diff options
Diffstat (limited to 'spec/requests/api/internal/base_spec.rb')
-rw-r--r-- | spec/requests/api/internal/base_spec.rb | 48 |
1 files changed, 47 insertions, 1 deletions
diff --git a/spec/requests/api/internal/base_spec.rb b/spec/requests/api/internal/base_spec.rb index 32cacfc713c..f9284f21aaa 100644 --- a/spec/requests/api/internal/base_spec.rb +++ b/spec/requests/api/internal/base_spec.rb @@ -2,7 +2,7 @@ require 'spec_helper' -RSpec.describe API::Internal::Base do +RSpec.describe API::Internal::Base, feature_category: :authentication_and_authorization do include GitlabShellHelpers include APIInternalBaseHelpers @@ -325,6 +325,28 @@ RSpec.describe API::Internal::Base do expect(json_response['name']).to eq(user.name) end + context 'when signing key is passed' do + it 'does not authenticate user' do + key.signing! + + get(api("/internal/discover"), params: { key_id: key.id }, headers: gitlab_shell_internal_api_request_header) + + expect(json_response).to be_nil + end + end + + context 'when auth-only key is passed' do + it 'authenticates user' do + key.auth! + + get(api("/internal/discover"), params: { key_id: key.id }, headers: gitlab_shell_internal_api_request_header) + + expect(response).to have_gitlab_http_status(:ok) + + expect(json_response['name']).to eq(user.name) + end + end + it "finds a user by username" do get(api("/internal/discover"), params: { username: user.username }, headers: gitlab_shell_internal_api_request_header) @@ -360,6 +382,30 @@ RSpec.describe API::Internal::Base do expect(json_response['key'].split[1]).to eq(key.key.split[1]) end + context 'when signing key is passed' do + it 'does not return the key' do + key.signing! + + get(api('/internal/authorized_keys'), params: { key: key.key.split[1] }, headers: gitlab_shell_internal_api_request_header) + + expect(response).to have_gitlab_http_status(:not_found) + + expect(json_response['id']).to be_nil + end + end + + context 'when auth-only key is passed' do + it 'authenticates user' do + key.auth! + + get(api('/internal/authorized_keys'), params: { key: key.key.split[1] }, headers: gitlab_shell_internal_api_request_header) + + expect(response).to have_gitlab_http_status(:ok) + expect(json_response['id']).to eq(key.id) + expect(json_response['key'].split[1]).to eq(key.key.split[1]) + end + end + it 'exposes the comment of the key as a simple identifier of username + hostname' do get(api('/internal/authorized_keys'), params: { key: key.key.split[1] }, headers: gitlab_shell_internal_api_request_header) |