cst1/openstreetmap-website
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add tests for Google OAuth authentication

Browse source
This commit is contained in:
Tom Hughes 2015-02-28 17:35:57 +00:00
parent eeb9866d50
commit ddaf43bc0e
6 changed files with 276 additions and 16 deletions
Download patch file Download diff file Expand all files Collapse all files

4
config/example.application.yml
View file

@ -103,3 +103,7 @@ test:
<<: *defaults
# Geonames credentials for testing
geonames_username: "dummy"
# External authentication credentials for testing
google_auth_id: "dummy"
google_auth_secret: "dummy"
google_openid_realm: "https://www.openstreetmap.org"

2
test/controllers/user_controller_test.rb
View file

@ -1321,7 +1321,7 @@ class UserControllerTest < ActionController::TestCase
get :list, :page => 3
assert_response :success
assert_template :list
assert_select "table#user_list tr", :count => 19
assert_select "table#user_list tr", :count => 20
end
def test_list_post_confirm

16
test/fixtures/users.yml vendored
View file

@ -49,7 +49,7 @@ inactive_user:
terms_seen: true
languages: en
email_valid: false
second_public_user:
id: 4
email: public@OpenStreetMap.org
@ -248,3 +248,17 @@ german_user:
terms_agreed: "2010-01-01 11:22:33"
terms_seen: true
languages: de
google_user:
id: 19
email: google-user@example.com
status: active
pass_crypt: <%= Digest::MD5.hexdigest('test') %>
creation_time: "2008-05-01 01:23:45"
display_name: googleuser
data_public: true
auth_provider: google
auth_uid: 123456789
terms_agreed: "2010-01-01 11:22:33"
terms_seen: true
languages: en

118
test/integration/user_creation_test.rb
View file

@ -13,6 +13,7 @@ class UserCreationTest < ActionDispatch::IntegrationTest
I18n.locale = "en"
OmniAuth.config.mock_auth[:openid] = nil
OmniAuth.config.mock_auth[:google] = nil
OmniAuth.config.test_mode = false
end
@ -263,4 +264,121 @@ class UserCreationTest < ActionDispatch::IntegrationTest
assert_response :success
assert_template "site/welcome"
end
def test_user_create_google_success
OmniAuth.config.add_mock(:google, :uid => "123454321", :extra => {
:id_info => { "openid_id" => "http://localhost:1123/new.tester" }
})
new_email = "newtester-google@osm.org"
display_name = "new_tester-google"
password = "testtest"
assert_difference("User.count") do
assert_difference("ActionMailer::Base.deliveries.size", 1) do
post "/user/new",
:user => { :email => new_email, :email_confirmation => new_email, :display_name => display_name, :auth_provider => "google", :pass_crypt => "", :pass_crypt_confirmation => "" }
assert_response :redirect
assert_redirected_to auth_path(:provider => "google", :origin => "/user/new")
follow_redirect!
assert_response :redirect
assert_redirected_to auth_success_path(:provider => "google")
follow_redirect!
assert_response :redirect
assert_redirected_to "/user/terms"
post "/user/save",
:user => { :email => new_email, :email_confirmation => new_email, :display_name => display_name, :auth_provider => "google", :auth_uid => "123454321", :pass_crypt => password, :pass_crypt_confirmation => password }
assert_response :redirect
follow_redirect!
end
end
# Check the page
assert_response :success
assert_template "user/confirm"
ActionMailer::Base.deliveries.clear
end
def test_user_create_google_failure
OmniAuth.config.mock_auth[:google] = :connection_failed
new_email = "newtester-google2@osm.org"
display_name = "new_tester-google2"
assert_difference("User.count", 0) do
assert_difference("ActionMailer::Base.deliveries.size", 0) do
post "/user/new",
:user => { :email => new_email, :email_confirmation => new_email, :display_name => display_name, :auth_provider => "google", :pass_crypt => "", :pass_crypt_confirmation => "" }
assert_response :redirect
assert_redirected_to auth_path(:provider => "google", :origin => "/user/new")
follow_redirect!
assert_response :redirect
assert_redirected_to auth_success_path(:provider => "google")
follow_redirect!
assert_response :redirect
assert_redirected_to auth_failure_path(:strategy => "google", :message => "connection_failed", :origin => "/user/new")
follow_redirect!
assert_response :redirect
follow_redirect!
assert_response :success
assert_template "user/new"
end
end
ActionMailer::Base.deliveries.clear
end
def test_user_create_google_redirect
OmniAuth.config.add_mock(:google, :uid => "123454321", :extra => {
:id_info => { "openid_id" => "http://localhost:1123/new.tester" }
})
new_email = "redirect_tester_google@osm.org"
display_name = "redirect_tester_google"
# nothing special about this page, just need a protected page to redirect back to.
referer = "/traces/mine"
assert_difference("User.count") do
assert_difference("ActionMailer::Base.deliveries.size", 1) do
post "/user/new",
:user => { :email => new_email, :email_confirmation => new_email, :display_name => display_name, :auth_provider => "google", :pass_crypt => "", :pass_crypt_confirmation => "" }, :referer => referer
assert_response :redirect
assert_redirected_to auth_path(:provider => "google", :origin => "/user/new")
follow_redirect!
assert_response :redirect
assert_redirected_to auth_success_path(:provider => "google")
follow_redirect!
assert_response :redirect
assert_redirected_to "/user/terms"
post_via_redirect "/user/save",
:user => { :email => new_email, :email_confirmation => new_email, :display_name => display_name, :auth_provider => "google", :auth_uid => "http://localhost:1123/new.tester", :pass_crypt => "testtest", :pass_crypt_confirmation => "testtest" }
end
end
# Check the e-mail
register_email = ActionMailer::Base.deliveries.first
assert_equal register_email.to[0], new_email
# Check that the confirm account url is correct
confirm_regex = Regexp.new("/user/redirect_tester_google/confirm\\?confirm_string=([a-zA-Z0-9]*)")
register_email.parts.each do |part|
assert_match confirm_regex, part.body.to_s
end
confirm_string = register_email.parts[0].body.match(confirm_regex)[1]
# Check the page
assert_response :success
assert_template "user/confirm"
ActionMailer::Base.deliveries.clear
# Go to the confirmation page
get "/user/#{display_name}/confirm", :confirm_string => confirm_string
assert_response :success
assert_template "user/confirm"
post "/user/#{display_name}/confirm", :confirm_string => confirm_string
assert_response :redirect
follow_redirect!
assert_response :success
assert_template "site/welcome"
end
end

