# frozen_string_literal: true
require 'test_helper'
require 'helpers/auth_provider_helper'
class AuthProvidersTest < ActionDispatch::IntegrationTest
include AuthProviderHelper
def setup
@admin = User.find_by(username: 'admin')
login_as(@admin, scope: :user)
FabManager::Application.load_tasks if Rake::Task.tasks.empty?
end
test 'create an auth external provider and activate it' do
# clean any existing auth provider config
FileUtils.rm('config/auth_provider.yml', force: true)
name = 'GitHub'
post '/api/auth_providers',
params: {
auth_provider: github_provider_params(name)
}.to_json,
headers: default_headers
# Check response format & status
assert_equal 201, response.status, response.body
assert_match Mime[:json].to_s, response.content_type
# Check the provider was correctly created
db_provider = OAuth2Provider.includes(:auth_provider).where('auth_providers.name': name).first&.auth_provider
assert_not_nil db_provider
provider = json_response(response.body)
assert_equal name, provider[:name]
assert_equal db_provider&.id, provider[:id]
assert_equal 'pending', provider[:status]
assert_equal 2, provider[:auth_provider_mappings_attributes].length
# now let's activate this new provider
Rake::Task['fablab:auth:switch_provider'].execute(Rake::TaskArguments.new([:provider], [name]))
db_provider&.reload
assert_equal 'active', db_provider&.status
assert_equal AuthProvider.active.id, db_provider&.id
User.find_each do |u|
assert_not_nil u.auth_token
end
# Check the configuration file
assert File.exist?('config/auth_provider.yml')
config = ProviderConfig.new
assert_equal 'OAuth2Provider', config.providable_type
assert_equal name, config.name
# clean test provider config
FileUtils.rm('config/auth_provider.yml', force: true)
end
test 'update an authentication provider' do
provider = AuthProvider.create!(github_provider_params('GitHub'))
patch "/api/auth_providers/#{provider.id}",
params: {
auth_provider: {
providable_type: 'OAuth2Provider',
auth_provider_mappings_attributes: [
{ api_data_type: 'json', api_endpoint: 'https://api.github.com/user',
api_field: 'avatar_url', local_field: 'avatar', local_model: 'profile' }
]
}
}.to_json,
headers: default_headers
# Check response format & status
assert_equal 200, response.status, response.body
assert_match Mime[:json].to_s, response.content_type
provider.reload
# Check the provider was updated
res = json_response(response.body)
assert_equal provider.id, res[:id]
assert_equal 3, provider.auth_provider_mappings.count
assert_not_nil provider.auth_provider_mappings.find_by(api_field: 'avatar_url')
end
test 'build an oauth2 strategy name' do
get '/api/auth_providers/strategy_name?providable_type=OAuth2Provider&name=Sleede'
assert_response :success
assert_equal 'oauth2-sleede', response.body
end
test 'build an openid strategy name' do
get '/api/auth_providers/strategy_name?providable_type=OpenIdConnectProvider&name=Sleede'
assert_response :success
assert_equal 'openidconnect-sleede', response.body
end
test 'list all authentication providers' do
get '/api/auth_providers'
# Check response format & status
assert_equal 200, response.status, response.body
assert_match Mime[:json].to_s, response.content_type
# Check the answer
res = json_response(response.body)
assert_equal AuthProvider.count, res.length
end
test 'show an authentication provider' do
provider = AuthProvider.first
get "/api/auth_providers/#{provider.id}"
# Check response format & status
assert_equal 200, response.status, response.body
assert_match Mime[:json].to_s, response.content_type
# Check the provider
res = json_response(response.body)
assert_equal provider.id, res[:id]
assert_equal provider.providable_type, res[:providable_type]
end
test 'show fields available for mapping' do
get '/api/auth_providers/mapping_fields'
assert_equal 200, response.status, response.body
assert_match Mime[:json].to_s, response.content_type
# Check the returned fields
res = json_response(response.body)
assert_not_empty res[:user]
assert_not_empty res[:profile]
assert_not res[:user].map(&:first).include?('encrypted_password')
assert(res[:user].map(&:last).all? { |type| %w[string boolean integer datetime].include?(type) })
end
test 'get the current active provider' do
get '/api/auth_providers/active'
assert_equal 200, response.status, response.body
assert_match Mime[:json].to_s, response.content_type
# Check the returned fields
res = json_response(response.body)
assert_equal AuthProvider.active.id, res[:id]
assert_nil res[:previous_provider]
end
test 'send auth migration token' do
# create an enable an oauth2 provider
name = 'TokenTest'
AuthProvider.create!(github_provider_params(name))
Rake::Task['fablab:auth:switch_provider'].execute(Rake::TaskArguments.new([:provider], [name]))
# send the migration token
user = User.find(10)
post '/api/auth_providers/send_code',
params: {
email: user.email
}.to_json,
headers: default_headers
assert_equal 200, response.status, response.body
assert_match Mime[:json].to_s, response.content_type
# check resulting notification
notification = Notification.find_by(
notification_type_id: NotificationType.find_by(name: 'notify_user_auth_migration'),
attached_object_type: 'User',
attached_object_id: user.id
)
assert_not_nil notification, 'user notification was not created'
end
end