diff options
Diffstat (limited to 'spec/lib/gitlab/auth')
-rw-r--r-- | spec/lib/gitlab/auth/ldap/adapter_spec.rb | 10 | ||||
-rw-r--r-- | spec/lib/gitlab/auth/otp/strategies/forti_authenticator/manual_otp_spec.rb (renamed from spec/lib/gitlab/auth/otp/strategies/forti_authenticator_spec.rb) | 2 | ||||
-rw-r--r-- | spec/lib/gitlab/auth/otp/strategies/forti_authenticator/push_otp_spec.rb | 65 | ||||
-rw-r--r-- | spec/lib/gitlab/auth/saml/config_spec.rb | 19 |
4 files changed, 91 insertions, 5 deletions
diff --git a/spec/lib/gitlab/auth/ldap/adapter_spec.rb b/spec/lib/gitlab/auth/ldap/adapter_spec.rb index b7b12e49a8e..3791b7a07dd 100644 --- a/spec/lib/gitlab/auth/ldap/adapter_spec.rb +++ b/spec/lib/gitlab/auth/ldap/adapter_spec.rb @@ -26,10 +26,12 @@ RSpec.describe Gitlab::Auth::Ldap::Adapter do it 'searches with the proper options when searching by dn' do expect(adapter).to receive(:ldap_search).with( - base: 'uid=johndoe,ou=users,dc=example,dc=com', - scope: Net::LDAP::SearchScope_BaseObject, - attributes: ldap_attributes, - filter: nil + { + base: 'uid=johndoe,ou=users,dc=example,dc=com', + scope: Net::LDAP::SearchScope_BaseObject, + attributes: ldap_attributes, + filter: nil + } ).and_return({}) adapter.users('dn', 'uid=johndoe,ou=users,dc=example,dc=com') diff --git a/spec/lib/gitlab/auth/otp/strategies/forti_authenticator_spec.rb b/spec/lib/gitlab/auth/otp/strategies/forti_authenticator/manual_otp_spec.rb index dc20df98185..f08c787382e 100644 --- a/spec/lib/gitlab/auth/otp/strategies/forti_authenticator_spec.rb +++ b/spec/lib/gitlab/auth/otp/strategies/forti_authenticator/manual_otp_spec.rb @@ -2,7 +2,7 @@ require 'spec_helper' -RSpec.describe Gitlab::Auth::Otp::Strategies::FortiAuthenticator do +RSpec.describe Gitlab::Auth::Otp::Strategies::FortiAuthenticator::ManualOtp do let_it_be(:user) { create(:user) } let(:otp_code) { 42 } diff --git a/spec/lib/gitlab/auth/otp/strategies/forti_authenticator/push_otp_spec.rb b/spec/lib/gitlab/auth/otp/strategies/forti_authenticator/push_otp_spec.rb new file mode 100644 index 00000000000..231bd3f48f1 --- /dev/null +++ b/spec/lib/gitlab/auth/otp/strategies/forti_authenticator/push_otp_spec.rb @@ -0,0 +1,65 @@ +# frozen_string_literal: true + +require 'spec_helper' + +RSpec.describe Gitlab::Auth::Otp::Strategies::FortiAuthenticator::PushOtp do + let_it_be(:user) { create(:user) } + + let(:host) { 'forti_authenticator.example.com' } + let(:port) { '444' } + let(:api_username) { 'janedoe' } + let(:api_token) { 's3cr3t' } + + let(:forti_authenticator_auth_url) { "https://#{host}:#{port}/api/v1/pushauth/" } + let(:response_status) { 200 } + + subject(:validate) { described_class.new(user).validate } + + before do + stub_feature_flags(forti_authenticator: user) + + stub_forti_authenticator_config( + enabled: true, + host: host, + port: port, + username: api_username, + access_token: api_token + ) + + request_body = { username: user.username } + + stub_request(:post, forti_authenticator_auth_url) + .with(body: JSON(request_body), + headers: { 'Content-Type': 'application/json' }, + basic_auth: [api_username, api_token]) + .to_return(status: response_status, body: '') + end + + context 'successful validation' do + it 'returns success' do + expect(validate[:status]).to eq(:success) + end + end + + context 'unsuccessful validation' do + let(:response_status) { 401 } + + it 'returns error' do + expect(validate[:status]).to eq(:error) + end + end + + context 'unexpected error' do + it 'returns error' do + error_message = 'boom!' + stub_request(:post, forti_authenticator_auth_url).to_raise(StandardError.new(error_message)) + + expect(validate[:status]).to eq(:error) + expect(validate[:message]).to eq(error_message) + end + end + + def stub_forti_authenticator_config(forti_authenticator_settings) + allow(::Gitlab.config.forti_authenticator).to(receive_messages(forti_authenticator_settings)) + end +end diff --git a/spec/lib/gitlab/auth/saml/config_spec.rb b/spec/lib/gitlab/auth/saml/config_spec.rb new file mode 100644 index 00000000000..12f5da48873 --- /dev/null +++ b/spec/lib/gitlab/auth/saml/config_spec.rb @@ -0,0 +1,19 @@ +# frozen_string_literal: true + +require 'spec_helper' + +RSpec.describe Gitlab::Auth::Saml::Config do + describe '.enabled?' do + subject { described_class.enabled? } + + it { is_expected.to eq(false) } + + context 'when SAML is enabled' do + before do + allow(Gitlab::Auth::OAuth::Provider).to receive(:providers).and_return([:saml]) + end + + it { is_expected.to eq(true) } + end + end +end |