Download as
Browse Code »

Commit 2f5befb94aba4ef49520b88680f0610abd317212

Authored by Thiago Ribeiro
1 parent d94d1e99
Exists in master and in 2 other branches cookie-httponly, fix_last_path

Add new tests and coverage 100%

Showing 1 changed file with 31 additions and 22 deletions   Show diff stats
spec/omniauth/strategies/remote_user_spec.rb
  Diff comments   View file @2f5befb
... ... @@ -9,7 +9,7 @@ describe 'Test Strategy Remote_User' do
9 9 end.to_app
10 10 end
11 11  
12   - context 'Without REMOTE_USER and not logged in' do
  12 + context 'Without HTTP_REMOTE_USER and not logged in' do
13 13 before(:each){
14 14 get '/', {}, {}
15 15 }
... ... @@ -17,76 +17,69 @@ describe 'Test Strategy Remote_User' do
17 17 it 'Do nothing' do
18 18 expect(last_response.status).to eq(200)
19 19 expect(last_request.cookies['_remote_user']).to eq(nil)
20   - expect(last_request.cookies['_gitlab_session']).to eq(nil)
21 20 end
22 21 end
23 22  
24   - context 'Without REMOTE_USER and logged in' do
  23 + context 'Without HTTP_REMOTE_USER and logged in' do
25 24 before(:each){
26 25 clear_cookies
27   - set_cookie "_gitlab_session=test"
28 26 set_cookie "_remote_user=test"
29 27 get '/', {}, {}
30 28 }
31 29  
32 30 it 'Logout curreent user' do
33   - cookie_session_str = "_gitlab_session=; max-age=0; expires=Thu, 01 Jan 1970 00:00:00 -0000" <<
34   - "\n_remote_user=; max-age=0; expires=Thu, 01 Jan 1970 00:00:00 -0000"
35   - expect(last_request.cookies['_gitlab_session']).to eq('test')
36 31 expect(last_request.cookies['_remote_user']).to eq('test')
37 32 expect(last_response.status).to eq(302)
38   - expect(last_response['Set-Cookie']).to eq(cookie_session_str)
  33 + expect(last_response['Set-Cookie']).to include("_remote_user=")
  34 + expect(last_response['Set-Cookie']).to include("path=")
39 35 end
40 36 end
41 37  
42   - context 'With REMOTE_USER and not logged in' do
  38 + context 'With HTTP_REMOTE_USER and not logged in' do
43 39 before(:each){
44 40 get '/', {}, { 'HTTP_REMOTE_USER' => 'foobar' }
45 41 }
46 42  
47   - it 'logs REMOTE_USER in' do
  43 + it 'logs HTTP_REMOTE_USER in' do
48 44 expect(last_response.status).to eq(302)
49   - expect(last_response['Set-Cookie']).to eq('_remote_user=foobar')
  45 + expect(last_response['Set-Cookie']).to include('_remote_user=foobar')
  46 + expect(last_response['Set-Cookie']).to include('path=')
50 47 end
51 48 end
52 49  
53   - context 'With REMOTE_USER, logged in and current user equals REMOTE_USER' do
  50 + context 'With HTTP_REMOTE_USER, logged in and current user equals HTTP_REMOTE_USER' do
54 51 before(:each){
55 52 clear_cookies
56   - set_cookie "_gitlab_session=foobar"
57 53 set_cookie "_remote_user=foobar"
58 54 get '/', {}, { 'HTTP_REMOTE_USER' => 'foobar' }
59 55 }
60 56  
61 57 it 'Do nothing' do
62   - expect(last_request.cookies['_gitlab_session']).to eq('foobar')
63 58 expect(last_request.cookies['_remote_user']).to eq('foobar')
64 59 expect(last_response.status).to eq(200)
65 60 expect(last_response['Set-Cookie']).to eq(nil)
66 61 end
67 62 end
68 63  
69   - context 'With REMOTE_USER, logged in and current user not equals REMOTE_USER' do
  64 + context 'With HTTP_REMOTE_USER, logged in and current user not equals HTTP_REMOTE_USER' do
70 65 before(:each){
71 66 clear_cookies
72   - set_cookie "_gitlab_session=foobar"
73 67 set_cookie "_remote_user=foobar"
74 68 get '/', {}, { 'HTTP_REMOTE_USER' => 'foobar2' }
75 69 }
76 70  
77   - it 'Logout current user and login REMOTE_USER and no have _gitlab_session' do
78   - expect(last_request.cookies['_gitlab_session']).to eq('foobar')
  71 + it 'Logout current user and login HTTP_REMOTE_USER' do
79 72 expect(last_request.cookies['_remote_user']).to eq('foobar')
80 73 expect(last_response.status).to eq(302)
81   - expect(last_response['Set-Cookie']).to include('_gitlab_session=')
82 74 end
83 75 end
84 76  
85   - context 'Verify omniauth hash with REMOTE_USER_DATA' do
  77 + context 'Verify omniauth hash with HTTP_REMOTE_USER_DATA' do
86 78 before(:each){
87 79 clear_cookies
  80 + set_cookie "_remote_user=foobar"
88 81 post '/auth/RemoteUser/callback', {}, { 'HTTP_REMOTE_USER' => 'foobar',
89   - 'HTTP_REMOTE_USER_DATA' => JSON.dump({'name' => 'foobar', 'email' => 'foobar@test.com'})}
  82 + 'HTTP_REMOTE_USER_DATA' => JSON.dump({'name' => 'foobar barfoo', 'email' => 'foobar@test.com'})}
90 83 }
91 84  
92 85 it 'Verify uid' do
... ... @@ -96,12 +89,15 @@ describe &#39;Test Strategy Remote_User&#39; do
96 89 it 'Verify info' do
97 90 expect(last_request.env['omniauth.auth']['info']['nickname']).to eq('foobar')
98 91 expect(last_request.env['omniauth.auth']['info']['email']).to eq('foobar@test.com')
  92 + expect(last_request.env['omniauth.auth']['info']['lastname']).to eq('barfoo')
  93 + expect(last_request.env['omniauth.auth']['info']['firstname']).to eq('foobar')
99 94 end
100 95 end
101 96  
102   - context 'Verify omniauth.auth info without REMOTE_USER_DATA' do
  97 + context 'Verify omniauth.auth info without HTTP_REMOTE_USER_DATA' do
103 98 before(:each){
104 99 clear_cookies
  100 + set_cookie "_remote_user=foobar"
105 101 post '/auth/RemoteUser/callback', {}, { 'HTTP_REMOTE_USER' => 'foobar' }
106 102 }
107 103  
... ... @@ -113,4 +109,17 @@ describe &#39;Test Strategy Remote_User&#39; do
113 109 expect(last_request.env['omniauth.auth']['info']).to eq({})
114 110 end
115 111 end
  112 +
  113 + context 'With HTTP_REMOTE_USER and ' do
  114 + before(:each){
  115 + set_cookie "_remote_user=foobar"
  116 + get "auth/RemoteUser", {}, { 'HTTP_REMOTE_USER' => 'foobar' }
  117 + }
  118 +
  119 + it 'redirect for callback' do
  120 + expect(last_response.status).to eq(302)
  121 + expect(last_response.location).to eq("/auth/RemoteUser/callback")
  122 + end
  123 + end
  124 +
116 125 end
... ...