diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2021-11-18 16:16:36 +0300 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2021-11-18 16:16:36 +0300 |
| commit | 311b0269b4eb9839fa63f80c8d7a58f32b8138a0 (patch) | |
| tree | 07e7870bca8aed6d61fdcc810731c50d2c40af47 /spec/lib/gitlab/auth | |
| parent | 27909cef6c4170ed9205afa7426b8d3de47cbb0c (diff) | |
Add latest changes from gitlab-org/gitlab@14-5-stable-eev14.5.0-rc42
Diffstat (limited to 'spec/lib/gitlab/auth')
| -rw-r--r-- | spec/lib/gitlab/auth/auth_finders_spec.rb | 64 |
1 files changed, 42 insertions, 22 deletions
diff --git a/spec/lib/gitlab/auth/auth_finders_spec.rb b/spec/lib/gitlab/auth/auth_finders_spec.rb index b0522e269e0..f1c891b2adb 100644 --- a/spec/lib/gitlab/auth/auth_finders_spec.rb +++ b/spec/lib/gitlab/auth/auth_finders_spec.rb @@ -873,45 +873,65 @@ RSpec.describe Gitlab::Auth::AuthFinders do end describe '#find_user_from_job_token' do + let(:token) { job.token } + subject { find_user_from_job_token } - context 'when the token is in the headers' do - before do - set_header(described_class::JOB_TOKEN_HEADER, token) + shared_examples 'finds user when job token allowed' do + context 'when the token is in the headers' do + before do + set_header(described_class::JOB_TOKEN_HEADER, token) + end + + it_behaves_like 'find user from job token' end - it_behaves_like 'find user from job token' - end + context 'when the token is in the job_token param' do + before do + set_param(described_class::JOB_TOKEN_PARAM, token) + end - context 'when the token is in the job_token param' do - before do - set_param(described_class::JOB_TOKEN_PARAM, token) + it_behaves_like 'find user from job token' end - it_behaves_like 'find user from job token' - end + context 'when the token is in the token param' do + before do + set_param(described_class::RUNNER_JOB_TOKEN_PARAM, token) + end - context 'when the token is in the token param' do - before do - set_param(described_class::RUNNER_JOB_TOKEN_PARAM, token) + it_behaves_like 'find user from job token' end + end - it_behaves_like 'find user from job token' + context 'when route setting allows job_token' do + let(:route_authentication_setting) { { job_token_allowed: true } } + + include_examples 'finds user when job token allowed' end - context 'when the job token is provided via basic auth' do + context 'when route setting is basic auth' do let(:route_authentication_setting) { { job_token_allowed: :basic_auth } } - let(:username) { ::Gitlab::Auth::CI_JOB_USER } - let(:token) { job.token } - before do - set_basic_auth_header(username, token) + context 'when the token is provided via basic auth' do + let(:username) { ::Gitlab::Auth::CI_JOB_USER } + + before do + set_basic_auth_header(username, token) + end + + it { is_expected.to eq(user) } end - it { is_expected.to eq(user) } + include_examples 'finds user when job token allowed' + end - context 'credentials are provided but route setting is incorrect' do - let(:route_authentication_setting) { { job_token_allowed: :unknown } } + context 'when route setting job_token_allowed is invalid' do + let(:route_authentication_setting) { { job_token_allowed: false } } + + context 'when the token is provided' do + before do + set_header(described_class::JOB_TOKEN_HEADER, token) + end it { is_expected.to be_nil } end |