From: Tom Hughes Date: Sat, 28 Feb 2015 17:35:57 +0000 (+0000) Subject: Add tests for Google OAuth authentication X-Git-Tag: live~4101 X-Git-Url: https://git.openstreetmap.org/rails.git/commitdiff_plain/ddaf43bc0ecc59f9417118000bb8d2f041cfe6bf Add tests for Google OAuth authentication --- diff --git a/config/example.application.yml b/config/example.application.yml index bb556d2c9..34db9d766 100644 --- a/config/example.application.yml +++ b/config/example.application.yml @@ -103,3 +103,7 @@ test: <<: *defaults # Geonames credentials for testing geonames_username: "dummy" + # External authentication credentials for testing + google_auth_id: "dummy" + google_auth_secret: "dummy" + google_openid_realm: "https://www.openstreetmap.org" diff --git a/test/controllers/user_controller_test.rb b/test/controllers/user_controller_test.rb index d39eaec23..7a1310d6e 100644 --- a/test/controllers/user_controller_test.rb +++ b/test/controllers/user_controller_test.rb @@ -1321,7 +1321,7 @@ class UserControllerTest < ActionController::TestCase get :list, :page => 3 assert_response :success assert_template :list - assert_select "table#user_list tr", :count => 19 + assert_select "table#user_list tr", :count => 20 end def test_list_post_confirm diff --git a/test/fixtures/users.yml b/test/fixtures/users.yml index 32a4e0387..9c5499b6e 100644 --- a/test/fixtures/users.yml +++ b/test/fixtures/users.yml @@ -49,7 +49,7 @@ inactive_user: terms_seen: true languages: en email_valid: false - + second_public_user: id: 4 email: public@OpenStreetMap.org @@ -248,3 +248,17 @@ german_user: terms_agreed: "2010-01-01 11:22:33" terms_seen: true languages: de + +google_user: + id: 19 + email: google-user@example.com + status: active + pass_crypt: <%= Digest::MD5.hexdigest('test') %> + creation_time: "2008-05-01 01:23:45" + display_name: googleuser + data_public: true + auth_provider: google + auth_uid: 123456789 + terms_agreed: "2010-01-01 11:22:33" + terms_seen: true + languages: en diff --git a/test/integration/user_creation_test.rb b/test/integration/user_creation_test.rb index 622434e59..1a09e6718 100644 --- a/test/integration/user_creation_test.rb +++ b/test/integration/user_creation_test.rb @@ -13,6 +13,7 @@ class UserCreationTest < ActionDispatch::IntegrationTest I18n.locale = "en" OmniAuth.config.mock_auth[:openid] = nil + OmniAuth.config.mock_auth[:google] = nil OmniAuth.config.test_mode = false end @@ -263,4 +264,121 @@ class UserCreationTest < ActionDispatch::IntegrationTest assert_response :success assert_template "site/welcome" end + + def test_user_create_google_success + OmniAuth.config.add_mock(:google, :uid => "123454321", :extra => { + :id_info => { "openid_id" => "http://localhost:1123/new.tester" } + }) + + new_email = "newtester-google@osm.org" + display_name = "new_tester-google" + password = "testtest" + assert_difference("User.count") do + assert_difference("ActionMailer::Base.deliveries.size", 1) do + post "/user/new", + :user => { :email => new_email, :email_confirmation => new_email, :display_name => display_name, :auth_provider => "google", :pass_crypt => "", :pass_crypt_confirmation => "" } + assert_response :redirect + assert_redirected_to auth_path(:provider => "google", :origin => "/user/new") + follow_redirect! + assert_response :redirect + assert_redirected_to auth_success_path(:provider => "google") + follow_redirect! + assert_response :redirect + assert_redirected_to "/user/terms" + post "/user/save", + :user => { :email => new_email, :email_confirmation => new_email, :display_name => display_name, :auth_provider => "google", :auth_uid => "123454321", :pass_crypt => password, :pass_crypt_confirmation => password } + assert_response :redirect + follow_redirect! + end + end + + # Check the page + assert_response :success + assert_template "user/confirm" + + ActionMailer::Base.deliveries.clear + end + + def test_user_create_google_failure + OmniAuth.config.mock_auth[:google] = :connection_failed + + new_email = "newtester-google2@osm.org" + display_name = "new_tester-google2" + assert_difference("User.count", 0) do + assert_difference("ActionMailer::Base.deliveries.size", 0) do + post "/user/new", + :user => { :email => new_email, :email_confirmation => new_email, :display_name => display_name, :auth_provider => "google", :pass_crypt => "", :pass_crypt_confirmation => "" } + assert_response :redirect + assert_redirected_to auth_path(:provider => "google", :origin => "/user/new") + follow_redirect! + assert_response :redirect + assert_redirected_to auth_success_path(:provider => "google") + follow_redirect! + assert_response :redirect + assert_redirected_to auth_failure_path(:strategy => "google", :message => "connection_failed", :origin => "/user/new") + follow_redirect! + assert_response :redirect + follow_redirect! + assert_response :success + assert_template "user/new" + end + end + + ActionMailer::Base.deliveries.clear + end + + def test_user_create_google_redirect + OmniAuth.config.add_mock(:google, :uid => "123454321", :extra => { + :id_info => { "openid_id" => "http://localhost:1123/new.tester" } + }) + + new_email = "redirect_tester_google@osm.org" + display_name = "redirect_tester_google" + # nothing special about this page, just need a protected page to redirect back to. + referer = "/traces/mine" + assert_difference("User.count") do + assert_difference("ActionMailer::Base.deliveries.size", 1) do + post "/user/new", + :user => { :email => new_email, :email_confirmation => new_email, :display_name => display_name, :auth_provider => "google", :pass_crypt => "", :pass_crypt_confirmation => "" }, :referer => referer + assert_response :redirect + assert_redirected_to auth_path(:provider => "google", :origin => "/user/new") + follow_redirect! + assert_response :redirect + assert_redirected_to auth_success_path(:provider => "google") + follow_redirect! + assert_response :redirect + assert_redirected_to "/user/terms" + post_via_redirect "/user/save", + :user => { :email => new_email, :email_confirmation => new_email, :display_name => display_name, :auth_provider => "google", :auth_uid => "http://localhost:1123/new.tester", :pass_crypt => "testtest", :pass_crypt_confirmation => "testtest" } + end + end + + # Check the e-mail + register_email = ActionMailer::Base.deliveries.first + + assert_equal register_email.to[0], new_email + # Check that the confirm account url is correct + confirm_regex = Regexp.new("/user/redirect_tester_google/confirm\\?confirm_string=([a-zA-Z0-9]*)") + register_email.parts.each do |part| + assert_match confirm_regex, part.body.to_s + end + confirm_string = register_email.parts[0].body.match(confirm_regex)[1] + + # Check the page + assert_response :success + assert_template "user/confirm" + + ActionMailer::Base.deliveries.clear + + # Go to the confirmation page + get "/user/#{display_name}/confirm", :confirm_string => confirm_string + assert_response :success + assert_template "user/confirm" + + post "/user/#{display_name}/confirm", :confirm_string => confirm_string + assert_response :redirect + follow_redirect! + assert_response :success + assert_template "site/welcome" + end end diff --git a/test/integration/user_login_test.rb b/test/integration/user_login_test.rb index 9fbb28f63..258dd5e52 100644 --- a/test/integration/user_login_test.rb +++ b/test/integration/user_login_test.rb @@ -9,6 +9,7 @@ class UserLoginTest < ActionDispatch::IntegrationTest def teardown OmniAuth.config.mock_auth[:openid] = nil + OmniAuth.config.mock_auth[:google] = nil OmniAuth.config.test_mode = false end @@ -729,11 +730,12 @@ class UserLoginTest < ActionDispatch::IntegrationTest def test_login_openid_success OmniAuth.config.add_mock(:openid, :uid => "http://localhost:1123/john.doe") - get "/login" + get "/login", :referer => "/history" assert_response :redirect - assert_redirected_to :controller => :user, :action => :login, :cookie_test => true + assert_redirected_to :controller => :user, :action => :login, :cookie_test => true, :referer => "/history" follow_redirect! assert_response :success + assert_template "user/login" post "/login", :openid_url => "http://localhost:1123/john.doe", :referer => "/history" assert_response :redirect assert_redirected_to auth_path(:provider => "openid", :openid_url => "http://localhost:1123/john.doe", :origin => "/login") @@ -751,11 +753,12 @@ class UserLoginTest < ActionDispatch::IntegrationTest def test_login_openid_remember_me OmniAuth.config.add_mock(:openid, :uid => "http://localhost:1123/john.doe") - get "/login" + get "/login", :referer => "/history" assert_response :redirect - assert_redirected_to :controller => :user, :action => :login, :cookie_test => true + assert_redirected_to :controller => :user, :action => :login, :cookie_test => true, :referer => "/history" follow_redirect! assert_response :success + assert_template "user/login" post "/login", :openid_url => "http://localhost:1123/john.doe", :remember_me_openid => true, :referer => "/history" assert_response :redirect assert_redirected_to auth_path(:provider => "openid", :openid_url => "http://localhost:1123/john.doe", :origin => "/login") @@ -774,11 +777,12 @@ class UserLoginTest < ActionDispatch::IntegrationTest def test_login_openid_connection_failed OmniAuth.config.mock_auth[:openid] = :connection_failed - get "/login" + get "/login", :referer => "/history" assert_response :redirect - assert_redirected_to :controller => :user, :action => :login, :cookie_test => true + assert_redirected_to :controller => :user, :action => :login, :cookie_test => true, :referer => "/history" follow_redirect! assert_response :success + assert_template "user/login" post "/login", :openid_url => "http://localhost:1123/john.doe", :referer => "/history" assert_response :redirect assert_redirected_to auth_path(:provider => "openid", :openid_url => "http://localhost:1123/john.doe", :origin => "/login") @@ -800,11 +804,12 @@ class UserLoginTest < ActionDispatch::IntegrationTest def test_login_openid_invalid_credentials OmniAuth.config.mock_auth[:openid] = :invalid_credentials - get "/login" + get "/login", :referer => "/history" assert_response :redirect - assert_redirected_to :controller => :user, :action => :login, :cookie_test => true + assert_redirected_to :controller => :user, :action => :login, :cookie_test => true, :referer => "/history" follow_redirect! assert_response :success + assert_template "user/login" post "/login", :openid_url => "http://localhost:1123/john.doe", :referer => "/history" assert_response :redirect assert_redirected_to auth_path(:provider => "openid", :openid_url => "http://localhost:1123/john.doe", :origin => "/login") @@ -826,12 +831,13 @@ class UserLoginTest < ActionDispatch::IntegrationTest def test_login_openid_unknown OmniAuth.config.add_mock(:openid, :uid => "http://localhost:1123/fred.bloggs") - get "/login" + get "/login", :referer => "/history" assert_response :redirect - assert_redirected_to :controller => :user, :action => :login, :cookie_test => true + assert_redirected_to :controller => :user, :action => :login, :cookie_test => true, :referer => "/history" follow_redirect! assert_response :success - post "/login", :openid_url => "http://localhost:1123/fred.bloggs", :referer => "/diary" + assert_template "user/login" + post "/login", :openid_url => "http://localhost:1123/fred.bloggs", :referer => "/history" assert_response :redirect assert_redirected_to auth_path(:provider => "openid", :openid_url => "http://localhost:1123/fred.bloggs", :origin => "/login") follow_redirect! @@ -844,4 +850,122 @@ class UserLoginTest < ActionDispatch::IntegrationTest assert_template "user/new" assert_select "span.username", false end + + def test_login_google_success + OmniAuth.config.add_mock(:google, :uid => "123456789", :extra => { + :id_info => { "openid_id" => "http://localhost:1123/fred.bloggs" } + }) + + get "/login", :referer => "/history" + assert_response :redirect + assert_redirected_to "controller" => "user", "action" => "login", "cookie_test" => "true", "referer" => "/history" + follow_redirect! + assert_response :success + assert_template "user/login" + get auth_path(:provider => "google", :origin => "/login") + assert_response :redirect + assert_redirected_to auth_success_path(:provider => "google") + follow_redirect! + assert_response :redirect + follow_redirect! + assert_response :success + assert_template "changeset/history" + assert_select "span.username", "googleuser" + end + + def test_login_google_connection_failed + OmniAuth.config.mock_auth[:google] = :connection_failed + + get "/login", :referer => "/history" + assert_response :redirect + assert_redirected_to "controller" => "user", "action" => "login", "cookie_test" => "true", "referer" => "/history" + follow_redirect! + assert_response :success + assert_template "user/login" + get auth_path(:provider => "google", :origin => "/login") + assert_response :redirect + assert_redirected_to auth_success_path(:provider => "google") + follow_redirect! + assert_response :redirect + assert_redirected_to auth_failure_path(:strategy => "google", :message => "connection_failed", :origin => "/login") + follow_redirect! + assert_response :redirect + follow_redirect! + assert_response :success + assert_template "login" + assert_select "div.flash.error", "Connection to authentication provider failed" + assert_select "span.username", false + end + + def test_login_google_invalid_credentials + OmniAuth.config.mock_auth[:google] = :invalid_credentials + + get "/login", :referer => "/history" + assert_response :redirect + assert_redirected_to "controller" => "user", "action" => "login", "cookie_test" => "true", "referer" => "/history" + follow_redirect! + assert_response :success + assert_template "user/login" + get auth_path(:provider => "google", :origin => "/login") + assert_response :redirect + assert_redirected_to auth_success_path(:provider => "google") + follow_redirect! + assert_response :redirect + assert_redirected_to auth_failure_path(:strategy => "google", :message => "invalid_credentials", :origin => "/login") + follow_redirect! + assert_response :redirect + follow_redirect! + assert_response :success + assert_template "login" + assert_select "div.flash.error", "Invalid authentication credentials" + assert_select "span.username", false + end + + def test_login_google_unknown + OmniAuth.config.add_mock(:google, :uid => "987654321", :extra => { + :id_info => { "openid_id" => "http://localhost:1123/fred.bloggs" } + }) + + get "/login", :referer => "/history" + assert_response :redirect + assert_redirected_to "controller" => "user", "action" => "login", "cookie_test" => "true", "referer" => "/history" + follow_redirect! + assert_response :success + assert_template "user/login" + get auth_path(:provider => "google", :origin => "/login") + assert_response :redirect + assert_redirected_to auth_success_path(:provider => "google") + follow_redirect! + assert_response :redirect + follow_redirect! + assert_response :success + assert_template "user/new" + assert_select "span.username", false + end + + def test_login_google_upgrade + OmniAuth.config.add_mock(:google, :uid => "987654321", :extra => { + :id_info => { "openid_id" => "http://localhost:1123/john.doe" } + }) + + get "/login", :referer => "/history" + assert_response :redirect + assert_redirected_to "controller" => "user", "action" => "login", "cookie_test" => "true", "referer" => "/history" + follow_redirect! + assert_response :success + assert_template "user/login" + get auth_path(:provider => "google", :origin => "/login") + assert_response :redirect + assert_redirected_to auth_success_path(:provider => "google") + follow_redirect! + assert_response :redirect + follow_redirect! + assert_response :success + assert_template "changeset/history" + assert_select "span.username", "openIDuser" + + user = User.find_by_display_name("openIDuser") + assert_equal "google", user.auth_provider + assert_equal "987654321", user.auth_uid + end end diff --git a/test/models/user_test.rb b/test/models/user_test.rb index b5a9f45ff..605eb73b9 100644 --- a/test/models/user_test.rb +++ b/test/models/user_test.rb @@ -163,7 +163,7 @@ class UserTest < ActiveSupport::TestCase end def test_visible - assert_equal 16, User.visible.count + assert_equal 17, User.visible.count assert_raise ActiveRecord::RecordNotFound do User.visible.find(users(:suspended_user).id) end @@ -173,7 +173,7 @@ class UserTest < ActiveSupport::TestCase end def test_active - assert_equal 15, User.active.count + assert_equal 16, User.active.count assert_raise ActiveRecord::RecordNotFound do User.active.find(users(:inactive_user).id) end @@ -186,7 +186,7 @@ class UserTest < ActiveSupport::TestCase end def test_identifiable - assert_equal 17, User.identifiable.count + assert_equal 18, User.identifiable.count assert_raise ActiveRecord::RecordNotFound do User.identifiable.find(users(:normal_user).id) end