Merge pull request #235 from GovTechSG/fix/singpass-redirect-bug

Fix Singpass login redirect bug for Custom Flow 2.0
GovTechSG · Nov 21, 2023 · b17a729 · b17a729
2 parents 32bb86b + 4b98e36
commit b17a729
Show file tree

Hide file tree

Showing 2 changed files with 24 additions and 12 deletions.
diff --git a/cli.js b/cli.js
@@ -288,6 +288,7 @@ const scanInit = async argvs => {
     argvs.browserToRun,
     clonedDataDir,
     argvs.playwrightDeviceDetailsObject,
+    isNewCustomFlow
   );
   switch (res.status) {
     case statuses.success.code:

diff --git a/constants/common.js b/constants/common.js
@@ -256,7 +256,7 @@ export const sanitizeUrlInput = url => {
   return data;
 };
 
-const requestToUrl = async url => {
+const requestToUrl = async (url, isNewCustomFlow) => {
   // User-Agent is modified to emulate a browser to handle cases where some sites ban non browser agents, resulting in a 403 error
   const res = {};
   await axios
@@ -269,15 +269,17 @@ const requestToUrl = async url => {
       const redirectUrl = response.request.res.responseUrl;
       res.status = constants.urlCheckStatuses.success.code;
 
-      if (redirectUrl != null) {
-        res.url = redirectUrl;
-      } else {
-        res.url = url;
-      }
-
       let modifiedHTML = response.data.replace(/<noscript>[\s\S]*?<\/noscript>/gi, '');
       const metaRefreshMatch = /<meta\s+http-equiv="refresh"\s+content="(?:\d+;)?([^"]*)"/i.exec(modifiedHTML);
-      if (metaRefreshMatch && metaRefreshMatch[1]) {
+      const hasMetaRefresh = metaRefreshMatch && metaRefreshMatch[1];
+
+      if (redirectUrl != null && (hasMetaRefresh || !isNewCustomFlow)) {
+        res.url = redirectUrl; 
+      } else {
+        res.url = url; 
+      }
+
+      if (hasMetaRefresh) {
         const urlOrRelativePath = metaRefreshMatch[1];
         if (urlOrRelativePath.includes('URL=')) {
           res.url = urlOrRelativePath.split('URL=').pop();
@@ -286,6 +288,7 @@ const requestToUrl = async url => {
           res.url = urlOrRelativePath.replace('.', pathname);
         }
       }
+
       res.content = response.data;
     })
     .catch(async error => {
@@ -314,12 +317,12 @@ const requestToUrl = async url => {
   return res;
 };
 
-const checkUrlConnectivity = async url => {
+const checkUrlConnectivity = async (url, isNewCustomFlow) => {
   const data = sanitizeUrlInput(url);
 
   if (data.isValid) {
     // Validate the connectivity of URL if the string format is url format
-    const res = await requestToUrl(data.url);
+    const res = await requestToUrl(data.url, isNewCustomFlow);
     return res;
   }
 
@@ -332,6 +335,7 @@ const checkUrlConnectivityWithBrowser = async (
   browserToRun,
   clonedDataDir,
   playwrightDeviceDetailsObject,
+  isNewCustomFlow
 ) => {
   const res = {};
 
@@ -396,7 +400,11 @@ const checkUrlConnectivityWithBrowser = async (
       }
 
       // set redirect link or final url
-      res.url = page.url();
+      if (isNewCustomFlow) {
+        res.url = url;
+      } else {
+        res.url = page.url();
+      }
 
       res.content = await page.content();
     } catch (error) {
@@ -441,6 +449,7 @@ export const checkUrl = async (
   browser,
   clonedDataDir,
   playwrightDeviceDetailsObject,
+  isNewCustomFlow
 ) => {
   let res;
   if (proxy) {
@@ -449,16 +458,18 @@ export const checkUrl = async (
       browser,
       clonedDataDir,
       playwrightDeviceDetailsObject,
+      isNewCustomFlow
     );
   } else {
-    res = await checkUrlConnectivity(url);
+    res = await checkUrlConnectivity(url, isNewCustomFlow);
     if (res.status === constants.urlCheckStatuses.axiosTimeout.code) {
       if (browser || constants.launcher === webkit) {
         res = await checkUrlConnectivityWithBrowser(
           url,
           browser,
           clonedDataDir,
           playwrightDeviceDetailsObject,
+          isNewCustomFlow
         );
       }
     }