github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-05-29 00:20:54 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

FIX: Better error when SSO fails due to blank secret (#7946)

Browse Source 
* FIX: Better error when SSO fails due to blank secret

* Update spec/requests/session_controller_spec.rb

Co-Authored-By: Robin Ward <robin.ward@gmail.com>
This commit is contained in:
Osama Sayegh
2019-07-26 17:37:23 +03:00
committed by GitHub
parent fe7f0982af
commit 525920a979
4 changed files with 23 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
spec/requests/session_controller_spec.rb
View File

@ -816,6 +816,16 @@ RSpec.describe SessionController do
expect(response.status).to eq(500)
end
it "fails with a nice error message if secret is blank" do
SiteSetting.sso_provider_secrets = ""
sso = SingleSignOnProvider.new
sso.nonce = "mynonce"
sso.return_sso_url = "http://website.without.secret.com/sso"
get "/session/sso_provider", params: Rack::Utils.parse_query(sso.payload("aasdasdasd"))
expect(response.status).to eq(400)
expect(response.body).to eq(I18n.t("sso.missing_secret"))
end
it "successfully redirects user to return_sso_url when the user is logged in" do
sign_in(@user)