summaryrefslogtreecommitdiff
path: root/spec
diff options
context:
space:
mode:
authorMałgorzata Ksionek <mksionek@gitlab.com>2019-09-04 15:18:36 +0200
committerMałgorzata Ksionek <mksionek@gitlab.com>2019-09-23 10:18:42 +0200
commit6ce2e6dfc65bb22c0d3a866bd7efe53044480787 (patch)
tree81fe7708833350d47e8f2a476726901078f0e0c2 /spec
parent7099ecf77cb45c7b456a47f24064657ca59549b7 (diff)
downloadgitlab-ce-6ce2e6dfc65bb22c0d3a866bd7efe53044480787.tar.gz
Add checking for email_verified key
Fix rubocop offences and add changelog Add email_verified key for feature specs Add code review remarks Add code review remarks Fix specs
Diffstat (limited to 'spec')
-rw-r--r--spec/controllers/omniauth_callbacks_controller_spec.rb46
-rw-r--r--spec/features/oauth_login_spec.rb21
-rw-r--r--spec/support/helpers/login_helpers.rb13
3 files changed, 55 insertions, 25 deletions
diff --git a/spec/controllers/omniauth_callbacks_controller_spec.rb b/spec/controllers/omniauth_callbacks_controller_spec.rb
index 6e374a8daa7..5536b7df64e 100644
--- a/spec/controllers/omniauth_callbacks_controller_spec.rb
+++ b/spec/controllers/omniauth_callbacks_controller_spec.rb
@@ -7,9 +7,10 @@ describe OmniauthCallbacksController, type: :controller do
describe 'omniauth' do
let(:user) { create(:omniauth_user, extern_uid: extern_uid, provider: provider) }
+ let(:additional_info) { {} }
before do
- @original_env_config_omniauth_auth = mock_auth_hash(provider.to_s, +extern_uid, user.email)
+ @original_env_config_omniauth_auth = mock_auth_hash(provider.to_s, extern_uid, user.email, additional_info: additional_info )
stub_omniauth_provider(provider, context: request)
end
@@ -109,6 +110,14 @@ describe OmniauthCallbacksController, type: :controller do
end
context 'strategies' do
+ shared_context 'sign_up' do
+ let(:user) { double(email: 'new@example.com') }
+
+ before do
+ stub_omniauth_setting(block_auto_created_users: false)
+ end
+ end
+
context 'github' do
let(:extern_uid) { 'my-uid' }
let(:provider) { :github }
@@ -146,14 +155,6 @@ describe OmniauthCallbacksController, type: :controller do
end
end
- shared_context 'sign_up' do
- let(:user) { double(email: +'new@example.com') }
-
- before do
- stub_omniauth_setting(block_auto_created_users: false)
- end
- end
-
context 'sign up' do
include_context 'sign_up'
@@ -215,6 +216,33 @@ describe OmniauthCallbacksController, type: :controller do
expect(controller).to set_flash[:alert].to('Wrong extern UID provided. Make sure Auth0 is configured correctly.')
end
end
+
+ context 'salesforce' do
+ let(:extern_uid) { 'my-uid' }
+ let(:provider) { :salesforce }
+ let(:additional_info) { { extra: { email_verified: false } } }
+
+ context 'without verified email' do
+ it 'does not allow sign in' do
+ post 'salesforce'
+
+ expect(request.env['warden']).not_to be_authenticated
+ expect(response.status).to eq(302)
+ expect(controller).to set_flash[:alert].to('Email not verified. Please verify your email in Salesforce.')
+ end
+ end
+
+ context 'with verified email' do
+ include_context 'sign_up'
+ let(:additional_info) { { extra: { email_verified: true } } }
+
+ it 'allows sign in' do
+ post 'salesforce'
+
+ expect(request.env['warden']).to be_authenticated
+ end
+ end
+ end
end
end
diff --git a/spec/features/oauth_login_spec.rb b/spec/features/oauth_login_spec.rb
index c6e69fa3fb0..4a1e8598131 100644
--- a/spec/features/oauth_login_spec.rb
+++ b/spec/features/oauth_login_spec.rb
@@ -22,8 +22,8 @@ describe 'OAuth Login', :js, :allow_forgery_protection do
with_omniauth_full_host { example.run }
end
- def login_with_provider(provider, enter_two_factor: false)
- login_via(provider.to_s, user, uid, remember_me: remember_me)
+ def login_with_provider(provider, enter_two_factor: false, additional_info: {})
+ login_via(provider.to_s, user, uid, remember_me: remember_me, additional_info: additional_info)
enter_code(user.current_otp) if enter_two_factor
end
@@ -33,6 +33,7 @@ describe 'OAuth Login', :js, :allow_forgery_protection do
let(:remember_me) { false }
let(:user) { create(:omniauth_user, extern_uid: uid, provider: provider.to_s) }
let(:two_factor_user) { create(:omniauth_user, :two_factor, extern_uid: uid, provider: provider.to_s) }
+ provider == :salesforce ? let(:additional_info) { { extra: { email_verified: true } } } : let(:additional_info) { {} }
before do
stub_omniauth_config(provider)
@@ -41,7 +42,7 @@ describe 'OAuth Login', :js, :allow_forgery_protection do
context 'when two-factor authentication is disabled' do
it 'logs the user in' do
- login_with_provider(provider)
+ login_with_provider(provider, additional_info: additional_info)
expect(current_path).to eq root_path
end
@@ -51,20 +52,20 @@ describe 'OAuth Login', :js, :allow_forgery_protection do
let(:user) { two_factor_user }
it 'logs the user in' do
- login_with_provider(provider, enter_two_factor: true)
+ login_with_provider(provider, additional_info: additional_info, enter_two_factor: true)
expect(current_path).to eq root_path
end
it 'when bypass-two-factor is enabled' do
allow(Gitlab.config.omniauth).to receive_messages(allow_bypass_two_factor: true)
- login_via(provider.to_s, user, uid, remember_me: false)
+ login_via(provider.to_s, user, uid, remember_me: false, additional_info: additional_info)
expect(current_path).to eq root_path
end
it 'when bypass-two-factor is disabled' do
allow(Gitlab.config.omniauth).to receive_messages(allow_bypass_two_factor: false)
- login_with_provider(provider, enter_two_factor: true)
+ login_with_provider(provider, enter_two_factor: true, additional_info: additional_info)
expect(current_path).to eq root_path
end
end
@@ -74,7 +75,7 @@ describe 'OAuth Login', :js, :allow_forgery_protection do
context 'when two-factor authentication is disabled' do
it 'remembers the user after a browser restart' do
- login_with_provider(provider)
+ login_with_provider(provider, additional_info: additional_info)
clear_browser_session
@@ -87,7 +88,7 @@ describe 'OAuth Login', :js, :allow_forgery_protection do
let(:user) { two_factor_user }
it 'remembers the user after a browser restart' do
- login_with_provider(provider, enter_two_factor: true)
+ login_with_provider(provider, enter_two_factor: true, additional_info: additional_info)
clear_browser_session
@@ -100,7 +101,7 @@ describe 'OAuth Login', :js, :allow_forgery_protection do
context 'when "remember me" is not checked' do
context 'when two-factor authentication is disabled' do
it 'does not remember the user after a browser restart' do
- login_with_provider(provider)
+ login_with_provider(provider, additional_info: additional_info)
clear_browser_session
@@ -113,7 +114,7 @@ describe 'OAuth Login', :js, :allow_forgery_protection do
let(:user) { two_factor_user }
it 'does not remember the user after a browser restart' do
- login_with_provider(provider, enter_two_factor: true)
+ login_with_provider(provider, enter_two_factor: true, additional_info: additional_info)
clear_browser_session
diff --git a/spec/support/helpers/login_helpers.rb b/spec/support/helpers/login_helpers.rb
index 140ad173d38..95fcfde2d32 100644
--- a/spec/support/helpers/login_helpers.rb
+++ b/spec/support/helpers/login_helpers.rb
@@ -79,8 +79,8 @@ module LoginHelpers
click_button "Sign in"
end
- def login_via(provider, user, uid, remember_me: false)
- mock_auth_hash(provider, uid, user.email)
+ def login_via(provider, user, uid, remember_me: false, additional_info: {})
+ mock_auth_hash(provider, uid, user.email, additional_info: additional_info)
visit new_user_session_path
expect(page).to have_content('Sign in with')
@@ -99,9 +99,10 @@ module LoginHelpers
mock_auth_hash(provider, uid, email, response_object: response_object)
end
- def configure_mock_auth(provider, uid, email, response_object: nil)
+ def configure_mock_auth(provider, uid, email, response_object: nil, additional_info: {})
# The mock_auth configuration allows you to set per-provider (or default)
# authentication hashes to return during integration testing.
+
OmniAuth.config.mock_auth[provider.to_sym] = OmniAuth::AuthHash.new({
provider: provider,
uid: uid,
@@ -124,11 +125,11 @@ module LoginHelpers
},
response_object: response_object
}
- })
+ }).merge(additional_info) { |_, old_hash, new_hash| old_hash.merge(new_hash) }
end
- def mock_auth_hash(provider, uid, email, response_object: nil)
- configure_mock_auth(provider, uid, email, response_object: response_object)
+ def mock_auth_hash(provider, uid, email, additional_info: {}, response_object: nil)
+ configure_mock_auth(provider, uid, email, additional_info: additional_info, response_object: response_object)
original_env_config_omniauth_auth = Rails.application.env_config['omniauth.auth']
Rails.application.env_config['omniauth.auth'] = OmniAuth.config.mock_auth[provider.to_sym]