github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-05-28 22:57:40 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

DEV: Apply syntax_tree formatting to spec/*

Browse Source
This commit is contained in:
David Taylor
2023-01-09 11:18:21 +00:00
parent 0cf6421716
commit cb932d6ee1
907 changed files with 58693 additions and 45909 deletions
Download Patch File Download Diff File Expand all files Collapse all files

454
spec/requests/omniauth_callbacks_controller_spec.rb
View File

@ -1,13 +1,11 @@
# frozen_string_literal: true
require 'discourse_connect_base'
require "discourse_connect_base"
RSpec.describe Users::OmniauthCallbacksController do
fab!(:user) { Fabricate(:user) }
before do
OmniAuth.config.test_mode = true
end
before { OmniAuth.config.test_mode = true }
after do
Rails.application.env_config["omniauth.auth"] = OmniAuth.config.mock_auth[:google_oauth2] = nil
@ -19,9 +17,9 @@ RSpec.describe Users::OmniauthCallbacksController do
it "fails if a provider is disabled" do
SiteSetting.enable_twitter_logins = false
expect do
Users::OmniauthCallbacksController.find_authenticator("twitter")
end.to raise_error(Discourse::InvalidAccess)
expect do Users::OmniauthCallbacksController.find_authenticator("twitter") end.to raise_error(
Discourse::InvalidAccess,
)
end
it "fails for unknown" do
@ -33,56 +31,53 @@ RSpec.describe Users::OmniauthCallbacksController do
it "finds an authenticator when enabled" do
SiteSetting.enable_twitter_logins = true
expect(Users::OmniauthCallbacksController.find_authenticator("twitter"))
.not_to eq(nil)
expect(Users::OmniauthCallbacksController.find_authenticator("twitter")).not_to eq(nil)
end
context "with a plugin-contributed auth provider" do
let :provider do
provider = Auth::AuthProvider.new
provider.authenticator = Class.new(Auth::Authenticator) do
def name
'ubuntu'
end
provider.authenticator =
Class
.new(Auth::Authenticator) do
def name
"ubuntu"
end
def enabled?
SiteSetting.ubuntu_login_enabled
end
end.new
def enabled?
SiteSetting.ubuntu_login_enabled
end
end
.new
provider.enabled_setting = "ubuntu_login_enabled"
provider
end
before do
DiscoursePluginRegistry.register_auth_provider(provider)
end
before { DiscoursePluginRegistry.register_auth_provider(provider) }
after do
DiscoursePluginRegistry.reset!
end
after { DiscoursePluginRegistry.reset! }
it "finds an authenticator when enabled" do
SiteSetting.stubs(:ubuntu_login_enabled).returns(true)
expect(Users::OmniauthCallbacksController.find_authenticator("ubuntu"))
.to be(provider.authenticator)
expect(Users::OmniauthCallbacksController.find_authenticator("ubuntu")).to be(
provider.authenticator,
)
end
it "fails if an authenticator is disabled" do
SiteSetting.stubs(:ubuntu_login_enabled).returns(false)
expect { Users::OmniauthCallbacksController.find_authenticator("ubuntu") }
.to raise_error(Discourse::InvalidAccess)
expect { Users::OmniauthCallbacksController.find_authenticator("ubuntu") }.to raise_error(
Discourse::InvalidAccess,
)
end
end
end
describe 'Google Oauth2' do
before do
SiteSetting.enable_google_oauth2_logins = true
end
describe "Google Oauth2" do
before { SiteSetting.enable_google_oauth2_logins = true }
it "should display the failure message if needed" do
get "/auth/failure"
