RubygemsResearch

Sha256: f97c6553706019f2a4d8d037f01ab8185f65b1bacc713a3bc4b58074b7771c3f

Contents?: true

Size: 1.87 KB

Versions: 21

Compression:

Stored size: 1.87 KB

# frozen_string_literal: true

require 'test_helper'

#  was the web request successful?
#  was the user redirected to the right page?
#  was the user successfully authenticated?
#  was the correct object stored in the response?
#  was the appropriate message delivered in the json payload?

class Overrides::PasswordsControllerTest < ActionDispatch::IntegrationTest
  include OverridesControllersRoutes

  describe Overrides::PasswordsController do
    before do
      @resource = create(:user, :confirmed)

      post '/evil_user_auth/password',
           params: {
             email: @resource.email,
             redirect_url: Faker::Internet.url
           }

      mail = ActionMailer::Base.deliveries.last
      @resource.reload

      mail_reset_token  = mail.body.match(/reset_password_token=(.*)\"/)[1]
      mail_redirect_url = CGI.unescape(mail.body.match(/redirect_url=([^&]*)&/)[1])

      get '/evil_user_auth/password/edit',
          params: {
            reset_password_token: mail_reset_token,
            redirect_url: mail_redirect_url
          }

      @resource.reload

      _, raw_query_string = response.location.split('?')
      @query_string = Rack::Utils.parse_nested_query(raw_query_string)
    end

    test 'response should have success redirect status' do
      assert_equal 302, response.status
    end

    test 'response should contain auth params + override proof' do
      assert @query_string['access-token']
      assert @query_string['client']
      assert @query_string['client_id']
      assert @query_string['expiry']
      assert @query_string['override_proof']
      assert @query_string['reset_password']
      assert @query_string['token']
      assert @query_string['uid']
    end

    test 'override proof is correct' do
      assert_equal(
        @query_string['override_proof'],
        Overrides::PasswordsController::OVERRIDE_PROOF
      )
    end
  end
end

Version data entries

21 entries across 21 versions & 6 rubygems

Version	Path
devise_token_auth-1.2.5	test/controllers/overrides/passwords_controller_test.rb
devise_token_auth-1.2.4	test/controllers/overrides/passwords_controller_test.rb
devise_token_auth-1.2.2	test/controllers/overrides/passwords_controller_test.rb
devise_token_auth-1.2.1	test/controllers/overrides/passwords_controller_test.rb
devise_token_auth-1.2.0	test/controllers/overrides/passwords_controller_test.rb
devise_token_auth-1.1.5	test/controllers/overrides/passwords_controller_test.rb
sidecar_token_auth-1.0.1	test/controllers/overrides/passwords_controller_test.rb
devise_token_auth-1.1.4	test/controllers/overrides/passwords_controller_test.rb
devise_token_auth_multitenancy-1.1.3.2	test/controllers/overrides/passwords_controller_test.rb
devise_token_auth_multitenancy-1.1.3.1	test/controllers/overrides/passwords_controller_test.rb
devise_token_auth_multitenancy-1.1.3.alpha1	test/controllers/overrides/passwords_controller_test.rb
devise-tokens-1.0.4	test/controllers/overrides/passwords_controller_test.rb
devise_token_auth-1.1.3	test/controllers/overrides/passwords_controller_test.rb
devise_token_auth-1.1.2	test/controllers/overrides/passwords_controller_test.rb
devise_token_auth-1.1.1	test/controllers/overrides/passwords_controller_test.rb
devise_token_auth-1.1.0	test/controllers/overrides/passwords_controller_test.rb
devise_token_auth_fork_dfabarbosa-1.0.0	test/controllers/overrides/passwords_controller_test.rb
devise_token_auth_skycocker_fork-1.0.0	test/controllers/overrides/passwords_controller_test.rb
devise_token_auth-1.0.0	test/controllers/overrides/passwords_controller_test.rb
devise_token_auth-1.0.0.rc2	test/controllers/overrides/passwords_controller_test.rb