mirror of
https://gitlab.com/gitlab-org/gitlab-foss.git
synced 2025-07-25 16:03:48 +00:00
107 lines
3.2 KiB
Ruby
107 lines
3.2 KiB
Ruby
# frozen_string_literal: true
|
|
|
|
require 'spec_helper'
|
|
|
|
RSpec.describe OmniauthCallbacksController, :with_current_organization, :aggregate_failures, feature_category: :system_access do
|
|
include LoginHelpers
|
|
include SessionHelpers
|
|
|
|
let(:user) { create(:user) }
|
|
let(:extern_uid) { generate(:username) }
|
|
|
|
describe 'GET /users/auth/jwt/callback' do
|
|
before do
|
|
mock_auth_hash('jwt', extern_uid, user.email)
|
|
end
|
|
|
|
around do |example|
|
|
with_omniauth_full_host { example.run }
|
|
end
|
|
|
|
context 'when the user is already signed in' do
|
|
before do
|
|
sign_in(user)
|
|
end
|
|
|
|
context 'when the user has a JWT identity' do
|
|
before do
|
|
create(:identity, provider: 'jwt', extern_uid: extern_uid, user: user)
|
|
end
|
|
|
|
it 'redirects to root path' do
|
|
get user_jwt_omniauth_callback_path
|
|
|
|
expect(response).to redirect_to root_path
|
|
end
|
|
end
|
|
|
|
context 'when the user does not have a JWT identity' do
|
|
it 'redirects to identities path to receive user authorization before linking the identity' do
|
|
state = SecureRandom.uuid
|
|
allow(SecureRandom).to receive(:uuid).and_return(state)
|
|
|
|
get user_jwt_omniauth_callback_path
|
|
|
|
expect(response).to redirect_to new_user_settings_identities_path(state: state)
|
|
expect(session['identity_link_state']).to eq(state)
|
|
expect(session['identity_link_extern_uid']).to eq(extern_uid)
|
|
expect(session['identity_link_provider']).to eq('jwt')
|
|
end
|
|
end
|
|
end
|
|
end
|
|
|
|
describe '#atlassian_oauth2' do
|
|
describe 'omniauth with strategies for atlassian_oauth2 when the user and identity already exist' do
|
|
shared_context 'with sign_up' do
|
|
let(:extern_uid) { 'my-uid' }
|
|
let(:user) { create(:atlassian_user, extern_uid: extern_uid) }
|
|
let(:expected_context) do
|
|
{ 'meta.caller_id' => 'OmniauthCallbacksController#atlassian_oauth2',
|
|
'meta.user' => user.username }
|
|
end
|
|
|
|
subject do
|
|
stub_omniauth_setting(block_auto_created_users: false)
|
|
|
|
post '/users/auth/atlassian_oauth2/callback'
|
|
end
|
|
|
|
include_examples 'set_current_context'
|
|
end
|
|
end
|
|
end
|
|
|
|
describe '#saml' do
|
|
let(:last_request_id) { 'ONELOGIN_4fee3b046395c4e751011e97f8900b5273d56685' }
|
|
let(:user) { create(:omniauth_user, :two_factor, extern_uid: 'my-uid', provider: 'saml') }
|
|
let(:mock_saml_response) { File.read('spec/fixtures/authentication/saml_response.xml') }
|
|
let(:saml_config) { mock_saml_config_with_upstream_two_factor_authn_contexts }
|
|
|
|
before do
|
|
stub_omniauth_saml_config(
|
|
enabled: true,
|
|
auto_link_saml_user: true,
|
|
allow_single_sign_on: ['saml'],
|
|
providers: [saml_config]
|
|
)
|
|
mock_auth_hash_with_saml_xml('saml', +'my-uid', user.email, mock_saml_response)
|
|
end
|
|
|
|
describe 'with IdP initiated request' do
|
|
let(:expected_context) do
|
|
{ 'meta.caller_id' => 'OmniauthCallbacksController#saml',
|
|
'meta.user' => user.username }
|
|
end
|
|
|
|
subject do
|
|
sign_in user
|
|
|
|
post '/users/auth/saml'
|
|
end
|
|
|
|
include_examples 'set_current_context'
|
|
end
|
|
end
|
|
end
|