fixes: 'appBaseUrl' option not prepended to login redirect url

OKTA-464266
<<<Jenkins Check-In of Tested SHA: 70b8b7a for [email protected]>>>
Artifact: okta-oidc-middleware
Files changed count: 3
PR Link: "#42"

CHANGELOG.md

@@ -2,7 +2,11 @@
 
 ### Features
 
-- [#40](https://github.com/okta/okta-oidc-middleware/pull/34) Allows passing `loginHint` to `ensureAuthenticated`
+- [#40](https://github.com/okta/okta-oidc-middleware/pull/40) Allows passing `loginHint` to `ensureAuthenticated`
+
+### Bug Fixes
+
+- [#42](https://github.com/okta/okta-oidc-middleware/pull/42) Fixes `appBaseUrl` option not prepending to login redirect url
 
 # 4.4.0
 

src/oidcUtil.js

@@ -144,7 +144,7 @@ oidcUtil.ensureAuthenticated = (context, options = {}) => {
         if (req.session) {
           req.session.returnTo = req.originalUrl || req.url;
         }
-        const url = options.redirectTo || context.options.routes.login.path;
+        const url = options.redirectTo || (new URL(context.options.routes.login.path, context.options.appBaseUrl)).href;
         return res.redirect(appendOptionsToQuery(url, options));
       }
 

test/unit/oidcUtil.spec.js

@@ -120,5 +120,29 @@ describe('oidcUtil', function () {
       requestHandler(req, res, () => {});
       expect(res.redirect).toBeCalledWith('/login?login_hint=username%40org.org');
     });
+
+    it('appends `appBaseUrl` option to redirect URL', () => {
+      const options = {
+        appBaseUrl: 'http://localhost:56789',
+        routes: {
+          login: {
+            path: '/foo'
+          }
+        }
+      };
+
+      const context = {
+        options,
+        client: createMockOpenIdClient()
+      };
+
+      const requestHandler = oidcUtil.ensureAuthenticated(context);
+      let req = jest.mock();
+      let res = {
+        redirect: jest.fn()
+      };
+      requestHandler(req, res, () => {});
+      expect(res.redirect).toBeCalledWith('http://localhost:56789/foo');
+    });
   });
 })