146
test/integration/user_login_test.rb
View file

@ -9,6 +9,7 @@ class UserLoginTest < ActionDispatch::IntegrationTest
def teardown
OmniAuth.config.mock_auth[:openid] = nil
OmniAuth.config.mock_auth[:google] = nil
OmniAuth.config.test_mode = false
end
@ -729,11 +730,12 @@ class UserLoginTest < ActionDispatch::IntegrationTest
def test_login_openid_success
OmniAuth.config.add_mock(:openid, :uid => "http://localhost:1123/john.doe")
get "/login"
get "/login", :referer => "/history"
assert_response :redirect
assert_redirected_to :controller => :user, :action => :login, :cookie_test => true
assert_redirected_to :controller => :user, :action => :login, :cookie_test => true, :referer => "/history"
follow_redirect!
assert_response :success
assert_template "user/login"
post "/login", :openid_url => "http://localhost:1123/john.doe", :referer => "/history"
assert_response :redirect
assert_redirected_to auth_path(:provider => "openid", :openid_url => "http://localhost:1123/john.doe", :origin => "/login")
@ -751,11 +753,12 @@ class UserLoginTest < ActionDispatch::IntegrationTest
def test_login_openid_remember_me
OmniAuth.config.add_mock(:openid, :uid => "http://localhost:1123/john.doe")
get "/login"
get "/login", :referer => "/history"
assert_response :redirect
assert_redirected_to :controller => :user, :action => :login, :cookie_test => true
assert_redirected_to :controller => :user, :action => :login, :cookie_test => true, :referer => "/history"
follow_redirect!
assert_response :success
assert_template "user/login"
post "/login", :openid_url => "http://localhost:1123/john.doe", :remember_me_openid => true, :referer => "/history"
assert_response :redirect
assert_redirected_to auth_path(:provider => "openid", :openid_url => "http://localhost:1123/john.doe", :origin => "/login")
@ -774,11 +777,12 @@ class UserLoginTest < ActionDispatch::IntegrationTest
def test_login_openid_connection_failed
OmniAuth.config.mock_auth[:openid] = :connection_failed
get "/login"
get "/login", :referer => "/history"
assert_response :redirect
assert_redirected_to :controller => :user, :action => :login, :cookie_test => true
assert_redirected_to :controller => :user, :action => :login, :cookie_test => true, :referer => "/history"
follow_redirect!
assert_response :success
assert_template "user/login"
post "/login", :openid_url => "http://localhost:1123/john.doe", :referer => "/history"
assert_response :redirect
assert_redirected_to auth_path(:provider => "openid", :openid_url => "http://localhost:1123/john.doe", :origin => "/login")
@ -800,11 +804,12 @@ class UserLoginTest < ActionDispatch::IntegrationTest
def test_login_openid_invalid_credentials
OmniAuth.config.mock_auth[:openid] = :invalid_credentials
get "/login"
get "/login", :referer => "/history"
assert_response :redirect
assert_redirected_to :controller => :user, :action => :login, :cookie_test => true
assert_redirected_to :controller => :user, :action => :login, :cookie_test => true, :referer => "/history"
follow_redirect!
assert_response :success
assert_template "user/login"
post "/login", :openid_url => "http://localhost:1123/john.doe", :referer => "/history"
assert_response :redirect
assert_redirected_to auth_path(:provider => "openid", :openid_url => "http://localhost:1123/john.doe", :origin => "/login")
@ -826,12 +831,13 @@ class UserLoginTest < ActionDispatch::IntegrationTest
def test_login_openid_unknown
OmniAuth.config.add_mock(:openid, :uid => "http://localhost:1123/fred.bloggs")
get "/login"
get "/login", :referer => "/history"
assert_response :redirect
assert_redirected_to :controller => :user, :action => :login, :cookie_test => true
assert_redirected_to :controller => :user, :action => :login, :cookie_test => true, :referer => "/history"
follow_redirect!
assert_response :success
post "/login", :openid_url => "http://localhost:1123/fred.bloggs", :referer => "/diary"
assert_template "user/login"
post "/login", :openid_url => "http://localhost:1123/fred.bloggs", :referer => "/history"
assert_response :redirect
assert_redirected_to auth_path(:provider => "openid", :openid_url => "http://localhost:1123/fred.bloggs", :origin => "/login")
follow_redirect!
@ -844,4 +850,122 @@ class UserLoginTest < ActionDispatch::IntegrationTest
assert_template "user/new"
assert_select "span.username", false
end
def test_login_google_success
OmniAuth.config.add_mock(:google, :uid => "123456789", :extra => {
:id_info => { "openid_id" => "http://localhost:1123/fred.bloggs" }
})
get "/login", :referer => "/history"
assert_response :redirect
