diff options
-rw-r--r-- | lib/mattermost/session.rb | 23 | ||||
-rw-r--r-- | spec/lib/mattermost/session_spec.rb | 53 |
2 files changed, 50 insertions, 26 deletions
diff --git a/lib/mattermost/session.rb b/lib/mattermost/session.rb index f4629585da7..7d0290be5a1 100644 --- a/lib/mattermost/session.rb +++ b/lib/mattermost/session.rb @@ -17,7 +17,7 @@ module Mattermost include Doorkeeper::Helpers::Controller include HTTParty - attr_accessor :current_resource_owner + attr_accessor :current_resource_owner, :token def initialize(uri, current_user) # Sets the base uri for HTTParty, so we can use paths @@ -64,9 +64,9 @@ module Mattermost return unless oauth_uri return unless token_uri - self.class.headers("Cookie" => "MMAUTHTOKEN=#{request_token}") - - request_token + self.token = request_token + self.class.headers("Cookie" => "MMAUTHTOKEN=#{self.token}") + self.token end def destroy @@ -84,16 +84,17 @@ module Mattermost end def token_uri - @token_uri ||= if @oauth_uri - authorization.authorize.redirect_uri if pre_auth.authorizable? - end + @token_uri ||= + if @oauth_uri + authorization.authorize.redirect_uri if pre_auth.authorizable? + end end def request_token - @request_token ||= begin - response = get(@token_uri, follow_redirects: false) - response.headers['token'] if 200 <= response.code && response.code < 400 - end + response = get(@token_uri, follow_redirects: false) + if 200 <= response.code && response.code < 400 + response.headers['token'] + end end def get(path, options = {}) diff --git a/spec/lib/mattermost/session_spec.rb b/spec/lib/mattermost/session_spec.rb index a93bab877da..69d677930bc 100644 --- a/spec/lib/mattermost/session_spec.rb +++ b/spec/lib/mattermost/session_spec.rb @@ -1,9 +1,12 @@ require 'spec_helper' -describe Mattermost::Session do +describe Mattermost::Session, type: :request do let(:user) { create(:user) } - subject { described_class.new('http://localhost:8065', user) } + let(:gitlab_url) { "http://gitlab.com" } + let(:mattermost_url) { "http://mattermost.com" } + + subject { described_class.new(mattermost_url, user) } # Needed for doorkeeper to function it { is_expected.to respond_to(:current_resource_owner) } @@ -14,7 +17,7 @@ describe Mattermost::Session do describe '#with session' do let(:location) { 'http://location.tld' } let!(:stub) do - WebMock.stub_request(:get, 'http://localhost:8065/api/v3/oauth/gitlab/login'). + WebMock.stub_request(:get, "#{mattermost_url}/api/v3/oauth/gitlab/login"). to_return(headers: { 'location' => location }, status: 307) end @@ -26,9 +29,10 @@ describe Mattermost::Session do context 'with oauth_uri' do let!(:doorkeeper) do - Doorkeeper::Application.create(name: "GitLab Mattermost", - redirect_uri: "http://localhost:8065/signup/gitlab/complete\nhttp://localhost:8065/login/gitlab/complete", - scopes: "") + Doorkeeper::Application.create( + name: "GitLab Mattermost", + redirect_uri: "#{mattermost_url}/signup/gitlab/complete\n#{mattermost_url}/login/gitlab/complete", + scopes: "") end context 'without token_uri' do @@ -40,24 +44,43 @@ describe Mattermost::Session do end context 'with token_uri' do - let(:state) { "eyJhY3Rpb24iOiJsb2dpbiIsImhhc2giOiIkMmEkMTAkVC9wYVlEaTdIUS8vcWdKRmdOOUllZUptaUNJWUlvNVNtNEcwU2NBMXFqelNOVmVPZ1cxWUsifQ%3D%3D" } - let(:location) { "http://locahost:8065/oauth/authorize?response_type=code&client_id=#{doorkeeper.uid}&redirect_uri=http%3A%2F%2Flocalhost:8065%2Fsignup%2Fgitlab%2Fcomplete&state=#{state}" } + let(:state) { "state" } + let(:params) do + { response_type: "code", + client_id: doorkeeper.uid, + redirect_uri: "#{mattermost_url}/signup/gitlab/complete", + state: state } + end + let(:location) do + "#{gitlab_url}/oauth/authorize?#{URI.encode_www_form(params)}" + end before do - WebMock.stub_request(:get, /http:\/\/localhost:8065\/signup\/gitlab\/complete*/). - to_return(headers: { 'token' => 'thisworksnow' }, status: 202) + WebMock.stub_request(:get, "#{mattermost_url}/signup/gitlab/complete"). + with(query: hash_including({ 'state' => state })). + to_return do |request| + post "/oauth/token", + client_id: doorkeeper.uid, + client_secret: doorkeeper.secret, + redirect_uri: params[:redirect_uri], + grant_type: 'authorization_code', + code: request.uri.query_values['code'] + + if response.status == 200 + { headers: { 'token' => 'thisworksnow' }, status: 202 } + end + end + + WebMock.stub_request(:post, "#{mattermost_url}/api/v3/users/logout"). + to_return(headers: { Cookie: 'MMAUTHTOKEN=thisworksnow' }, status: 200) end it 'can setup a session' do - expect(subject).to receive(:destroy) - subject.with_session { 1 + 1 } + expect(subject.token).not_to be_nil end it 'returns the value of the block' do - WebMock.stub_request(:post, "http://localhost:8065/api/v3/users/logout"). - to_return(headers: { 'token' => 'thisworksnow' }, status: 200) - value = subject.with_session { 1 + 1 } expect(value).to be(2) |