Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/gitlab-org/gitlab-foss.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/spec/requests/api/internal/base_spec.rb
diff options
context:
space:
mode:
Diffstat (limited to 'spec/requests/api/internal/base_spec.rb')
-rw-r--r--spec/requests/api/internal/base_spec.rb48
1 files changed, 47 insertions, 1 deletions
diff --git a/spec/requests/api/internal/base_spec.rb b/spec/requests/api/internal/base_spec.rb
index 32cacfc713c..f9284f21aaa 100644
--- a/spec/requests/api/internal/base_spec.rb
+++ b/spec/requests/api/internal/base_spec.rb
@@ -2,7 +2,7 @@
require 'spec_helper'
-RSpec.describe API::Internal::Base do
+RSpec.describe API::Internal::Base, feature_category: :authentication_and_authorization do
include GitlabShellHelpers
include APIInternalBaseHelpers
@@ -325,6 +325,28 @@ RSpec.describe API::Internal::Base do
expect(json_response['name']).to eq(user.name)
end
+ context 'when signing key is passed' do
+ it 'does not authenticate user' do
+ key.signing!
+
+ get(api("/internal/discover"), params: { key_id: key.id }, headers: gitlab_shell_internal_api_request_header)
+
+ expect(json_response).to be_nil
+ end
+ end
+
+ context 'when auth-only key is passed' do
+ it 'authenticates user' do
+ key.auth!
+
+ get(api("/internal/discover"), params: { key_id: key.id }, headers: gitlab_shell_internal_api_request_header)
+
+ expect(response).to have_gitlab_http_status(:ok)
+
+ expect(json_response['name']).to eq(user.name)
+ end
+ end
+
it "finds a user by username" do
get(api("/internal/discover"), params: { username: user.username }, headers: gitlab_shell_internal_api_request_header)
@@ -360,6 +382,30 @@ RSpec.describe API::Internal::Base do
expect(json_response['key'].split[1]).to eq(key.key.split[1])
end
+ context 'when signing key is passed' do
+ it 'does not return the key' do
+ key.signing!
+
+ get(api('/internal/authorized_keys'), params: { key: key.key.split[1] }, headers: gitlab_shell_internal_api_request_header)
+
+ expect(response).to have_gitlab_http_status(:not_found)
+
+ expect(json_response['id']).to be_nil
+ end
+ end
+
+ context 'when auth-only key is passed' do
+ it 'authenticates user' do
+ key.auth!
+
+ get(api('/internal/authorized_keys'), params: { key: key.key.split[1] }, headers: gitlab_shell_internal_api_request_header)
+
+ expect(response).to have_gitlab_http_status(:ok)
+ expect(json_response['id']).to eq(key.id)
+ expect(json_response['key'].split[1]).to eq(key.key.split[1])
+ end
+ end
+
it 'exposes the comment of the key as a simple identifier of username + hostname' do
get(api('/internal/authorized_keys'), params: { key: key.key.split[1] }, headers: gitlab_shell_internal_api_request_header)
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-20 05:58:53 +0300