FEATURE: List, revoke and reconnect associated accounts. Phase 1 (#6099)

Listing connections is supported for all built-in auth providers. Revoke and reconnect is currently only implemented for Facebook.

spec/components/auth/facebook_authenticator_spec.rb

@@ -38,6 +38,36 @@ describe Auth::FacebookAuthenticator do
       expect(result.user.user_profile.location).to eq("America")
     end
 
+    it 'can connect to a different existing user account' do
+      authenticator = Auth::FacebookAuthenticator.new
+      user1 = Fabricate(:user)
+      user2 = Fabricate(:user)
+
+      FacebookUserInfo.create!(user_id: user1.id, facebook_user_id: 100)
+
+      hash = {
+        "extra" => {
+            "raw_info" => {
+            "username" => "bob"
+          }
+        },
+        "info" => {
+          "location" => "America",
+          "description" => "bio",
+          "urls" => {
+            "Website" => "https://awesome.com"
+          }
+        },
+        "uid" => "100"
+      }
+
+      result = authenticator.after_authenticate(hash, existing_account: user2)
+
+      expect(result.user.id).to eq(user2.id)
+      expect(FacebookUserInfo.exists?(user_id: user1.id)).to eq(false)
+      expect(FacebookUserInfo.exists?(user_id: user2.id)).to eq(true)
+    end
+
     it 'can create a proper result for non existing users' do
 
       hash = {
@@ -62,4 +92,58 @@ describe Auth::FacebookAuthenticator do
     end
   end
 
+  context 'description_for_user' do
+    let(:user) { Fabricate(:user) }
+    let(:authenticator) { Auth::FacebookAuthenticator.new }
+
+    it 'returns empty string if no entry for user' do
+      expect(authenticator.description_for_user(user)).to eq("")
+    end
+
+    it 'returns correct information' do
+      FacebookUserInfo.create!(user_id: user.id, facebook_user_id: 12345, email: 'someuser@somedomain.tld')
+      expect(authenticator.description_for_user(user)).to eq('someuser@somedomain.tld')
+    end
+  end
+
+  context 'revoke' do
+    let(:user) { Fabricate(:user) }
+    let(:authenticator) { Auth::FacebookAuthenticator.new }
+
+    it 'raises exception if no entry for user' do
+      expect { authenticator.revoke(user) }.to raise_error(Discourse::NotFound)
+    end
+
+    context "with valid record" do
+      before do
+        SiteSetting.facebook_app_id = '123'
+        SiteSetting.facebook_app_secret = 'abcde'
+        FacebookUserInfo.create!(user_id: user.id, facebook_user_id: 12345, email: 'someuser@somedomain.tld')
+      end
+
+      it 'revokes correctly' do
+        stub = stub_request(:delete, authenticator.revoke_url(12345)).to_return(body: "true")
+
+        expect(authenticator.can_revoke?).to eq(true)
+        expect(authenticator.revoke(user)).to eq(true)
+
+        expect(stub).to have_been_requested.once
+        expect(authenticator.description_for_user(user)).to eq("")
+      end
+
+      it 'handles errors correctly' do
+        stub = stub_request(:delete, authenticator.revoke_url(12345)).to_return(status: 404)
+
+        expect(authenticator.revoke(user)).to eq(false)
+        expect(stub).to have_been_requested.once
+        expect(authenticator.description_for_user(user)).to eq('someuser@somedomain.tld')
+
+        expect(authenticator.revoke(user, skip_remote: true)).to eq(true)
+        expect(stub).to have_been_requested.once
+        expect(authenticator.description_for_user(user)).to eq("")
+
+      end
+    end
+  end
+
 end

spec/components/auth/open_id_authenticator_spec.rb

@@ -9,7 +9,7 @@ load 'auth/open_id_authenticator.rb'
 describe Auth::OpenIdAuthenticator do
 
   it "can lookup pre-existing user if trusted" do
-    auth = Auth::OpenIdAuthenticator.new("test", "id", trusted: true)
+    auth = Auth::OpenIdAuthenticator.new("test", "id", "enable_yahoo_logins", trusted: true)
 
     user = Fabricate(:user)
     response = OpenStruct.new(identity_url: 'abc')
@@ -18,7 +18,7 @@ describe Auth::OpenIdAuthenticator do
   end
 
   it "raises an exception when email is missing" do
-    auth = Auth::OpenIdAuthenticator.new("test", "id", trusted: true)
+    auth = Auth::OpenIdAuthenticator.new("test", "id", "enable_yahoo_logins", trusted: true)
     response = OpenStruct.new(identity_url: 'abc')
     expect { auth.after_authenticate(info: {}, extra: { response: response }) }.to raise_error(Discourse::InvalidParameters)
   end

spec/components/discourse_plugin_registry_spec.rb

@@ -29,6 +29,13 @@ describe DiscoursePluginRegistry do
     end
   end
 
+  context '#auth_providers' do
+    it 'defaults to an empty Set' do
+      registry.auth_providers = nil
+      expect(registry.auth_providers).to eq(Set.new)
+    end
+  end
+
   context '#admin_javascripts' do
     it 'defaults to an empty Set' do
       registry.admin_javascripts = nil
@@ -92,6 +99,28 @@ describe DiscoursePluginRegistry do
     end
   end
 
