diff options
| author | Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> | 2015-09-11 13:15:18 +0200 |
|---|---|---|
| committer | Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> | 2015-09-11 13:15:18 +0200 |
| commit | 187face620cfa0d5617a1c49e28dfbb20134fe41 (patch) | |
| tree | 875bd85b7224c48b463cece65b134dfd4b1c41dd | |
| parent | ae5d2f5b3132b6ce6fefe5fdef764616bbec3a5d (diff) | |
| download | gitlab-ce-187face620cfa0d5617a1c49e28dfbb20134fe41.tar.gz | |
CLeanup CI helpers since we dont use oauth any more
| -rw-r--r-- | app/helpers/ci/user_sessions_helper.rb | 32 | ||||
| -rw-r--r-- | spec/helpers/ci/user_helper_spec.rb | 49 | ||||
| -rw-r--r-- | spec/helpers/ci/user_sessions_helper_spec.rb | 69 |
3 files changed, 0 insertions, 150 deletions
diff --git a/app/helpers/ci/user_sessions_helper.rb b/app/helpers/ci/user_sessions_helper.rb deleted file mode 100644 index 0296a74395c..00000000000 --- a/app/helpers/ci/user_sessions_helper.rb +++ /dev/null @@ -1,32 +0,0 @@ -module Ci - module UserSessionsHelper - def generate_oauth_salt - SecureRandom.hex(16) - end - - def generate_oauth_hmac(salt, return_to) - return unless return_to - digest = OpenSSL::Digest.new('sha256') - key = Gitlab::Application.secrets.db_key_base + salt - OpenSSL::HMAC.hexdigest(digest, key, return_to) - end - - def generate_oauth_state(return_to) - return unless return_to - salt = generate_oauth_salt - hmac = generate_oauth_hmac(salt, return_to) - "#{salt}:#{hmac}:#{return_to}" - end - - def get_ouath_state_return_to(state) - state.split(':', 3)[2] if state - end - - def is_oauth_state_valid?(state) - return true unless state - salt, hmac, return_to = state.split(':', 3) - return false unless return_to - hmac == generate_oauth_hmac(salt, return_to) - end - end -end diff --git a/spec/helpers/ci/user_helper_spec.rb b/spec/helpers/ci/user_helper_spec.rb deleted file mode 100644 index f95bfb355ed..00000000000 --- a/spec/helpers/ci/user_helper_spec.rb +++ /dev/null @@ -1,49 +0,0 @@ -require 'spec_helper' - -describe Ci::UserHelper do - describe :user_avatar_url do - let (:user) { User.new({'avatar_url' => avatar_url}) } - - context 'no avatar' do - let (:avatar_url) { nil } - - it 'should return a generic avatar' do - user_avatar_url(user).should == 'ci/no_avatar.png' - end - end - - context 'plain gravatar' do - let (:base_url) { 'http://www.gravatar.com/avatar/abcdefgh' } - let (:avatar_url) { "#{base_url}?s=40&d=mm" } - - it 'should return gravatar with default size' do - user_avatar_url(user).should == "#{base_url}?s=40&d=identicon" - end - - it 'should return gravatar with custom size' do - user_avatar_url(user, 120).should == "#{base_url}?s=120&d=identicon" - end - end - - context 'secure gravatar' do - let (:base_url) { 'https://secure.gravatar.com/avatar/abcdefgh' } - let (:avatar_url) { "#{base_url}?s=40&d=mm" } - - it 'should return gravatar with default size' do - user_avatar_url(user).should == "#{base_url}?s=40&d=identicon" - end - - it 'should return gravatar with custom size' do - user_avatar_url(user, 120).should == "#{base_url}?s=120&d=identicon" - end - end - - context 'custom avatar' do - let (:avatar_url) { 'http://example.local/avatar.png' } - - it 'should return custom avatar' do - user_avatar_url(user).should == avatar_url - end - end - end -end diff --git a/spec/helpers/ci/user_sessions_helper_spec.rb b/spec/helpers/ci/user_sessions_helper_spec.rb deleted file mode 100644 index 5f654866d99..00000000000 --- a/spec/helpers/ci/user_sessions_helper_spec.rb +++ /dev/null @@ -1,69 +0,0 @@ -require 'spec_helper' - -describe Ci::UserSessionsHelper do - describe :generate_oauth_hmac do - let (:salt) { 'a' } - let (:salt2) { 'b' } - let (:return_to) { 'b' } - - it 'should return null if return_to is also null' do - generate_oauth_hmac(salt, nil).should be_nil - end - - it 'should return not null if return_to is also not null' do - generate_oauth_hmac(salt, return_to).should_not be_nil - end - - it 'should return different hmacs for different salts' do - secret1 = generate_oauth_hmac(salt, return_to) - secret2 = generate_oauth_hmac(salt2, return_to) - secret1.should_not eq(secret2) - end - end - - describe :generate_oauth_state do - let (:return_to) { 'b' } - - it 'should return null if return_to is also null' do - generate_oauth_state(nil).should be_nil - end - - it 'should return two different states for same return_to' do - state1 = generate_oauth_state(return_to) - state2 = generate_oauth_state(return_to) - state1.should_not eq(state2) - end - end - - describe :get_ouath_state_return_to do - let (:return_to) { 'a' } - let (:state) { generate_oauth_state(return_to) } - - it 'should return return_to' do - get_ouath_state_return_to(state).should eq(return_to) - end - end - - describe :is_oauth_state_valid? do - let (:return_to) { 'a' } - let (:state) { generate_oauth_state(return_to) } - let (:forged) { "forged#{state}" } - let (:invalid) { 'aa' } - let (:invalid2) { 'aa:bb' } - let (:invalid3) { 'aa:bb:' } - - it 'should validate oauth state' do - is_oauth_state_valid?(state).should be_true - end - - it 'should not validate forged state' do - is_oauth_state_valid?(forged).should be_false - end - - it 'should not validate invalid state' do - is_oauth_state_valid?(invalid).should be_false - is_oauth_state_valid?(invalid2).should be_false - is_oauth_state_valid?(invalid3).should be_false - end - end -end |