feat: allow overriding showLoginPage config via request header

opengovsg · Jan 28, 2022 · ffa7b8d · ffa7b8d
1 parent 93c8a04
commit ffa7b8d
Show file tree

Hide file tree

Showing 5 changed files with 10 additions and 5 deletions.
diff --git a/README.md b/README.md
@@ -59,7 +59,7 @@ $ export MOCKPASS_PORT=5156
 $ export MOCKPASS_NRIC=S8979373D
 $ export MOCKPASS_UEN=123456789A
 
-$ export SHOW_LOGIN_PAGE=true # Optional, defaults to `false`
+$ export SHOW_LOGIN_PAGE=true # Optional, defaults to `false`; can be overridden per request using `X-Show-Login-Page` HTTP header
 
 # Disable signing/encryption (Optional, by default `true`)
 $ export SIGN_ASSERTION=false

diff --git a/index.js b/index.js
@@ -61,7 +61,12 @@ const options = {
       assertEndpoint: process.env.CORPPASS_ASSERT_ENDPOINT,
     },
   },
-  showLoginPage: process.env.SHOW_LOGIN_PAGE === 'true',
+  showLoginPage: (req) => {
+    if (req.header('X-Show-Login-Page')) {
+      return req.header('X-Show-Login-Page') === 'true'
+    }
+    return process.env.SHOW_LOGIN_PAGE === 'true'
+  },
   encryptMyInfo: process.env.ENCRYPT_MYINFO === 'true',
   cryptoConfig,
 }

diff --git a/lib/express/oidc.js b/lib/express/oidc.js
@@ -30,7 +30,7 @@ function config(app, { showLoginPage, idpConfig, serviceProvider }) {
     app.get(`/${idp.toLowerCase()}/authorize`, (req, res) => {
       const redirectURI = req.query.redirect_uri
       const state = encodeURIComponent(req.query.state)
-      if (showLoginPage) {
+      if (showLoginPage(req)) {
         const oidc = assertions.oidc[idp]
         const values = oidc.map((rawId, index) => {
           const code = encodeURIComponent(

diff --git a/lib/express/saml.js b/lib/express/saml.js
@@ -45,7 +45,7 @@ function config(
           : idpConfig[idp].assertEndpoint || req.query.PartnerId
       const relayState = req.query.Target
       const partnerId = idpConfig[idp].id
-      if (showLoginPage) {
+      if (showLoginPage(req)) {
         const saml = assertions.saml[idp]
         const values = saml.map((rawId, index) => {
           const samlArt = encodeURIComponent(samlArtifact(partnerId, index))

diff --git a/lib/express/sgid.js b/lib/express/sgid.js
@@ -30,7 +30,7 @@ function config(app, { showLoginPage, idpConfig, serviceProvider }) {
   app.get(`${PATH_PREFIX}/authorize`, (req, res) => {
     const redirectURI = req.query.redirect_uri
     const state = encodeURIComponent(req.query.state)
-    if (showLoginPage) {
+    if (showLoginPage(req)) {
       const oidc = assertions.oidc.singPass
       const values = oidc
         .filter((rawId) => assertions.myinfo.v3.personas[rawId])