@ -107,14 +102,25 @@ RSpec.describe Users::OmniauthCallbacksController do
end
it "should handle common errors" do
OmniAuth::Strategies::GoogleOauth2.any_instance.stubs(:mock_request_call).raises(
OAuth::Unauthorized.new(mock().tap { |m| m.stubs(:code).returns(403); m.stubs(:message).returns("Message") })
)
OmniAuth::Strategies::GoogleOauth2
.any_instance
.stubs(:mock_request_call)
.raises(
OAuth::Unauthorized.new(
mock().tap do |m|
m.stubs(:code).returns(403)
m.stubs(:message).returns("Message")
end,
),
)
post "/auth/google_oauth2"
expect(response.status).to eq(302)
expect(response.location).to include("/auth/failure?message=request_error")
OmniAuth::Strategies::GoogleOauth2.any_instance.stubs(:mock_request_call).raises(JWT::InvalidIatError.new)
OmniAuth::Strategies::GoogleOauth2
.any_instance
.stubs(:mock_request_call)
.raises(JWT::InvalidIatError.new)
post "/auth/google_oauth2"
expect(response.status).to eq(302)
expect(response.location).to include("/auth/failure?message=invalid_iat")
@ -171,9 +177,7 @@ RSpec.describe Users::OmniauthCallbacksController do
context "when in staff writes only mode" do
use_redis_snapshotting
before do
Discourse.enable_readonly_mode(Discourse::STAFF_WRITES_ONLY_MODE_KEY)
end
before { Discourse.enable_readonly_mode(Discourse::STAFF_WRITES_ONLY_MODE_KEY) }
it "returns a 503 for non-staff" do
mock_auth(user.email, user.username, user.name)
@ -202,22 +206,25 @@ RSpec.describe Users::OmniauthCallbacksController do
end
end
describe 'when user not found' do
describe "when user not found" do
let(:email) { "somename@gmail.com" }
let(:username) { "somename" }
let(:name) { "Some Name" }
before do
mock_auth(email, username, name)
end
before { mock_auth(email, username, name) }
it 'should return the right response' do
destination_url = '/somepath'
it "should return the right response" do
destination_url = "/somepath"
Rails.application.env_config["omniauth.origin"] = destination_url
events = DiscourseEvent.track_events { get "/auth/google_oauth2/callback.json" }
expect(events.any? { |e| e[:event_name] == :before_auth }).to eq(true)
expect(events.any? { |e| e[:event_name] === :after_auth && Auth::GoogleOAuth2Authenticator === e[:params][0] && !e[:params][1].failed? }).to eq(true)
expect(
events.any? do |e|
e[:event_name] === :after_auth && Auth::GoogleOAuth2Authenticator === e[:params][0] &&
!e[:params][1].failed?
end,
).to eq(true)
expect(response.status).to eq(302)
@ -232,15 +239,20 @@ RSpec.describe Users::OmniauthCallbacksController do
expect(data["destination_url"]).to eq(destination_url)
end
it 'should return the right response for staged users' do
it "should return the right response for staged users" do
Fabricate(:user, username: username, email: email, staged: true)
destination_url = '/somepath'
destination_url = "/somepath"
Rails.application.env_config["omniauth.origin"] = destination_url
events = DiscourseEvent.track_events { get "/auth/google_oauth2/callback.json" }
expect(events.any? { |e| e[:event_name] == :before_auth }).to eq(true)
expect(events.any? { |e| e[:event_name] === :after_auth && Auth::GoogleOAuth2Authenticator === e[:params][0] && !e[:params][1].failed? }).to eq(true)
expect(
events.any? do |e|
e[:event_name] === :after_auth && Auth::GoogleOAuth2Authenticator === e[:params][0] &&
!e[:params][1].failed?
