diff options
Diffstat (limited to 'spec/lib/gitlab/auth/ldap/config_spec.rb')
| -rw-r--r-- | spec/lib/gitlab/auth/ldap/config_spec.rb | 202 |
1 files changed, 101 insertions, 101 deletions
diff --git a/spec/lib/gitlab/auth/ldap/config_spec.rb b/spec/lib/gitlab/auth/ldap/config_spec.rb index 3039fce6141..3be983857bc 100644 --- a/spec/lib/gitlab/auth/ldap/config_spec.rb +++ b/spec/lib/gitlab/auth/ldap/config_spec.rb @@ -112,8 +112,8 @@ AtlErSqafbECNDSwS5BX8yDpu5yRBJ4xegO/rNlmb8ICRYkuJapD1xXicFOsmfUK it 'constructs basic options' do stub_ldap_config( options: { - 'host' => 'ldap.example.com', - 'port' => 386, + 'host' => 'ldap.example.com', + 'port' => 386, 'encryption' => 'plain' } ) @@ -129,16 +129,16 @@ AtlErSqafbECNDSwS5BX8yDpu5yRBJ4xegO/rNlmb8ICRYkuJapD1xXicFOsmfUK it 'includes failover hosts when set' do stub_ldap_config( options: { - 'host' => 'ldap.example.com', - 'port' => 686, - 'hosts' => [ + 'host' => 'ldap.example.com', + 'port' => 686, + 'hosts' => [ ['ldap1.example.com', 636], ['ldap2.example.com', 636] ], - 'encryption' => 'simple_tls', + 'encryption' => 'simple_tls', 'verify_certificates' => true, - 'bind_dn' => 'uid=admin,dc=example,dc=com', - 'password' => 'super_secret' + 'bind_dn' => 'uid=admin,dc=example,dc=com', + 'password' => 'super_secret' } ) @@ -158,12 +158,12 @@ AtlErSqafbECNDSwS5BX8yDpu5yRBJ4xegO/rNlmb8ICRYkuJapD1xXicFOsmfUK it 'includes authentication options when auth is configured' do stub_ldap_config( options: { - 'host' => 'ldap.example.com', - 'port' => 686, - 'encryption' => 'simple_tls', + 'host' => 'ldap.example.com', + 'port' => 686, + 'encryption' => 'simple_tls', 'verify_certificates' => true, - 'bind_dn' => 'uid=admin,dc=example,dc=com', - 'password' => 'super_secret' + 'bind_dn' => 'uid=admin,dc=example,dc=com', + 'password' => 'super_secret' } ) @@ -179,9 +179,9 @@ AtlErSqafbECNDSwS5BX8yDpu5yRBJ4xegO/rNlmb8ICRYkuJapD1xXicFOsmfUK it 'sets encryption method to simple_tls when configured as simple_tls' do stub_ldap_config( options: { - 'host' => 'ldap.example.com', - 'port' => 686, - 'encryption' => 'simple_tls' + 'host' => 'ldap.example.com', + 'port' => 686, + 'encryption' => 'simple_tls' } ) @@ -191,9 +191,9 @@ AtlErSqafbECNDSwS5BX8yDpu5yRBJ4xegO/rNlmb8ICRYkuJapD1xXicFOsmfUK it 'sets encryption method to start_tls when configured as start_tls' do stub_ldap_config( options: { - 'host' => 'ldap.example.com', - 'port' => 686, - 'encryption' => 'start_tls' + 'host' => 'ldap.example.com', + 'port' => 686, + 'encryption' => 'start_tls' } ) @@ -203,12 +203,12 @@ AtlErSqafbECNDSwS5BX8yDpu5yRBJ4xegO/rNlmb8ICRYkuJapD1xXicFOsmfUK it 'transforms SSL cert and key to OpenSSL objects' do stub_ldap_config( options: { - 'host' => 'ldap.example.com', - 'port' => 686, - 'encryption' => 'start_tls', - 'tls_options' => { - 'cert' => raw_cert, - 'key' => raw_key + 'host' => 'ldap.example.com', + 'port' => 686, + 'encryption' => 'start_tls', + 'tls_options' => { + 'cert' => raw_cert, + 'key' => raw_key } } ) @@ -221,12 +221,12 @@ AtlErSqafbECNDSwS5BX8yDpu5yRBJ4xegO/rNlmb8ICRYkuJapD1xXicFOsmfUK allow(Gitlab::AppLogger).to receive(:error) stub_ldap_config( options: { - 'host' => 'ldap.example.com', - 'port' => 686, - 'encryption' => 'start_tls', - 'tls_options' => { - 'cert' => 'invalid cert', - 'key' => 'invalid_key' + 'host' => 'ldap.example.com', + 'port' => 686, + 'encryption' => 'start_tls', + 'tls_options' => { + 'cert' => 'invalid cert', + 'key' => 'invalid_key' } } ) @@ -240,9 +240,9 @@ AtlErSqafbECNDSwS5BX8yDpu5yRBJ4xegO/rNlmb8ICRYkuJapD1xXicFOsmfUK it 'sets