FEATURE: List, revoke and reconnect associated accounts. Phase 1 (#6099)

Listing connections is supported for all built-in auth providers. Revoke and reconnect is currently only implemented for Facebook.

spec/components/auth/facebook_authenticator_spec.rb

@@ -38,6 +38,36 @@ describe Auth::FacebookAuthenticator do
       expect(result.user.user_profile.location).to eq("America")
     end
 
+    it 'can connect to a different existing user account' do
+      authenticator = Auth::FacebookAuthenticator.new
+      user1 = Fabricate(:user)
+      user2 = Fabricate(:user)
+
+      FacebookUserInfo.create!(user_id: user1.id, facebook_user_id: 100)
+
+      hash = {
+        "extra" => {
+            "raw_info" => {
+            "username" => "bob"
+          }
+        },
+        "info" => {
+          "location" => "America",
+          "description" => "bio",
+          "urls" => {
+            "Website" => "https://awesome.com"
+          }
+        },
+        "uid" => "100"
+      }
+
+      result = authenticator.after_authenticate(hash, existing_account: user2)
+
+      expect(result.user.id).to eq(user2.id)
+      expect(FacebookUserInfo.exists?(user_id: user1.id)).to eq(false)
+      expect(FacebookUserInfo.exists?(user_id: user2.id)).to eq(true)
+    end
+
     it 'can create a proper result for non existing users' do
 
       hash = {
@@ -62,4 +92,58 @@ describe Auth::FacebookAuthenticator do
     end
   end
 
+  context 'description_for_user' do
+    let(:user) { Fabricate(:user) }
+    let(:authenticator) { Auth::FacebookAuthenticator.new }
+
+    it 'returns empty string if no entry for user' do
+      expect(authenticator.description_for_user(user)).to eq("")
+    end
+
+    it 'returns correct information' do
+      FacebookUserInfo.create!(user_id: user.id, facebook_user_id: 12345, email: 'someuser@somedomain.tld')
+      expect(authenticator.description_for_user(user)).to eq('someuser@somedomain.tld')
+    end
+  end
+
+  context 'revoke' do
+    let(:user) { Fabricate(:user) }
+    let(:authenticator) { Auth::FacebookAuthenticator.new }
+
+    it 'raises exception if no entry for user' do
+      expect { authenticator.revoke(user) }.to raise_error(Discourse::NotFound)
+    end
+
+    context "with valid record" do
+      before do
+        SiteSetting.facebook_app_id = '123'
+        SiteSetting.facebook_app_secret = 'abcde'
+        FacebookUserInfo.create!(user_id: user.id, facebook_user_id: 12345, email: 'someuser@somedomain.tld')
+      end
+
+      it 'revokes correctly' do
+        stub = stub_request(:delete, authenticator.revoke_url(12345)).to_return(body: "true")
+
+        expect(authenticator.can_revoke?).to eq(true)
+        expect(authenticator.revoke(user)).to eq(true)
+
+        expect(stub).to have_been_requested.once
+        expect(authenticator.description_for_user(user)).to eq("")
+      end
+
+      it 'handles errors correctly' do
+        stub = stub_request(:delete, authenticator.revoke_url(12345)).to_return(status: 404)
+
+        expect(authenticator.revoke(user)).to eq(false)
+        expect(stub).to have_been_requested.once
+        expect(authenticator.description_for_user(user)).to eq('someuser@somedomain.tld')
+
+        expect(authenticator.revoke(user, skip_remote: true)).to eq(true)
+        expect(stub).to have_been_requested.once
+        expect(authenticator.description_for_user(user)).to eq("")
+
+      end
+    end
+  end
+
 end