Compare View
Commits (4)
-
Signed-off-by: Gabriel Silva <gabriel93.silva@gmail.com> Signed-off-by: Marcos Ronaldo <marcos.rpj2@gmail.com>
-
Signed-off-by: Gabriel Silva <gabriel93.silva@gmail.com> Signed-off-by: Sabryna Sousa <sabryna.sousa1323@gmail.com>
-
Signed-off-by: Gabriel Silva <gabriel93.silva@gmail.com>
-
Signed-off-by: Gabriel Silva <gabriel93.silva@gmail.com>
Showing
6 changed files
Show diff stats
plugins/oauth_client/controllers/public/oauth_client_plugin_public_controller.rb
| ... | ... | @@ -4,13 +4,13 @@ class OauthClientPluginPublicController < PublicController |
| 4 | 4 | |
| 5 | 5 | def callback |
| 6 | 6 | auth = request.env["omniauth.auth"] |
| 7 | - auth_user = environment.users.where(email: auth.info.email).first | |
| 8 | 7 | |
| 9 | 8 | oauth_params = request.env["omniauth.params"] |
| 10 | 9 | if oauth_params && oauth_params["action"] == "external_login" |
| 11 | - login(auth) | |
| 10 | + external_person_login(auth) | |
| 12 | 11 | else |
| 13 | - signup(auth) | |
| 12 | + auth_user = environment.users.where(email: auth.info.email).first | |
| 13 | + if auth_user then login(auth_user.person) else signup(auth) end | |
| 14 | 14 | end |
| 15 | 15 | end |
| 16 | 16 | |
| ... | ... | @@ -26,7 +26,7 @@ class OauthClientPluginPublicController < PublicController |
| 26 | 26 | |
| 27 | 27 | protected |
| 28 | 28 | |
| 29 | - def login auth | |
| 29 | + def external_person_login(auth) | |
| 30 | 30 | provider = OauthClientPlugin::Provider.find(session[:provider_id]) |
| 31 | 31 | |
| 32 | 32 | if provider.enabled? |
| ... | ... | @@ -40,12 +40,13 @@ class OauthClientPluginPublicController < PublicController |
| 40 | 40 | person = ExternalPerson.get_or_create(webfinger) |
| 41 | 41 | user.external_person_id = person.id |
| 42 | 42 | |
| 43 | - if person.oauth_auth.nil? | |
| 43 | + oauth_auth = person.oauth_auth | |
| 44 | + if oauth_auth.nil? | |
| 44 | 45 | auth_data = { external_person: person, provider: provider, enabled: true, |
| 45 | 46 | external_person_uid: auth.uid, external_person_image_url: auth.info.image } |
| 46 | - OauthClientPlugin::Auth.create_for_strategy(provider.strategy, auth_data) | |
| 47 | + oauth_auth = OauthClientPlugin::Auth.create_for_strategy(provider.strategy, auth_data) | |
| 47 | 48 | end |
| 48 | - self.current_user = user | |
| 49 | + self.current_user = user if oauth_auth.enabled? | |
| 49 | 50 | else |
| 50 | 51 | session[:notice] = _("Can't login with %s") % provider.name |
| 51 | 52 | end |
| ... | ... | @@ -61,4 +62,17 @@ class OauthClientPluginPublicController < PublicController |
| 61 | 62 | redirect_to :controller => :account, :action => :signup, :user => {:login => login, :email => auth.info.email}, :profile_data => {:name => name} |
| 62 | 63 | end |
| 63 | 64 | |
| 65 | + def login person | |
| 66 | + provider = OauthClientPlugin::Provider.find(session[:provider_id]) | |
| 67 | + auth = person.oauth_auths.where(provider_id: provider.id).first | |
| 68 | + auth ||= person.oauth_auths.create! profile: person, provider: provider, enabled: true | |
| 69 | + if auth.enabled? && provider.enabled? | |
| 70 | + self.current_user = person.user | |
| 71 | + else | |
| 72 | + session[:notice] = _("Can't login with %s") % provider.name | |
| 73 | + end | |
| 74 | + | |
| 75 | + redirect_to :controller => :account, :action => :login | |
| 76 | + end | |
| 77 | + | |
| 64 | 78 | end | ... | ... |
plugins/oauth_client/models/oauth_client_plugin/auth.rb
| ... | ... | @@ -38,7 +38,7 @@ class OauthClientPlugin::Auth < ApplicationRecord |
| 38 | 38 | |
| 39 | 39 | def must_be_related_to_profile |
| 40 | 40 | if self.profile.nil? && self.external_person.nil? |
| 41 | - self.errors.add(:base, "Must ") | |
| 41 | + self.errors.add(:base, "Must be related to a profile or an external person") | |
| 42 | 42 | end |
| 43 | 43 | end |
| 44 | 44 | |
| ... | ... | @@ -50,9 +50,16 @@ class OauthClientPlugin::Auth < ApplicationRecord |
| 50 | 50 | :icon => "18" |
| 51 | 51 | } |
| 52 | 52 | |
| 53 | - # Should be implemented by the Provider specific Auth classes | |
| 53 | + # The following methods should be implemented by | |
| 54 | + # the Provider specific Auth classes | |
| 54 | 55 | def image_url(size = nil) |
| 55 | 56 | nil |
| 56 | 57 | end |
| 58 | + def profile_url | |
| 59 | + nil | |
| 60 | + end | |
| 61 | + def settings_url | |
| 62 | + nil | |
| 63 | + end | |
| 57 | 64 | |
| 58 | 65 | end | ... | ... |
plugins/oauth_client/models/oauth_client_plugin/noosfero_oauth2_auth.rb
plugins/oauth_client/test/functional/oauth_client_plugin_public_controller_test.rb
| ... | ... | @@ -5,76 +5,70 @@ class OauthClientPluginPublicControllerTest < ActionController::TestCase |
| 5 | 5 | def setup |
| 6 | 6 | @auth = mock |
| 7 | 7 | @auth.stubs(:info).returns(mock) |
| 8 | + @auth.info.stubs(:email).returns("user@email.com") | |
| 9 | + @auth.info.stubs(:name).returns("User") | |
| 10 | + @auth.info.stubs(:nickname).returns("user") | |
| 11 | + @auth.info.stubs(:image).returns("url.to.image.com") | |
| 12 | + @auth.stubs(:provider).returns("testprovider") | |
| 13 | + @auth.stubs(:uid).returns("jh12j3h12kjh312") | |
| 14 | + | |
| 8 | 15 | request.env["omniauth.auth"] = @auth |
| 9 | 16 | @environment = Environment.default |
| 10 | - @provider = OauthClientPlugin::Provider.create!(:name => 'provider', :strategy => 'provider', :enabled => true) | |
| 17 | + @provider = OauthClientPlugin::Provider.create!(:name => 'provider', :strategy => 'github', :enabled => true) | |
| 18 | + | |
| 19 | + session[:provider_id] = provider.id | |
| 11 | 20 | end |
| 12 | 21 | attr_reader :auth, :environment, :provider |
| 13 | 22 | |
| 14 | 23 | should 'redirect to signup when user is not found' do |
| 15 | - auth.info.stubs(:email).returns("xyz123@noosfero.org") | |
| 16 | - auth.info.stubs(:name).returns('xyz123') | |
| 17 | - session[:provider_id] = provider.id | |
| 18 | - | |
| 19 | 24 | get :callback |
| 20 | 25 | assert_match /.*\/account\/signup/, @response.redirect_url |
| 21 | 26 | end |
| 22 | 27 | |
| 23 | - should 'redirect to login when user is found' do | |
| 24 | - user = create_user | |
| 25 | - auth.info.stubs(:email).returns(user.email) | |
| 26 | - auth.info.stubs(:name).returns(user.name) | |
| 27 | - session[:provider_id] = provider.id | |
| 28 | + should 'login using provider when url param is present' do | |
| 29 | + request.env["omniauth.params"] = {"action" => "external_login"} | |
| 28 | 30 | |
| 29 | 31 | get :callback |
| 30 | 32 | assert_redirected_to :controller => :account, :action => :login |
| 31 | - assert_equal user.id, session[:user] | |
| 33 | + assert session[:external].present? | |
| 32 | 34 | end |
| 33 | 35 | |
| 34 | - should 'do not login when the provider is disabled' do | |
| 35 | - user = create_user | |
| 36 | - auth.info.stubs(:email).returns(user.email) | |
