diff options
author | Nick Thomas <nick@gitlab.com> | 2016-09-16 18:38:07 +0100 |
---|---|---|
committer | Nick Thomas <nick@gitlab.com> | 2016-09-19 12:27:37 +0100 |
commit | 10c072263b2568a64321439860da039a4f572e31 (patch) | |
tree | 92fd7dbe9fa1d5ec3e9873e6d71ec4a4114bfa4f /spec/requests | |
parent | 5db3bc6448e01b51811d01880e60a942b82bb533 (diff) | |
download | gitlab-ce-10c072263b2568a64321439860da039a4f572e31.tar.gz |
Enable Warden for the Grape API
The practical effect of this commit is to make the API check the Rails session
cookie for authentication details. If the cookie is present and valid, it will
be used to authenticate.
The API now has several authentication options for users. They follow in this
order of precedence:
* Authentication token
* Personal access token
* OAuth2 Bearer token (Doorkeeper - application access)
* Rails session cookie
Diffstat (limited to 'spec/requests')
-rw-r--r-- | spec/requests/api/api_helpers_spec.rb | 25 |
1 files changed, 25 insertions, 0 deletions
diff --git a/spec/requests/api/api_helpers_spec.rb b/spec/requests/api/api_helpers_spec.rb index bbdf8f03c2b..e66faeed705 100644 --- a/spec/requests/api/api_helpers_spec.rb +++ b/spec/requests/api/api_helpers_spec.rb @@ -36,11 +36,36 @@ describe API::Helpers, api: true do params.delete(API::Helpers::SUDO_PARAM) end + def warden_authenticate_returns(value) + warden = double("warden", authenticate: value) + env['warden'] = warden + end + + def doorkeeper_guard_returns(value) + allow_any_instance_of(self.class).to receive(:doorkeeper_guard){ value } + end + def error!(message, status) raise Exception end describe ".current_user" do + subject { current_user } + + describe "when authenticating via Warden" do + before { doorkeeper_guard_returns false } + + context "fails" do + it { is_expected.to be_nil } + end + + context "succeeds" do + before { warden_authenticate_returns user } + + it { is_expected.to eq(user) } + end + end + describe "when authenticating using a user's private token" do it "returns nil for an invalid token" do env[API::Helpers::PRIVATE_TOKEN_HEADER] = 'invalid token' |