Add specs for Doorkeeper resource_owner_authenticator

b2ca28d2 · Markus Koller · Alexis Reigel · 972678b6 · b2ca28d2 · b2ca28d2
Commit b2ca28d2 authored Feb 08, 2017 by Markus Koller Committed by Alexis Reigel Mar 07, 2017
Hide whitespace changes
Inline Side-by-side

Showing with 65 additions and 6 deletions

config/initializers/doorkeeper.rb config/initializers/doorkeeper.rb +2 -2

spec/initializers/doorkeeper_spec.rb spec/initializers/doorkeeper_spec.rb +63 -4

No files found.
--- a/config/initializers/doorkeeper.rb
+++ b/config/initializers/doorkeeper.rb
@@ -6,11 +6,11 @@ Doorkeeper.configure do
  # This block will be called to check whether the resource owner is authenticated or not.
  resource_owner_authenticator do
    # Put your resource owner authentication logic here.
-    # Ensure user is redirected to redirect_uri after login
-    session[:user_return_to] = request.fullpath
    if current_user
      current_user
    else
+      # Ensure user is redirected to redirect_uri after login
+      session[:user_return_to] = request.fullpath
      redirect_to(new_user_session_url)
      nil
    end

--- a/spec/initializers/doorkeeper_spec.rb
+++ b/spec/initializers/doorkeeper_spec.rb
@@ -2,11 +2,70 @@ require 'spec_helper'
 require_relative '../../config/initializers/doorkeeper'

 describe Doorkeeper.configuration do
-  it 'default_scopes matches Gitlab::Auth::DEFAULT_SCOPES' do
-    expect(subject.default_scopes).to eq Gitlab::Auth::DEFAULT_SCOPES
+  describe '#default_scopes' do
+    it 'matches Gitlab::Auth::DEFAULT_SCOPES' do
+      expect(subject.default_scopes).to eq Gitlab::Auth::DEFAULT_SCOPES
+    end
  end

-  it 'optional_scopes matches Gitlab::Auth::OPTIONAL_SCOPES' do
-    expect(subject.optional_scopes).to eq Gitlab::Auth::OPTIONAL_SCOPES
+  describe '#optional_scopes' do
+    it 'matches Gitlab::Auth::OPTIONAL_SCOPES' do
+      expect(subject.optional_scopes).to eq Gitlab::Auth::OPTIONAL_SCOPES
+    end
+  end
+
+  describe '#resource_owner_authenticator' do
+    subject { controller.instance_exec(&Doorkeeper.configuration.authenticate_resource_owner) }
+
+    let(:controller) { double }
+
+    before do
+      allow(controller).to receive(:current_user).and_return(current_user)
+      allow(controller).to receive(:session).and_return({})
+      allow(controller).to receive(:request).and_return(OpenStruct.new(fullpath: '/return-path'))
+      allow(controller).to receive(:redirect_to)
+      allow(controller).to receive(:new_user_session_url).and_return('/login')
+    end
+
+    context 'with a user present' do
+      let(:current_user) { create(:user) }
+
+      it 'returns the user' do
+        expect(subject).to eq current_user
+      end
+
+      it 'does not redirect' do
+        expect(controller).not_to receive(:redirect_to)
+
+        subject
+      end
+
+      it 'does not store the return path' do
+        subject
+
+        expect(controller.session).not_to include :user_return_to
+      end
+    end
+
+    context 'without a user present' do
+      let(:current_user) { nil }
+
+      # NOTE: this is required for doorkeeper-openid_connect
+      it 'returns nil' do
+        expect(subject).to eq nil
+      end
+
+      it 'redirects to the login form' do
+        expect(controller).to receive(:redirect_to).with('/login')
+
+        subject
+      end
+
+      it 'stores the return path' do
+        subject
+
+        expect(controller.session[:user_return_to]).to eq '/return-path'
+      end
+    end
  end
 end