| 37 | - auth.info.stubs(:name).returns(user.name) | |
| 38 | - session[:provider_id] = provider.id | |
| 36 | + should 'not login when the provider is disabled' do | |
| 37 | + request.env["omniauth.params"] = {"action" => "external_login"} | |
| 39 | 38 | provider.update_attribute(:enabled, false) |
| 40 | 39 | |
| 41 | 40 | get :callback |
| 42 | 41 | assert_redirected_to :controller => :account, :action => :login |
| 43 | - assert_equal nil, session[:user] | |
| 42 | + assert session[:external].nil? | |
| 44 | 43 | end |
| 45 | 44 | |
| 46 | - should 'do not login when the provider is disabled for a user' do | |
| 47 | - user = create_user | |
| 48 | - auth.info.stubs(:email).returns(user.email) | |
| 49 | - auth.info.stubs(:name).returns(user.name) | |
| 50 | - session[:provider_id] = provider.id | |
| 51 | - user.person.oauth_auths.create!(profile: user.person, provider: provider, enabled: false) | |
| 45 | + should 'not login when the provider is disabled for a user' do | |
| 46 | + request.env["omniauth.params"] = {"action" => "external_login"} | |
| 47 | + OauthClientPlugin::GithubAuth.any_instance.stubs(:enabled?).returns(false) | |
| 52 | 48 | |
| 53 | 49 | get :callback |
| 54 | 50 | assert_redirected_to :controller => :account, :action => :login |
| 55 | - assert_equal nil, session[:user] | |
| 51 | + assert session[:external].nil? | |
| 56 | 52 | end |
| 57 | 53 | |
| 58 | - should 'save provider when an user login with it' do | |
| 59 | - user = create_user | |
| 60 | - auth.info.stubs(:email).returns(user.email) | |
| 61 | - auth.info.stubs(:name).returns(user.name) | |
| 62 | - session[:provider_id] = provider.id | |
| 63 | - | |
| 64 | - get :callback | |
| 65 | - assert_equal [provider], user.oauth_providers | |
| 66 | - end | |
| 67 | - | |
| 68 | - should 'do not duplicate relations between an user and a provider when the same provider was used again in a login' do | |
| 69 | - user = create_user | |
| 70 | - auth.info.stubs(:email).returns(user.email) | |
| 71 | - auth.info.stubs(:name).returns(user.name) | |
| 72 | - session[:provider_id] = provider.id | |
| 54 | + should 'save provider when an external person logs in with it' do | |
| 55 | + request.env["omniauth.params"] = {"action" => "external_login"} | |
| 73 | 56 | |
| 74 | 57 | get :callback |
| 75 | - assert_no_difference 'user.oauth_auths.count' do | |
| 76 | - 3.times { get :callback } | |
| 77 | - end | |
| 58 | + external_person = ExternalPerson.find_by(identifier: auth.info.nickname) | |
| 59 | + assert_equal provider, external_person.oauth_auth.provider | |
| 78 | 60 | end |
| 79 | 61 | |
| 62 | +# should 'do not duplicate relations between an user and a provider when the same provider was used again in a login' do | |
| 63 | +# user = create_user | |
| 64 | +# auth.info.stubs(:email).returns(user.email) | |
| 65 | +# auth.info.stubs(:name).returns(user.name) | |
| 66 | +# session[:provider_id] = provider.id | |
| 67 | +# | |
| 68 | +# get :callback | |
| 69 | +# assert_no_difference 'user.oauth_auths.count' do | |
| 70 | +# 3.times { get :callback } | |
| 71 | +# end | |
| 72 | +# end | |
| 73 | +# | |
| 80 | 74 | end | ... | ... |
| ... | ... | @@ -0,0 +1,60 @@ |
| 1 | +require 'test_helper' | |
| 2 | + | |
| 3 | +class AuthTest < ActiveSupport::TestCase | |
| 4 | + | |
| 5 | + def setup | |
| 6 | + @person = fast_create(Person) | |
| 7 | + @provider = fast_create(OauthClientPlugin::Provider, name: "GitHub") | |
| 8 | + @external_person = fast_create(ExternalPerson, name: "testuser", email: "test@email.com", | |
| 9 | + identifier: "testuser") | |
| 10 | + | |
| 11 | + OauthClientPlugin::Auth.any_instance.stubs(:external_person_image_url).returns("http://some.host/image") | |
| 12 | + OauthClientPlugin::Auth.any_instance.stubs(:external_person_uid).returns("j4b25cj234hb5n235") | |
| 13 | + OauthClientPlugin::Provider.any_instance.stubs(:client_options).returns({site: "http://host.com"}) | |
| 14 | + end | |
| 15 | + | |
| 16 | + should "not create an auth without a related profile or external person" do | |
| 17 | + auth = OauthClientPlugin::Auth.new(provider: @provider) | |
| 18 | + assert_not auth.valid? | |
| 19 | + end | |
| 20 | + | |
| 21 | + should "create an auth with an external person" do | |
| 22 | + auth = OauthClientPlugin::Auth.create!(external_person: @external_person, | |
| 23 | + provider: @provider) | |
| 24 | + assert auth.id.present? | |
| 25 | + end | |
| 26 | + | |
| 27 | + should "create an auth with a profile" do | |
| 28 | + auth = OauthClientPlugin::Auth.create!(profile: @person, provider: @provider) | |
| 29 | + assert auth.id.present? | |
| 30 | + end | |
| 31 | + | |
| 32 | + should "create an auth for a custom provider" do | |
| 33 | + auth = OauthClientPlugin::Auth.create_for_strategy("github", provider: @provider, | |
| 34 | + profile: @person) | |
| 35 | + assert auth.id.present? | |
| 36 | + assert auth.is_a? OauthClientPlugin::GithubAuth | |
| 37 | + end | |
| 38 | + | |
| 39 | + STRATEGIES = %w[facebook github google_oauth2 noosfero_oauth2 twitter] | |
| 40 | + STRATEGIES.each do |strategy| | |
| 41 | + should "override the external person's image url for #{strategy} strategy" do | |
| 42 | + auth = OauthClientPlugin::Auth.create_for_strategy(strategy, provider: @provider, | |
| 43 | + external_person: @external_person) | |
| 44 | + assert_not auth.image_url.nil? | |
| 45 | + end | |
| 46 | + | |
| 47 | + should "override the external person's profile url for #{strategy} strategy" do | |
| 48 | + auth = OauthClientPlugin::Auth.create_for_strategy(strategy, provider: @provider, | |
| 49 | + external_person: @external_person) | |
| 50 | + assert_not auth.profile_url.nil? | |
| 51 | + end | |
| 52 | + | |
| 53 | + should "override the external person's profile settings url for #{strategy} strategy" do | |
| 54 | + auth = OauthClientPlugin::Auth.create_for_strategy(strategy, provider: @provider, | |
| 55 | + external_person: @external_person) | |
| 56 | + assert_not auth.settings_url.nil? | |
| 57 | + end | |
| 58 | + end | |
| 59 | + | |
| 60 | +end | ... | ... |
plugins/oauth_client/views/oauth_client_plugin_admin/edit.html.erb
| ... | ... | @@ -28,7 +28,7 @@ |
| 28 | 28 | </div> |
| 29 | 29 | |
| 30 | 30 | <%= f.fields_for :client_options, OpenStruct.new(@provider.options[:client_options]) do |c| %> |
| 31 | - <div class="client-url <%= "required-field" if @provider.strategy == "noosfero_oauth2" %>"> | |
| 31 | + <div class="client-url <%= "required-field" if @provider.strategy == "noosfero_oauth2" %>" title="<%= _("The service URL. If this value is informed, it will be used to identify the users, replacing the provider name") %>"> | |
| 32 | 32 | <%= labelled_form_field _('Client Url'), c.text_field(:site) %> |
| 33 | 33 | </div> |
| 34 | 34 | <% end %> | ... | ... |