describe('test entitlements from passport', () => {
const app = express();
app.use(passport.initialize());
app.get('/mock', passport.authenticate('azuread-openidconnect'), (req, res) => {
res.json(req.session.passport.user);
});
it('should be able to retrieve the mock user with no entitlements from entitlement axios mock that has no entitlement', async () => {
axios.get.mockImplementation(() =>
Promise.resolve({
data: { user: 'user1', Entitlements: [] },
})
);
const res = await request(app).get('/mock');
expect(res.status).toBe(200);
expect(res.body).toMatchObject({ user: 'user1', Entitlements: [] });
});
}
这将失败并显示 500 并给我错误:
登录会话需要会话支持。你是不是忘记使用
express-session
中间件了?”}
然而,afaik 它与快速会话无关?
它试图确保其工作的代码是:
app.use(passport.initialize());
app.use(passport.session());
app.use(
'/handleLogin',
passport.authenticate('azuread-openidconnect', {
session: true,
failureRedirect: '/unauthorized',
successReturnToOrRedirect: '/admin',
})
);
// setup csrf protection
app.use(csrf());
如果我将 { session: false } 放入 authenticate 中,它可以工作,但随后没有数据通过。