Download as
Browse Code »

Commit 2f5befb94aba4ef49520b88680f0610abd317212

Authored by Thiago Ribeiro
1 parent d94d1e99
Exists in master and in 2 other branches cookie-httponly, fix_last_path

Add new tests and coverage 100%

Showing 1 changed file with 31 additions and 22 deletions   Show diff stats
spec/omniauth/strategies/remote_user_spec.rb
  Diff comments   View file @2f5befb
@@ -9,7 +9,7 @@ describe 'Test Strategy Remote_User' do @@ -9,7 +9,7 @@ describe 'Test Strategy Remote_User' do
9 end.to_app 9 end.to_app
10 end 10 end
11 11
12 - context 'Without REMOTE_USER and not logged in' do 12 + context 'Without HTTP_REMOTE_USER and not logged in' do
13 before(:each){ 13 before(:each){
14 get '/', {}, {} 14 get '/', {}, {}
15 } 15 }
@@ -17,76 +17,69 @@ describe 'Test Strategy Remote_User' do @@ -17,76 +17,69 @@ describe 'Test Strategy Remote_User' do
17 it 'Do nothing' do 17 it 'Do nothing' do
18 expect(last_response.status).to eq(200) 18 expect(last_response.status).to eq(200)
19 expect(last_request.cookies['_remote_user']).to eq(nil) 19 expect(last_request.cookies['_remote_user']).to eq(nil)
20 - expect(last_request.cookies['_gitlab_session']).to eq(nil)  
21 end 20 end
22 end 21 end
23 22
24 - context 'Without REMOTE_USER and logged in' do 23 + context 'Without HTTP_REMOTE_USER and logged in' do
25 before(:each){ 24 before(:each){
26 clear_cookies 25 clear_cookies
27 - set_cookie "_gitlab_session=test"  
28 set_cookie "_remote_user=test" 26 set_cookie "_remote_user=test"
29 get '/', {}, {} 27 get '/', {}, {}
30 } 28 }
31 29
32 it 'Logout curreent user' do 30 it 'Logout curreent user' do
33 - cookie_session_str = "_gitlab_session=; max-age=0; expires=Thu, 01 Jan 1970 00:00:00 -0000" <<  
34 - "\n_remote_user=; max-age=0; expires=Thu, 01 Jan 1970 00:00:00 -0000"  
35 - expect(last_request.cookies['_gitlab_session']).to eq('test')  
36 expect(last_request.cookies['_remote_user']).to eq('test') 31 expect(last_request.cookies['_remote_user']).to eq('test')
37 expect(last_response.status).to eq(302) 32 expect(last_response.status).to eq(302)
38 - expect(last_response['Set-Cookie']).to eq(cookie_session_str) 33 + expect(last_response['Set-Cookie']).to include("_remote_user=")
  34 + expect(last_response['Set-Cookie']).to include("path=")
39 end 35 end
40 end 36 end
41 37
42 - context 'With REMOTE_USER and not logged in' do 38 + context 'With HTTP_REMOTE_USER and not logged in' do
43 before(:each){ 39 before(:each){
44 get '/', {}, { 'HTTP_REMOTE_USER' => 'foobar' } 40 get '/', {}, { 'HTTP_REMOTE_USER' => 'foobar' }
45 } 41 }
46 42
47 - it 'logs REMOTE_USER in' do 43 + it 'logs HTTP_REMOTE_USER in' do
48 expect(last_response.status).to eq(302) 44 expect(last_response.status).to eq(302)
49 - expect(last_response['Set-Cookie']).to eq('_remote_user=foobar') 45 + expect(last_response['Set-Cookie']).to include('_remote_user=foobar')
  46 + expect(last_response['Set-Cookie']).to include('path=')
50 end 47 end
51 end 48 end
52 49
53 - context 'With REMOTE_USER, logged in and current user equals REMOTE_USER' do 50 + context 'With HTTP_REMOTE_USER, logged in and current user equals HTTP_REMOTE_USER' do
54 before(:each){ 51 before(:each){
55 clear_cookies 52 clear_cookies
56 - set_cookie "_gitlab_session=foobar"  
57 set_cookie "_remote_user=foobar" 53 set_cookie "_remote_user=foobar"
58 get '/', {}, { 'HTTP_REMOTE_USER' => 'foobar' } 54 get '/', {}, { 'HTTP_REMOTE_USER' => 'foobar' }
59 } 55 }
60 56
61 it 'Do nothing' do 57 it 'Do nothing' do
62 - expect(last_request.cookies['_gitlab_session']).to eq('foobar')  
63 expect(last_request.cookies['_remote_user']).to eq('foobar') 58 expect(last_request.cookies['_remote_user']).to eq('foobar')
