mode 100644 index 6d1b39d..0000000 --- a/test/certs/localhost3000.crt +++ /dev/null @@ -1,24 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIEAzCCAuugAwIBAgIJAP6TCQY15f4EMA0GCSqGSIb3DQEBBQUAMF4xCzAJBgNV -BAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX -aWRnaXRzIFB0eSBMdGQxFzAVBgNVBAMTDmxvY2FsaG9zdDozMDAwMB4XDTE0MDEw -OTIyNDI0N1oXDTQxMDUyNzIyNDI0N1owXjELMAkGA1UEBhMCQVUxEzARBgNVBAgT -ClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEX -MBUGA1UEAxMObG9jYWxob3N0OjMwMDAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw -ggEKAoIBAQC6k2+4qroPfcRSOeDxX1ielff3IfWWhM0sHocVMoVLO6feIugdHESA -zhQH3Bcs/Ocv8Xg8VFAZxBxgk91ovaKlryoxRtdemyegq7Bm0Yv6vps81WCNEMU/ -fqdQuPNFJtNQGJHIEYM9Ap0yex9qQEgJ/TFkVjlXTidBaKOo+8V/ZXiJ4sssxcKD -+vRvdINA3rquw4LtsUeO2vnDRqz5GlTgzWYXFLmnfLUoxj49gGBYo+IyCLfpPgVn -QmtFYRlFmfW+u2GZBfspfvlhvlt0uiJVOZpArVlF+tNoWIvDYNMzkDI5eCHQZafy -N10ndPkAZCdLt018bted1mIK3/h3/BQhAgMBAAGjgcMwgcAwHQYDVR0OBBYEFIaC -eCjMEfpwJDZBDqcF2u8AqFm1MIGQBgNVHSMEgYgwgYWAFIaCeCjMEfpwJDZBDqcF -2u8AqFm1oWKkYDBeMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEh -MB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMRcwFQYDVQQDEw5sb2Nh -bGhvc3Q6MzAwMIIJAP6TCQY15f4EMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEF -BQADggEBAJYWnApYR7tgQue/VZ1f5psX7DSGrMOZiZOYL/oo2o3pRNMi+c1PKnir -w9FDdDTmeBha8YsyzFLYDHpmAMNvu41USGBUTWghe2KDsbn9DUhQNmEdnZxclew5 -vMYTur+OuR0fugVR4bc5ZFvtR29/hgxhv6pXMYZR/NKZ3GIuDEmBhyRw8wNFdg3U -krjeOsymcd+CyoVL+NYYR2nwdexDm+8xR96w128VHLpYu4UGXTMYYaGuw0redJFI -f0ESJDhK1B52/9YDldzTFcMH97x9ky0WtRgFBbKhO2iComAeYV/BwtnnadAHzgGd -0r52v47HtmlBotbqUInHH9OllpBqKPs= ------END CERTIFICATE----- diff --git a/test/certs/localhost3000.key b/test/certs/localhost3000.key deleted file mode 100644 index 259f52c..0000000 --- a/test/certs/localhost3000.key +++ /dev/null @@ -1,27 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIIEowIBAAKCAQEAupNvuKq6D33EUjng8V9YnpX39yH1loTNLB6HFTKFSzun3iLo -HRxEgM4UB9wXLPznL/F4PFRQGcQcYJPdaL2ipa8qMUbXXpsnoKuwZtGL+r6bPNVg -jRDFP36nULjzRSbTUBiRyBGDPQKdMnsfakBICf0xZFY5V04nQWijqPvFf2V4ieLL -LMXCg/r0b3SDQN66rsOC7bFHjtr5w0as+RpU4M1mFxS5p3y1KMY+PYBgWKPiMgi3 -6T4FZ0JrRWEZRZn1vrthmQX7KX75Yb5bdLoiVTmaQK1ZRfrTaFiLw2DTM5AyOXgh -0GWn8jddJ3T5AGQnS7dNfG7XndZiCt/4d/wUIQIDAQABAoIBAHiRdF4Cve/q1yZH -zsxMUClTQoWKhXj6YtgC9kpFdovShj1vk03UiZQvGBSoLrXczM1XntplpcmwyKHE -jAz2lxe4pWxomh7B5w7WRE19Vpb3+7uJLDacwsqwXxE0I8jpOR8GcZa3cnbHrKwF -kpyH48XIv9VWPwHjOEz1gOVfphYXcmjS1ivmF6TKdEI5wFB9pbMP2CWAuRHKc01R -MBNB9aq5VNwqOI8AiTyGt2piJJ7EhWYPUs+naSng60ONnOER7zQtJoOAdgB/8QFw -EAYyE5NTdjJytkAhow8nkmJXHeVFJhWgKReQWiZazKGqxAg9qi+NOJuxoj6bJATt -WpbhBK0CgYEA6sQ6ZdSYCe8mq1aaqjcDbd5EckNv7G2kuo5rAOpHaEjFXM9DqPwz -nky+f5YZjdFbPfL+MzWsD9/uIU8Jcn69+ds1/DqKBlj6J1Bj+t3oTh7PXN1isfyk -J914TKcsCotXnUjJCjc44PIpRWYkWbXOiPAz1FS8zmfx7KAi4W9iIgMCgYEAy3Nn -4W6dcTx5E5EkD8ctc+UzyGqceHxgEFAcXD8rXW6+9tEj4STmEC+M6pYatQyDvWUT -ftzFBqhZ35WcBUzOMC/gOEP1ymk6GtHb3t4rwfYLZqfdDWm6EwqdgOU59nSkIiVv -TEL5eLLbtD5+H2cztauwNAc0H/MF/CW3vkoligsCgYASkB2F+79h2bUXCywDlYIB -5/dFiauJ6EmELsqrMdsfldF1OzZAYGC8fZj6gaXXntw2E8ahyfam8q/jllpK4Vao -MPsdzIspYVO2VBbzuSQrOShwUVkCddWNCWf/t6A13Tq6Rw0Ob7thngRBZogtR8Di -9wtCGMktEO8CJM9dP+9kfQKBgAz4VH0Iojzf0BAxRo1C82DaEc0LDuKXe0BO+x/e -XxNbxgzSFGl8AraxcVhbLWSxYYynbvC9fkoIXYJldUbZOKPVyYOMwZSf1LZ0/oFc -xIle+CcZOHxsaxJfsN7Qvjs6AGS04j2IX4MUU/FPspap65//TAJlGyuWQKFsfiRB -cdc1AoGBAJRiZJa4oQvHTaOytiHVgavtXLuXUkIkgHC1ieBOQrgPRBXE2Lsj7k/I -4dD574LjoUHuEb47+rfHGuZ2+uoIPOrf97vJtJ28mTstE+HqlfclbDcNQu+9VTbz -p8rj3zNGn4AiNpGz8aJXTNQV71aSplT2GMrWIQjCylORGuTkFAxr ------END RSA PRIVATE KEY----- diff --git a/test/certs/rootCA.key b/test/certs/rootCA.key new file mode 100644 index 0000000..46fa032 --- /dev/null +++ b/test/certs/rootCA.key @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpAIBAAKCAQEA16YCcR0guWgb8t7WFXF8JBPjmwBhKpL8dD+MSrbKXvFTEzH+ +lHT/Dl+p9Dc4sKjc5cXA6c92xjJPj8Iqw8ky1f5IOR50B2bPcIbmTF4nc2sBkbAx +9nejowWdKM9IQlxf4oEFCstVt55fNdYajJDxQQA2fXikN8O9CKS14kLz0RsQBQBp +Xt87OA1Xd60Fhl1ROYAeB5DDNA26qGM4IaUd7iZJ7VsLb8ySPYSG2ou1QcCVOZLT +2S2K6JGajcc4o1Qtqim9eIe2qXsWJbQO8CI6MB6Jq6D4jZGyNBijOm+3yjD150SL +QCU+DLHQn8u2oHvJpREhSGIb/93b/mhVKzlkJQIDAQABAoIBACT0lxCJXFVJqRh6 +5ZcxJoQMQIIMk5o3LDpDtagMISwaERGGDMmmLxtoe3iVigqENa7Or9uhqQoYDxhk +vu1kamjPtdLMDDhEfyIajBbkP8CAwvkTh8xj/k/uo1seApUUvX3UfGe4Js1bv5c7 +RLt4D1ADWFMyPHot+hQkHeNTc/MObn277Brtq8H57h6Jnu6gk1ol6RNJS7EfgFa/ +GeeYUyUCJGn4cjVUWxTML6l/xzLKonHpeKWMObOj4ey2f1d2QVGDPDrsu5hXY07K +Fx1vpXNX9fDOHVgYfnnW0u61Iwd5KeWQEBpvNm6FB5JNYAES9yyc13CFIwrKe6LV +c255hPUCgYEA+4Gw4dDh/XpM+6KsAG8ur5ORtTUVjYGx847EAG5wgex1CjnONwl0 +DGiwWxC+KFir5vFnL4S0AW84VNaQdJJGbMmmC1NaCCyFQciDq8CzqTAUz7dOCkhR +ofGkGGPuEYRD04Cb15RzF1yRGodqF4zPzWhZV0Dq8LYq2YoEtWsjfAsCgYEA24BQ +shd88Mvp4yZQ+ICpVREDApvzD7ZX0ubZfLRc3qBDmY2OPSTBI1uJGYmVAVowTUIK +cOf6XQGBz2DQmgkKFq3aeowA1XbaEwsqvJgnOT5HeA/nSzhIvCosONXphysMN49k +k/nCIf+fd4pxqVLtDoE8imFCzGAGhGtK10Frjo8CgYA8ggQjH9Tu3bidpZJJ/HW3 +6gHZHa9Uvwon9YX0MJ3CtDeoQSX6mbygq6MaFZoaLNMWmadgiEWiPrbHumNAmFx3 +GcBn4yK66rMYk3wSGydeIeIv4wLUeHejRXZcI9aHwlFrFfroT5+s1ClYv5Fnnwnz +ehJcapLbXIhMk+b0GpWL5wKBgQDG78uzLRCCmP1YbtCx+MH/pBRrV/X6BpQgRDNX +D4ygBPZfg+knR1l4dyyRpZ0Tha8DRlh6LfU+N/BziFZnVMv89AJwUNUsorRQ0C0i +km/yNJzHlvpUtSVOzJYZyN4HMJ+490/7wUAOWkQoLqSHBu5s1/qLnEzTODCP8UH6 +R4N4xwKBgQCcGpRDy4k4o78PXksfPOU0CBTwR9d9P3NBSxMmCBV8Cu73SRldQFt2 +mdGzmQROz/9TiKSCXj4iu0oA4nciWjF9cBdKXCXDDSomJ8s78Jbev0DIu9g5S5TW +iTh2Kew30F9PC0kgVlsXCQL+Mq/Xn/zshaUoSbbQ5HPjeOR2CDj3Og== +-----END RSA PRIVATE KEY----- diff --git a/test/certs/rootCA.pem b/test/certs/rootCA.pem new file mode 100644 index 0000000..a0c52e8 --- /dev/null +++ b/test/certs/rootCA.pem @@ -0,0 +1,19 @@ +-----BEGIN CERTIFICATE----- +MIIDKjCCAhICCQCOPWEqfXiMczANBgkqhkiG9w0BAQsFADBXMQswCQYDVQQGEwJB +VTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50ZXJuZXQgV2lkZ2l0 +cyBQdHkgTHRkMRAwDgYDVQQDDAdSb290IENBMB4XDTE4MDczMTAzMzc1NFoXDTM4 +MDcyNjAzMzc1NFowVzELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUx +ITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEQMA4GA1UEAwwHUm9v +dCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANemAnEdILloG/Le +1hVxfCQT45sAYSqS/HQ/jEq2yl7xUxMx/pR0/w5fqfQ3OLCo3OXFwOnPdsYyT4/C +KsPJMtX+SDkedAdmz3CG5kxeJ3NrAZGwMfZ3o6MFnSjPSEJcX+KBBQrLVbeeXzXW +GoyQ8UEANn14pDfDvQikteJC89EbEAUAaV7fOzgNV3etBYZdUTmAHgeQwzQNuqhj +OCGlHe4mSe1bC2/Mkj2EhtqLtUHAlTmS09ktiuiRmo3HOKNULaopvXiHtql7FiW0 +DvAiOjAeiaug+I2RsjQYozpvt8ow9edEi0AlPgyx0J/LtqB7yaURIUhiG//d2/5o +VSs5ZCUCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAHXvl2ehFGqJ2TEuSj2AtVjs2 +WOGB5bLKK/qx4Mn7Q75uO7ICEcFQ9atPxBpiIaofO1v+GMcJkRoPLTyPDGaeBDD6 +47YczoTcx4GkHTnllpM+4hTeMhV7lGnEgH10k9LXoquMDM5kUOSP8wYYZxfLHb+E +ODPQSrm9HvEN92M0p/G3ASqJVcWi6QK37IiqijpIJl1nOCEw0P0r3+wFG4I4TO9D +L2TJ6C5aZQNCIF7UxeKLexX0Maa3vz76DUPEPkezHlE7zdI0ZUdWjThY9RiGyxPT +3CeB12NR8QjgA/vHMHFbuTO0rlu2WLcqUlJFQoWA6phvhkSaMm9Pq+e0Y4sSNA== +-----END CERTIFICATE----- diff --git a/test/certs/rootCA.srl b/test/certs/rootCA.srl new file mode 100644 index 0000000..1b30012 --- /dev/null +++ b/test/certs/rootCA.srl @@ -0,0 +1 @@ +A7E0EAEFE026FBB6 diff --git a/test/proxy-ticket.spec.js b/test/proxy-ticket.spec.js index 0474e50..f9491f6 100644 --- a/test/proxy-ticket.spec.js +++ b/test/proxy-ticket.spec.js @@ -5,15 +5,17 @@ var should = require('should'); var parseUrl = require('url').parse; var request = require('request').defaults({strictSSL: