summaryrefslogtreecommitdiff
path: root/spec/initializers/doorkeeper_spec.rb
blob: 164225a00b22bc3aca6fa5ba47dfcb8caac81b1f (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
# frozen_string_literal: true

require 'spec_helper'
require_relative '../../config/initializers/doorkeeper'

RSpec.describe Doorkeeper.configuration do
  describe '#default_scopes' do
    it 'matches Gitlab::Auth::DEFAULT_SCOPES' do
      expect(subject.default_scopes).to eq Gitlab::Auth::DEFAULT_SCOPES
    end
  end

  describe '#optional_scopes' do
    it 'matches Gitlab::Auth.optional_scopes' do
      expect(subject.optional_scopes).to eq Gitlab::Auth.optional_scopes - Gitlab::Auth::REGISTRY_SCOPES
    end
  end

  describe '#resource_owner_authenticator' do
    subject { controller.instance_exec(&Doorkeeper.configuration.authenticate_resource_owner) }

    let(:controller) { double }

    before do
      allow(controller).to receive(:current_user).and_return(current_user)
      allow(controller).to receive(:session).and_return({})
      allow(controller).to receive(:request).and_return(OpenStruct.new(fullpath: '/return-path'))
      allow(controller).to receive(:redirect_to)
      allow(controller).to receive(:new_user_session_url).and_return('/login')
    end

    context 'with a user present' do
      let(:current_user) { create(:user) }

      it 'returns the user' do
        expect(subject).to eq current_user
      end

      it 'does not redirect' do
        expect(controller).not_to receive(:redirect_to)

        subject
      end

      it 'does not store the return path' do
        subject

        expect(controller.session).not_to include :user_return_to
      end
    end

    context 'without a user present' do
      let(:current_user) { nil }

      # NOTE: this is required for doorkeeper-openid_connect
      it 'returns nil' do
        expect(subject).to eq nil
      end

      it 'redirects to the login form' do
        expect(controller).to receive(:redirect_to).with('/login')

        subject
      end

      it 'stores the return path' do
        subject

        expect(controller.session[:user_return_to]).to eq '/return-path'
      end
    end
  end
end