64 expect(last_response.status).to eq(200) 59 expect(last_response.status).to eq(200)
65 expect(last_response['Set-Cookie']).to eq(nil) 60 expect(last_response['Set-Cookie']).to eq(nil)
66 end 61 end
67 end 62 end
68 63
69 - context 'With REMOTE_USER, logged in and current user not equals REMOTE_USER' do 64 + context 'With HTTP_REMOTE_USER, logged in and current user not equals HTTP_REMOTE_USER' do
70 before(:each){ 65 before(:each){
71 clear_cookies 66 clear_cookies
72 - set_cookie "_gitlab_session=foobar"  
73 set_cookie "_remote_user=foobar" 67 set_cookie "_remote_user=foobar"
74 get '/', {}, { 'HTTP_REMOTE_USER' => 'foobar2' } 68 get '/', {}, { 'HTTP_REMOTE_USER' => 'foobar2' }
75 } 69 }
76 70
77 - it 'Logout current user and login REMOTE_USER and no have _gitlab_session' do  
78 - expect(last_request.cookies['_gitlab_session']).to eq('foobar') 71 + it 'Logout current user and login HTTP_REMOTE_USER' do
79 expect(last_request.cookies['_remote_user']).to eq('foobar') 72 expect(last_request.cookies['_remote_user']).to eq('foobar')
80 expect(last_response.status).to eq(302) 73 expect(last_response.status).to eq(302)
81 - expect(last_response['Set-Cookie']).to include('_gitlab_session=')  
82 end 74 end
83 end 75 end
84 76
85 - context 'Verify omniauth hash with REMOTE_USER_DATA' do 77 + context 'Verify omniauth hash with HTTP_REMOTE_USER_DATA' do
86 before(:each){ 78 before(:each){
87 clear_cookies 79 clear_cookies
  80 + set_cookie "_remote_user=foobar"
88 post '/auth/RemoteUser/callback', {}, { 'HTTP_REMOTE_USER' => 'foobar', 81 post '/auth/RemoteUser/callback', {}, { 'HTTP_REMOTE_USER' => 'foobar',
89 - 'HTTP_REMOTE_USER_DATA' => JSON.dump({'name' => 'foobar', 'email' => 'foobar@test.com'})} 82 + 'HTTP_REMOTE_USER_DATA' => JSON.dump({'name' => 'foobar barfoo', 'email' => 'foobar@test.com'})}
90 } 83 }
91 84
92 it 'Verify uid' do 85 it 'Verify uid' do
@@ -96,12 +89,15 @@ describe &#39;Test Strategy Remote_User&#39; do @@ -96,12 +89,15 @@ describe &#39;Test Strategy Remote_User&#39; do
96 it 'Verify info' do 89 it 'Verify info' do
97 expect(last_request.env['omniauth.auth']['info']['nickname']).to eq('foobar') 90 expect(last_request.env['omniauth.auth']['info']['nickname']).to eq('foobar')
98 expect(last_request.env['omniauth.auth']['info']['email']).to eq('foobar@test.com') 91 expect(last_request.env['omniauth.auth']['info']['email']).to eq('foobar@test.com')
  92 + expect(last_request.env['omniauth.auth']['info']['lastname']).to eq('barfoo')
  93 + expect(last_request.env['omniauth.auth']['info']['firstname']).to eq('foobar')
99 end 94 end
100 end 95 end
101 96
102 - context 'Verify omniauth.auth info without REMOTE_USER_DATA' do 97 + context 'Verify omniauth.auth info without HTTP_REMOTE_USER_DATA' do
103 before(:each){ 98 before(:each){
104 clear_cookies 99 clear_cookies
  100 + set_cookie "_remote_user=foobar"
105 post '/auth/RemoteUser/callback', {}, { 'HTTP_REMOTE_USER' => 'foobar' } 101 post '/auth/RemoteUser/callback', {}, { 'HTTP_REMOTE_USER' => 'foobar' }
106 } 102 }
107 103
@@ -113,4 +109,17 @@ describe &#39;Test Strategy Remote_User&#39; do @@ -113,4 +109,17 @@ describe &#39;Test Strategy Remote_User&#39; do
113 expect(last_request.env['omniauth.auth']['info']).to eq({}) 109 expect(last_request.env['omniauth.auth']['info']).to eq({})
114 end 110 end
115 end 111 end
  112 +
  113 + context 'With HTTP_REMOTE_USER and ' do
  114 + before(:each){
  115 + set_cookie "_remote_user=foobar"
  116 + get "auth/RemoteUser", {}, { 'HTTP_REMOTE_USER' => 'foobar' }
  117 + }
  118 +
  119 + it 'redirect for callback' do
  120 + expect(last_response.status).to eq(302)
  121 + expect(last_response.location).to eq("/auth/RemoteUser/callback")
  122 + end
  123 + end
  124 +
116 end 125 end