Merge branch 'ce-jej/fix-group-saml-u2f' into 'master'

CE Backport of helpers for U2F and Omniauth

See merge request gitlab-org/gitlab-ce!30326

4 files changed, 29 insertions, 11 deletions

diff --git a/spec/features/oauth_login_spec.rb b/spec/features/oauth_login_spec.rb
index 5ebfc32952d..86331728f88 100644
--- a/spec/features/oauth_login_spec.rb
+++ b/spec/features/oauth_login_spec.rb
@@ -16,16 +16,8 @@ describe 'OAuth Login', :js, :allow_forgery_protection do
   providers = [:github, :twitter, :bitbucket, :gitlab, :google_oauth2,
                :facebook, :cas3, :auth0, :authentiq, :salesforce]
 
-  before(:all) do
-    # The OmniAuth `full_host` parameter doesn't get set correctly (it gets set to something like `http://localhost`
-    # here), and causes integration tests to fail with 404s. We set the `full_host` by removing the request path (and
-    # anything after it) from the request URI.
-    @omniauth_config_full_host = OmniAuth.config.full_host
-    OmniAuth.config.full_host = ->(request) { request['REQUEST_URI'].sub(/#{request['REQUEST_PATH']}.*/, '') }
-  end
-
-  after(:all) do
-    OmniAuth.config.full_host = @omniauth_config_full_host
+  around(:all) do |example|
+    with_omniauth_full_host { example.run }
   end
 
   def login_with_provider(provider, enter_two_factor: false)
diff --git a/spec/support/helpers/devise_helpers.rb b/spec/support/helpers/devise_helpers.rb
index d32bc2424c0..fb2a110422a 100644
--- a/spec/support/helpers/devise_helpers.rb
+++ b/spec/support/helpers/devise_helpers.rb
@@ -21,4 +21,16 @@ module DeviseHelpers
       context.env
     end
   end
+
+  def with_omniauth_full_host(&block)
+    # The OmniAuth `full_host` parameter doesn't get set correctly (it gets set to something like `http://localhost`
+    # here), and causes integration tests to fail with 404s. We set the `full_host` by removing the request path (and
+    # anything after it) from the request URI.
+    omniauth_config_full_host = OmniAuth.config.full_host
+    OmniAuth.config.full_host = ->(request) { ActionDispatch::Request.new(request).base_url }
+
+    yield
+
+    OmniAuth.config.full_host = omniauth_config_full_host
+  end
 end
diff --git a/spec/support/helpers/fake_u2f_device.rb b/spec/support/helpers/fake_u2f_device.rb
index a7605cd483a..22cd8152d77 100644
--- a/spec/support/helpers/fake_u2f_device.rb
+++ b/spec/support/helpers/fake_u2f_device.rb
@@ -32,6 +32,10 @@ class FakeU2fDevice
     ")
   end
 
+  def fake_u2f_authentication
+    @page.execute_script("window.gl.u2fAuthenticate.renderAuthenticated('abc');")
+  end
+
   private
 
   def u2f_device(app_id)
diff --git a/spec/support/helpers/login_helpers.rb b/spec/support/helpers/login_helpers.rb
index 0bb2d2510c2..0cb99b4e087 100644
--- a/spec/support/helpers/login_helpers.rb
+++ b/spec/support/helpers/login_helpers.rb
@@ -87,12 +87,17 @@ module LoginHelpers
     click_link "oauth-login-#{provider}"
   end
 
+  def fake_successful_u2f_authentication
+    allow(U2fRegistration).to receive(:authenticate).and_return(true)
+    FakeU2fDevice.new(page, nil).fake_u2f_authentication
+  end
+
   def mock_auth_hash_with_saml_xml(provider, uid, email, saml_response)
     response_object = { document: saml_xml(saml_response) }
     mock_auth_hash(provider, uid, email, response_object: response_object)
   end
 
-  def mock_auth_hash(provider, uid, email, response_object: nil)
+  def configure_mock_auth(provider, uid, email, response_object: nil)
     # The mock_auth configuration allows you to set per-provider (or default)
     # authentication hashes to return during integration testing.
     OmniAuth.config.mock_auth[provider.to_sym] = OmniAuth::AuthHash.new({
@@ -118,6 +123,11 @@ module LoginHelpers
         response_object: response_object
       }
     })
+  end
+
+  def mock_auth_hash(provider, uid, email, response_object: nil)
+    configure_mock_auth(provider, uid, email, response_object: response_object)
+
     original_env_config_omniauth_auth = Rails.application.env_config['omniauth.auth']
     Rails.application.env_config['omniauth.auth'] = OmniAuth.config.mock_auth[provider.to_sym]