1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
|
# frozen_string_literal: true
require 'spec_helper'
RSpec.describe Gitlab::Auth::OAuth::AuthHash do
let(:provider) { 'ldap' }
let(:auth_hash) do
described_class.new(
OmniAuth::AuthHash.new(
provider: provider,
uid: uid_ascii,
info: info_hash
)
)
end
let(:provider_config) { { 'args' => { 'gitlab_username_claim' => 'first_name' } } }
let(:uid_raw) do
+"CN=Onur K\xC3\xBC\xC3\xA7\xC3\xBCk,OU=Test,DC=example,DC=net"
end
let(:email_raw) { +"onur.k\xC3\xBC\xC3\xA7\xC3\xBCk_ABC-123@example.net" }
let(:nickname_raw) { +"ok\xC3\xBC\xC3\xA7\xC3\xBCk" }
let(:first_name_raw) { +'Onur' }
let(:last_name_raw) { +"K\xC3\xBC\xC3\xA7\xC3\xBCk" }
let(:name_raw) { +"Onur K\xC3\xBC\xC3\xA7\xC3\xBCk" }
let(:uid_ascii) { uid_raw.force_encoding(Encoding::ASCII_8BIT) }
let(:email_ascii) { email_raw.force_encoding(Encoding::ASCII_8BIT) }
let(:nickname_ascii) { nickname_raw.force_encoding(Encoding::ASCII_8BIT) }
let(:first_name_ascii) { first_name_raw.force_encoding(Encoding::ASCII_8BIT) }
let(:last_name_ascii) { last_name_raw.force_encoding(Encoding::ASCII_8BIT) }
let(:name_ascii) { name_raw.force_encoding(Encoding::ASCII_8BIT) }
let(:uid_utf8) { uid_ascii.force_encoding(Encoding::UTF_8) }
let(:email_utf8) { email_ascii.force_encoding(Encoding::UTF_8) }
let(:nickname_utf8) { nickname_ascii.force_encoding(Encoding::UTF_8) }
let(:name_utf8) { name_ascii.force_encoding(Encoding::UTF_8) }
let(:first_name_utf8) { first_name_ascii.force_encoding(Encoding::UTF_8) }
let(:info_hash) do
{
email: email_ascii,
first_name: first_name_ascii,
last_name: last_name_ascii,
name: name_ascii,
nickname: nickname_ascii,
uid: uid_ascii,
address: {
locality: 'some locality',
country: 'some country'
}
}
end
context 'defaults' do
it { expect(auth_hash.provider).to eq provider }
it { expect(auth_hash.uid).to eql uid_utf8 }
it { expect(auth_hash.email).to eql email_utf8 }
it { expect(auth_hash.username).to eql nickname_utf8 }
it { expect(auth_hash.name).to eql name_utf8 }
it { expect(auth_hash.password).not_to be_empty }
it { expect(auth_hash.location).to eq 'some locality, some country' }
end
context 'email not provided' do
before do
info_hash.delete(:email)
end
it 'generates a temp email' do
expect( auth_hash.email).to start_with('temp-email-for-oauth')
end
end
context 'username not provided' do
before do
info_hash.delete(:nickname)
end
it 'takes the first part of the email as username' do
expect(auth_hash.username).to eql 'onur.kucuk_ABC-123'
end
end
context 'name not provided' do
before do
info_hash.delete(:name)
end
it 'concats first and lastname as the name' do
expect(auth_hash.name).to eql name_utf8
end
end
context 'custom username field provided' do
before do
allow(Gitlab::Auth::OAuth::Provider).to receive(:config_for).and_return(provider_config)
end
it 'uses the custom field for the username' do
expect(auth_hash.username).to eql first_name_utf8
end
it 'uses the default claim for the username when the custom claim is not found' do
provider_config['args']['gitlab_username_claim'] = 'nonexistent'
expect(auth_hash.username).to eql nickname_utf8
end
it 'uses the default claim for the username when the custom claim is empty' do
info_hash[:first_name] = ''
expect(auth_hash.username).to eql nickname_utf8
end
it 'uses the default claim for the username when the custom claim is nil' do
info_hash[:first_name] = nil
expect(auth_hash.username).to eql nickname_utf8
end
end
context 'auth_hash constructed with ASCII-8BIT encoding' do
it 'forces utf8 encoding on uid' do
expect(auth_hash.uid.encoding).to eql Encoding::UTF_8
end
it 'forces utf8 encoding on provider' do
expect(auth_hash.provider.encoding).to eql Encoding::UTF_8
end
it 'forces utf8 encoding on name' do
expect(auth_hash.name.encoding).to eql Encoding::UTF_8
end
it 'forces utf8 encoding on username' do
expect(auth_hash.username.encoding).to eql Encoding::UTF_8
end
it 'forces utf8 encoding on email' do
expect(auth_hash.email.encoding).to eql Encoding::UTF_8
end
it 'forces utf8 encoding on password' do
expect(auth_hash.password.encoding).to eql Encoding::UTF_8
end
end
end
|