discourse/spec/components/auth/google_oauth2_authenticator...

require 'rails_helper'

describe Auth::GoogleOAuth2Authenticator do

  it 'does not look up user unless email is verified' do
    # note, emails that come back from google via omniauth are always valid
    # this protects against future regressions

    authenticator = Auth::GoogleOAuth2Authenticator.new
    user = Fabricate(:user)

    hash = {
      uid: "123456789",
      info: {
          name: "John Doe",
          email: user.email
      },
      extra: {
        raw_info: {
          email: user.email,
          email_verified: false,
          name: "John Doe"
        }
      }
    }

    result = authenticator.after_authenticate(hash)

    expect(result.user).to eq(nil)
  end

  context 'after_authenticate' do
    it 'can authenticate and create a user record for already existing users' do
      authenticator = Auth::GoogleOAuth2Authenticator.new
      user = Fabricate(:user)

      hash = {
        uid: "123456789",
        info: {
            name: "John Doe",
            email: user.email
        },
        extra: {
          raw_info: {
            email: user.email,
            email_verified: true,
            name: "John Doe"
          }
        }
      }

      result = authenticator.after_authenticate(hash)

      expect(result.user.id).to eq(user.id)
    end

    it 'can connect to a different existing user account' do
      authenticator = Auth::GoogleOAuth2Authenticator.new
      user1 = Fabricate(:user)
      user2 = Fabricate(:user)

      GoogleUserInfo.create!(user_id: user1.id, google_user_id: 100)

      hash = {
        uid: "100",
        info: {
            name: "John Doe",
            email: user1.email
        },
        extra: {
          raw_info: {
            email: user1.email,
            email_verified: true,
            name: "John Doe"
          }
        }
      }

      result = authenticator.after_authenticate(hash, existing_account: user2)

      expect(result.user.id).to eq(user2.id)
      expect(GoogleUserInfo.exists?(user_id: user1.id)).to eq(false)
      expect(GoogleUserInfo.exists?(user_id: user2.id)).to eq(true)
    end

    it 'can create a proper result for non existing users' do
      hash = {
        uid: "123456789",
        info: {
            name: "Jane Doe",
            email: "jane.doe@the.google.com"
        },
        extra: {
          raw_info: {
            email: "jane.doe@the.google.com",
            email_verified: true,
            name: "Jane Doe"
          }
        }
      }

      authenticator = described_class.new
      result = authenticator.after_authenticate(hash)

      expect(result.user).to eq(nil)
      expect(result.extra_data[:name]).to eq("Jane Doe")
    end
  end

  context 'revoke' do
    let(:user) { Fabricate(:user) }
    let(:authenticator) { Auth::GoogleOAuth2Authenticator.new }

    it 'raises exception if no entry for user' do
      expect { authenticator.revoke(user) }.to raise_error(Discourse::NotFound)
    end

      it 'revokes correctly' do
        GoogleUserInfo.create!(user_id: user.id, google_user_id: 12345, email: 'someuser@somedomain.tld')
        expect(authenticator.can_revoke?).to eq(true)
        expect(authenticator.revoke(user)).to eq(true)
        expect(authenticator.description_for_user(user)).to eq("")
      end

  end
end
Prepare for separation of RSpec helper files Since rspec-rails 3, the default installation creates two helper files: * `spec_helper.rb` * `rails_helper.rb` `spec_helper.rb` is intended as a way of running specs that do not require Rails, whereas `rails_helper.rb` loads Rails (as Discourse's current `spec_helper.rb` does). For more information: https://www.relishapp.com/rspec/rspec-rails/docs/upgrade#default-helper-files In this commit, I've simply replaced all instances of `spec_helper` with `rails_helper`, and renamed the original `spec_helper.rb`. This brings the Discourse project closer to the standard usage of RSpec in a Rails app. At present, every spec relies on loading Rails, but there are likely many that don't need to. In a future pull request, I hope to introduce a separate, minimal `spec_helper.rb` which can be used in tests which don't rely on Rails. 2015-10-11 05:41:23 -04:00			`require 'rails_helper'`
Add Google Oauth2 authenticator. The current Google OpenID authentication has been deprecated by Google and will NOT work for any new websites. 2014-05-21 18:19:40 -04:00
			`describe Auth::GoogleOAuth2Authenticator do`

FIX: protect against future regressions of google omniauth 2016-11-06 20:48:00 -05:00			`it 'does not look up user unless email is verified' do`
			`# note, emails that come back from google via omniauth are always valid`
			`# this protects against future regressions`

			`authenticator = Auth::GoogleOAuth2Authenticator.new`
			`user = Fabricate(:user)`

			`hash = {`
Add rubocop to our build. (#5004) 2017-07-27 21:20:09 -04:00			`uid: "123456789",`
			`info: {`
			`name: "John Doe",`
			`email: user.email`
FIX: protect against future regressions of google omniauth 2016-11-06 20:48:00 -05:00			`},`
Add rubocop to our build. (#5004) 2017-07-27 21:20:09 -04:00			`extra: {`
			`raw_info: {`
			`email: user.email,`
			`email_verified: false,`
			`name: "John Doe"`
FIX: protect against future regressions of google omniauth 2016-11-06 20:48:00 -05:00			`}`
			`}`
			`}`

