2019-08-22 06:57:44 -04:00
|
|
|
# frozen_string_literal: true
|
|
|
|
|
2016-12-15 08:32:50 -05:00
|
|
|
require 'spec_helper'
|
|
|
|
|
2020-06-24 14:09:03 -04:00
|
|
|
RSpec.describe Mattermost::Session, type: :request do
|
2018-06-28 14:51:36 -04:00
|
|
|
include ExclusiveLeaseHelpers
|
2019-04-21 06:03:26 -04:00
|
|
|
include StubRequests
|
2018-06-28 14:51:36 -04:00
|
|
|
|
2016-12-15 08:32:50 -05:00
|
|
|
let(:user) { create(:user) }
|
|
|
|
|
2016-12-16 05:31:26 -05:00
|
|
|
let(:gitlab_url) { "http://gitlab.com" }
|
|
|
|
let(:mattermost_url) { "http://mattermost.com" }
|
|
|
|
|
2016-12-16 06:20:42 -05:00
|
|
|
subject { described_class.new(user) }
|
2016-12-15 08:32:50 -05:00
|
|
|
|
|
|
|
# Needed for doorkeeper to function
|
|
|
|
it { is_expected.to respond_to(:current_resource_owner) }
|
|
|
|
it { is_expected.to respond_to(:request) }
|
|
|
|
it { is_expected.to respond_to(:authorization) }
|
|
|
|
it { is_expected.to respond_to(:strategy) }
|
|
|
|
|
2016-12-16 06:20:42 -05:00
|
|
|
before do
|
2018-03-13 18:38:25 -04:00
|
|
|
subject.base_uri = mattermost_url
|
2016-12-16 06:20:42 -05:00
|
|
|
end
|
|
|
|
|
2016-12-15 08:32:50 -05:00
|
|
|
describe '#with session' do
|
|
|
|
let(:location) { 'http://location.tld' }
|
2017-08-01 09:04:35 -04:00
|
|
|
let(:cookie_header) {'MMOAUTH=taskik8az7rq8k6rkpuas7htia; Path=/;'}
|
2016-12-15 08:32:50 -05:00
|
|
|
let!(:stub) do
|
2019-04-21 06:03:26 -04:00
|
|
|
stub_full_request("#{mattermost_url}/oauth/gitlab/login")
|
2018-05-15 11:13:49 -04:00
|
|
|
.to_return(headers: { 'location' => location, 'Set-Cookie' => cookie_header }, status: 302)
|
2016-12-15 08:32:50 -05:00
|
|
|
end
|
|
|
|
|
|
|
|
context 'without oauth uri' do
|
|
|
|
it 'makes a request to the oauth uri' do
|
|
|
|
expect { subject.with_session }.to raise_error(Mattermost::NoSessionError)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'with oauth_uri' do
|
|
|
|
let!(:doorkeeper) do
|
2016-12-16 05:31:26 -05:00
|
|
|
Doorkeeper::Application.create(
|
2017-08-01 09:04:35 -04:00
|
|
|
name: 'GitLab Mattermost',
|
2016-12-16 05:31:26 -05:00
|
|
|
redirect_uri: "#{mattermost_url}/signup/gitlab/complete\n#{mattermost_url}/login/gitlab/complete",
|
2017-08-01 09:04:35 -04:00
|
|
|
scopes: '')
|
2016-12-15 08:32:50 -05:00
|
|
|
end
|
|
|
|
|
|
|
|
context 'without token_uri' do
|
|
|
|
it 'can not create a session' do
|
|
|
|
expect do
|
|
|
|
subject.with_session
|
|
|
|
end.to raise_error(Mattermost::NoSessionError)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'with token_uri' do
|
2016-12-16 05:31:26 -05:00
|
|
|
let(:state) { "state" }
|
|
|
|
let(:params) do
|
|
|
|
{ response_type: "code",
|
|
|
|
client_id: doorkeeper.uid,
|
|
|
|
redirect_uri: "#{mattermost_url}/signup/gitlab/complete",
|
|
|
|
state: state }
|
|
|
|
end
|
