spec/controllers/oauth/tokens_controller_spec.rb


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65

# frozen_string_literal: true

require 'spec_helper'

RSpec.describe Oauth::TokensController, feature_category: :user_management do
  let(:user) { create(:user) }

  it 'includes Two-factor enforcement concern' do
    expect(described_class.included_modules.include?(EnforcesTwoFactorAuthentication)).to eq(true)
  end

  describe '#append_info_to_payload' do
    controller(described_class) do
      attr_reader :last_payload

      def create
        render html: 'authenticated'
      end

      def append_info_to_payload(payload)
        super

        @last_payload = payload
      end
    end

    it 'does log correlation id' do
      Labkit::Correlation::CorrelationId.use_id('new-id') do
        post :create
      end

      expect(controller.last_payload).to include('correlation_id' => 'new-id')
    end

    it 'adds context metadata to the payload' do
      sign_in user

      post :create

      expect(controller.last_payload[:metadata]).to include(Gitlab::ApplicationContext.current)
    end

    it 'logs response length' do
      sign_in user

      post :create

      expect(controller.last_payload[:response_bytes]).to eq('authenticated'.bytesize)
    end

    context 'with log_response_length disabled' do
      before do
        stub_feature_flags(log_response_length: false)
      end

      it 'logs response length' do
        sign_in user

        post :create

        expect(controller.last_payload).not_to include(:response_bytes)
      end
    end
  end
end