remote_user_spec.rb 3.42 KB
Edit Raw Blame History



1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

41

42

43

44

45

46

47

48

49

50

51

52

53

54

55

56

57

58

59

60

61

62

63

64

65

66

67

68

69

70

71

72

73

74

75

76

77

78

79

80

81

82

83

84

85

86

87

88

89

90

91

92

93

94

95

96

97

98

99

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116


require 'spec_helper'

describe 'Test Strategy Remote_User' do
	let(:app) do
		Rack::Builder.new do |b|
			b.use Rack::Session::Cookie, :secret => 'abc123'
			b.use OmniAuth::Strategies::RemoteUser
			b.run  lambda { |_env| [200, {}, ['My body']] }
		end.to_app
	end

	context 'Without REMOTE_USER and not logged in' do
		before(:each){
			get '/', {}, {}
		}

		it 'Do nothing' do
			expect(last_response.status).to eq(200)
			expect(last_request.cookies['_remote_user']).to eq(nil)
			expect(last_request.cookies['_gitlab_session']).to eq(nil)
		end
	end

	context 'Without REMOTE_USER and logged in' do
		before(:each){
			clear_cookies
			set_cookie "_gitlab_session=test"
			set_cookie "_remote_user=test"
			get '/', {}, {}
		}

		it 'Logout curreent user' do
			cookie_session_str = "_gitlab_session=; max-age=0; expires=Thu, 01 Jan 1970 00:00:00 -0000" <<
				"\n_remote_user=; max-age=0; expires=Thu, 01 Jan 1970 00:00:00 -0000"
			expect(last_request.cookies['_gitlab_session']).to eq('test')
			expect(last_request.cookies['_remote_user']).to eq('test')
			expect(last_response.status).to eq(302)
			expect(last_response['Set-Cookie']).to eq(cookie_session_str)
		end
	end

	context 'With REMOTE_USER and not logged in' do
		before(:each){
			get '/', {}, { 'HTTP_REMOTE_USER' => 'foobar' }
		}

		it 'logs REMOTE_USER in' do
			expect(last_response.status).to eq(302)
			expect(last_response['Set-Cookie']).to eq('_remote_user=foobar')
		end
	end

	context 'With REMOTE_USER, logged in and current user equals REMOTE_USER' do
		before(:each){
			clear_cookies
			set_cookie "_gitlab_session=foobar"
			set_cookie "_remote_user=foobar"
			get '/', {}, { 'HTTP_REMOTE_USER' => 'foobar' }
		}

		it 'Do nothing' do
			expect(last_request.cookies['_gitlab_session']).to eq('foobar')
			expect(last_request.cookies['_remote_user']).to eq('foobar')
			expect(last_response.status).to eq(200)
			expect(last_response['Set-Cookie']).to eq(nil)
		end
	end

	context 'With REMOTE_USER, logged in and current user not equals REMOTE_USER' do
		before(:each){
			clear_cookies
			set_cookie "_gitlab_session=foobar"
			set_cookie "_remote_user=foobar"
			get '/', {}, { 'HTTP_REMOTE_USER' => 'foobar2' }
		}

		it 'Logout current user and login REMOTE_USER and no have _gitlab_session' do
			expect(last_request.cookies['_gitlab_session']).to eq('foobar')
			expect(last_request.cookies['_remote_user']).to eq('foobar')
			expect(last_response.status).to eq(302)
			expect(last_response['Set-Cookie']).to include('_gitlab_session=')
		end
	end

	context 'Verify omniauth hash with REMOTE_USER_DATA' do
		before(:each){
			clear_cookies
			post '/auth/remoteuser/callback', {}, { 'HTTP_REMOTE_USER' => 'foobar',
																							'HTTP_REMOTE_USER_DATA' => JSON.dump({'name' => 'foobar', 'email' => 'foobar@test.com'})}
		}

		it 'Verify uid' do
			expect(last_request.env['omniauth.auth']['uid']).to eq('foobar')
		end

		it 'Verify info' do
			expect(last_request.env['omniauth.auth']['info']['nickname']).to eq('foobar')
			expect(last_request.env['omniauth.auth']['info']['email']).to eq('foobar@test.com')
		end
	end

	context 'Verify omniauth.auth info without REMOTE_USER_DATA' do
		before(:each){
			clear_cookies
			post '/auth/remoteuser/callback', {}, { 'HTTP_REMOTE_USER' => 'foobar' }
		}

		it 'Verify uid' do
			expect(last_request.env['omniauth.auth']['uid']).to eq('foobar')
		end

		it 'Verify info' do
			expect(last_request.env['omniauth.auth']['info']).to eq({})
		end
	end
end