assert_redirected_to "controller" => "user", "action" => "login", "cookie_test" => "true", "referer" => "/history"
follow_redirect!
assert_response :success
assert_template "user/login"
get auth_path(:provider => "google", :origin => "/login")
assert_response :redirect
assert_redirected_to auth_success_path(:provider => "google")
follow_redirect!
assert_response :redirect
follow_redirect!
assert_response :success
assert_template "changeset/history"
assert_select "span.username", "googleuser"
end
def test_login_google_connection_failed
OmniAuth.config.mock_auth[:google] = :connection_failed
get "/login", :referer => "/history"
assert_response :redirect
assert_redirected_to "controller" => "user", "action" => "login", "cookie_test" => "true", "referer" => "/history"
follow_redirect!
assert_response :success
assert_template "user/login"
get auth_path(:provider => "google", :origin => "/login")
assert_response :redirect
assert_redirected_to auth_success_path(:provider => "google")
follow_redirect!
assert_response :redirect
assert_redirected_to auth_failure_path(:strategy => "google", :message => "connection_failed", :origin => "/login")
follow_redirect!
assert_response :redirect
follow_redirect!
assert_response :success
assert_template "login"
assert_select "div.flash.error", "Connection to authentication provider failed"
assert_select "span.username", false
end
def test_login_google_invalid_credentials
OmniAuth.config.mock_auth[:google] = :invalid_credentials
get "/login", :referer => "/history"
assert_response :redirect
assert_redirected_to "controller" => "user", "action" => "login", "cookie_test" => "true", "referer" => "/history"
follow_redirect!
assert_response :success
assert_template "user/login"
get auth_path(:provider => "google", :origin => "/login")
assert_response :redirect
assert_redirected_to auth_success_path(:provider => "google")
follow_redirect!
assert_response :redirect
assert_redirected_to auth_failure_path(:strategy => "google", :message => "invalid_credentials", :origin => "/login")
follow_redirect!
assert_response :redirect
follow_redirect!
assert_response :success
assert_template "login"
assert_select "div.flash.error", "Invalid authentication credentials"
assert_select "span.username", false
end
def test_login_google_unknown
OmniAuth.config.add_mock(:google, :uid => "987654321", :extra => {
:id_info => { "openid_id" => "http://localhost:1123/fred.bloggs" }
})
get "/login", :referer => "/history"
assert_response :redirect
assert_redirected_to "controller" => "user", "action" => "login", "cookie_test" => "true", "referer" => "/history"
follow_redirect!
assert_response :success
assert_template "user/login"
get auth_path(:provider => "google", :origin => "/login")
assert_response :redirect
assert_redirected_to auth_success_path(:provider => "google")
follow_redirect!
assert_response :redirect
follow_redirect!
assert_response :success
assert_template "user/new"
assert_select "span.username", false
end
def test_login_google_upgrade
OmniAuth.config.add_mock(:google, :uid => "987654321", :extra => {
:id_info => { "openid_id" => "http://localhost:1123/john.doe" }
})
get "/login", :referer => "/history"
assert_response :redirect
assert_redirected_to "controller" => "user", "action" => "login", "cookie_test" => "true", "referer" => "/history"
follow_redirect!
assert_response :success
assert_template "user/login"
get auth_path(:provider => "google", :origin => "/login")
assert_response :redirect
assert_redirected_to auth_success_path(:provider => "google")
follow_redirect!
assert_response :redirect
follow_redirect!
assert_response :success
assert_template "changeset/history"
assert_select "span.username", "openIDuser"
user = User.find_by_display_name("openIDuser")
assert_equal "google", user.auth_provider
assert_equal "987654321", user.auth_uid
end
end

6
test/models/user_test.rb
View file

@ -163,7 +163,7 @@ class UserTest < ActiveSupport::TestCase
end
def test_visible
assert_equal 16, User.visible.count
assert_equal 17, User.visible.count
assert_raise ActiveRecord::RecordNotFound do
User.visible.find(users(:suspended_user).id)
end
@ -173,7 +173,7 @@ class UserTest < ActiveSupport::TestCase
end
def test_active
assert_equal 15, User.active.count
assert_equal 16, User.active.count
assert_raise ActiveRecord::RecordNotFound do
User.active.find(users(:inactive_user).id)
end
@ -186,7 +186,7 @@ class UserTest < ActiveSupport::TestCase
end
def test_identifiable
assert_equal 17, User.identifiable.count
assert_equal 18, User.identifiable.count
assert_raise ActiveRecord::RecordNotFound do
User.identifiable.find(users(:normal_user).id)
end