false, followRedirect: false}); var https = require('https'); -var http = require('http'); var q = require('q'); var fs = require('fs'); var lastRequest; cas.configure({ - protocol: 'http', + protocol: 'https', hostname: 'localhost', - port: 1337 + port: 1337, + agentOptions : { + ca : fs.readFileSync(__dirname + "/certs/rootCA.pem"), + }, }); describe('#proxyTicket', function(){ @@ -100,10 +102,14 @@ var casServerSetup = function(done){ res.send(''); } }); - var server = http.createServer(app).listen(1337, done); - server.setTimeout(20); + var server = https.createServer({ + key: fs.readFileSync(__dirname + '/certs/localhost.key'), + cert: fs.readFileSync(__dirname + '/certs/localhost.crt') + }, app).listen(1337, done); + // server.setTimeout(20); return server; }; + var serverSetup = function(options, done){ var app = express() .use(connect.cookieParser()) @@ -119,8 +125,8 @@ var serverSetup = function(options, done){ res.send('hello world'); }); var server = https.createServer({ - key: fs.readFileSync(__dirname + '/certs/localhost3000.key'), - cert: fs.readFileSync(__dirname + '/certs/localhost3000.crt') + key: fs.readFileSync(__dirname + '/certs/localhost.key'), + cert: fs.readFileSync(__dirname + '/certs/localhost.crt') }, app).listen(3000, done); return server; }; diff --git a/test/service-validate.spec.js b/test/service-validate.spec.js index 2c40488..2f79079 100644 --- a/test/service-validate.spec.js +++ b/test/service-validate.spec.js @@ -3,15 +3,22 @@ var connect = require('connect'); var cas = require('../'); var should = require('should'); var parseUrl = require('url').parse; -var request = require('request').defaults({followRedirect: false, strictSSL: false}); -var https = require('https'); var fs = require('fs'); -var http = require('http'); +var request = require('request').defaults({ + followRedirect: false, + agentOptions : { + ca : fs.readFileSync(__dirname + '/certs/rootCA.pem'), + } +}); +var https = require('https'); cas.configure({ - protocol: 'http', + protocol: 'https', hostname: 'localhost', - port: 1337 + port: 1337, + agentOptions : { + ca : fs.readFileSync(__dirname + '/certs/rootCA.pem') + } }); var lastRequest; @@ -30,6 +37,16 @@ describe('#serviceValidate', function(){ }); describe('when ticket presented', function(){ + + it("can talk to cas server directly", function(done) { + request.get("https://localhost:1337/cas/serviceValidate?ticket=validTicket", + { strictSSL : true, agentOptions : { ca : fs.readFileSync(__dirname + "/certs/rootCA.pem") } }, + function(err, response) { + response.statusCode.should.equal(200); + done(); + }); + }); + it('success if ticket valid', function(done){ request.get('https://localhost:3000/somePath?ticket=validTicket', function(err, response){ response.statusCode.should.equal(200); @@ -49,7 +66,7 @@ describe('#serviceValidate', function(){ it('redirect to login when no session and ticket invalid', function(done){ request.get({uri: 'https://localhost:3000/?ticket=invalidTicket', followRedirect: false}, function(err, response){ response.statusCode.should.equal(307); - response.headers.location.should.equal('http://localhost:1337/cas/login?service=https%3A%2F%2Flocalhost%3A3000%2F'); + response.headers.location.should.equal('https://localhost:1337/cas/login?service=https%3A%2F%2Flocalhost%3A3000%2F'); done(); }); }); @@ -96,7 +113,7 @@ describe('#serviceValidate', function(){ it('keeps the querystring parameters during the redirect', function(done){ request.get({uri: 'https://localhost:3000/?randomquerystring=true', followRedirect: false}, function(err, response){ response.statusCode.should.equal(307); - response.headers.location.should.equal('http://localhost:1337/cas/login?service=https%3A%2F%2Flocalhost%3A3000%2F%3Frandomquerystring%3Dtrue'); + response.headers.location.should.equal('https://localhost:1337/cas/login?service=https%3A%2F%2Flocalhost%3A3000%2F%3Frandomquerystring%3Dtrue'); done(); }); }); @@ -227,10 +244,14 @@ var casServerSetup = function(done){ } res.end(response); }); - var server = http.createServer(app).listen(1337, done); - server.setTimeout(50); + var server = https.createServer({ + key: fs.readFileSync(__dirname + '/certs/localhost.key'), + cert: fs.readFileSync(__dirname + '/certs/localhost.crt') + }, app).listen(1337, done); + // server.setTimeout(50); return server; }; + var serverSetup = function(options, done){ var app = express() .use(connect.cookieParser()) @@ -250,8 +271,8 @@ var serverSetup = function(options, done){ res.end('hello world'); }); var server = https.createServer({ - key: fs.readFileSync(__dirname + '/certs/localhost3000.key'), - cert: fs.readFileSync(__dirname + '/certs/localhost3000.crt') + key: fs.readFileSync(__dirname + '/certs/localhost.key'), + cert: fs.readFileSync(__dirname + '/certs/localhost.crt') }, app).listen(3000, done); //server.setTimeout(20); return server;