end,
).to eq(true)
expect(response.status).to eq(302)
@ -255,8 +267,8 @@ RSpec.describe Users::OmniauthCallbacksController do
expect(data["destination_url"]).to eq(destination_url)
end
it 'should include destination url in response' do
destination_url = '/cookiepath'
it "should include destination url in response" do
destination_url = "/cookiepath"
cookies[:destination_url] = destination_url
get "/auth/google_oauth2/callback.json"
@ -265,12 +277,12 @@ RSpec.describe Users::OmniauthCallbacksController do
expect(data["destination_url"]).to eq(destination_url)
end
it 'should return an associate url when multiple login methods are enabled' do
it "should return an associate url when multiple login methods are enabled" do
get "/auth/google_oauth2/callback.json"
expect(response.status).to eq(302)
data = JSON.parse(cookies[:authentication_data])
expect(data["associate_url"]).to start_with('/associate/')
expect(data["associate_url"]).to start_with("/associate/")
SiteSetting.enable_local_logins = false
get "/auth/google_oauth2/callback.json"
@ -278,7 +290,7 @@ RSpec.describe Users::OmniauthCallbacksController do
expect(data["associate_url"]).to eq(nil)
end
it 'does not use email for username suggestions if disabled in settings' do
it "does not use email for username suggestions if disabled in settings" do
SiteSetting.use_email_for_username_and_name_suggestions = false
username = ""
name = ""
@ -291,7 +303,7 @@ RSpec.describe Users::OmniauthCallbacksController do
expect(data["username"]).to eq("user1") # not "billmailbox" that can be extracted from email
end
it 'uses email for username suggestions if enabled in settings' do
it "uses email for username suggestions if enabled in settings" do
SiteSetting.use_email_for_username_and_name_suggestions = true
username = ""
name = ""
@ -304,7 +316,7 @@ RSpec.describe Users::OmniauthCallbacksController do
expect(data["username"]).to eq("billmailbox")
end
it 'stops using name for username suggestions if disabled in settings' do
it "stops using name for username suggestions if disabled in settings" do
SiteSetting.use_name_for_username_suggestions = false
username = ""
name = "John Smith"
@ -317,12 +329,10 @@ RSpec.describe Users::OmniauthCallbacksController do
expect(data["username"]).to eq("user1")
end
describe 'when site is invite_only' do
before do
SiteSetting.invite_only = true
end
describe "when site is invite_only" do
before { SiteSetting.invite_only = true }
it 'should return the right response without any origin' do
it "should return the right response without any origin" do
get "/auth/google_oauth2/callback.json"
expect(response.status).to eq(302)
@ -332,7 +342,7 @@ RSpec.describe Users::OmniauthCallbacksController do
expect(data["requires_invite"]).to eq(true)
end
it 'returns the right response for an invalid origin' do
it "returns the right response for an invalid origin" do
Rails.application.env_config["omniauth.origin"] = "/invitesinvites"
get "/auth/google_oauth2/callback.json"
@ -340,11 +350,12 @@ RSpec.describe Users::OmniauthCallbacksController do
expect(response.status).to eq(302)
end
it 'should return the right response when origin is invites page' do
origin = Rails.application.routes.url_helpers.invite_url(
Fabricate(:invite).invite_key,
host: Discourse.base_url
)
it "should return the right response when origin is invites page" do
origin =
Rails.application.routes.url_helpers.invite_url(
Fabricate(:invite).invite_key,
host: Discourse.base_url,
)
Rails.application.env_config["omniauth.origin"] = origin
@ -360,21 +371,20 @@ RSpec.describe Users::OmniauthCallbacksController do
end
end
describe 'when user has been verified' do
let(:uid) { 12345 }
describe "when user has been verified" do
let(:uid) { 12_345 }
before do
mock_auth(user.email, "Somenickname", "Some name", uid)
end
before { mock_auth(user.email, "Somenickname", "Some name", uid) }
it 'should return the right response' do
it "should return the right response" do
expect(user.email_confirmed?).to eq(false)
events = DiscourseEvent.track_events do
get "/auth/google_oauth2/callback.json"
end
events = DiscourseEvent.track_events { get "/auth/google_oauth2/callback.json" }
expect(events.map { |event| event[:event_name] }).to include(:user_logged_in, :user_first_logged_in)
expect(events.map { |event| event[:event_name] }).to include(
:user_logged_in,
:user_first_logged_in,
)
expect(response.status).to eq(302)
