[TESTS] coverage for SignInOAuthCallback

(cherry picked from commit f8e1619b99)
(cherry picked from commit 46d8bc9bdf)
(cherry picked from commit e0c7b7055f)
(cherry picked from commit faab747f8e)
(cherry picked from commit 46acb6a9a7)
(cherry picked from commit 22d964e744)
(cherry picked from commit 4c8a6031ac)
(cherry picked from commit 032e8c7a9a)
(cherry picked from commit 7a17a3b0fb)
(cherry picked from commit 8ea71c2a31)
(cherry picked from commit 4b027e2d37)
(cherry picked from commit d787089a5d)
(cherry picked from commit 7b9999357a)
(cherry picked from commit 80eb531c38)
(cherry picked from commit 373b198bfb)
(cherry picked from commit bda02f9e47)
(cherry picked from commit 160b29a137)
(cherry picked from commit fd5555f18c)
(cherry picked from commit 5153cfa639)
(cherry picked from commit 31f2a4d61f)
This commit is contained in:
Earl Warren 2023-06-27 15:00:15 +02:00
parent 172fdd0d32
commit 59a684f038
No known key found for this signature in database
GPG key ID: 0579CB2928A78A00
2 changed files with 60 additions and 0 deletions

View file

@ -39,6 +39,8 @@ import (
"code.gitea.io/gitea/tests" "code.gitea.io/gitea/tests"
"github.com/PuerkitoBio/goquery" "github.com/PuerkitoBio/goquery"
"github.com/markbates/goth"
"github.com/markbates/goth/gothic"
goth_gitlab "github.com/markbates/goth/providers/gitlab" goth_gitlab "github.com/markbates/goth/providers/gitlab"
"github.com/stretchr/testify/assert" "github.com/stretchr/testify/assert"
"github.com/xeipuuv/gojsonschema" "github.com/xeipuuv/gojsonschema"
@ -232,6 +234,14 @@ func getUserToken(t testing.TB, userName string, scope ...auth.AccessTokenScope)
return getTokenForLoggedInUser(t, loginUser(t, userName), scope...) return getTokenForLoggedInUser(t, loginUser(t, userName), scope...)
} }
func mockCompleteUserAuth(mock func(res http.ResponseWriter, req *http.Request) (goth.User, error)) func() {
old := gothic.CompleteUserAuth
gothic.CompleteUserAuth = mock
return func() {
gothic.CompleteUserAuth = old
}
}
func addAuthSource(t *testing.T, payload map[string]string) *auth.Source { func addAuthSource(t *testing.T, payload map[string]string) *auth.Source {
session := loginUser(t, "user1") session := loginUser(t, "user1")
payload["_csrf"] = GetCSRF(t, session, "/admin/auths/new") payload["_csrf"] = GetCSRF(t, session, "/admin/auths/new")

View file

@ -5,15 +5,22 @@ package integration
import ( import (
"bytes" "bytes"
"context"
"fmt"
"io" "io"
"net/http" "net/http"
"testing" "testing"
auth_model "code.gitea.io/gitea/models/auth"
"code.gitea.io/gitea/models/unittest"
user_model "code.gitea.io/gitea/models/user"
"code.gitea.io/gitea/modules/json" "code.gitea.io/gitea/modules/json"
"code.gitea.io/gitea/modules/setting" "code.gitea.io/gitea/modules/setting"
"code.gitea.io/gitea/modules/test"
"code.gitea.io/gitea/routers/web/auth" "code.gitea.io/gitea/routers/web/auth"
"code.gitea.io/gitea/tests" "code.gitea.io/gitea/tests"
"github.com/markbates/goth"
"github.com/stretchr/testify/assert" "github.com/stretchr/testify/assert"
) )
@ -419,3 +426,46 @@ func TestRefreshTokenInvalidation(t *testing.T) {
assert.Equal(t, "unauthorized_client", string(parsedError.ErrorCode)) assert.Equal(t, "unauthorized_client", string(parsedError.ErrorCode))
assert.Equal(t, "token was already used", parsedError.ErrorDescription) assert.Equal(t, "token was already used", parsedError.ErrorDescription)
} }
func TestSignInOAuthCallbackSignIn(t *testing.T) {
defer tests.PrepareTestEnv(t)()
//
// OAuth2 authentication source GitLab
//
gitlabName := "gitlab"
gitlab := addAuthSource(t, authSourcePayloadGitLabCustom(gitlabName))
//
// Create a user as if it had been previously been created by the GitLab
// authentication source.
//
userGitLabUserID := "5678"
userGitLab := &user_model.User{
Name: "gitlabuser",
Email: "gitlabuser@example.com",
Passwd: "gitlabuserpassword",
Type: user_model.UserTypeIndividual,
LoginType: auth_model.OAuth2,
LoginSource: gitlab.ID,
LoginName: userGitLabUserID,
}
defer createUser(context.Background(), t, userGitLab)()
//
// A request for user information sent to Goth will return a
// goth.User exactly matching the user created above.
//
defer mockCompleteUserAuth(func(res http.ResponseWriter, req *http.Request) (goth.User, error) {
return goth.User{
Provider: gitlabName,
UserID: userGitLabUserID,
Email: userGitLab.Email,
}, nil
})()
req := NewRequest(t, "GET", fmt.Sprintf("/user/oauth2/%s/callback?code=XYZ&state=XYZ", gitlabName))
resp := MakeRequest(t, req, http.StatusSeeOther)
assert.Equal(t, test.RedirectURL(resp), "/")
userAfterLogin := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: userGitLab.ID})
assert.Greater(t, userAfterLogin.LastLoginUnix, userGitLab.LastLoginUnix)
}