tls_options to OpenSSL defaults' do stub_ldap_config( options: { - 'host' => 'ldap.example.com', - 'port' => 686, - 'encryption' => 'simple_tls', + 'host' => 'ldap.example.com', + 'port' => 686, + 'encryption' => 'simple_tls', 'verify_certificates' => true } ) @@ -255,9 +255,9 @@ AtlErSqafbECNDSwS5BX8yDpu5yRBJ4xegO/rNlmb8ICRYkuJapD1xXicFOsmfUK it 'sets verify_mode to OpenSSL VERIFY_NONE' do stub_ldap_config( options: { - 'host' => 'ldap.example.com', - 'port' => 686, - 'encryption' => 'simple_tls', + 'host' => 'ldap.example.com', + 'port' => 686, + 'encryption' => 'simple_tls', 'verify_certificates' => false } ) @@ -274,11 +274,11 @@ AtlErSqafbECNDSwS5BX8yDpu5yRBJ4xegO/rNlmb8ICRYkuJapD1xXicFOsmfUK it 'passes it through in tls_options' do stub_ldap_config( options: { - 'host' => 'ldap.example.com', - 'port' => 686, - 'encryption' => 'simple_tls', - 'tls_options' => { - 'ca_file' => '/etc/ca.pem' + 'host' => 'ldap.example.com', + 'port' => 686, + 'encryption' => 'simple_tls', + 'tls_options' => { + 'ca_file' => '/etc/ca.pem' } } ) @@ -291,11 +291,11 @@ AtlErSqafbECNDSwS5BX8yDpu5yRBJ4xegO/rNlmb8ICRYkuJapD1xXicFOsmfUK it 'does not add the ca_file key to tls_options' do stub_ldap_config( options: { - 'host' => 'ldap.example.com', - 'port' => 686, - 'encryption' => 'simple_tls', - 'tls_options' => { - 'ca_file' => ' ' + 'host' => 'ldap.example.com', + 'port' => 686, + 'encryption' => 'simple_tls', + 'tls_options' => { + 'ca_file' => ' ' } } ) @@ -308,11 +308,11 @@ AtlErSqafbECNDSwS5BX8yDpu5yRBJ4xegO/rNlmb8ICRYkuJapD1xXicFOsmfUK it 'passes it through in tls_options' do stub_ldap_config( options: { - 'host' => 'ldap.example.com', - 'port' => 686, - 'encryption' => 'simple_tls', - 'tls_options' => { - 'ssl_version' => 'TLSv1_2' + 'host' => 'ldap.example.com', + 'port' => 686, + 'encryption' => 'simple_tls', + 'tls_options' => { + 'ssl_version' => 'TLSv1_2' } } ) @@ -325,11 +325,11 @@ AtlErSqafbECNDSwS5BX8yDpu5yRBJ4xegO/rNlmb8ICRYkuJapD1xXicFOsmfUK it 'does not add the ssl_version key to tls_options' do stub_ldap_config( options: { - 'host' => 'ldap.example.com', - 'port' => 686, - 'encryption' => 'simple_tls', - 'tls_options' => { - 'ssl_version' => ' ' + 'host' => 'ldap.example.com', + 'port' => 686, + 'encryption' => 'simple_tls', + 'tls_options' => { + 'ssl_version' => ' ' } } ) @@ -343,11 +343,11 @@ AtlErSqafbECNDSwS5BX8yDpu5yRBJ4xegO/rNlmb8ICRYkuJapD1xXicFOsmfUK it 'constructs basic options' do stub_ldap_config( options: { - 'host' => 'ldap.example.com', - 'port' => 386, - 'base' => 'ou=users,dc=example,dc=com', + 'host' => 'ldap.example.com', + 'port' => 386, + 'base' => 'ou=users,dc=example,dc=com', 'encryption' => 'plain', - 'uid' => 'uid' + 'uid' => 'uid' } ) @@ -364,10 +364,10 @@ AtlErSqafbECNDSwS5BX8yDpu5yRBJ4xegO/rNlmb8ICRYkuJapD1xXicFOsmfUK it 'includes authentication options when auth is configured' do stub_ldap_config( options: { - 'uid' => 'sAMAccountName', + 'uid' => 'sAMAccountName', 'user_filter' => '(memberOf=cn=group1,ou=groups,dc=example,dc=com)', - 'bind_dn' => 'uid=admin,dc=example,dc=com', - 'password' => 'super_secret' + 'bind_dn' => 'uid=admin,dc=example,dc=com', + 'password' => 'super_secret' } ) @@ -381,12 +381,12 @@ AtlErSqafbECNDSwS5BX8yDpu5yRBJ4xegO/rNlmb8ICRYkuJapD1xXicFOsmfUK it 'transforms SSL cert and key to OpenSSL objects' do stub_ldap_config( options: { - 'host' => 'ldap.example.com', - 'port' => 686, - 'encryption' => 'start_tls', - 'tls_options' => { - 'cert' => raw_cert, - 'key' => raw_key + 'host' => 'ldap.example.com', + 'port' => 686, + 'encryption' => 