Commit 187face6 authored by Dmitriy Zaporozhets's avatar Dmitriy Zaporozhets

CLeanup CI helpers since we dont use oauth any more

parent ae5d2f5b
No related merge requests found
module Ci
module UserSessionsHelper
def generate_oauth_salt
SecureRandom.hex(16)
end
def generate_oauth_hmac(salt, return_to)
return unless return_to
digest = OpenSSL::Digest.new('sha256')
key = Gitlab::Application.secrets.db_key_base + salt
OpenSSL::HMAC.hexdigest(digest, key, return_to)
end
def generate_oauth_state(return_to)
return unless return_to
salt = generate_oauth_salt
hmac = generate_oauth_hmac(salt, return_to)
"#{salt}:#{hmac}:#{return_to}"
end
def get_ouath_state_return_to(state)
state.split(':', 3)[2] if state
end
def is_oauth_state_valid?(state)
return true unless state
salt, hmac, return_to = state.split(':', 3)
return false unless return_to
hmac == generate_oauth_hmac(salt, return_to)
end
end
end
require 'spec_helper'
describe Ci::UserHelper do
describe :user_avatar_url do
let (:user) { User.new({'avatar_url' => avatar_url}) }
context 'no avatar' do
let (:avatar_url) { nil }
it 'should return a generic avatar' do
user_avatar_url(user).should == 'ci/no_avatar.png'
end
end
context 'plain gravatar' do
let (:base_url) { 'http://www.gravatar.com/avatar/abcdefgh' }
let (:avatar_url) { "#{base_url}?s=40&d=mm" }
it 'should return gravatar with default size' do
user_avatar_url(user).should == "#{base_url}?s=40&d=identicon"
end
it 'should return gravatar with custom size' do
user_avatar_url(user, 120).should == "#{base_url}?s=120&d=identicon"
end
end
context 'secure gravatar' do
let (:base_url) { 'https://secure.gravatar.com/avatar/abcdefgh' }
let (:avatar_url) { "#{base_url}?s=40&d=mm" }
it 'should return gravatar with default size' do
user_avatar_url(user).should == "#{base_url}?s=40&d=identicon"
end
it 'should return gravatar with custom size' do
user_avatar_url(user, 120).should == "#{base_url}?s=120&d=identicon"
end
end
context 'custom avatar' do
let (:avatar_url) { 'http://example.local/avatar.png' }
it 'should return custom avatar' do
user_avatar_url(user).should == avatar_url
end
end
end
end
require 'spec_helper'
describe Ci::UserSessionsHelper do
describe :generate_oauth_hmac do
let (:salt) { 'a' }
let (:salt2) { 'b' }
let (:return_to) { 'b' }
it 'should return null if return_to is also null' do
generate_oauth_hmac(salt, nil).should be_nil
end
it 'should return not null if return_to is also not null' do
generate_oauth_hmac(salt, return_to).should_not be_nil
end
it 'should return different hmacs for different salts' do
secret1 = generate_oauth_hmac(salt, return_to)
secret2 = generate_oauth_hmac(salt2, return_to)
secret1.should_not eq(secret2)
end
end
describe :generate_oauth_state do
let (:return_to) { 'b' }
it 'should return null if return_to is also null' do
generate_oauth_state(nil).should be_nil
end
it 'should return two different states for same return_to' do
state1 = generate_oauth_state(return_to)
state2 = generate_oauth_state(return_to)
state1.should_not eq(state2)
end
end
describe :get_ouath_state_return_to do
let (:return_to) { 'a' }
let (:state) { generate_oauth_state(return_to) }
it 'should return return_to' do
get_ouath_state_return_to(state).should eq(return_to)
end
end
describe :is_oauth_state_valid? do
let (:return_to) { 'a' }
let (:state) { generate_oauth_state(return_to) }
let (:forged) { "forged#{state}" }
let (:invalid) { 'aa' }
let (:invalid2) { 'aa:bb' }
let (:invalid3) { 'aa:bb:' }
it 'should validate oauth state' do
is_oauth_state_valid?(state).should be_true
end
it 'should not validate forged state' do
is_oauth_state_valid?(forged).should be_false
end
it 'should not validate invalid state' do
is_oauth_state_valid?(invalid).should be_false
is_oauth_state_valid?(invalid2).should be_false
is_oauth_state_valid?(invalid3).should be_false
end
end
end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment