Improve Mattermost Session specs

2 files changed, 50 insertions, 26 deletions

diff --git a/lib/mattermost/session.rb b/lib/mattermost/session.rb
index f4629585da7..7d0290be5a1 100644
--- a/lib/mattermost/session.rb
+++ b/lib/mattermost/session.rb
@@ -17,7 +17,7 @@ module Mattermost
     include Doorkeeper::Helpers::Controller
     include HTTParty
 
-    attr_accessor :current_resource_owner
+    attr_accessor :current_resource_owner, :token
 
     def initialize(uri, current_user)
       # Sets the base uri for HTTParty, so we can use paths
@@ -64,9 +64,9 @@ module Mattermost
       return unless oauth_uri
       return unless token_uri
 
-      self.class.headers("Cookie" => "MMAUTHTOKEN=#{request_token}")
-
-      request_token
+      self.token = request_token
+      self.class.headers("Cookie" => "MMAUTHTOKEN=#{self.token}")
+      self.token
     end
 
     def destroy
@@ -84,16 +84,17 @@ module Mattermost
     end
 
     def token_uri
-      @token_uri ||= if @oauth_uri
-                       authorization.authorize.redirect_uri if pre_auth.authorizable?
-                     end
+      @token_uri ||=
+        if @oauth_uri
+          authorization.authorize.redirect_uri if pre_auth.authorizable?
+        end
     end
 
     def request_token
-      @request_token ||= begin
-                           response = get(@token_uri, follow_redirects: false)
-                           response.headers['token'] if 200 <= response.code && response.code < 400
-                         end
+      response = get(@token_uri, follow_redirects: false)
+      if 200 <= response.code && response.code < 400
+        response.headers['token']
+      end
     end
 
     def get(path, options = {})
diff --git a/spec/lib/mattermost/session_spec.rb b/spec/lib/mattermost/session_spec.rb
index a93bab877da..69d677930bc 100644
--- a/spec/lib/mattermost/session_spec.rb
+++ b/spec/lib/mattermost/session_spec.rb
@@ -1,9 +1,12 @@
 require 'spec_helper'
 
-describe Mattermost::Session do
+describe Mattermost::Session, type: :request do
   let(:user) { create(:user) }
 
-  subject { described_class.new('http://localhost:8065', user) }
+  let(:gitlab_url) { "http://gitlab.com" }
+  let(:mattermost_url) { "http://mattermost.com" }
+
+  subject { described_class.new(mattermost_url, user) }
 
   # Needed for doorkeeper to function
   it { is_expected.to respond_to(:current_resource_owner) }
@@ -14,7 +17,7 @@ describe Mattermost::Session do
   describe '#with session' do
     let(:location) { 'http://location.tld' }
     let!(:stub) do
-      WebMock.stub_request(:get, 'http://localhost:8065/api/v3/oauth/gitlab/login').
+      WebMock.stub_request(:get, "#{mattermost_url}/api/v3/oauth/gitlab/login").
         to_return(headers: { 'location' => location }, status: 307)
     end
 
@@ -26,9 +29,10 @@ describe Mattermost::Session do
 
     context 'with oauth_uri' do
       let!(:doorkeeper) do
-        Doorkeeper::Application.create(name: "GitLab Mattermost",
-                                       redirect_uri: "http://localhost:8065/signup/gitlab/complete\nhttp://localhost:8065/login/gitlab/complete",
-                                       scopes: "")
+        Doorkeeper::Application.create(
+          name: "GitLab Mattermost",
+          redirect_uri: "#{mattermost_url}/signup/gitlab/complete\n#{mattermost_url}/login/gitlab/complete",
+          scopes: "")
       end
 
       context 'without token_uri' do
@@ -40,24 +44,43 @@ describe Mattermost::Session do
       end
 
       context 'with token_uri' do
-        let(:state) { "eyJhY3Rpb24iOiJsb2dpbiIsImhhc2giOiIkMmEkMTAkVC9wYVlEaTdIUS8vcWdKRmdOOUllZUptaUNJWUlvNVNtNEcwU2NBMXFqelNOVmVPZ1cxWUsifQ%3D%3D" }
-        let(:location) { "http://locahost:8065/oauth/authorize?response_type=code&client_id=#{doorkeeper.uid}&redirect_uri=http%3A%2F%2Flocalhost:8065%2Fsignup%2Fgitlab%2Fcomplete&state=#{state}" }
+        let(:state) { "state" }
+        let(:params) do
+          { response_type: "code",
+            client_id: doorkeeper.uid,
+            redirect_uri: "#{mattermost_url}/signup/gitlab/complete",
+            state: state }
+        end
+        let(:location) do
+          "#{gitlab_url}/oauth/authorize?#{URI.encode_www_form(params)}"
+        end
 
         before do
-          WebMock.stub_request(:get, /http:\/\/localhost:8065\/signup\/gitlab\/complete*/).
-            to_return(headers: { 'token' => 'thisworksnow' }, status: 202)
+          WebMock.stub_request(:get, "#{mattermost_url}/signup/gitlab/complete").
+            with(query: hash_including({ 'state' => state })).
+            to_return do |request|
+              post "/oauth/token",
+                client_id: doorkeeper.uid,
+                client_secret: doorkeeper.secret,
+                redirect_uri: params[:redirect_uri],
+                grant_type: 'authorization_code',
+                code: request.uri.query_values['code']
+
+              if response.status == 200
+                { headers: { 'token' => 'thisworksnow' }, status: 202 }
+              end
+            end
+
+          WebMock.stub_request(:post, "#{mattermost_url}/api/v3/users/logout").
+            to_return(headers: { Cookie: 'MMAUTHTOKEN=thisworksnow' }, status: 200)
         end
 
         it 'can setup a session' do
-          expect(subject).to receive(:destroy)
-
           subject.with_session { 1 + 1 }
+          expect(subject.token).not_to be_nil
         end
 
         it 'returns the value of the block' do
-          WebMock.stub_request(:post, "http://localhost:8065/api/v3/users/logout").
-            to_return(headers: { 'token' => 'thisworksnow' }, status: 200)
-
           value = subject.with_session { 1 + 1 }
 
           expect(value).to be(2)