Fix Mattermost integrationmattermost_fixes

3 files changed, 28 insertions, 9 deletions

diff --git a/changelogs/unreleased/mattermost_fixes.yml b/changelogs/unreleased/mattermost_fixes.yml
new file mode 100644
index 00000000000..667109a0bb4
--- /dev/null
+++ b/changelogs/unreleased/mattermost_fixes.yml
@@ -0,0 +1,4 @@
+---
+title: Fix Mattermost integration
+merge_request:
+author:
diff --git a/lib/mattermost/session.rb b/lib/mattermost/session.rb
index 688a79c0441..ef08bd46e17 100644
--- a/lib/mattermost/session.rb
+++ b/lib/mattermost/session.rb
@@ -36,11 +36,12 @@ module Mattermost
 
     def with_session
       with_lease do
-        raise Mattermost::NoSessionError unless create
+        create
 
         begin
           yield self
-        rescue Errno::ECONNREFUSED
+        rescue Errno::ECONNREFUSED => e
+          Rails.logger.error(e.message + "\n" + e.backtrace.join("\n"))
           raise Mattermost::NoSessionError
         ensure
           destroy
@@ -85,10 +86,12 @@ module Mattermost
     private
 
     def create
-      return unless oauth_uri
-      return unless token_uri
+      raise Mattermost::NoSessionError unless oauth_uri
+      raise Mattermost::NoSessionError unless token_uri
 
       @token = request_token
+      raise Mattermost::NoSessionError unless @token
+
       @headers = {
         Authorization: "Bearer #{@token}"
       }
@@ -106,11 +109,16 @@ module Mattermost
       @oauth_uri = nil
 
       response = get("/api/v3/oauth/gitlab/login", follow_redirects: false)
-      return unless 300 <= response.code && response.code < 400
+      return unless (300...400) === response.code
 
       redirect_uri = response.headers['location']
       return unless redirect_uri
 
+      oauth_cookie = parse_cookie(response)
+      @headers = {
+        Cookie: oauth_cookie.to_cookie_string
+      }
+
       @oauth_uri = URI.parse(redirect_uri)
     end
 
@@ -124,7 +132,7 @@ module Mattermost
     def request_token
       response = get(token_uri, follow_redirects: false)
 
-      if 200 <= response.code && response.code < 400
+      if (200...400) === response.code
         response.headers['token']
       end
     end
@@ -156,5 +164,11 @@ module Mattermost
     rescue Errno::ECONNREFUSED => e
       raise Mattermost::ConnectionError.new(e.message)
     end
+
+    def parse_cookie(response)
+      cookie_hash = CookieHash.new
+      response.get_fields('Set-Cookie').each { |c| cookie_hash.add_cookies(c) }
+      cookie_hash
+    end
   end
 end
diff --git a/spec/lib/mattermost/session_spec.rb b/spec/lib/mattermost/session_spec.rb
index be3908e8f6a..3db19d06305 100644
--- a/spec/lib/mattermost/session_spec.rb
+++ b/spec/lib/mattermost/session_spec.rb
@@ -20,9 +20,10 @@ describe Mattermost::Session, type: :request do
 
   describe '#with session' do
     let(:location) { 'http://location.tld' }
+    let(:cookie_header) {'MMOAUTH=taskik8az7rq8k6rkpuas7htia; Path=/;'}
     let!(:stub) do
       WebMock.stub_request(:get, "#{mattermost_url}/api/v3/oauth/gitlab/login")
-        .to_return(headers: { 'location' => location }, status: 307)
+        .to_return(headers: { 'location' => location, 'Set-Cookie' => cookie_header }, status: 307)
     end
 
     context 'without oauth uri' do
@@ -34,9 +35,9 @@ describe Mattermost::Session, type: :request do
     context 'with oauth_uri' do
       let!(:doorkeeper) do
         Doorkeeper::Application.create(
-          name: "GitLab Mattermost",
+          name: 'GitLab Mattermost',
           redirect_uri: "#{mattermost_url}/signup/gitlab/complete\n#{mattermost_url}/login/gitlab/complete",
-          scopes: "")
+          scopes: '')
       end
 
       context 'without token_uri' do