Change default redirect status for AuthPAMExpiredRedirect to 303 See Other, make it configurable.

Redirect to reset password typically goes to different system,
so repeating for example POST which 307 Temporary Redirect does
is not that useful; the 303 See Other will do plain GET.
The redirect status can be overriden with an optional second parameter
to AuthPAMExpiredRedirect.

1 files changed, 2 insertions, 1 deletions

diff --git a/tests/run.sh b/tests/run.sh
index 28235f8..3b24f9b 100755
--- a/tests/run.sh
+++ b/tests/run.sh
@@ -55,7 +55,8 @@ curl -u user1:heslo1 -s http://localhost/authnp3 | tee /dev/stderr | grep 'User
 curl -u user1:heslo1 -s http://localhost/authnp4 | tee /dev/stderr | grep 'User user1'
 chage -d $(date -d -2days +%Y-%m-%d) -M  1 user1
 curl -u user1:heslo1 -s http://localhost/authnp3 | tee /dev/stderr | grep 401
-curl -i -u user1:heslo1 -s 'http://localhost/authnp4?id=123&data=M%26M' | tee /dev/stderr | grep -F -e 'Location: http://localhost/fix-password?return=http%3a%2f%2flocalhost%2fauthnp4%3fid%3d123%26data%3dM%2526M&percent=%25&user=user1' -e 'HTTP/1.1 307 Temporary Redirect' | wc -l | grep 2
+curl -i -u user1:heslo1 -s 'http://localhost/authnp4?id=123&data=M%26M' | tee /dev/stderr | grep -F -e 'Location: http://localhost/fix-password?return=http%3a%2f%2flocalhost%2fauthnp4%3fid%3d123%26data%3dM%2526M&percent=%25&user=user1' -e 'HTTP/1.1 303 See Other' | wc -l | grep 2
+curl -i -u user1:heslo1 -s 'http://localhost/authnp5?data=křížala' | tee /dev/stderr | grep -F -e 'Location: http://localhost/login?realm=ježek&return=http%3a%2f%2flocalhost%2fauthnp5%3fdata%3dk%c5%99%c3%ad%c5%beala' -e 'HTTP/1.1 307 Temporary Redirect' | wc -l | grep 2
 chage -d $(date -d -2days +%Y-%m-%d) -M  3 user1
 curl -u user1:heslo1 -s http://localhost/authnp3 | tee /dev/stderr | grep 'User user1'
 curl -u user1:heslo1 -s http://localhost/authnp4 | tee /dev/stderr | grep 'User user1'