diff options
Diffstat (limited to 'spec/requests/api/internal/base_spec.rb')
| -rw-r--r-- | spec/requests/api/internal/base_spec.rb | 17 |
1 files changed, 12 insertions, 5 deletions
diff --git a/spec/requests/api/internal/base_spec.rb b/spec/requests/api/internal/base_spec.rb index 6fe77727702..e04f63befd0 100644 --- a/spec/requests/api/internal/base_spec.rb +++ b/spec/requests/api/internal/base_spec.rb @@ -220,6 +220,8 @@ RSpec.describe API::Internal::Base do end it 'returns a token without expiry when the expires_at parameter is missing' do + token_size = (PersonalAccessToken.token_prefix || '').size + 20 + post api('/internal/personal_access_token'), params: { secret_token: secret_token, @@ -229,12 +231,14 @@ RSpec.describe API::Internal::Base do } expect(json_response['success']).to be_truthy - expect(json_response['token']).to match(/\A\S{20}\z/) + expect(json_response['token']).to match(/\A\S{#{token_size}}\z/) expect(json_response['scopes']).to match_array(%w(read_api read_repository)) expect(json_response['expires_at']).to be_nil end it 'returns a token with expiry when it receives a valid expires_at parameter' do + token_size = (PersonalAccessToken.token_prefix || '').size + 20 + post api('/internal/personal_access_token'), params: { secret_token: secret_token, @@ -245,7 +249,7 @@ RSpec.describe API::Internal::Base do } expect(json_response['success']).to be_truthy - expect(json_response['token']).to match(/\A\S{20}\z/) + expect(json_response['token']).to match(/\A\S{#{token_size}}\z/) expect(json_response['scopes']).to match_array(%w(read_api read_repository)) expect(json_response['expires_at']).to eq('9001-11-17') end @@ -722,8 +726,7 @@ RSpec.describe API::Internal::Base do 'ssh', { authentication_abilities: [:read_project, :download_code, :push_code], - namespace_path: project.namespace.path, - repository_path: project.path, + repository_path: "#{project.full_path}.git", redirected_path: nil } ).and_return(access_checker) @@ -1337,9 +1340,13 @@ RSpec.describe API::Internal::Base do end context 'when the OTP is valid' do - it 'returns success' do + it 'registers a new OTP session and returns success' do allow_any_instance_of(Users::ValidateOtpService).to receive(:execute).with(otp).and_return(status: :success) + expect_next_instance_of(::Gitlab::Auth::Otp::SessionEnforcer) do |session_enforcer| + expect(session_enforcer).to receive(:update_session).once + end + subject expect(json_response['success']).to be_truthy |