fix(core): Forward authorization header when on same domain (#8507)

This commit is contained in:
Elias Meire 2024-01-31 15:11:29 +01:00 committed by GitHub
parent 033fd344b5
commit f1910a10a6
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
2 changed files with 70 additions and 0 deletions

View file

@ -452,6 +452,15 @@ async function parseRequestObject(requestObject: IDataObject) {
axiosConfig.maxRedirects = 0; axiosConfig.maxRedirects = 0;
} }
axiosConfig.beforeRedirect = (redirectedRequest) => {
if (axiosConfig.headers?.Authorization) {
redirectedRequest.headers.Authorization = axiosConfig.headers.Authorization;
}
if (axiosConfig.auth) {
redirectedRequest.auth = `${axiosConfig.auth.username}:${axiosConfig.auth.password}`;
}
};
if (requestObject.rejectUnauthorized === false) { if (requestObject.rejectUnauthorized === false) {
axiosConfig.httpsAgent = new Agent({ axiosConfig.httpsAgent = new Agent({
rejectUnauthorized: false, rejectUnauthorized: false,

View file

@ -295,6 +295,67 @@ describe('NodeExecuteFunctions', () => {
node, node,
]); ]);
}); });
describe('redirects', () => {
test('should forward authorization header', async () => {
nock(baseUrl).get('/redirect').reply(301, '', { Location: 'https://otherdomain.com/test' });
nock('https://otherdomain.com')
.get('/test')
.reply(200, function () {
return this.req.headers;
});
const response = await proxyRequestToAxios(workflow, additionalData, node, {
url: `${baseUrl}/redirect`,
auth: {
username: 'testuser',
password: 'testpassword',
},
headers: {
'X-Other-Header': 'otherHeaderContent',
},
resolveWithFullResponse: true,
});
expect(response.statusCode).toBe(200);
const forwardedHeaders = JSON.parse(response.body);
expect(forwardedHeaders.authorization).toBe('Basic dGVzdHVzZXI6dGVzdHBhc3N3b3Jk');
expect(forwardedHeaders['x-other-header']).toBe('otherHeaderContent');
});
test('should follow redirects by default', async () => {
nock(baseUrl)
.get('/redirect')
.reply(301, '', { Location: `${baseUrl}/test` });
nock(baseUrl).get('/test').reply(200, 'Redirected');
const response = await proxyRequestToAxios(workflow, additionalData, node, {
url: `${baseUrl}/redirect`,
resolveWithFullResponse: true,
});
expect(response).toMatchObject({
body: 'Redirected',
headers: {},
statusCode: 200,
});
});
test('should not follow redirects when configured', async () => {
nock(baseUrl)
.get('/redirect')
.reply(301, '', { Location: `${baseUrl}/test` });
nock(baseUrl).get('/test').reply(200, 'Redirected');
await expect(
proxyRequestToAxios(workflow, additionalData, node, {
url: `${baseUrl}/redirect`,
resolveWithFullResponse: true,
followRedirect: false,
}),
).rejects.toThrowError(expect.objectContaining({ statusCode: 301 }));
});
});
}); });
describe('copyInputItems', () => { describe('copyInputItems', () => {