2020-08-10 23:11:00 -04:00
|
|
|
|
2016-12-16 05:31:26 -05:00
|
|
|
let(:location) do
|
|
|
|
"#{gitlab_url}/oauth/authorize?#{URI.encode_www_form(params)}"
|
|
|
|
end
|
2016-12-15 08:32:50 -05:00
|
|
|
|
|
|
|
before do
|
2019-04-21 06:03:26 -04:00
|
|
|
stub_full_request("#{mattermost_url}/signup/gitlab/complete")
|
2017-06-21 09:48:12 -04:00
|
|
|
.with(query: hash_including({ 'state' => state }))
|
|
|
|
.to_return do |request|
|
2016-12-16 05:31:26 -05:00
|
|
|
post "/oauth/token",
|
2018-12-17 17:52:17 -05:00
|
|
|
params: {
|
|
|
|
client_id: doorkeeper.uid,
|
|
|
|
client_secret: doorkeeper.secret,
|
|
|
|
redirect_uri: params[:redirect_uri],
|
|
|
|
grant_type: 'authorization_code',
|
|
|
|
code: request.uri.query_values['code']
|
|
|
|
}
|
2016-12-16 05:31:26 -05:00
|
|
|
|
|
|
|
if response.status == 200
|
|
|
|
{ headers: { 'token' => 'thisworksnow' }, status: 202 }
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2019-04-21 06:03:26 -04:00
|
|
|
stub_full_request("#{mattermost_url}/api/v4/users/logout", method: :post)
|
2017-06-21 09:48:12 -04:00
|
|
|
.to_return(headers: { Authorization: 'token thisworksnow' }, status: 200)
|
2016-12-15 08:32:50 -05:00
|
|
|
end
|
|
|
|
|
2018-09-17 05:17:33 -04:00
|
|
|
it 'can set up a session' do
|
2016-12-16 06:20:42 -05:00
|
|
|
subject.with_session do |session|
|
|
|
|
end
|
2016-12-15 08:32:50 -05:00
|
|
|
|
2016-12-16 05:31:26 -05:00
|
|
|
expect(subject.token).not_to be_nil
|
2016-12-15 08:32:50 -05:00
|
|
|
end
|
|
|
|
|
|
|
|
it 'returns the value of the block' do
|
2016-12-16 06:20:42 -05:00
|
|
|
result = subject.with_session do |session|
|
|
|
|
"value"
|
|
|
|
end
|
2016-12-15 08:32:50 -05:00
|
|
|
|
2016-12-16 06:20:42 -05:00
|
|
|
expect(result).to eq("value")
|
2016-12-15 08:32:50 -05:00
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
2016-12-21 07:34:24 -05:00
|
|
|
|
2018-06-28 14:51:36 -04:00
|
|
|
context 'exclusive lease' do
|
|
|
|
let(:lease_key) { 'mattermost:session' }
|
2016-12-21 07:34:24 -05:00
|
|
|
|
|
|
|
it 'tries to obtain a lease' do
|
2018-06-28 14:51:36 -04:00
|
|
|
expect_to_obtain_exclusive_lease(lease_key, 'uuid')
|
|
|
|
expect_to_cancel_exclusive_lease(lease_key, 'uuid')
|
2016-12-21 07:34:24 -05:00
|
|
|
|
2018-09-17 05:17:33 -04:00
|
|
|
# Cannot set up a session, but we should still cancel the lease
|
2016-12-21 07:34:24 -05:00
|
|
|
expect { subject.with_session }.to raise_error(Mattermost::NoSessionError)
|
|
|
|
end
|
|
|
|
|
2018-06-28 14:51:36 -04:00
|
|
|
it 'returns a NoSessionError error without lease' do
|
|
|
|
stub_exclusive_lease_taken(lease_key)
|
2016-12-21 07:34:24 -05:00
|
|
|
|
|
|
|
expect { subject.with_session }.to raise_error(Mattermost::NoSessionError)
|
|
|
|
end
|
|
|
|
end
|
2016-12-15 08:32:50 -05:00
|
|
|
end
|
2016-12-19 08:14:09 -05:00
|
|
|
end
|