Check when logging in whether a auth provider is enabled, including specs

app/controllers/users/omniauth_callbacks_controller.rb

@@ -1,9 +1,15 @@
 # -*- encoding : utf-8 -*-
 require_dependency 'email'
+require_dependency 'enum'
+
 class Users::OmniauthCallbacksController < ApplicationController
 
   layout false
 
+  def self.types
+    @types ||= Enum.new(:facebook, :twitter, :google, :yahoo, :github, :persona)
+  end
+
   # need to be able to call this
   skip_before_filter :check_xhr
 
@@ -11,19 +17,15 @@ class Users::OmniauthCallbacksController < ApplicationController
   skip_before_filter :verify_authenticity_token, :only => :complete
 
   def complete
-    auth_token = env["omniauth.auth"]
+    # Make sure we support that provider
-    case params[:provider]
+    provider = params[:provider]
-    when "facebook"
+    raise Discourse::InvalidAccess.new unless self.class.types.include?(provider.to_sym)
-      create_or_sign_on_user_using_facebook(auth_token)
+
-    when "twitter"
+    # Check if the provider is enabled
-      create_or_sign_on_user_using_twitter(auth_token)
+    raise Discourse::InvalidAccess.new("provider is not enabled") unless SiteSetting.send("enable_#{provider}_logins?")
-    when "google", "yahoo"
+
-      create_or_sign_on_user_using_openid(auth_token)
+    # Call the appropriate logic
-    when "github"
+    send("create_or_sign_on_user_using_#{provider}", request.env["omniauth.auth"])
-      create_or_sign_on_user_using_github(auth_token)
-    when "persona"
-      create_or_sign_on_user_using_persona(auth_token)
-    end
 
     respond_to do |format|
       format.html
@@ -80,7 +82,6 @@ class Users::OmniauthCallbacksController < ApplicationController
 
     username = User.suggest_username(name)
 
-
     session[:authentication] = {
       facebook: {
         facebook_user_id: fb_uid ,
@@ -179,6 +180,9 @@ class Users::OmniauthCallbacksController < ApplicationController
 
   end
 
+  alias_method :create_or_sign_on_user_using_yahoo, :create_or_sign_on_user_using_openid
+  alias_method :create_or_sign_on_user_using_google, :create_or_sign_on_user_using_openid
+
   def create_or_sign_on_user_using_github(auth_token)
 
     data = auth_token[:info]

spec/controllers/omniauth_callbacks_controller_spec.rb

@@ -0,0 +1,134 @@
+require 'spec_helper'
+
+describe Users::OmniauthCallbacksController do
+
+  let(:auth) { {info: {email: 'eviltrout@made.up.email', name: 'Robin Ward', uid: 123456789}, "extra" => {"raw_info" => {} } } }
+
+  describe 'invalid provider' do
+
+    it "fails" do
+      request.env["omniauth.auth"] = auth
+      get :complete, provider: 'hackprovider'
+      response.should_not be_success
+    end
+
+  end
+
+  describe 'twitter' do
+
+    before do
+      request.env["omniauth.auth"] = auth
+    end
+
+    it "fails when twitter logins are disabled" do
+      SiteSetting.stubs(:enable_twitter_logins?).returns(false)
+      get :complete, provider: 'twitter'
+      response.should_not be_success
+    end
+
+    it "succeeds when twitter logins are enabled" do
+      SiteSetting.stubs(:enable_twitter_logins?).returns(true)
+      get :complete, provider: 'twitter'
+      response.should be_success
+    end
+
+  end
+
+  describe 'facebook' do
+
+    before do
+      request.env["omniauth.auth"] = auth
+    end
+
+    it "fails when facebook logins are disabled" do
+      SiteSetting.stubs(:enable_facebook_logins?).returns(false)
+      get :complete, provider: 'facebook'
+      response.should_not be_success
+    end
+
+    it "succeeds when facebook logins are enabled" do
+      SiteSetting.stubs(:enable_facebook_logins?).returns(true)
+      get :complete, provider: 'facebook'
+      response.should be_success
+    end
+
+  end
+
+
+  describe 'open id handler' do
+
+    before do
+      request.env["omniauth.auth"] = { info: {email: 'eviltrout@made.up.email'}, extra: {identity_url: 'http://eviltrout.com'}}
+    end
+
+    describe "google" do
+      it "fails when google logins are disabled" do
+        SiteSetting.stubs(:enable_google_logins?).returns(false)
+        get :complete, provider: 'google'
+        response.should_not be_success
+      end
+
+      it "succeeds when google logins are enabled" do
+        SiteSetting.stubs(:enable_google_logins?).returns(true)
+        get :complete, provider: 'google'
+        response.should be_success
+      end
+    end
+
+    describe "yahoo" do
+      it "fails when yahoo logins are disabled" do
+        SiteSetting.stubs(:enable_yahoo_logins?).returns(false)
+        get :complete, provider: 'yahoo'
+        response.should_not be_success
+      end
+
+      it "succeeds when yahoo logins are enabled" do
+        SiteSetting.stubs(:enable_yahoo_logins?).returns(true)
+        get :complete, provider: 'yahoo'
+        response.should be_success
+      end
+    end
+
+  end
+
+  describe 'github' do
+
+    before do
+      request.env["omniauth.auth"] = auth
+    end
+
+    it "fails when github logins are disabled" do
+      SiteSetting.stubs(:enable_github_logins?).returns(false)
+      get :complete, provider: 'github'
+      response.should_not be_success
+    end
+
+    it "succeeds when github logins are enabled" do
+      SiteSetting.stubs(:enable_github_logins?).returns(true)
+      get :complete, provider: 'github'
+      response.should be_success
+    end
+
+  end
+
+  describe 'persona' do
+
+    before do
+      request.env["omniauth.auth"] = auth
+    end
+
+    it "fails when persona logins are disabled" do
+      SiteSetting.stubs(:enable_persona_logins?).returns(false)
+      get :complete, provider: 'persona'
+      response.should_not be_success
+    end
+
+    it "succeeds when persona logins are enabled" do
+      SiteSetting.stubs(:enable_persona_logins?).returns(true)
+      get :complete, provider: 'persona'
+      response.should be_success
+    end
+
+  end
+
+end