@ -390,15 +400,18 @@ RSpec.describe Users::OmniauthCallbacksController do
expect(user.email_confirmed?).to eq(true)
end
it 'should return the authenticated response with the correct path for subfolders' do
it "should return the authenticated response with the correct path for subfolders" do
set_subfolder "/forum"
events = DiscourseEvent.track_events do
get "/auth/google_oauth2/callback.json"
end
events = DiscourseEvent.track_events { get "/auth/google_oauth2/callback.json" }
expect(response.headers["Set-Cookie"].match(/^authentication_data=.*; path=\/forum/)).not_to eq(nil)
expect(
response.headers["Set-Cookie"].match(%r{^authentication_data=.*; path=/forum}),
).not_to eq(nil)
expect(events.map { |event| event[:event_name] }).to include(:user_logged_in, :user_first_logged_in)
expect(events.map { |event| event[:event_name] }).to include(
:user_logged_in,
:user_first_logged_in,
)
expect(response.status).to eq(302)
@ -420,11 +433,12 @@ RSpec.describe Users::OmniauthCallbacksController do
user.reload
expect(user.email_confirmed?).to eq(false)
events = DiscourseEvent.track_events do
get "/auth/google_oauth2/callback.json"
end
events = DiscourseEvent.track_events { get "/auth/google_oauth2/callback.json" }
expect(events.map { |event| event[:event_name] }).to include(:user_logged_in, :user_first_logged_in)
expect(events.map { |event| event[:event_name] }).to include(
:user_logged_in,
:user_first_logged_in,
)
expect(response.status).to eq(302)
@ -439,9 +453,7 @@ RSpec.describe Users::OmniauthCallbacksController do
expect(user.staged).to eq(true)
expect(user.registration_ip_address).to eq(nil)
events = DiscourseEvent.track_events do
get "/auth/google_oauth2/callback.json"
end
events = DiscourseEvent.track_events { get "/auth/google_oauth2/callback.json" }
expect(events.map { |event| event[:event_name] }).to include(:before_auth, :after_auth)
@ -457,11 +469,12 @@ RSpec.describe Users::OmniauthCallbacksController do
# Now register
UsersController.any_instance.stubs(:honeypot_value).returns(nil)
UsersController.any_instance.stubs(:challenge_value).returns(nil)
post "/u.json", params: {
name: "My new name",
username: "mynewusername",
email: user.email
}
post "/u.json",
params: {
name: "My new name",
username: "mynewusername",
email: user.email,
}
expect(response.status).to eq(200)
@ -507,18 +520,22 @@ RSpec.describe Users::OmniauthCallbacksController do
SiteSetting.auth_overrides_name = true
SiteSetting.auth_overrides_username = true
UserAssociatedAccount.create!(provider_name: "google_oauth2", user_id: user.id, provider_uid: uid)
UserAssociatedAccount.create!(
provider_name: "google_oauth2",
user_id: user.id,
provider_uid: uid,
)
old_email = user.email
user.update!(name: 'somename', username: 'somusername', email: 'email@example.com')
user.update!(name: "somename", username: "somusername", email: "email@example.com")
get "/auth/google_oauth2/callback.json"
expect(response.status).to eq(302)
user.reload
expect(user.email).to eq(old_email)
expect(user.username).to eq('Somenickname')
expect(user.name).to eq('Some name')
expect(user.username).to eq("Somenickname")
expect(user.name).to eq("Some name")
end
it "should preserve username when several users login with the same username" do
@ -533,16 +550,20 @@ RSpec.describe Users::OmniauthCallbacksController do
# the number should be preserved during subsequent logins
# bill3 should remain bill3
user.update!(username: 'bill3')
user.update!(username: "bill3")
uid = "12345"
UserAssociatedAccount.create!(provider_name: "google_oauth2", user_id: user.id, provider_uid: uid)
UserAssociatedAccount.create!(
provider_name: "google_oauth2",
user_id: user.id,
provider_uid: uid,
)
mock_auth(user.email, "bill", uid)
get "/auth/google_oauth2/callback.json"
user.reload
expect(user.username).to eq('bill3')
expect(user.username).to eq("bill3")
end
it "will not update email if not verified" do
@ -551,26 +572,34 @@ RSpec.describe Users::OmniauthCallbacksController do
OmniAuth.config.mock_auth[:google_oauth2][:extra][:raw_info][:email_verified] = false
UserAssociatedAccount.create!(provider_name: "google_oauth2", user_id: user.id, provider_uid: '123545')
UserAssociatedAccount.create!(
provider_name: "google_oauth2",
user_id: user.id,
provider_uid: "123545",
)
old_email = user.email
user.update!(email: 'email@example.com')
user.update!(email: "email@example.com")
get "/auth/google_oauth2/callback.json"
expect(response.status).to eq(302)
