[TESTS] coverage for SignInOAuthCallback

(cherry picked from commit f8e1619b99)
(cherry picked from commit 46d8bc9bdf)
(cherry picked from commit e0c7b7055f)
(cherry picked from commit faab747f8e)
(cherry picked from commit 46acb6a9a7)
(cherry picked from commit 22d964e744)
(cherry picked from commit 4c8a6031ac)
(cherry picked from commit 032e8c7a9a)
(cherry picked from commit 7a17a3b0fb)
(cherry picked from commit 8ea71c2a31)
(cherry picked from commit 4b027e2d37)
(cherry picked from commit d787089a5d)
(cherry picked from commit 7b9999357a)
(cherry picked from commit 80eb531c38)
(cherry picked from commit 373b198bfb)
(cherry picked from commit 15781eedf7)
(cherry picked from commit 46bdb17a2f)
(cherry picked from commit 22ec6c11ee)
(cherry picked from commit 3f94b9a111)
This commit is contained in:
Earl Warren 2023-06-27 15:00:15 +02:00
parent 02b16875cf
commit a4194c29ff
No known key found for this signature in database
GPG key ID: 0579CB2928A78A00
2 changed files with 60 additions and 0 deletions

View file

@ -39,6 +39,8 @@ import (
"code.gitea.io/gitea/tests" "code.gitea.io/gitea/tests"
"github.com/PuerkitoBio/goquery" "github.com/PuerkitoBio/goquery"
"github.com/markbates/goth"
"github.com/markbates/goth/gothic"
goth_gitlab "github.com/markbates/goth/providers/gitlab" goth_gitlab "github.com/markbates/goth/providers/gitlab"
"github.com/stretchr/testify/assert" "github.com/stretchr/testify/assert"
"github.com/xeipuuv/gojsonschema" "github.com/xeipuuv/gojsonschema"
@ -232,6 +234,14 @@ func getUserToken(t testing.TB, userName string, scope ...auth.AccessTokenScope)
return getTokenForLoggedInUser(t, loginUser(t, userName), scope...) return getTokenForLoggedInUser(t, loginUser(t, userName), scope...)
} }
func mockCompleteUserAuth(mock func(res http.ResponseWriter, req *http.Request) (goth.User, error)) func() {
old := gothic.CompleteUserAuth
gothic.CompleteUserAuth = mock
return func() {
gothic.CompleteUserAuth = old
}
}
func addAuthSource(t *testing.T, payload map[string]string) *auth.Source { func addAuthSource(t *testing.T, payload map[string]string) *auth.Source {
session := loginUser(t, "user1") session := loginUser(t, "user1")
payload["_csrf"] = GetCSRF(t, session, "/admin/auths/new") payload["_csrf"] = GetCSRF(t, session, "/admin/auths/new")

View file

@ -5,15 +5,22 @@ package integration
import ( import (
"bytes" "bytes"
"context"
"fmt"
"io" "io"
"net/http" "net/http"
"testing" "testing"
auth_model "code.gitea.io/gitea/models/auth"
"code.gitea.io/gitea/models/unittest"
user_model "code.gitea.io/gitea/models/user"
"code.gitea.io/gitea/modules/json" "code.gitea.io/gitea/modules/json"
"code.gitea.io/gitea/modules/setting" "code.gitea.io/gitea/modules/setting"
"code.gitea.io/gitea/modules/test"
"code.gitea.io/gitea/routers/web/auth" "code.gitea.io/gitea/routers/web/auth"
"code.gitea.io/gitea/tests" "code.gitea.io/gitea/tests"
"github.com/markbates/goth"
"github.com/stretchr/testify/assert" "github.com/stretchr/testify/assert"
) )
@ -419,3 +426,46 @@ func TestRefreshTokenInvalidation(t *testing.T) {
assert.Equal(t, "unauthorized_client", string(parsedError.ErrorCode)) assert.Equal(t, "unauthorized_client", string(parsedError.ErrorCode))
assert.Equal(t, "token was already used", parsedError.ErrorDescription) assert.Equal(t, "token was already used", parsedError.ErrorDescription)
} }
func TestSignInOAuthCallbackSignIn(t *testing.T) {
defer tests.PrepareTestEnv(t)()
//
// OAuth2 authentication source GitLab
//
gitlabName := "gitlab"
gitlab := addAuthSource(t, authSourcePayloadGitLabCustom(gitlabName))
//
// Create a user as if it had been previously been created by the GitLab
// authentication source.
//
userGitLabUserID := "5678"
userGitLab := &user_model.User{
Name: "gitlabuser",
Email: "gitlabuser@example.com",
Passwd: "gitlabuserpassword",
Type: user_model.UserTypeIndividual,
LoginType: auth_model.OAuth2,
LoginSource: gitlab.ID,
LoginName: userGitLabUserID,
}
defer createUser(context.Background(), t, userGitLab)()
//
// A request for user information sent to Goth will return a
// goth.User exactly matching the user created above.
//
defer mockCompleteUserAuth(func(res http.ResponseWriter, req *http.Request) (goth.User, error) {
return goth.User{
Provider: gitlabName,
UserID: userGitLabUserID,
Email: userGitLab.Email,
}, nil
})()
req := NewRequest(t, "GET", fmt.Sprintf("/user/oauth2/%s/callback?code=XYZ&state=XYZ", gitlabName))
resp := MakeRequest(t, req, http.StatusSeeOther)
assert.Equal(t, test.RedirectURL(resp), "/")
userAfterLogin := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: userGitLab.ID})
assert.Greater(t, userAfterLogin.LastLoginUnix, userGitLab.LastLoginUnix)
}