2019-10-12 21:52:04 +05:30
|
|
|
# frozen_string_literal: true
|
|
|
|
|
2017-09-10 17:25:29 +05:30
|
|
|
require 'spec_helper'
|
|
|
|
|
2020-07-28 23:09:34 +05:30
|
|
|
RSpec.describe Gitlab::Auth::OAuth::Provider do
|
2018-11-18 11:00:15 +05:30
|
|
|
describe '.enabled?' do
|
|
|
|
before do
|
|
|
|
allow(described_class).to receive(:providers).and_return([:ldapmain, :google_oauth2])
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when OmniAuth is disabled' do
|
|
|
|
before do
|
|
|
|
allow(Gitlab::Auth).to receive(:omniauth_enabled?).and_return(false)
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'allows database auth' do
|
|
|
|
expect(described_class.enabled?('database')).to be_truthy
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'allows LDAP auth' do
|
|
|
|
expect(described_class.enabled?('ldapmain')).to be_truthy
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'does not allow other OmniAuth providers' do
|
|
|
|
expect(described_class.enabled?('google_oauth2')).to be_falsey
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when OmniAuth is enabled' do
|
|
|
|
before do
|
|
|
|
allow(Gitlab::Auth).to receive(:omniauth_enabled?).and_return(true)
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'allows database auth' do
|
|
|
|
expect(described_class.enabled?('database')).to be_truthy
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'allows LDAP auth' do
|
|
|
|
expect(described_class.enabled?('ldapmain')).to be_truthy
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'allows other OmniAuth providers' do
|
|
|
|
expect(described_class.enabled?('google_oauth2')).to be_truthy
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2020-11-24 15:15:51 +05:30
|
|
|
describe '.config_for' do
|
2017-09-10 17:25:29 +05:30
|
|
|
context 'for an LDAP provider' do
|
|
|
|
context 'when the provider exists' do
|
|
|
|
it 'returns the config' do
|
2023-07-09 08:55:56 +05:30
|
|
|
expect(described_class.config_for('ldapmain')).to be_a(GitlabSettings::Options)
|
2017-09-10 17:25:29 +05:30
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when the provider does not exist' do
|
|
|
|
it 'returns nil' do
|
|
|
|
expect(described_class.config_for('ldapfoo')).to be_nil
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'for an OmniAuth provider' do
|
|
|
|
before do
|
2022-05-07 20:08:51 +05:30
|
|
|
provider = ActiveSupport::InheritableOptions.new(
|
2020-05-24 23:13:21 +05:30
|
|
|
name: 'google_oauth2',
|
2017-09-10 17:25:29 +05:30
|
|
|
app_id: 'asd123',
|
|
|
|
app_secret: 'asd123'
|
|
|
|
)
|
|
|
|
allow(Gitlab.config.omniauth).to receive(:providers).and_return([provider])
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when the provider exists' do
|
2020-05-24 23:13:21 +05:30
|
|
|
subject { described_class.config_for('google_oauth2') }
|
|
|
|
|
2017-09-10 17:25:29 +05:30
|
|
|
it 'returns the config' do
|
2022-05-07 20:08:51 +05:30
|
|
|
expect(subject).to be_a(ActiveSupport::InheritableOptions)
|
2020-05-24 23:13:21 +05:30
|
|
|
end
|
|
|
|
|
|
|
|
it 'merges defaults with the given configuration' do
|
|
|
|
defaults = Gitlab::OmniauthInitializer.default_arguments_for('google_oauth2').deep_stringify_keys
|
|
|
|
|
|
|
|
expect(subject['args']).to include(defaults)
|
2017-09-10 17:25:29 +05:30
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when the provider does not exist' do
|
|
|
|
it 'returns nil' do
|
|
|
|
expect(described_class.config_for('foo')).to be_nil
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
2022-10-11 01:57:18 +05:30
|
|
|
|
|
|
|
context 'for an OpenID Connect provider' do
|
|
|
|
before do
|
|
|
|
provider = ActiveSupport::InheritableOptions.new(
|
|
|
|
name: 'openid_connect',
|
|
|
|
args: ActiveSupport::InheritableOptions.new(name: 'custom_oidc')
|
|
|
|
)
|
|
|
|
allow(Gitlab.config.omniauth).to receive(:providers).and_return([provider])
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when the provider exists' do
|
|
|
|
subject { described_class.config_for('custom_oidc') }
|
|
|
|
|
|
|
|
it 'returns the config' do
|
|
|
|
expect(subject).to be_a(ActiveSupport::InheritableOptions)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
2017-09-10 17:25:29 +05:30
|
|
|
end
|
2020-11-24 15:15:51 +05:30
|
|
|
|
|
|
|
describe '.label_for' do
|
|
|
|
subject { described_class.label_for(name) }
|
|
|
|
|
|
|
|
context 'when configuration specifies a custom label' do
|
|
|
|
let(:name) { 'google_oauth2' }
|
|
|
|
let(:label) { 'Custom Google Provider' }
|
2022-05-07 20:08:51 +05:30
|
|
|
let(:provider) { ActiveSupport::InheritableOptions.new(name: name, label: label) }
|
2020-11-24 15:15:51 +05:30
|
|
|
|
|
|
|
before do
|
|
|
|
stub_omniauth_setting(providers: [provider])
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'returns the custom label name' do
|
|
|
|
expect(subject).to eq(label)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when configuration does not specify a custom label' do
|
2022-05-07 20:08:51 +05:30
|
|
|
let(:provider) { ActiveSupport::InheritableOptions.new(name: name) }
|
2020-11-24 15:15:51 +05:30
|
|
|
|
|
|
|
before do
|
|
|
|
stub_omniauth_setting(providers: [provider])
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when the name does not correspond to a label mapping' do
|
|
|
|
let(:name) { 'twitter' }
|
|
|
|
|
|
|
|
it 'returns the titleized name' do
|
|
|
|
expect(subject).to eq(name.titleize)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when the name corresponds to a label mapping' do
|
|
|
|
let(:name) { 'gitlab' }
|
|
|
|
|
|
|
|
it 'returns the mapped name' do
|
|
|
|
expect(subject).to eq('GitLab.com')
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
2017-09-10 17:25:29 +05:30
|
|
|
end
|