user.reload
expect(user.email).to eq('email@example.com')
expect(user.email).to eq("email@example.com")
end
it "shows error when auth_overrides_email causes a validation error" do
SiteSetting.email_editable = false
SiteSetting.auth_overrides_email = true
UserAssociatedAccount.create!(provider_name: "google_oauth2", user_id: user.id, provider_uid: uid)
UserAssociatedAccount.create!(
provider_name: "google_oauth2",
user_id: user.id,
provider_uid: uid,
)
google_email = user.email
user.update!(email: 'anotheremail@example.com')
user.update!(email: "anotheremail@example.com")
Fabricate(:user, email: google_email) # Another user has the google account email
get "/auth/google_oauth2/callback"
@ -579,15 +608,13 @@ RSpec.describe Users::OmniauthCallbacksController do
expect(session[:current_user_id]).to eq(nil)
user.reload
expect(user.email).to eq('anotheremail@example.com')
expect(user.email).to eq("anotheremail@example.com")
end
context 'when user has TOTP enabled' do
before do
user.create_totp(enabled: true)
end
context "when user has TOTP enabled" do
before { user.create_totp(enabled: true) }
it 'should return the right response' do
it "should return the right response" do
get "/auth/google_oauth2/callback.json"
expect(response.status).to eq(302)
@ -597,7 +624,7 @@ RSpec.describe Users::OmniauthCallbacksController do
expect(data["email"]).to eq(user.email)
expect(data["omniauth_disallow_totp"]).to eq(true)
user.update!(email: 'different@user.email')
user.update!(email: "different@user.email")
get "/auth/google_oauth2/callback.json"
expect(response.status).to eq(302)
@ -605,12 +632,10 @@ RSpec.describe Users::OmniauthCallbacksController do
end
end
context 'when user has security key enabled' do
before do
Fabricate(:user_security_key_with_random_credential, user: user)
end
context "when user has security key enabled" do
before { Fabricate(:user_security_key_with_random_credential, user: user) }
it 'should return the right response' do
it "should return the right response" do
get "/auth/google_oauth2/callback.json"
expect(response.status).to eq(302)
@ -620,7 +645,7 @@ RSpec.describe Users::OmniauthCallbacksController do
expect(data["email"]).to eq(user.email)
expect(data["omniauth_disallow_totp"]).to eq(true)
user.update!(email: 'different@user.email')
user.update!(email: "different@user.email")
get "/auth/google_oauth2/callback.json"
expect(response.status).to eq(302)
@ -628,7 +653,7 @@ RSpec.describe Users::OmniauthCallbacksController do
end
end
context 'when sso_payload cookie exist' do
context "when sso_payload cookie exist" do
before do
SiteSetting.enable_discourse_connect_provider = true
SiteSetting.discourse_connect_secret = "topsecret"
@ -639,34 +664,42 @@ RSpec.describe Users::OmniauthCallbacksController do
@sso.return_sso_url = "http://somewhere.over.rainbow/sso"
cookies[:sso_payload] = @sso.payload
provider_uid = 12345
UserAssociatedAccount.create!(provider_name: "google_oauth2", provider_uid: provider_uid, user: user)
provider_uid = 12_345
UserAssociatedAccount.create!(
provider_name: "google_oauth2",
provider_uid: provider_uid,
user: user,
)
mock_auth(user.email, nil, nil, provider_uid)
end
it 'should return the right response' do
it "should return the right response" do
get "/auth/google_oauth2/callback.json"
expect(response.status).to eq(302)
data = JSON.parse(cookies[:authentication_data])
expect(data["destination_url"]).to match(/\/session\/sso_provider\?sso\=.*\&sig\=.*/)
expect(data["destination_url"]).to match(%r{/session/sso_provider\?sso\=.*\&sig\=.*})
end
end
context 'when user has not verified his email' do
context "when user has not verified his email" do
before do
provider_uid = "12345"
UserAssociatedAccount.create!(provider_name: "google_oauth2", provider_uid: provider_uid, user: user)
UserAssociatedAccount.create!(
provider_name: "google_oauth2",
provider_uid: provider_uid,
user: user,
)
user.update!(active: false)
another_email = "another_email@test.com"
mock_auth(another_email, nil, nil, provider_uid)
end
it 'should return the right response' do
it "should return the right response" do
get "/auth/google_oauth2/callback.json"
expect(response.status).to eq(302)
@ -686,8 +719,8 @@ RSpec.describe Users::OmniauthCallbacksController do
expect(response.status).to eq 302
expect(response.location).to eq "http://test.localhost/"
cookie_data = JSON.parse(response.cookies['authentication_data'])