			`result = authenticator.after_authenticate(hash)`

			`expect(result.user).to eq(nil)`
			`end`

Add Google Oauth2 authenticator. The current Google OpenID authentication has been deprecated by Google and will NOT work for any new websites. 2014-05-21 18:19:40 -04:00			`context 'after_authenticate' do`
			`it 'can authenticate and create a user record for already existing users' do`
FIX: protect against future regressions of google omniauth 2016-11-06 20:48:00 -05:00			`authenticator = Auth::GoogleOAuth2Authenticator.new`
Add Google Oauth2 authenticator. The current Google OpenID authentication has been deprecated by Google and will NOT work for any new websites. 2014-05-21 18:19:40 -04:00			`user = Fabricate(:user)`

			`hash = {`
Add rubocop to our build. (#5004) 2017-07-27 21:20:09 -04:00			`uid: "123456789",`
			`info: {`
			`name: "John Doe",`
			`email: user.email`
Add Google Oauth2 authenticator. The current Google OpenID authentication has been deprecated by Google and will NOT work for any new websites. 2014-05-21 18:19:40 -04:00			`},`
Add rubocop to our build. (#5004) 2017-07-27 21:20:09 -04:00			`extra: {`
			`raw_info: {`
			`email: user.email,`
			`email_verified: true,`
			`name: "John Doe"`
Add Google Oauth2 authenticator. The current Google OpenID authentication has been deprecated by Google and will NOT work for any new websites. 2014-05-21 18:19:40 -04:00			`}`
			`}`
			`}`

			`result = authenticator.after_authenticate(hash)`

few components with rspec3 syntax 2015-01-09 11:34:37 -05:00			`expect(result.user.id).to eq(user.id)`
Add Google Oauth2 authenticator. The current Google OpenID authentication has been deprecated by Google and will NOT work for any new websites. 2014-05-21 18:19:40 -04:00			`end`

FEATURE: Add revoke and reconnect functionality for google logins 2018-07-25 11:03:14 -04:00			`it 'can connect to a different existing user account' do`
			`authenticator = Auth::GoogleOAuth2Authenticator.new`
			`user1 = Fabricate(:user)`
			`user2 = Fabricate(:user)`

			`GoogleUserInfo.create!(user_id: user1.id, google_user_id: 100)`

			`hash = {`
			`uid: "100",`
			`info: {`
			`name: "John Doe",`
			`email: user1.email`
			`},`
			`extra: {`
			`raw_info: {`
			`email: user1.email,`
			`email_verified: true,`
			`name: "John Doe"`
			`}`
			`}`
			`}`

			`result = authenticator.after_authenticate(hash, existing_account: user2)`

			`expect(result.user.id).to eq(user2.id)`
			`expect(GoogleUserInfo.exists?(user_id: user1.id)).to eq(false)`
			`expect(GoogleUserInfo.exists?(user_id: user2.id)).to eq(true)`
			`end`

Add Google Oauth2 authenticator. The current Google OpenID authentication has been deprecated by Google and will NOT work for any new websites. 2014-05-21 18:19:40 -04:00			`it 'can create a proper result for non existing users' do`
			`hash = {`
Add rubocop to our build. (#5004) 2017-07-27 21:20:09 -04:00			`uid: "123456789",`
			`info: {`
			`name: "Jane Doe",`
			`email: "jane.doe@the.google.com"`
Add Google Oauth2 authenticator. The current Google OpenID authentication has been deprecated by Google and will NOT work for any new websites. 2014-05-21 18:19:40 -04:00			`},`
Add rubocop to our build. (#5004) 2017-07-27 21:20:09 -04:00			`extra: {`
			`raw_info: {`
			`email: "jane.doe@the.google.com",`
			`email_verified: true,`
			`name: "Jane Doe"`
Add Google Oauth2 authenticator. The current Google OpenID authentication has been deprecated by Google and will NOT work for any new websites. 2014-05-21 18:19:40 -04:00			`}`
			`}`
			`}`

			`authenticator = described_class.new`
			`result = authenticator.after_authenticate(hash)`

few components with rspec3 syntax 2015-01-09 11:34:37 -05:00			`expect(result.user).to eq(nil)`
			`expect(result.extra_data[:name]).to eq("Jane Doe")`
Add Google Oauth2 authenticator. The current Google OpenID authentication has been deprecated by Google and will NOT work for any new websites. 2014-05-21 18:19:40 -04:00			`end`
			`end`
FEATURE: Add revoke and reconnect functionality for google logins 2018-07-25 11:03:14 -04:00
			`context 'revoke' do`
			`let(:user) { Fabricate(:user) }`
			`let(:authenticator) { Auth::GoogleOAuth2Authenticator.new }`

			`it 'raises exception if no entry for user' do`
			`expect { authenticator.revoke(user) }.to raise_error(Discourse::NotFound)`
			`end`

			`it 'revokes correctly' do`
			`GoogleUserInfo.create!(user_id: user.id, google_user_id: 12345, email: 'someuser@somedomain.tld')`
			`expect(authenticator.can_revoke?).to eq(true)`
			`expect(authenticator.revoke(user)).to eq(true)`
			`expect(authenticator.description_for_user(user)).to eq("")`
			`end`

			`end`
Add Google Oauth2 authenticator. The current Google OpenID authentication has been deprecated by Google and will NOT work for any new websites. 2014-05-21 18:19:40 -04:00			`end`