require File.dirname(__FILE__) + '/../../spec_helper' describe OmniAuth::Strategies::Crowd, :type=>:strategy do include OmniAuth::Test::StrategyTestCase def strategy @crowd_server_url ||= 'https://crowd.example.org' @application_name ||= 'bogus_app' @application_password ||= 'bogus_app_password' [OmniAuth::Strategies::Crowd, {:crowd_server_url => @crowd_server_url, :application_name=>@application_name, :application_password=>@application_password}] end describe 'GET /auth/crowd' do before do get '/auth/crowd' end it 'should show the login form' do last_response.should be_ok end end describe 'POST /auth/crowd' do before do post '/auth/crowd', :username=>'foo', :password=>'bar' end it 'should redirect to callback' do last_response.should be_redirect last_response.headers['Location'].should == 'http://example.org/auth/crowd/callback' end end describe 'GET /auth/crowd/callback without any credentials' do before do get '/auth/crowd/callback' end it 'should fail' do last_response.should be_redirect last_response.headers['Location'].should =~ /no_credentials/ end end describe 'GET /auth/crowd/callback with credentials can be successful' do before do stub_request(:post, "https://bogus_app:bogus_app_password@crowd.example.org/rest/usermanagement/latest/authentication?username=foo"). to_return(:body => File.read(File.join(File.dirname(__FILE__), '..', '..', 'fixtures', 'success.xml'))) stub_request(:get, "https://bogus_app:bogus_app_password@crowd.example.org/rest/usermanagement/latest/user/group/direct?username=foo"). to_return(:body => File.read(File.join(File.dirname(__FILE__), '..', '..', 'fixtures', 'groups.xml'))) get '/auth/crowd/callback', nil, 'rack.session'=>{'omniauth.crowd'=> {"username"=>"foo", "password"=>"ba"}} end it 'should call through to the master app' do last_response.body.should == 'true' end it 'should have an auth hash' do auth = last_request.env['omniauth.auth'] auth.should be_kind_of(Hash) end it 'should have good data' do auth = last_request.env['omniauth.auth']['provider'].should == :crowd auth = last_request.env['omniauth.auth']['uid'].should == 'foo' auth = last_request.env['omniauth.auth']['user_info'].should be_kind_of(Hash) auth = last_request.env['omniauth.auth']['user_info']['groups'].sort.should == ["Developers", "jira-users"].sort end end describe 'GET /auth/crowd/callback with credentials will fail' do before do stub_request(:post, "https://bogus_app:bogus_app_password@crowd.example.org/rest/usermanagement/latest/authentication?username=foo"). to_return(:code=>400) get '/auth/crowd/callback', nil, 'rack.session'=>{'omniauth.crowd'=> {"username"=>"foo", "password"=>"ba"}} end it 'should fail' do last_response.should be_redirect last_response.headers['Location'].should =~ /invalid_credentials/ end end end