expect(cookie_data["destination_url"]).to eq('/')
cookie_data = JSON.parse(response.cookies["authentication_data"])
expect(cookie_data["destination_url"]).to eq("/")
end
it "redirects to internal origin" do
@ -697,8 +730,8 @@ RSpec.describe Users::OmniauthCallbacksController do
expect(response.status).to eq 302
expect(response.location).to eq "http://test.localhost/t/123"
cookie_data = JSON.parse(response.cookies['authentication_data'])
expect(cookie_data["destination_url"]).to eq('/t/123')
cookie_data = JSON.parse(response.cookies["authentication_data"])
expect(cookie_data["destination_url"]).to eq("/t/123")
end
it "redirects to internal origin on subfolder" do
@ -710,8 +743,8 @@ RSpec.describe Users::OmniauthCallbacksController do
expect(response.status).to eq 302
expect(response.location).to eq "http://test.localhost/subpath/t/123"
cookie_data = JSON.parse(response.cookies['authentication_data'])
expect(cookie_data["destination_url"]).to eq('/subpath/t/123')
cookie_data = JSON.parse(response.cookies["authentication_data"])
expect(cookie_data["destination_url"]).to eq("/subpath/t/123")
end
it "never redirects to /auth/ origin" do
@ -721,8 +754,8 @@ RSpec.describe Users::OmniauthCallbacksController do
expect(response.status).to eq 302
expect(response.location).to eq "http://test.localhost/"
cookie_data = JSON.parse(response.cookies['authentication_data'])
expect(cookie_data["destination_url"]).to eq('/')
cookie_data = JSON.parse(response.cookies["authentication_data"])
expect(cookie_data["destination_url"]).to eq("/")
end
it "never redirects to /auth/ origin on subfolder" do
@ -734,8 +767,8 @@ RSpec.describe Users::OmniauthCallbacksController do
expect(response.status).to eq 302
expect(response.location).to eq "http://test.localhost/subpath"
cookie_data = JSON.parse(response.cookies['authentication_data'])
expect(cookie_data["destination_url"]).to eq('/subpath')
cookie_data = JSON.parse(response.cookies["authentication_data"])
expect(cookie_data["destination_url"]).to eq("/subpath")
end
it "redirects to relative origin" do
@ -745,8 +778,8 @@ RSpec.describe Users::OmniauthCallbacksController do
expect(response.status).to eq 302
expect(response.location).to eq "http://test.localhost/t/123"
cookie_data = JSON.parse(response.cookies['authentication_data'])
expect(cookie_data["destination_url"]).to eq('/t/123')
cookie_data = JSON.parse(response.cookies["authentication_data"])
expect(cookie_data["destination_url"]).to eq("/t/123")
end
it "redirects with query" do
@ -756,8 +789,8 @@ RSpec.describe Users::OmniauthCallbacksController do
expect(response.status).to eq 302
expect(response.location).to eq "http://test.localhost/t/123?foo=bar"
cookie_data = JSON.parse(response.cookies['authentication_data'])
expect(cookie_data["destination_url"]).to eq('/t/123?foo=bar')
cookie_data = JSON.parse(response.cookies["authentication_data"])
expect(cookie_data["destination_url"]).to eq("/t/123?foo=bar")
end
it "removes authentication_data cookie on logout" do
@ -766,11 +799,11 @@ RSpec.describe Users::OmniauthCallbacksController do
provider = log_in_user(Fabricate(:user))
expect(cookies['authentication_data']).to be
expect(cookies["authentication_data"]).to be
log_out_user(provider)
expect(cookies['authentication_data']).to be_nil
expect(cookies["authentication_data"]).to be_nil
end
it "removes disallowed characters from username" do
@ -801,29 +834,34 @@ RSpec.describe Users::OmniauthCallbacksController do
SiteSetting.google_oauth2_hd_groups_service_account_admin_email = "admin@example.com"
SiteSetting.google_oauth2_hd_groups_service_account_json = {
"private_key" => private_key.to_s,
"client_email": "discourse-group-sync@example.iam.gserviceaccount.com",
:"client_email" => "discourse-group-sync@example.iam.gserviceaccount.com",
}.to_json
SiteSetting.google_oauth2_hd_groups = true
stub_request(:post, "https://oauth2.googleapis.com/token").to_return do |request|
jwt = Rack::Utils.parse_query(request.body)["assertion"]
decoded_token = JWT.decode(jwt, private_key.public_key, true, { algorithm: 'RS256' })
decoded_token = JWT.decode(jwt, private_key.public_key, true, { algorithm: "RS256" })
{
status: 200,
body: { "access_token" => token, "type" => "bearer" }.to_json,
headers: { "Content-Type" => "application/json" }
headers: {
"Content-Type" => "application/json",
},
}
end
stub_request(:get, "https://admin.googleapis.com/admin/directory/v1/groups?userKey=#{mock_auth.uid}").
