diff options
Diffstat (limited to 'vendor/gems/omniauth_crowd/spec/omniauth/strategies/crowd_spec.rb')
-rwxr-xr-x | vendor/gems/omniauth_crowd/spec/omniauth/strategies/crowd_spec.rb | 88 |
1 files changed, 26 insertions, 62 deletions
diff --git a/vendor/gems/omniauth_crowd/spec/omniauth/strategies/crowd_spec.rb b/vendor/gems/omniauth_crowd/spec/omniauth/strategies/crowd_spec.rb index f234ef82e76..000b3901f86 100755 --- a/vendor/gems/omniauth_crowd/spec/omniauth/strategies/crowd_spec.rb +++ b/vendor/gems/omniauth_crowd/spec/omniauth/strategies/crowd_spec.rb @@ -20,9 +20,21 @@ describe OmniAuth::Strategies::Crowd, :type=>:strategy do @sso_url_image = nil let(:config) { OmniAuth::Strategies::Crowd::Configuration.new(strategy[1]) } let(:validator) { OmniAuth::Strategies::Crowd::CrowdValidator.new(config, 'foo', 'bar', nil, nil) } + let(:csrf_token) { SecureRandom.base64(32) } + let(:base_env) { { 'rack.session' => { csrf: csrf_token }, 'rack.input' => StringIO.new("authenticity_token=#{escaped_token}") } } + let(:post_env) { make_env('/auth/crowd', base_env) } + let(:escaped_token) { URI.encode_www_form_component(csrf_token, Encoding::UTF_8) } + + def make_env(path = '/auth/crowd', props = {}) + { + 'REQUEST_METHOD' => 'POST', + 'PATH_INFO' => path, + 'rack.session' => {}, + 'rack.input' => StringIO.new('test=true') + }.merge(props) + end describe 'Authentication Request Body' do - it 'should send password in session request' do body = <<-BODY.strip <password> @@ -42,21 +54,13 @@ BODY end end - describe 'GET /auth/crowd' do + describe 'POST /auth/crowd' do it 'should show the login form' do - get '/auth/crowd' + post '/auth/crowd', nil, post_env expect(last_response).to be_ok end end - describe 'POST /auth/crowd' do - it 'should redirect to callback' do - post '/auth/crowd', :username=>'foo', :password=>'bar' - expect(last_response).to be_redirect - expect(last_response.headers['Location']).to eq('http://example.org/auth/crowd/callback') - end - end - describe 'GET /auth/crowd/callback without any credentials' do it 'should fail' do get '/auth/crowd/callback' @@ -79,13 +83,16 @@ BODY to_return(:status => [415, "Unsupported Media Type"]) get '/auth/crowd/callback', nil, 'rack.session'=>{'omniauth.crowd'=> {"username"=>"foo", "password"=>"ba"}} end + it 'should call through to the master app' do expect(last_response.body).to eq('true') end + it 'should have an auth hash' do auth = last_request.env['omniauth.auth'] expect(auth).to be_kind_of(Hash) end + it 'should have good data' do auth = last_request.env['omniauth.auth'] expect(auth['provider']).to eq(:crowd) @@ -142,8 +149,7 @@ BODY end end - describe 'GET /auth/crowd without credentials will redirect to login form' do - + describe 'POST /auth/crowd without credentials will redirect to login form' do sso_url = 'https://foo.bar' before do @@ -152,10 +158,9 @@ BODY end it 'should have the SSO button in the response body' do - found_legend = found_anchor = nil - get '/auth/crowd' + post '/auth/crowd', nil, post_env Nokogiri::HTML(last_response.body).xpath('//html/body/form/fieldset/*').each do |element| @@ -163,26 +168,23 @@ BODY found_legend = true elsif element.name === 'a' && element.attr('href') === "#{sso_url}/users/auth/crowd/callback" found_anchor = true - end + end end expect(found_legend).to(be(true)) expect(found_anchor).to(be(true)) - end after do @using_sessions = false @sso_url = nil end - end - - describe 'GET /auth/crowd without credentials will redirect to login form which has custom image in the SSO link' do - + + describe 'POST /auth/crowd without credentials will redirect to login form which has custom image in the SSO link' do sso_url = 'https://foo.bar' sso_url_image = 'https://foo.bar/image.png' - + before do @using_sessions = true @sso_url = sso_url @@ -190,10 +192,9 @@ BODY end it 'should have the SSO button with a custom image in the response body' do - found_legend = found_anchor = found_image = false - get '/auth/crowd' + post '/auth/crowd', nil, post_env Nokogiri::HTML(last_response.body).xpath('//html/body/form/fieldset/*').each do |element| @@ -206,14 +207,12 @@ BODY if element.children.length === 1 && element.children.first.name === 'img' && element.children.first.attr('src') === sso_url_image found_image = true end - end end expect(found_legend).to(be(true)) expect(found_anchor).to(be(true)) expect(found_image).to(be(true)) - end after do @@ -221,46 +220,13 @@ BODY @sso_url = nil @sso_url_image = nil end - end - describe 'GET /auth/crowd without credentials but with SSO cookie will redirect to callback' do - - sso_url = 'https://foo.bar' - - before do - - @using_sessions = true - @sso_url = sso_url - - set_cookie('crowd.token_key=foobar') - - end - - it 'should redirect to callback' do - get '/auth/crowd' - expect(last_response).to be_redirect - expect(last_response.headers['Location']).to eq('http://example.org/auth/crowd/callback') - end - - after do - - @using_sessions = false - @sso_url = nil - - clear_cookies() - - end - - end - describe 'POST /auth/crowd/callback without credentials but with SSO cookie will redirect to login form because session is invalid' do - sso_url = 'https://foo.bar' token = 'foobar' - + before do - @using_sessions = true @sso_url = sso_url @@ -268,7 +234,6 @@ BODY to_return(:status => [404]) set_cookie("crowd.token_key=#{token}") - end it 'should redirect to login form' do @@ -360,7 +325,6 @@ BODY end it 'should return user data' do - auth = nil get '/auth/crowd/callback' |