diff options
author | James Edwards-Jones <jedwardsjones@gitlab.com> | 2018-02-17 18:50:38 +0000 |
---|---|---|
committer | James Edwards-Jones <jedwardsjones@gitlab.com> | 2018-02-17 21:02:29 +0000 |
commit | 1a0b733105c85578d3dfa7fd3950ab4e6164ed29 (patch) | |
tree | 999fdf572ecd2ac412a8785ea07ba22a9ca9cac3 | |
parent | 2dcf1c10dd6a9f7f852a079f92688aaa75301e30 (diff) | |
download | gitlab-ce-jej/refactor-omniauth-controller.tar.gz |
WIP: Adding LDAP login feature specsjej/refactor-omniauth-controller
-rw-r--r-- | config/routes/user.rb | 4 | ||||
-rw-r--r-- | spec/features/oauth_login_spec.rb | 64 | ||||
-rw-r--r-- | spec/support/login_helpers.rb | 12 |
3 files changed, 70 insertions, 10 deletions
diff --git a/config/routes/user.rb b/config/routes/user.rb index 4b51b46abf4..0efdbedaa21 100644 --- a/config/routes/user.rb +++ b/config/routes/user.rb @@ -1,16 +1,18 @@ require 'constraints/user_url_constrainer' # Use custom controller for LDAP omniauth callback +# This is usually set from `ActionDispatch::Routing::Mapper#devise_omniauth_callback` if Gitlab::LDAP::Config.enabled? devise_scope :user do Gitlab::LDAP::Config.available_servers.each do |server| provider = server['provider_name'] + #path_prefix = Devise.omniauth_path_prefix || "/#{mapping.fullpath}/auth".squeeze("/") path_prefix = '/users/auth' controller = 'ldap/omniauth_callbacks' match "#{path_prefix}/#{provider}/callback", to: "#{controller}##{provider}", - as: "#{provider}_omniauth_callback", + #as: "#{provider}_omniauth_callback", via: [:get, :post] end end diff --git a/spec/features/oauth_login_spec.rb b/spec/features/oauth_login_spec.rb index 013cdaa6479..4b8d15ec8dc 100644 --- a/spec/features/oauth_login_spec.rb +++ b/spec/features/oauth_login_spec.rb @@ -13,9 +13,6 @@ feature 'OAuth Login', :js, :allow_forgery_protection do stub_omniauth_provider(provider) end - providers = [:github, :twitter, :bitbucket, :gitlab, :google_oauth2, - :facebook, :cas3, :auth0, :authentiq] - before(:all) do # The OmniAuth `full_host` parameter doesn't get set correctly (it gets set to something like `http://localhost` # here), and causes integration tests to fail with 404s. We set the `full_host` by removing the request path (and @@ -29,20 +26,21 @@ feature 'OAuth Login', :js, :allow_forgery_protection do end def login_with_provider(provider, enter_two_factor: false) - login_via(provider.to_s, user, uid, remember_me: remember_me) + if provider.to_s.starts_with?('ldap') + gitlab_ldap_sign_with(user, remember: remember_me) + else + login_via(provider.to_s, user, uid, remember_me: remember_me) + end + enter_code(user.current_otp) if enter_two_factor end - providers.each do |provider| - context "when the user logs in using the #{provider} provider" do + shared_context 'login_context' do let(:uid) { 'my-uid' } let(:remember_me) { false } let(:user) { create(:omniauth_user, extern_uid: uid, provider: provider.to_s) } let(:two_factor_user) { create(:omniauth_user, :two_factor, extern_uid: uid, provider: provider.to_s) } - before do - stub_omniauth_config(provider) - end context 'when two-factor authentication is disabled' do it 'logs the user in' do @@ -116,5 +114,53 @@ feature 'OAuth Login', :js, :allow_forgery_protection do end end end + + providers = [:github, :twitter, :bitbucket, :gitlab, :google_oauth2, + :facebook, :cas3, :auth0, :authentiq] + providers.each do |provider| + context "when the user logs in using the #{provider} provider" do + let(:provider) { provider } + + before do + stub_omniauth_config(provider) + end + + include_context 'login_context' + end + end + + context 'via ldap' do + before do + providers = Gitlab::OAuth::Provider.providers << :ldapmain + allow(Gitlab::OAuth::Provider).to receive(:providers).and_return(providers) + allow(User).to receive(:omniauth_providers).and_return(providers) + end + + #TODO: deduplicate with controller spec + let(:provider) { 'ldapmain' } + let(:valid_login?) { true } + let(:ldap_server_config) do + { main: ldap_config_defaults(:main) } + end + def ldap_config_defaults(key, hash = {}) + { + provider_name: "ldap#{key}", + attributes: {}, + encryption: 'plain' + }.merge(hash) + end + #TODO: De-duplicate this with controller spec + before do + stub_ldap_setting(enabled: true, servers: ldap_server_config) + Ldap::OmniauthCallbacksController.define_providers! + Rails.application.reload_routes! + + mock_auth_hash(provider.to_s, uid, user.email) + stub_omniauth_provider(provider) + + allow(Gitlab::LDAP::Access).to receive(:allowed?).and_return(valid_login?) + end + + include_context 'login_context' end end diff --git a/spec/support/login_helpers.rb b/spec/support/login_helpers.rb index cd01684a76d..09348229a9b 100644 --- a/spec/support/login_helpers.rb +++ b/spec/support/login_helpers.rb @@ -77,6 +77,18 @@ module LoginHelpers click_button "Sign in" end + def gitlab_ldap_sign_with(user, remember: false) + visit new_user_session_path + + within '#new_ldap_user' do + fill_in 'username', with: user.username + fill_in 'Password', with: "12345678" + check 'remember_me' if remember + end + + click_button "Sign in" + end + def login_via(provider, user, uid, remember_me: false) mock_auth_hash(provider, uid, user.email) visit new_user_session_path |