diff options
| author | Yorick Peterse <yorickpeterse@gmail.com> | 2019-01-24 16:27:17 +0000 |
|---|---|---|
| committer | Yorick Peterse <yorickpeterse@gmail.com> | 2019-01-24 16:27:41 +0000 |
| commit | cdc01f897c45ad6b7638c1b37a9b5c5e583e27bd (patch) | |
| tree | 36b8cbe960afbe396cd55e732d562cc52490e4d7 /spec | |
| parent | 9149beee1b363fbceec7c48a51a4e85ba19d06a5 (diff) | |
| download | gitlab-ce-cdc01f897c45ad6b7638c1b37a9b5c5e583e27bd.tar.gz | |
Merge branch 'sh-fix-issue-56663-11-6' into 'security-11-6'
[11.6] Alias GitHub and BitBucket OAuth2 callback URLs
See merge request gitlab/gitlabhq!2846
(cherry picked from commit f8a23d89e6f94a74b2779b3b215c475a39ba8de3)
f652a9e0 Alias GitHub and BitBucket OAuth2 callback URLs
Diffstat (limited to 'spec')
| -rw-r--r-- | spec/controllers/import/bitbucket_controller_spec.rb | 11 | ||||
| -rw-r--r-- | spec/controllers/import/github_controller_spec.rb | 8 |
2 files changed, 16 insertions, 3 deletions
diff --git a/spec/controllers/import/bitbucket_controller_spec.rb b/spec/controllers/import/bitbucket_controller_spec.rb index be49b92d23f..6081c5458b5 100644 --- a/spec/controllers/import/bitbucket_controller_spec.rb +++ b/spec/controllers/import/bitbucket_controller_spec.rb @@ -8,6 +8,7 @@ describe Import::BitbucketController do let(:secret) { "sekrettt" } let(:refresh_token) { SecureRandom.hex(15) } let(:access_params) { { token: token, expires_at: nil, expires_in: nil, refresh_token: nil } } + let(:code) { SecureRandom.hex(8) } def assign_session_tokens session[:bitbucket_token] = token @@ -32,10 +33,16 @@ describe Import::BitbucketController do expires_in: expires_in, refresh_token: refresh_token) allow_any_instance_of(OAuth2::Client) - .to receive(:get_token).and_return(access_token) + .to receive(:get_token) + .with(hash_including( + 'grant_type' => 'authorization_code', + 'code' => code, + redirect_uri: users_import_bitbucket_callback_url), + {}) + .and_return(access_token) stub_omniauth_provider('bitbucket') - get :callback + get :callback, code: code expect(session[:bitbucket_token]).to eq(token) expect(session[:bitbucket_refresh_token]).to eq(refresh_token) diff --git a/spec/controllers/import/github_controller_spec.rb b/spec/controllers/import/github_controller_spec.rb index 9bbd97ec305..e6070fc429d 100644 --- a/spec/controllers/import/github_controller_spec.rb +++ b/spec/controllers/import/github_controller_spec.rb @@ -12,9 +12,15 @@ describe Import::GithubController do it "redirects to GitHub for an access token if logged in with GitHub" do allow(controller).to receive(:logged_in_with_provider?).and_return(true) - expect(controller).to receive(:go_to_provider_for_permissions) + expect(controller).to receive(:go_to_provider_for_permissions).and_call_original + allow_any_instance_of(Gitlab::LegacyGithubImport::Client) + .to receive(:authorize_url) + .with(users_import_github_callback_url) + .and_call_original get :new + + expect(response).to have_http_status(302) end end |