summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--lib/mattermost/session.rb23
-rw-r--r--spec/lib/mattermost/session_spec.rb53
2 files changed, 50 insertions, 26 deletions
diff --git a/lib/mattermost/session.rb b/lib/mattermost/session.rb
index f4629585da7..7d0290be5a1 100644
--- a/lib/mattermost/session.rb
+++ b/lib/mattermost/session.rb
@@ -17,7 +17,7 @@ module Mattermost
include Doorkeeper::Helpers::Controller
include HTTParty
- attr_accessor :current_resource_owner
+ attr_accessor :current_resource_owner, :token
def initialize(uri, current_user)
# Sets the base uri for HTTParty, so we can use paths
@@ -64,9 +64,9 @@ module Mattermost
return unless oauth_uri
return unless token_uri
- self.class.headers("Cookie" => "MMAUTHTOKEN=#{request_token}")
-
- request_token
+ self.token = request_token
+ self.class.headers("Cookie" => "MMAUTHTOKEN=#{self.token}")
+ self.token
end
def destroy
@@ -84,16 +84,17 @@ module Mattermost
end
def token_uri
- @token_uri ||= if @oauth_uri
- authorization.authorize.redirect_uri if pre_auth.authorizable?
- end
+ @token_uri ||=
+ if @oauth_uri
+ authorization.authorize.redirect_uri if pre_auth.authorizable?
+ end
end
def request_token
- @request_token ||= begin
- response = get(@token_uri, follow_redirects: false)
- response.headers['token'] if 200 <= response.code && response.code < 400
- end
+ response = get(@token_uri, follow_redirects: false)
+ if 200 <= response.code && response.code < 400
+ response.headers['token']
+ end
end
def get(path, options = {})
diff --git a/spec/lib/mattermost/session_spec.rb b/spec/lib/mattermost/session_spec.rb
index a93bab877da..69d677930bc 100644
--- a/spec/lib/mattermost/session_spec.rb
+++ b/spec/lib/mattermost/session_spec.rb
@@ -1,9 +1,12 @@
require 'spec_helper'
-describe Mattermost::Session do
+describe Mattermost::Session, type: :request do
let(:user) { create(:user) }
- subject { described_class.new('http://localhost:8065', user) }
+ let(:gitlab_url) { "http://gitlab.com" }
+ let(:mattermost_url) { "http://mattermost.com" }
+
+ subject { described_class.new(mattermost_url, user) }
# Needed for doorkeeper to function
it { is_expected.to respond_to(:current_resource_owner) }
@@ -14,7 +17,7 @@ describe Mattermost::Session do
describe '#with session' do
let(:location) { 'http://location.tld' }
let!(:stub) do
- WebMock.stub_request(:get, 'http://localhost:8065/api/v3/oauth/gitlab/login').
+ WebMock.stub_request(:get, "#{mattermost_url}/api/v3/oauth/gitlab/login").
to_return(headers: { 'location' => location }, status: 307)
end
@@ -26,9 +29,10 @@ describe Mattermost::Session do
context 'with oauth_uri' do
let!(:doorkeeper) do
- Doorkeeper::Application.create(name: "GitLab Mattermost",
- redirect_uri: "http://localhost:8065/signup/gitlab/complete\nhttp://localhost:8065/login/gitlab/complete",
- scopes: "")
+ Doorkeeper::Application.create(
+ name: "GitLab Mattermost",
+ redirect_uri: "#{mattermost_url}/signup/gitlab/complete\n#{mattermost_url}/login/gitlab/complete",
+ scopes: "")
end
context 'without token_uri' do
@@ -40,24 +44,43 @@ describe Mattermost::Session do
end
context 'with token_uri' do
- let(:state) { "eyJhY3Rpb24iOiJsb2dpbiIsImhhc2giOiIkMmEkMTAkVC9wYVlEaTdIUS8vcWdKRmdOOUllZUptaUNJWUlvNVNtNEcwU2NBMXFqelNOVmVPZ1cxWUsifQ%3D%3D" }
- let(:location) { "http://locahost:8065/oauth/authorize?response_type=code&client_id=#{doorkeeper.uid}&redirect_uri=http%3A%2F%2Flocalhost:8065%2Fsignup%2Fgitlab%2Fcomplete&state=#{state}" }
+ let(:state) { "state" }
+ let(:params) do
+ { response_type: "code",
+ client_id: doorkeeper.uid,
+ redirect_uri: "#{mattermost_url}/signup/gitlab/complete",
+ state: state }
+ end
+ let(:location) do
+ "#{gitlab_url}/oauth/authorize?#{URI.encode_www_form(params)}"
+ end
before do
- WebMock.stub_request(:get, /http:\/\/localhost:8065\/signup\/gitlab\/complete*/).
- to_return(headers: { 'token' => 'thisworksnow' }, status: 202)
+ WebMock.stub_request(:get, "#{mattermost_url}/signup/gitlab/complete").
+ with(query: hash_including({ 'state' => state })).
+ to_return do |request|
+ post "/oauth/token",
+ client_id: doorkeeper.uid,
+ client_secret: doorkeeper.secret,
+ redirect_uri: params[:redirect_uri],
+ grant_type: 'authorization_code',
+ code: request.uri.query_values['code']
+
+ if response.status == 200
+ { headers: { 'token' => 'thisworksnow' }, status: 202 }
+ end
+ end
+
+ WebMock.stub_request(:post, "#{mattermost_url}/api/v3/users/logout").
+ to_return(headers: { Cookie: 'MMAUTHTOKEN=thisworksnow' }, status: 200)
end
it 'can setup a session' do
- expect(subject).to receive(:destroy)
-
subject.with_session { 1 + 1 }
+ expect(subject.token).not_to be_nil
end
it 'returns the value of the block' do
- WebMock.stub_request(:post, "http://localhost:8065/api/v3/users/logout").
- to_return(headers: { 'token' => 'thisworksnow' }, status: 200)
-
value = subject.with_session { 1 + 1 }
expect(value).to be(2)