'start_tls', + 'tls_options' => { + 'cert' => raw_cert, + 'key' => raw_key } } ) @@ -399,9 +399,9 @@ AtlErSqafbECNDSwS5BX8yDpu5yRBJ4xegO/rNlmb8ICRYkuJapD1xXicFOsmfUK it 'specifies disable_verify_certificates as false' do stub_ldap_config( options: { - 'host' => 'ldap.example.com', - 'port' => 686, - 'encryption' => 'simple_tls', + 'host' => 'ldap.example.com', + 'port' => 686, + 'encryption' => 'simple_tls', 'verify_certificates' => true } ) @@ -414,9 +414,9 @@ AtlErSqafbECNDSwS5BX8yDpu5yRBJ4xegO/rNlmb8ICRYkuJapD1xXicFOsmfUK it 'specifies disable_verify_certificates as true' do stub_ldap_config( options: { - 'host' => 'ldap.example.com', - 'port' => 686, - 'encryption' => 'simple_tls', + 'host' => 'ldap.example.com', + 'port' => 686, + 'encryption' => 'simple_tls', 'verify_certificates' => false } ) @@ -429,12 +429,12 @@ AtlErSqafbECNDSwS5BX8yDpu5yRBJ4xegO/rNlmb8ICRYkuJapD1xXicFOsmfUK it 'passes it through' do stub_ldap_config( options: { - 'host' => 'ldap.example.com', - 'port' => 686, - 'encryption' => 'simple_tls', + 'host' => 'ldap.example.com', + 'port' => 686, + 'encryption' => 'simple_tls', 'verify_certificates' => true, - 'tls_options' => { - 'ca_file' => '/etc/ca.pem' + 'tls_options' => { + 'ca_file' => '/etc/ca.pem' } } ) @@ -447,12 +447,12 @@ AtlErSqafbECNDSwS5BX8yDpu5yRBJ4xegO/rNlmb8ICRYkuJapD1xXicFOsmfUK it 'does not include the ca_file option' do stub_ldap_config( options: { - 'host' => 'ldap.example.com', - 'port' => 686, - 'encryption' => 'simple_tls', + 'host' => 'ldap.example.com', + 'port' => 686, + 'encryption' => 'simple_tls', 'verify_certificates' => true, - 'tls_options' => { - 'ca_file' => ' ' + 'tls_options' => { + 'ca_file' => ' ' } } ) @@ -465,12 +465,12 @@ AtlErSqafbECNDSwS5BX8yDpu5yRBJ4xegO/rNlmb8ICRYkuJapD1xXicFOsmfUK it 'passes it through' do stub_ldap_config( options: { - 'host' => 'ldap.example.com', - 'port' => 686, - 'encryption' => 'simple_tls', + 'host' => 'ldap.example.com', + 'port' => 686, + 'encryption' => 'simple_tls', 'verify_certificates' => true, - 'tls_options' => { - 'ssl_version' => 'TLSv1_2' + 'tls_options' => { + 'ssl_version' => 'TLSv1_2' } } ) @@ -483,12 +483,12 @@ AtlErSqafbECNDSwS5BX8yDpu5yRBJ4xegO/rNlmb8ICRYkuJapD1xXicFOsmfUK it 'does not include the ssl_version option' do stub_ldap_config( options: { - 'host' => 'ldap.example.com', - 'port' => 686, - 'encryption' => 'simple_tls', + 'host' => 'ldap.example.com', + 'port' => 686, + 'encryption' => 'simple_tls', 'verify_certificates' => true, - 'tls_options' => { - 'ssl_version' => ' ' + 'tls_options' => { + 'ssl_version' => ' ' } } ) @@ -503,7 +503,7 @@ AtlErSqafbECNDSwS5BX8yDpu5yRBJ4xegO/rNlmb8ICRYkuJapD1xXicFOsmfUK it 'is true when password is set' do stub_ldap_config( options: { - 'bind_dn' => 'uid=admin,dc=example,dc=com', + 'bind_dn' => 'uid=admin,dc=example,dc=com', 'password' => 'super_secret' } ) @@ -514,7 +514,7 @@ AtlErSqafbECNDSwS5BX8yDpu5yRBJ4xegO/rNlmb8ICRYkuJapD1xXicFOsmfUK it 'is true when bind_dn is set and password is empty' do stub_ldap_config( options: { - 'bind_dn' => 'uid=admin,dc=example,dc=com', + 'bind_dn' => 'uid=admin,dc=example,dc=com', 'password' => '' } ) @@ -539,15 +539,15 @@ AtlErSqafbECNDSwS5BX8yDpu5yRBJ4xegO/rNlmb8ICRYkuJapD1xXicFOsmfUK options: { 'attributes' => { 'username' => %w(sAMAccountName), - 'email' => %w(userPrincipalName) + 'email' => %w(userPrincipalName) } } ) expect(config.attributes).to include({ 'username' => %w(sAMAccountName), - 'email' => %w(userPrincipalName), - 'name' => 'cn' + 'email' => %w(userPrincipalName), + 'name' => 'cn' }) end end |