with(headers: { "Authorization" => "Bearer #{token}" }).
to_return do
stub_request(
:get,
"https://admin.googleapis.com/admin/directory/v1/groups?userKey=#{mock_auth.uid}",
)
.with(headers: { "Authorization" => "Bearer #{token}" })
.to_return do
{
status: 200,
body: { groups: groups }.to_json,
headers: {
"Content-Type" => "application/json"
}
"Content-Type" => "application/json",
},
}
end
end
@ -837,76 +875,84 @@ RSpec.describe Users::OmniauthCallbacksController do
it "updates associated groups" do
mock_omniauth_for_groups([group1, group2])
get "/auth/google_oauth2/callback.json", params: {
code: 'abcde',
hd: domain
}
get "/auth/google_oauth2/callback.json", params: { code: "abcde", hd: domain }
expect(response.status).to eq(302)
associated_groups = AssociatedGroup.where(provider_name: 'google_oauth2')
associated_groups = AssociatedGroup.where(provider_name: "google_oauth2")
expect(associated_groups.length).to eq(2)
expect(associated_groups.exists?(name: group1[:name])).to eq(true)
expect(associated_groups.exists?(name: group2[:name])).to eq(true)
user_associated_groups = UserAssociatedGroup.where(user_id: user.id)
expect(user_associated_groups.length).to eq(2)
expect(user_associated_groups.exists?(associated_group_id: associated_groups.first.id)).to eq(true)
expect(user_associated_groups.exists?(associated_group_id: associated_groups.second.id)).to eq(true)
expect(
user_associated_groups.exists?(associated_group_id: associated_groups.first.id),
).to eq(true)
expect(
user_associated_groups.exists?(associated_group_id: associated_groups.second.id),
).to eq(true)
mock_omniauth_for_groups([group1])
get "/auth/google_oauth2/callback.json", params: {
code: 'abcde',
hd: domain
}
get "/auth/google_oauth2/callback.json", params: { code: "abcde", hd: domain }
expect(response.status).to eq(302)
user_associated_groups = UserAssociatedGroup.where(user_id: user.id)
expect(user_associated_groups.length).to eq(1)
expect(user_associated_groups.exists?(associated_group_id: associated_groups.first.id)).to eq(true)
expect(user_associated_groups.exists?(associated_group_id: associated_groups.second.id)).to eq(false)
expect(
user_associated_groups.exists?(associated_group_id: associated_groups.first.id),
).to eq(true)
expect(
user_associated_groups.exists?(associated_group_id: associated_groups.second.id),
).to eq(false)
mock_omniauth_for_groups([])
get "/auth/google_oauth2/callback.json", params: {
code: 'abcde',
hd: domain
}
get "/auth/google_oauth2/callback.json", params: { code: "abcde", hd: domain }
expect(response.status).to eq(302)
user_associated_groups = UserAssociatedGroup.where(user_id: user.id)
expect(user_associated_groups.length).to eq(0)
expect(user_associated_groups.exists?(associated_group_id: associated_groups.first.id)).to eq(false)
expect(user_associated_groups.exists?(associated_group_id: associated_groups.second.id)).to eq(false)
expect(
user_associated_groups.exists?(associated_group_id: associated_groups.first.id),
).to eq(false)
expect(
user_associated_groups.exists?(associated_group_id: associated_groups.second.id),
).to eq(false)
end
it "handles failure to retrieve groups" do
mock_omniauth_for_groups([])
get "/auth/google_oauth2/callback.json", params: {
code: 'abcde',
hd: domain
}
get "/auth/google_oauth2/callback.json", params: { code: "abcde", hd: domain }
expect(response.status).to eq(302)
associated_groups = AssociatedGroup.where(provider_name: 'google_oauth2')
associated_groups = AssociatedGroup.where(provider_name: "google_oauth2")
expect(associated_groups.exists?).to eq(false)
end
end
end
context 'when attempting reconnect' do
context "when attempting reconnect" do
fab!(:user2) { Fabricate(:user) }
let(:user1_provider_id) { "12345" }
