spec/routes/auth_spec.rb in osso-0.0.5.pre.delta vs spec/routes/auth_spec.rb in osso-0.0.5.pre.epsilon
- old
+ new
@@ -41,11 +41,10 @@
post(
"/auth/saml/#{okta_provider.id}/callback",
nil,
{
'omniauth.auth' => OmniAuth.config.mock_auth[:saml],
- 'identity_provider' => okta_provider,
},
)
end.to change { Osso::Models::User.count }.by(1)
end
@@ -56,11 +55,10 @@
post(
"/auth/saml/#{okta_provider.id}/callback",
nil,
{
'omniauth.auth' => OmniAuth.config.mock_auth[:saml],
- 'identity_provider' => okta_provider,
},
)
end.to change { Osso::Models::AuthorizationCode.count }.by(1)
end
@@ -71,11 +69,10 @@
post(
"/auth/saml/#{okta_provider.id}/callback",
nil,
{
'omniauth.auth' => OmniAuth.config.mock_auth[:saml],
- 'identity_provider' => okta_provider,
},
)
expect(last_response).to be_redirect
follow_redirect!
expect(last_request.url).to match(/.*state=IDP_INITIATED$/)
@@ -97,22 +94,20 @@
post(
"/auth/saml/#{okta_provider.id}/callback",
nil,
{
'omniauth.auth' => OmniAuth.config.mock_auth[:saml],
- 'identity_provider' => okta_provider,
},
)
end.to_not(change { Osso::Models::User.count })
end
it 'marks the provider as ACTIVE' do
post(
"/auth/saml/#{okta_provider.id}/callback",
nil,
{
'omniauth.auth' => OmniAuth.config.mock_auth[:saml],
- 'identity_provider' => okta_provider,
},
)
expect(okta_provider.reload.status).to eq('ACTIVE')
end
end
@@ -130,11 +125,10 @@
post(
"/auth/saml/#{azure_provider.id}/callback",
nil,
{
'omniauth.auth' => OmniAuth.config.mock_auth[:saml],
- 'identity_provider' => azure_provider,
},
)
end.to change { Osso::Models::User.count }.by(1)
end
@@ -144,11 +138,10 @@
post(
"/auth/saml/#{azure_provider.id}/callback",
nil,
{
'omniauth.auth' => OmniAuth.config.mock_auth[:saml],
- 'identity_provider' => azure_provider,
},
)
expect(azure_provider.reload.status).to eq('ACTIVE')
end
@@ -168,14 +161,48 @@
post(
"/auth/saml/#{azure_provider.id}/callback",
nil,
{
'omniauth.auth' => OmniAuth.config.mock_auth[:saml],
- 'identity_provider' => azure_provider,
},
)
end.to_not(change { Osso::Models::User.count })
end
+ end
+ end
+ end
+
+ context 'with an invalid SAML response' do
+ describe 'post /auth/saml/:uuid/callback' do
+ let!(:enterprise) { create(:enterprise_with_azure) }
+ let!(:azure_provider) { enterprise.provider }
+
+ it 'raises an error when email is missing' do
+ mock_saml_omniauth(email: nil, id: SecureRandom.uuid)
+
+ expect do
+ post(
+ "/auth/saml/#{azure_provider.id}/callback",
+ nil,
+ {
+ 'omniauth.auth' => OmniAuth.config.mock_auth[:saml],
+ },
+ )
+ end.to raise_error(Osso::Error::MissingSamlEmailAttributeError)
+ end
+
+ it 'raises an error when id is missing' do
+ mock_saml_omniauth(email: Faker::Internet.email, id: nil)
+
+ expect do
+ post(
+ "/auth/saml/#{azure_provider.id}/callback",
+ nil,
+ {
+ 'omniauth.auth' => OmniAuth.config.mock_auth[:saml],
+ },
+ )
+ end.to raise_error(Osso::Error::MissingSamlIdAttributeError)
end
end
end
end