+  context '.register_auth_provider' do
+    let(:registry) { DiscoursePluginRegistry }
+    let(:auth_provider) do
+      provider = Plugin::AuthProvider.new
+      provider.authenticator = Auth::Authenticator.new
+      provider
+    end
+
+    before do
+      registry.register_auth_provider(auth_provider)
+    end
+
+    after do
+      registry.reset!
+    end
+
+    it 'is returned by DiscoursePluginRegistry.auth_providers' do
+      expect(registry.auth_providers.include?(auth_provider)).to eq(true)
+    end
+
+  end
+
   context '.register_service_worker' do
     let(:registry) { DiscoursePluginRegistry }
 

spec/components/discourse_spec.rb

@@ -59,6 +59,54 @@ describe Discourse do
     end
   end
 
+  context 'authenticators' do
+    it 'returns inbuilt authenticators' do
+      expect(Discourse.authenticators).to match_array(Users::OmniauthCallbacksController::BUILTIN_AUTH)
+    end
+
+    context 'with authentication plugin installed' do
+      let(:plugin_auth_provider) do
+        authenticator_class = Class.new(Auth::Authenticator) do
+          def name
+            'pluginauth'
+          end
+
+          def enabled
+            true
+          end
+        end
+
+        provider = Plugin::AuthProvider.new
+        provider.authenticator = authenticator_class.new
+        provider
+      end
+
+      before do
+        DiscoursePluginRegistry.register_auth_provider(plugin_auth_provider)
+      end
+
+      after do
+        DiscoursePluginRegistry.reset!
+      end
+
+      it 'returns inbuilt and plugin authenticators' do
+        expect(Discourse.authenticators).to match_array(
+          Users::OmniauthCallbacksController::BUILTIN_AUTH + [plugin_auth_provider.authenticator])
+      end
+
+    end
+  end
+
+  context 'enabled_authenticators' do
+    it 'only returns enabled authenticators' do
+      expect(Discourse.enabled_authenticators.length).to be(0)
+      expect { SiteSetting.enable_twitter_logins = true }
+        .to change { Discourse.enabled_authenticators.length }.by(1)
+      expect(Discourse.enabled_authenticators.length).to be(1)
+      expect(Discourse.enabled_authenticators.first).to be_instance_of(Auth::TwitterAuthenticator)
+    end
+  end
+
   context '#site_contact_user' do
 
     let!(:admin) { Fabricate(:admin) }

spec/components/plugin/instance_spec.rb

@@ -125,7 +125,40 @@ describe Plugin::Instance do
     end
   end
 
+  it 'patches the enabled? function for auth_providers if not defined' do
+    SiteSetting.stubs(:ubuntu_login_enabled).returns(false)
+
+    plugin = Plugin::Instance.new
+
+    # No enabled_site_setting
+    authenticator = Auth::Authenticator.new
+    plugin.auth_provider(authenticator: authenticator)
+    plugin.notify_after_initialize
+    expect(authenticator.enabled?).to eq(true)
+
+    # With enabled site setting
+    authenticator = Auth::Authenticator.new
+    plugin.auth_provider(enabled_setting: 'ubuntu_login_enabled', authenticator: authenticator)
+    plugin.notify_after_initialize
+    expect(authenticator.enabled?).to eq(false)
+
+    # Defines own method
+    SiteSetting.stubs(:ubuntu_login_enabled).returns(true)
+    authenticator = Class.new(Auth::Authenticator) do
+      def enabled?
+        false
+      end
+    end.new
+    plugin.auth_provider(enabled_setting: 'ubuntu_login_enabled', authenticator: authenticator)
+    plugin.notify_after_initialize
+    expect(authenticator.enabled?).to eq(false)
+  end
+
   context "activate!" do
+    before do
+      SiteSetting.stubs(:ubuntu_login_enabled).returns(false)
+    end
+
     it "can activate plugins correctly" do
       plugin = Plugin::Instance.new
       plugin.path = "#{Rails.root}/spec/fixtures/plugins/my_plugin/plugin.rb"
@@ -135,10 +168,6 @@ describe Plugin::Instance do
       File.open("#{plugin.auto_generated_path}/junk", "w") { |f| f.write("junk") }
       plugin.activate!
 
-      expect(plugin.auth_providers.count).to eq(1)
-      auth_provider = plugin.auth_providers[0]
-      expect(auth_provider.authenticator.name).to eq('ubuntu')
-
       # calls ensure_assets! make sure they are there
       expect(plugin.assets.count).to eq(1)
       plugin.assets.each do |a, opts|
@@ -149,6 +178,17 @@ describe Plugin::Instance do
       expect(File.exists?(junk_file)).to eq(false)
     end
 
+    it "registers auth providers correctly" do
+      plugin = Plugin::Instance.new
+      plugin.path = "#{Rails.root}/spec/fixtures/plugins/my_plugin/plugin.rb"
+      plugin.activate!
+
+      expect(plugin.auth_providers.count).to eq(1)
+      auth_provider = plugin.auth_providers[0]
+      expect(auth_provider.authenticator.name).to eq('ubuntu')
+      expect(DiscoursePluginRegistry.auth_providers.count).to eq(1)
+    end
+
     it "finds all the custom assets" do
       plugin = Plugin::Instance.new
       plugin.path = "#{Rails.root}/spec/fixtures/plugins/my_plugin/plugin.rb"