diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2020-04-01 12:08:00 +0000 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2020-04-01 12:08:00 +0000 |
commit | 1a0d6dbdc2ac3047f4953a359ef27ba6e26074ae (patch) | |
tree | ddb78a8a0d1350dc767f049a21e0f7d37edaa82c /spec/lib/gitlab/auth/auth_finders_spec.rb | |
parent | b11f7057d067885619ee3e513751f180b2e8ad85 (diff) | |
download | gitlab-ce-1a0d6dbdc2ac3047f4953a359ef27ba6e26074ae.tar.gz |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'spec/lib/gitlab/auth/auth_finders_spec.rb')
-rw-r--r-- | spec/lib/gitlab/auth/auth_finders_spec.rb | 48 |
1 files changed, 48 insertions, 0 deletions
diff --git a/spec/lib/gitlab/auth/auth_finders_spec.rb b/spec/lib/gitlab/auth/auth_finders_spec.rb index bffaaef4ed4..0b6fda31d7b 100644 --- a/spec/lib/gitlab/auth/auth_finders_spec.rb +++ b/spec/lib/gitlab/auth/auth_finders_spec.rb @@ -335,6 +335,54 @@ describe Gitlab::Auth::AuthFinders do end end + describe '#find_personal_access_token_from_http_basic_auth' do + def auth_header_with(token) + env['HTTP_AUTHORIZATION'] = ActionController::HttpAuthentication::Basic.encode_credentials('username', token) + end + + context 'access token is valid' do + let(:personal_access_token) { create(:personal_access_token, user: user) } + let(:route_authentication_setting) { { basic_auth_personal_access_token: true } } + + it 'finds the token from basic auth' do + auth_header_with(personal_access_token.token) + + expect(find_personal_access_token_from_http_basic_auth).to eq personal_access_token + end + end + + context 'access token is not valid' do + let(:route_authentication_setting) { { basic_auth_personal_access_token: true } } + + it 'returns nil' do + auth_header_with('failing_token') + + expect(find_personal_access_token_from_http_basic_auth).to be_nil + end + end + + context 'route_setting is not set' do + let(:personal_access_token) { create(:personal_access_token, user: user) } + + it 'returns nil' do + auth_header_with(personal_access_token.token) + + expect(find_personal_access_token_from_http_basic_auth).to be_nil + end + end + + context 'route_setting is not correct' do + let(:personal_access_token) { create(:personal_access_token, user: user) } + let(:route_authentication_setting) { { basic_auth_personal_access_token: false } } + + it 'returns nil' do + auth_header_with(personal_access_token.token) + + expect(find_personal_access_token_from_http_basic_auth).to be_nil + end + end + end + describe '#find_user_from_basic_auth_job' do def basic_http_auth(username, password) ActionController::HttpAuthentication::Basic.encode_credentials(username, password) |