fix(middleware): Addressed PR comments

okta · Jan 31, 2019 · 37e5dbd · 37e5dbd
1 parent d6c84ac
commit 37e5dbd
Show file tree

Hide file tree

Showing 4 changed files with 5 additions and 5 deletions.
diff --git a/packages/oidc-middleware/README.md b/packages/oidc-middleware/README.md
@@ -153,7 +153,7 @@ Required config:
 
 Optional config:
 
-* **loginRedirectUri** - The URI for your app that Okta will redirect users to after sign in to create the local session.  Locally, this is usually `http://localhost:3000/authorization-code/callback`. When deployed, this should be `https://{yourProductionDomain}/authorization-code/callback`.  This will default to `{appBaseUrl}{routes.loginCallback.path}` if `appBaseUrl` is provided, or the (deprecated) `redirect_uri` if appBaseUrl is not provided.  Unless your redirect is to a different application, it is recommended to NOT set this parameter and instead set `appBaseUrl` and (if different than the default of `/authorization-code/callback`) `routes.loginCallback.path`.
+* **loginRedirectUri** - The URI for your app that Okta will redirect users to after sign in to create the local session.  Locally, this is usually `http://localhost:3000/authorization-code/callback`. When deployed, this should be `https://{yourProductionDomain}/authorization-code/callback`.  This will default to `{appBaseUrl}{routes.loginCallback.path}` if `appBaseUrl` is provided, or the (deprecated) `redirect_uri` if `appBaseUrl` is not provided.  Unless your redirect is to a different application, it is recommended to NOT set this parameter and instead set `appBaseUrl` and (if different than the default of `/authorization-code/callback`) `routes.loginCallback.path`.
 * **logoutRedirectUri** - The URI for your app that Okta will redirect users to after sign out to clean up the local session.  Locally this is usually `http://localhost:3000/logout/callback`.  When deployed, this should be `https://{yourProductionDomain}/logout/callback`.  This will default to `{appBaseUrl}{routes.logoutCallback.path}` if `appBaseUrl` is provided.  Unless your redirect is to a different application, it is recommended to NOT set this parameter and instead set `appBaseUrl` and (if different than the default of `/logout/callback`) `routes.logoutCallback.path`.
 * **response_type** - Defaults to `code`
 * **scope** - Defaults to `openid`, which will only return the `sub` claim. To obtain more information about the user, use `openid profile`. For a list of scopes and claims, please see [Scope-dependent claims](https://developer.okta.com/standards/OIDC/index.html#scope-dependent-claims-not-always-returned) for more information.
@@ -316,7 +316,7 @@ const oidc = new ExpressOIDC({
 * **`loginCallback.handler`** - A function that is called after a successful authentication callback, but before the final redirect within your application. Useful for requirements such as conditional post-authentication redirects, or sending data to logging systems.
 * **`loginCallback.path`** - The URI that this library will host the login callback handler on. Defaults to `/authorization-code/callback`.  Must match a value from the Login Redirect Uri list from the Okta console for this application.
 * **`login.path`** - The URI that redirects the user to the Okta authorize endpoint. Defaults to `/login`.
-* **`logout.path`** - The RUI that redirects the user to the Okta logout endpoint.  Defaults to `/logout`.
+* **`logout.path`** - The URI that redirects the user to the Okta logout endpoint.  Defaults to `/logout`.
 * **`logoutCallback.afterCallback`** - Where the user is redirected to after a successful logout callback, if no `redirectTo` value was specified by `oidc.forceLogoutAndRevoke()`.  Defaults to `/`.
 * **`logoutCallback.path`** - The URI that this library will host the logout callback handler on.  Defaults to `/logout/callback`.  Must match a value from the Logout Redirect Uri list from the Okta console for this application.
 

diff --git a/packages/oidc-middleware/src/connectUtil.js b/packages/oidc-middleware/src/connectUtil.js
@@ -115,7 +115,7 @@ connectUtil.createLoginCallbackHandler = context => {
 connectUtil.createLogoutHandler = context => logout.forceLogoutAndRevoke(context);
 
 connectUtil.createLogoutCallbackHandler = context => {
-  return (req, res, next) => {
+  return (req, res) => {
     if ( req.session[context.options.sessionKey].state !== req.query.state ) {
       context.emitter.emit('error', { type: 'logoutError', message: `'state' parameter did not match value in session` });
     } else {

diff --git a/packages/oidc-middleware/test/e2e/page-objects/HomePage.js b/packages/oidc-middleware/test/e2e/page-objects/HomePage.js
@@ -31,7 +31,7 @@ module.exports = class HomePage {
   async performLogout() { 
     const logoutButton = $('#logout');
     await logoutButton.click();
-    await browser.wait(EC.not(EC.presenceOf(logoutButton)), 10000);
+    await browser.wait(EC.not(EC.presenceOf(logoutButton)), 5000);
   }
 
   async getBodyText() {

diff --git a/packages/oidc-middleware/test/unit/constructor.spec.js b/packages/oidc-middleware/test/unit/constructor.spec.js
@@ -233,7 +233,7 @@ describe('new ExpressOIDC()', () => {
   });
 
   it('should set the HTTP timeout to 10 seconds', () => {
-    new ExpressOIDC({ 
+    new ExpressOIDC({
       ...minimumConfig
     }).on('error', () => {
       // Ignore errors caused by mock configuration data