Discource-C
/
discourse
mirror of https://github.com/discourse/discourse.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

DEV: Add test to ensure :after_auth event is triggered (#8400) 

Follow-up to ee8669d778.
This commit is contained in:
Dan Ungureanu 2019-11-25 14:31:57 +02:00 committed by GitHub
parent 60ccfcaa6c
commit ae9e881333
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 92 additions and 90 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

90
spec/requests/associate_accounts_controller_spec.rb Normal file
View File

@ -0,0 +1,90 @@
# frozen_string_literal: true
require 'rails_helper'
RSpec.describe Users::AssociateAccountsController do
fab!(:user) { Fabricate(:user) }
fab!(:user2) { Fabricate(:user) }
before do
OmniAuth.config.test_mode = true
end
after do
Rails.application.env_config["omniauth.auth"] = OmniAuth.config.mock_auth[:google_oauth2] = nil
OmniAuth.config.test_mode = false
end
context 'when attempting reconnect' do
before do
SiteSetting.enable_google_oauth2_logins = true
OmniAuth.config.mock_auth[:google_oauth2] = OmniAuth::AuthHash.new(
provider: 'google_oauth2',
uid: '12345',
info: {
email: 'someemail@test.com',
},
extra: {
raw_info: {
email_verified: true,
}
},
)
Rails.application.env_config["omniauth.auth"] = OmniAuth.config.mock_auth[:google_oauth2]
end
it 'should work correctly' do
sign_in(user)
# Reconnect flow:
post "/auth/google_oauth2?reconnect=true"
expect(response.status).to eq(302)
expect(session[:auth_reconnect]).to eq(true)
OmniAuth.config.mock_auth[:google_oauth2].uid = "123456"
get "/auth/google_oauth2/callback.json"
expect(response.status).to eq(302)
expect(session[:current_user_id]).to eq(user.id) # Still logged in
expect(UserAssociatedAccount.count).to eq(0) # Reconnect has not yet happened
# Request associate info
uri = URI.parse(response.redirect_url)
get "#{uri.path}.json"
data = JSON.parse(response.body)
expect(data["provider_name"]).to eq("google_oauth2")
expect(data["account_description"]).to eq("someemail@test.com")
# Request as different user, should not work
sign_in(user2)
get "#{uri.path}.json"
expect(response.status).to eq(404)
# Back to first user
sign_in(user)
get "#{uri.path}.json"
data = JSON.parse(response.body)
expect(data["provider_name"]).to eq("google_oauth2")
# Make the connection
events = DiscourseEvent.track_events { post "#{uri.path}.json" }
expect(events.any? { |e| e[:event_name] === :after_auth && Auth::GoogleOAuth2Authenticator === e[:params][0] && !e[:params][1].failed? }).to eq(true)
expect(response.status).to eq(200)
expect(UserAssociatedAccount.count).to eq(1)
# Token cannot be reused
get "#{uri.path}.json"
expect(response.status).to eq(404)
end
it "returns the correct response for non-existant tokens" do
get "/associate/12345678901234567890123456789012.json"
expect(response.status).to eq(404)
get "/associate/shorttoken.json"
expect(response.status).to eq(404)
end
end
end

89
spec/requests/associate_accounts_spec.rb
View File

@ -1,89 +0,0 @@
# frozen_string_literal: true
require 'rails_helper'
RSpec.describe Users::AssociateAccountsController do
fab!(:user) { Fabricate(:user) }
fab!(:user2) { Fabricate(:user) }
before do
OmniAuth.config.test_mode = true
end
after do
Rails.application.env_config["omniauth.auth"] = OmniAuth.config.mock_auth[:google_oauth2] = nil
OmniAuth.config.test_mode = false
end
context 'when attempting reconnect' do
before do
SiteSetting.enable_google_oauth2_logins = true
OmniAuth.config.mock_auth[:google_oauth2] = OmniAuth::AuthHash.new(
provider: 'google_oauth2',
uid: '12345',
info: {
email: 'someemail@test.com',
},
extra: {
raw_info: {
email_verified: true,
}
},
)
Rails.application.env_config["omniauth.auth"] = OmniAuth.config.mock_auth[:google_oauth2]
end
it 'should work correctly' do
sign_in(user)
# Reconnect flow:
post "/auth/google_oauth2?reconnect=true"
expect(response.status).to eq(302)
expect(session[:auth_reconnect]).to eq(true)
OmniAuth.config.mock_auth[:google_oauth2].uid = "123456"
get "/auth/google_oauth2/callback.json"
expect(response.status).to eq(302)
expect(session[:current_user_id]).to eq(user.id) # Still logged in
expect(UserAssociatedAccount.count).to eq(0) # Reconnect has not yet happened
# Request associate info
uri = URI.parse(response.redirect_url)
get "#{uri.path}.json"
data = JSON.parse(response.body)
expect(data["provider_name"]).to eq("google_oauth2")
expect(data["account_description"]).to eq("someemail@test.com")
# Request as different user, should not work
sign_in(user2)
get "#{uri.path}.json"
expect(response.status).to eq(404)
# Back to first user
sign_in(user)
get "#{uri.path}.json"
data = JSON.parse(response.body)
expect(data["provider_name"]).to eq("google_oauth2")
# Make the connection
post "#{uri.path}.json"
expect(response.status).to eq(200)
expect(UserAssociatedAccount.count).to eq(1)
# Token cannot be reused
get "#{uri.path}.json"
expect(response.status).to eq(404)
end
it "returns the correct response for non-existant tokens" do
get "/associate/12345678901234567890123456789012.json"
expect(response.status).to eq(404)
get "/associate/shorttoken.json"
expect(response.status).to eq(404)
end
end
end

3
spec/requests/omniauth_callbacks_controller_spec.rb
View File

@ -195,7 +195,8 @@ RSpec.describe Users::OmniauthCallbacksController do
destination_url = '/somepath'
Rails.application.env_config["omniauth.origin"] = destination_url
get "/auth/google_oauth2/callback.json"
events = DiscourseEvent.track_events { get "/auth/google_oauth2/callback.json" }
expect(events.any? { |e| e[:event_name] === :after_auth && Auth::GoogleOAuth2Authenticator === e[:params][0] && !e[:params][1].failed? }).to eq(true)
expect(response.status).to eq(302)