let(:user2_provider_id) { "123456" }
before do
UserAssociatedAccount.create!(provider_name: "google_oauth2", provider_uid: user1_provider_id, user: user)
UserAssociatedAccount.create!(provider_name: "google_oauth2", provider_uid: user2_provider_id, user: user2)
UserAssociatedAccount.create!(
provider_name: "google_oauth2",
provider_uid: user1_provider_id,
user: user,
)
UserAssociatedAccount.create!(
provider_name: "google_oauth2",
provider_uid: user2_provider_id,
user: user2,
)
mock_auth("someother_email@test.com", nil, nil, user1_provider_id)
end
it 'should not reconnect normally' do
it "should not reconnect normally" do
# Log in normally
post "/auth/google_oauth2"
expect(response.status).to eq(302)
@ -928,7 +974,7 @@ RSpec.describe Users::OmniauthCallbacksController do
expect(UserAssociatedAccount.count).to eq(2)
end
it 'should redirect to associate URL if parameter supplied' do
it "should redirect to associate URL if parameter supplied" do
# Log in normally
post "/auth/google_oauth2?reconnect=true"
expect(response.status).to eq(302)
@ -970,7 +1016,7 @@ RSpec.describe Users::OmniauthCallbacksController do
end
end
context 'after changing email' do
context "after changing email" do
def login(identity)
mock_auth(identity[:email], nil, nil, "123545#{identity[:username]}")
@ -979,16 +1025,12 @@ RSpec.describe Users::OmniauthCallbacksController do
JSON.parse(cookies[:authentication_data])
end
it 'activates the correct email' do
old_email = 'old@email.com'
old_identity = { name: 'Bob',
username: 'bob',
email: old_email }
it "activates the correct email" do
old_email = "old@email.com"
old_identity = { name: "Bob", username: "bob", email: old_email }
user = Fabricate(:user, email: old_email)
new_email = 'new@email.com'
new_identity = { name: 'Bob',
username: 'boguslaw',
email: new_email }
new_email = "new@email.com"
new_identity = { name: "Bob", username: "boguslaw", email: new_email }
updater = EmailUpdater.new(guardian: user.guardian, user: user)
updater.change_to(new_email)
@ -997,7 +1039,7 @@ RSpec.describe Users::OmniauthCallbacksController do
expect(user.email).to eq(old_email)
response = login(old_identity)
expect(response['authenticated']).to eq(true)
expect(response["authenticated"]).to eq(true)
user.reload
expect(user.email).to eq(old_email)
@ -1005,19 +1047,15 @@ RSpec.describe Users::OmniauthCallbacksController do
delete "/session/#{user.username}" # log out
response = login(new_identity)
expect(response['authenticated']).to eq(nil)
expect(response['email']).to eq(new_email)
expect(response["authenticated"]).to eq(nil)
expect(response["email"]).to eq(new_email)
end
end
context "when user is staged" do
fab!(:staged_user) { Fabricate(
:user,
username: "staged_user",
email: "staged.user@gmail.com",
staged: true
)
}
fab!(:staged_user) do
Fabricate(:user, username: "staged_user", email: "staged.user@gmail.com", staged: true)
end
it "should use username of the staged user if username is not present in payload" do
mock_auth(staged_user.email, nil)
@ -1051,18 +1089,14 @@ RSpec.describe Users::OmniauthCallbacksController do
end
end
def mock_auth(email, nickname = nil, name = nil, uid = '12345')
def mock_auth(email, nickname = nil, name = nil, uid = "12345")
OmniAuth.config.mock_auth[:google_oauth2] = OmniAuth::AuthHash.new(
provider: 'google_oauth2',
provider: "google_oauth2",
uid: uid,
info: OmniAuth::AuthHash::InfoHash.new(
email: email,
nickname: nickname,
name: name
),
info: OmniAuth::AuthHash::InfoHash.new(email: email, nickname: nickname, name: name),
extra: {
raw_info: OmniAuth::AuthHash.new(email_verified: true)
}
raw_info: OmniAuth::AuthHash.new(email_verified: true),
},
)
Rails.application.env_config["omniauth.auth"] = OmniAuth.config.mock_auth[:google_oauth2]