[chrome/csrf] polish up some tests

spalger · Nov 10, 2015 · b4517cb · b4517cb
1 parent 5cdeae5
commit b4517cb
Show file tree

Hide file tree

Showing 3 changed files with 38 additions and 24 deletions.
diff --git a/src/ui/public/chrome/api/__tests__/xsrf.js b/src/ui/public/chrome/api/__tests__/xsrf.js
@@ -5,7 +5,7 @@ import ngMock from 'ngMock';
 
 import xsrfChromeApi from '../xsrf';
 
-const xsrfHeader = 'kbn-xsrf-header';
+const xsrfHeader = 'kbn-xsrf-token';
 const xsrfToken = 'xsrfToken';
 
 describe('chrome xsrf apis', function () {
@@ -39,13 +39,8 @@ describe('chrome xsrf apis', function () {
 
       it('can be canceled by setting the kbnXsrfToken option', function () {
         const setHeader = stub();
-        prefilter({}, {}, { setRequestHeader: setHeader });
-
-        expect(setHeader.callCount).to.be(1);
-        expect(setHeader.args[0]).to.eql([
-          xsrfHeader,
-          xsrfToken
-        ]);
+        prefilter({ kbnXsrfToken: false }, {}, { setRequestHeader: setHeader });
+        expect(setHeader.callCount).to.be(0);
       });
     });
 
@@ -58,7 +53,7 @@ describe('chrome xsrf apis', function () {
         stub($, 'ajaxPrefilter');
         const chrome = {};
         xsrfChromeApi(chrome, { xsrfToken });
-        ngMock.module(chrome.$setupCsrfRequestInterceptor);
+        ngMock.module(chrome.$setupXsrfRequestInterceptor);
       });
 
       beforeEach(ngMock.inject(function ($injector) {
@@ -84,24 +79,42 @@ describe('chrome xsrf apis', function () {
         $httpBackend.flush();
       });
 
-      it('skips requests with the kbnCsrfToken set falsey', function () {
+      it('skips requests with the kbnXsrfToken set falsey', function () {
         $httpBackend.expectPOST('/api/test', undefined, function (headers) {
           return !(xsrfHeader in headers);
         }).respond(200, '');
 
-        $http.post({
+        $http({
+          method: 'POST',
+          url: '/api/test',
+          kbnXsrfToken: 0
+        });
+
+        $http({
+          method: 'POST',
           url: '/api/test',
-          xsrfHeader: 0
+          kbnXsrfToken: ''
         });
 
-        $http.post({
+        $http({
+          method: 'POST',
           url: '/api/test',
-          xsrfHeader: ''
+          kbnXsrfToken: false
         });
 
-        $http.post({
+        $httpBackend.flush();
+      });
+
+      it('accepts alternate tokens to use', function () {
+        const customToken = `custom:${xsrfToken}`;
+        $httpBackend.expectPOST('/api/test', undefined, function (headers) {
+          return headers[xsrfHeader] === customToken;
+        }).respond(200, '');
+
+        $http({
+          method: 'POST',
           url: '/api/test',
-          xsrfHeader: false
+          kbnXsrfToken: customToken
         });
 
         $httpBackend.flush();

diff --git a/src/ui/public/chrome/api/angular.js b/src/ui/public/chrome/api/angular.js
@@ -24,7 +24,7 @@ module.exports = function (chrome, internals) {
       a.href = '/elasticsearch';
       return a.href;
     }()))
-    .config(chrome.$setupCsrfRequestInterceptor)
+    .config(chrome.$setupXsrfRequestInterceptor)
     .directive('kbnChrome', function ($rootScope) {
       return {
         template: function ($el) {

diff --git a/src/ui/public/chrome/api/xsrf.js b/src/ui/public/chrome/api/xsrf.js
@@ -7,20 +7,21 @@ export default function (chrome, internals) {
     return internals.xsrfToken;
   };
 
-  $.ajaxPrefilter(function ({ kbnCsrfToken = internals.xsrfToken }, originalOptions, jqXHR) {
-    if (kbnCsrfToken) {
-      jqXHR.setRequestHeader('kbn-xsrf-token', kbnCsrfToken);
+  $.ajaxPrefilter(function ({ kbnXsrfToken = internals.xsrfToken }, originalOptions, jqXHR) {
+    if (kbnXsrfToken) {
+      jqXHR.setRequestHeader('kbn-xsrf-token', kbnXsrfToken);
     }
   });
 
-  chrome.$setupCsrfRequestInterceptor = function ($httpProvider) {
+  chrome.$setupXsrfRequestInterceptor = function ($httpProvider) {
     $httpProvider.interceptors.push(function () {
       return {
         request: function (opts) {
-          const { kbnCsrfToken = internals.xsrfToken } = opts;
-          if (kbnCsrfToken) {
-            return set(opts, ['headers', 'kbn-xsrf-token'], kbnCsrfToken);
+          const { kbnXsrfToken = internals.xsrfToken } = opts;
+          if (kbnXsrfToken) {
+            set(opts, ['headers', 'kbn-xsrf-token'], kbnXsrfToken);
           }
+          return opts;
         }
       };
     });