Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Kirill Smelkov
gitlab-ce
Commits
54672605
Commit
54672605
authored
8 years ago
by
Patricio Cano
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Added tests for 2FA check on OAuth request
parent
54c514f2
Changes
4
Hide whitespace changes
Inline
Side-by-side
Showing
4 changed files
with
53 additions
and
7 deletions
+53
-7
app/controllers/omniauth_callbacks_controller.rb
app/controllers/omniauth_callbacks_controller.rb
+5
-2
spec/features/login_spec.rb
spec/features/login_spec.rb
+21
-5
spec/spec_helper.rb
spec/spec_helper.rb
+2
-0
spec/support/login_helpers.rb
spec/support/login_helpers.rb
+25
-0
No files found.
app/controllers/omniauth_callbacks_controller.rb
View file @
54672605
...
...
@@ -107,8 +107,11 @@ class OmniauthCallbacksController < Devise::OmniauthCallbacksController
# Only allow properly saved users to login.
if
@user
.
persisted?
&&
@user
.
valid?
log_audit_event
(
@user
,
with:
oauth
[
'provider'
])
prompt_for_two_factor
(
@user
)
and
return
if
@user
.
two_factor_enabled?
sign_in_and_redirect
(
@user
)
if
@user
.
two_factor_enabled?
prompt_for_two_factor
(
@user
)
else
sign_in_and_redirect
(
@user
)
end
else
error_message
=
@user
.
errors
.
full_messages
.
to_sentence
...
...
This diff is collapsed.
Click to expand it.
spec/features/login_spec.rb
View file @
54672605
...
...
@@ -28,6 +28,11 @@ feature 'Login', feature: true do
end
describe
'with two-factor authentication'
do
def
enter_code
(
code
)
fill_in
'Two-Factor Authentication code'
,
with:
code
click_button
'Verify code'
end
context
'with valid username/password'
do
let
(
:user
)
{
create
(
:user
,
:two_factor
)
}
...
...
@@ -36,11 +41,6 @@ feature 'Login', feature: true do
expect
(
page
).
to
have_content
(
'Two-Factor Authentication'
)
end
def
enter_code
(
code
)
fill_in
'Two-Factor Authentication code'
,
with:
code
click_button
'Verify code'
end
it
'does not show a "You are already signed in." error message'
do
enter_code
(
user
.
current_otp
)
expect
(
page
).
not_to
have_content
(
'You are already signed in.'
)
...
...
@@ -108,6 +108,22 @@ feature 'Login', feature: true do
end
end
end
context
'logging in via OAuth'
do
def
stub_omniauth_config
(
messages
)
allow
(
Gitlab
.
config
.
omniauth
).
to
receive_messages
(
messages
)
end
it
'should show 2FA prompt after OAuth login'
do
user
=
create
(
:omniauth_user
,
:two_factor
,
extern_uid:
'my-uid'
,
provider:
'saml'
)
stub_omniauth_config
(
enabled:
true
,
auto_link_saml_user:
true
,
allow_single_sign_on:
[
'saml'
],
providers:
[
OpenStruct
.
new
(
name:
'saml'
,
label:
'saml'
,
args:
{})])
login_via
(
'saml'
,
user
,
'my-uid'
)
expect
(
page
).
to
have_content
(
'Two-Factor Authentication'
)
enter_code
(
user
.
current_otp
)
expect
(
current_path
).
to
eq
root_path
end
end
end
describe
'without two-factor authentication'
do
...
...
This diff is collapsed.
Click to expand it.
spec/spec_helper.rb
View file @
54672605
...
...
@@ -57,3 +57,5 @@ FactoryGirl::SyntaxRunner.class_eval do
end
ActiveRecord
::
Migration
.
maintain_test_schema!
OmniAuth
.
config
.
test_mode
=
true
This diff is collapsed.
Click to expand it.
spec/support/login_helpers.rb
View file @
54672605
...
...
@@ -37,6 +37,31 @@ module LoginHelpers
Thread
.
current
[
:current_user
]
=
user
end
def
login_via
(
provider
,
user
,
uid
)
mock_auth_hash
(
provider
,
uid
,
user
.
email
)
visit
new_user_session_path
#page.find('.oauth-image-link').click
click_link
provider
end
def
mock_auth_hash
(
provider
,
uid
,
email
)
# The mock_auth configuration allows you to set per-provider (or default)
# authentication hashes to return during integration testing.
OmniAuth
.
config
.
mock_auth
[
provider
.
to_sym
]
=
OmniAuth
::
AuthHash
.
new
({
provider:
provider
,
uid:
uid
,
info:
{
name:
'mockuser'
,
email:
email
,
image:
'mock_user_thumbnail_url'
},
credentials:
{
token:
'mock_token'
,
secret:
'mock_secret'
}
})
end
# Requires Javascript driver.
def
logout
find
(
:css
,
".fa.fa-sign-out"
).
click
...
...
This diff is collapsed.
Click to expand it.
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment