2019-04-29 20:27:42 -04:00
|
|
|
# frozen_string_literal: true
|
|
|
|
|
2015-10-11 05:41:23 -04:00
|
|
|
require 'rails_helper'
|
2014-05-21 18:19:40 -04:00
|
|
|
|
|
|
|
describe Auth::GoogleOAuth2Authenticator do
|
|
|
|
|
2016-11-06 20:48:00 -05:00
|
|
|
it 'does not look up user unless email is verified' do
|
|
|
|
# note, emails that come back from google via omniauth are always valid
|
|
|
|
# this protects against future regressions
|
|
|
|
|
|
|
|
authenticator = Auth::GoogleOAuth2Authenticator.new
|
|
|
|
user = Fabricate(:user)
|
|
|
|
|
|
|
|
hash = {
|
2019-03-07 06:31:04 -05:00
|
|
|
provider: "google_oauth2",
|
2017-07-27 21:20:09 -04:00
|
|
|
uid: "123456789",
|
|
|
|
info: {
|
|
|
|
name: "John Doe",
|
|
|
|
email: user.email
|
2016-11-06 20:48:00 -05:00
|
|
|
},
|
2017-07-27 21:20:09 -04:00
|
|
|
extra: {
|
|
|
|
raw_info: {
|
|
|
|
email: user.email,
|
|
|
|
email_verified: false,
|
|
|
|
name: "John Doe"
|
2016-11-06 20:48:00 -05:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
result = authenticator.after_authenticate(hash)
|
|
|
|
|
|
|
|
expect(result.user).to eq(nil)
|
|
|
|
end
|
|
|
|
|
2014-05-21 18:19:40 -04:00
|
|
|
context 'after_authenticate' do
|
|
|
|
it 'can authenticate and create a user record for already existing users' do
|
2016-11-06 20:48:00 -05:00
|
|
|
authenticator = Auth::GoogleOAuth2Authenticator.new
|
2014-05-21 18:19:40 -04:00
|
|
|
user = Fabricate(:user)
|
|
|
|
|
|
|
|
hash = {
|
2019-03-07 06:31:04 -05:00
|
|
|
provider: "google_oauth2",
|
2017-07-27 21:20:09 -04:00
|
|
|
uid: "123456789",
|
|
|
|
info: {
|
|
|
|
name: "John Doe",
|
|
|
|
email: user.email
|
2014-05-21 18:19:40 -04:00
|
|
|
},
|
2017-07-27 21:20:09 -04:00
|
|
|
extra: {
|
|
|
|
raw_info: {
|
|
|
|
email: user.email,
|
|
|
|
email_verified: true,
|
|
|
|
name: "John Doe"
|
2014-05-21 18:19:40 -04:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
result = authenticator.after_authenticate(hash)
|
|
|
|
|
2015-01-09 11:34:37 -05:00
|
|
|
expect(result.user.id).to eq(user.id)
|
2014-05-21 18:19:40 -04:00
|
|
|
end
|
|
|
|
|
2018-07-25 11:03:14 -04:00
|
|
|
it 'can connect to a different existing user account' do
|
|
|
|
authenticator = Auth::GoogleOAuth2Authenticator.new
|
|
|
|
user1 = Fabricate(:user)
|
|
|
|
user2 = Fabricate(:user)
|
|
|
|
|
2019-03-07 06:31:04 -05:00
|
|
|
UserAssociatedAccount.create!(provider_name: "google_oauth2", user_id: user1.id, provider_uid: 100)
|
2018-07-25 11:03:14 -04:00
|
|
|
|
|
|
|
hash = {
|
2019-03-07 06:31:04 -05:00
|
|
|
provider: "google_oauth2",
|
2018-07-25 11:03:14 -04:00
|
|
|
uid: "100",
|
|
|
|
info: {
|
|
|
|
name: "John Doe",
|
|
|
|
email: user1.email
|
|
|
|
},
|
|
|
|
extra: {
|
|
|
|
raw_info: {
|
|
|
|
email: user1.email,
|
|
|
|
email_verified: true,
|
|
|
|
name: "John Doe"
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
result = authenticator.after_authenticate(hash, existing_account: user2)
|
|
|
|
|
|
|
|
expect(result.user.id).to eq(user2.id)
|
2019-03-07 06:31:04 -05:00
|
|
|
expect(UserAssociatedAccount.exists?(user_id: user1.id)).to eq(false)
|
|
|
|
expect(UserAssociatedAccount.exists?(user_id: user2.id)).to eq(true)
|
2018-07-25 11:03:14 -04:00
|
|
|
end
|
|
|
|
|
2014-05-21 18:19:40 -04:00
|
|
|
it 'can create a proper result for non existing users' do
|
|
|
|
hash = {
|
2019-03-07 06:31:04 -05:00
|
|
|
provider: "google_oauth2",
|
2017-07-27 21:20:09 -04:00
|
|
|
uid: "123456789",
|
|
|
|
info: {
|
2019-03-07 06:31:04 -05:00
|
|
|
first_name: "Jane",
|
|
|
|
last_name: "Doe",
|
2017-07-27 21:20:09 -04:00
|
|
|
name: "Jane Doe",
|
|
|
|
email: "jane.doe@the.google.com"
|
2014-05-21 18:19:40 -04:00
|
|
|
},
|
2017-07-27 21:20:09 -04:00
|
|
|
extra: {
|
|
|
|
raw_info: {
|
|
|
|
email: "jane.doe@the.google.com",
|
|
|
|
email_verified: true,
|
|
|
|
name: "Jane Doe"
|
2014-05-21 18:19:40 -04:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
authenticator = described_class.new
|
|
|
|
result = authenticator.after_authenticate(hash)
|
|
|
|
|
2015-01-09 11:34:37 -05:00
|
|
|
expect(result.user).to eq(nil)
|
2019-03-07 06:31:04 -05:00
|
|
|
expect(result.name).to eq("Jane Doe")
|
2014-05-21 18:19:40 -04:00
|
|
|
end
|
|
|
|
end
|
2018-07-25 11:03:14 -04:00
|
|
|
|
|
|
|
context 'revoke' do
|
2019-05-06 23:12:20 -04:00
|
|
|
fab!(:user) { Fabricate(:user) }
|
2018-07-25 11:03:14 -04:00
|
|
|
let(:authenticator) { Auth::GoogleOAuth2Authenticator.new }
|
|
|
|
|
|
|
|
it 'raises exception if no entry for user' do
|
|
|
|
expect { authenticator.revoke(user) }.to raise_error(Discourse::NotFound)
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'revokes correctly' do
|
2019-03-07 06:31:04 -05:00
|
|
|
UserAssociatedAccount.create!(provider_name: "google_oauth2", user_id: user.id, provider_uid: 12345)
|
2018-07-25 11:03:14 -04:00
|
|
|
expect(authenticator.can_revoke?).to eq(true)
|
|
|
|
expect(authenticator.revoke(user)).to eq(true)
|
|
|
|
expect(authenticator.description_for_user(user)).to eq("")
|
|
|
|
end
|
|
|
|
|
|
|
|
end
|
2014-05-21 18:19:40 -04:00
|
|
|
end
|