Commit 2a0be666 authored by Patricio Cano's avatar Patricio Cano

Added a lot of stubbing to make sure OAUth requests are handled properly with 2FA

parent eda20534
...@@ -110,12 +110,29 @@ feature 'Login', feature: true do ...@@ -110,12 +110,29 @@ feature 'Login', feature: true do
end end
context 'logging in via OAuth' do context 'logging in via OAuth' do
def saml_config
OpenStruct.new(name: 'saml', label: 'saml', args: {
assertion_consumer_service_url: 'https://localhost:3443/users/auth/saml/callback',
idp_cert_fingerprint: '26:43:2C:47:AF:F0:6B:D0:07:9C:AD:A3:74:FE:5D:94:5F:4E:9E:52',
idp_sso_target_url: 'https://idp.example.com/sso/saml',
issuer: 'https://localhost:3443/',
name_identifier_format: 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient'
})
end
def stub_omniauth_config(messages) def stub_omniauth_config(messages)
Rails.application.env_config['devise.mapping'] = Devise.mappings[:user]
Rails.application.routes.disable_clear_and_finalize = true
Rails.application.routes.draw do
post '/users/auth/saml' => 'omniauth_callbacks#saml'
end
allow(Gitlab::OAuth::Provider).to receive_messages(providers: [:saml], config_for: saml_config)
allow(Gitlab.config.omniauth).to receive_messages(messages) allow(Gitlab.config.omniauth).to receive_messages(messages)
allow_any_instance_of(Object).to receive(:user_omniauth_authorize_path).with('saml').and_return('/users/auth/saml')
end end
it 'should show 2FA prompt after OAuth login' do it 'should show 2FA prompt after OAuth login' do
stub_omniauth_config(enabled: true, auto_link_saml_user: true, allow_single_sign_on: ['saml'], providers: [OpenStruct.new(name: 'saml', label: 'saml', args: {})]) stub_omniauth_config(enabled: true, auto_link_saml_user: true, allow_single_sign_on: ['saml'], providers: [saml_config])
user = create(:omniauth_user, :two_factor, extern_uid: 'my-uid', provider: 'saml') user = create(:omniauth_user, :two_factor, extern_uid: 'my-uid', provider: 'saml')
login_via('saml', user, 'my-uid') login_via('saml', user, 'my-uid')
......
...@@ -39,6 +39,7 @@ module LoginHelpers ...@@ -39,6 +39,7 @@ module LoginHelpers
def login_via(provider, user, uid) def login_via(provider, user, uid)
mock_auth_hash(provider, uid, user.email) mock_auth_hash(provider, uid, user.email)
Rails.application.env_config['omniauth.auth'] = OmniAuth.config.mock_auth[:saml]
visit new_user_session_path visit new_user_session_path
click_link provider click_link provider
end end
...@@ -57,6 +58,15 @@ module LoginHelpers ...@@ -57,6 +58,15 @@ module LoginHelpers
credentials: { credentials: {
token: 'mock_token', token: 'mock_token',
secret: 'mock_secret' secret: 'mock_secret'
},
extra: {
raw_info: {
info: {
name: 'mockuser',
email: email,
image: 'mock_user_thumbnail_url'
}
}
} }
}) })
end end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment