2019-10-12 21:52:04 +05:30
|
|
|
# frozen_string_literal: true
|
|
|
|
|
2018-10-15 14:42:47 +05:30
|
|
|
require 'spec_helper'
|
|
|
|
|
2020-07-28 23:09:34 +05:30
|
|
|
RSpec.describe Gitlab::Auth::Saml::IdentityLinker do
|
2018-10-15 14:42:47 +05:30
|
|
|
let(:user) { create(:user) }
|
|
|
|
let(:provider) { 'saml' }
|
|
|
|
let(:uid) { user.email }
|
2019-09-30 23:59:55 +05:30
|
|
|
let(:in_response_to) { '12345' }
|
|
|
|
let(:saml_response) { instance_double(OneLogin::RubySaml::Response, in_response_to: in_response_to) }
|
|
|
|
let(:session) { { 'last_authn_request_id' => in_response_to } }
|
2018-10-15 14:42:47 +05:30
|
|
|
|
2019-09-30 23:59:55 +05:30
|
|
|
let(:oauth) do
|
|
|
|
OmniAuth::AuthHash.new(provider: provider, uid: uid, extra: { response_object: saml_response })
|
|
|
|
end
|
2018-10-15 14:42:47 +05:30
|
|
|
|
2019-09-30 23:59:55 +05:30
|
|
|
subject { described_class.new(user, oauth, session) }
|
2018-10-15 14:42:47 +05:30
|
|
|
|
2019-09-30 23:59:55 +05:30
|
|
|
context 'with valid GitLab initiated request' do
|
|
|
|
context 'linked identity exists' do
|
|
|
|
let!(:identity) { user.identities.create!(provider: provider, extern_uid: uid) }
|
2018-10-15 14:42:47 +05:30
|
|
|
|
2019-09-30 23:59:55 +05:30
|
|
|
it "doesn't create new identity" do
|
|
|
|
expect { subject.link }.not_to change { Identity.count }
|
|
|
|
end
|
2018-10-15 14:42:47 +05:30
|
|
|
|
2019-09-30 23:59:55 +05:30
|
|
|
it "sets #changed? to false" do
|
|
|
|
subject.link
|
2018-10-15 14:42:47 +05:30
|
|
|
|
2019-09-30 23:59:55 +05:30
|
|
|
expect(subject).not_to be_changed
|
|
|
|
end
|
2018-10-15 14:42:47 +05:30
|
|
|
end
|
|
|
|
|
2019-09-30 23:59:55 +05:30
|
|
|
context 'identity needs to be created' do
|
|
|
|
it 'creates linked identity' do
|
|
|
|
expect { subject.link }.to change { user.identities.count }
|
|
|
|
end
|
2018-10-15 14:42:47 +05:30
|
|
|
|
2019-09-30 23:59:55 +05:30
|
|
|
it 'sets identity provider' do
|
|
|
|
subject.link
|
2018-10-15 14:42:47 +05:30
|
|
|
|
2019-09-30 23:59:55 +05:30
|
|
|
expect(user.identities.last.provider).to eq provider
|
|
|
|
end
|
2018-10-15 14:42:47 +05:30
|
|
|
|
2019-09-30 23:59:55 +05:30
|
|
|
it 'sets identity extern_uid' do
|
|
|
|
subject.link
|
|
|
|
|
|
|
|
expect(user.identities.last.extern_uid).to eq uid
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'sets #changed? to true' do
|
|
|
|
subject.link
|
|
|
|
|
|
|
|
expect(subject).to be_changed
|
|
|
|
end
|
2018-10-15 14:42:47 +05:30
|
|
|
end
|
2019-09-30 23:59:55 +05:30
|
|
|
end
|
2018-10-15 14:42:47 +05:30
|
|
|
|
2019-09-30 23:59:55 +05:30
|
|
|
context 'with identity provider initiated request' do
|
|
|
|
let(:session) { { 'last_authn_request_id' => nil } }
|
2018-10-15 14:42:47 +05:30
|
|
|
|
2019-09-30 23:59:55 +05:30
|
|
|
it 'attempting to link accounts raises an exception' do
|
|
|
|
expect { subject.link }.to raise_error(Gitlab::Auth::Saml::IdentityLinker::UnverifiedRequest)
|
2018-10-15 14:42:47 +05:30
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|