spec/routes/auth_spec.rb in osso-0.0.5.pre.gamma vs spec/routes/auth_spec.rb in osso-0.0.5.pre.iota
- old
+ new
@@ -1,10 +1,13 @@
# frozen_string_literal: true
require 'spec_helper'
describe Osso::Auth do
+ before do
+ described_class.set(:views, spec_views)
+ end
describe 'get /auth/saml/:uuid' do
describe 'for an Okta SAML provider' do
let(:enterprise) { create(:enterprise_with_okta) }
let(:okta_provider) { enterprise.identity_providers.first }
it 'uses omniauth saml' do
@@ -41,11 +44,10 @@
post(
"/auth/saml/#{okta_provider.id}/callback",
nil,
{
'omniauth.auth' => OmniAuth.config.mock_auth[:saml],
- 'identity_provider' => okta_provider,
},
)
end.to change { Osso::Models::User.count }.by(1)
end
@@ -56,11 +58,10 @@
post(
"/auth/saml/#{okta_provider.id}/callback",
nil,
{
'omniauth.auth' => OmniAuth.config.mock_auth[:saml],
- 'identity_provider' => okta_provider,
},
)
end.to change { Osso::Models::AuthorizationCode.count }.by(1)
end
@@ -71,11 +72,10 @@
post(
"/auth/saml/#{okta_provider.id}/callback",
nil,
{
'omniauth.auth' => OmniAuth.config.mock_auth[:saml],
- 'identity_provider' => okta_provider,
},
)
expect(last_response).to be_redirect
follow_redirect!
expect(last_request.url).to match(/.*state=IDP_INITIATED$/)
@@ -97,25 +97,23 @@
post(
"/auth/saml/#{okta_provider.id}/callback",
nil,
{
'omniauth.auth' => OmniAuth.config.mock_auth[:saml],
- 'identity_provider' => okta_provider,
},
)
end.to_not(change { Osso::Models::User.count })
end
it 'marks the provider as ACTIVE' do
post(
"/auth/saml/#{okta_provider.id}/callback",
nil,
{
'omniauth.auth' => OmniAuth.config.mock_auth[:saml],
- 'identity_provider' => okta_provider,
},
)
- expect(okta_provider.reload.status).to eq('ACTIVE')
+ expect(okta_provider.reload.status).to eq('active')
end
end
end
describe 'for an (Azure) ADFS SAML provider' do
@@ -130,11 +128,10 @@
post(
"/auth/saml/#{azure_provider.id}/callback",
nil,
{
'omniauth.auth' => OmniAuth.config.mock_auth[:saml],
- 'identity_provider' => azure_provider,
},
)
end.to change { Osso::Models::User.count }.by(1)
end
@@ -144,15 +141,14 @@
post(
"/auth/saml/#{azure_provider.id}/callback",
nil,
{
'omniauth.auth' => OmniAuth.config.mock_auth[:saml],
- 'identity_provider' => azure_provider,
},
)
- expect(azure_provider.reload.status).to eq('ACTIVE')
+ expect(azure_provider.reload.status).to eq('active')
end
end
describe 'on subsequent authentications' do
let!(:enterprise) { create(:enterprise_with_azure) }
@@ -168,14 +164,49 @@
post(
"/auth/saml/#{azure_provider.id}/callback",
nil,
{
'omniauth.auth' => OmniAuth.config.mock_auth[:saml],
- 'identity_provider' => azure_provider,
},
)
end.to_not(change { Osso::Models::User.count })
end
+ end
+ end
+ end
+
+ context 'with an invalid SAML response' do
+ describe 'post /auth/saml/:uuid/callback' do
+ let!(:enterprise) { create(:enterprise_with_azure) }
+ let!(:azure_provider) { enterprise.provider }
+
+ it 'raises an error when email is missing' do
+ mock_saml_omniauth(email: nil, id: SecureRandom.uuid)
+
+
+ response = post(
+ "/auth/saml/#{azure_provider.id}/callback",
+ nil,
+ {
+ 'omniauth.auth' => OmniAuth.config.mock_auth[:saml],
+ },
+ )
+
+ expect(response.body).to eq('Osso::Error::MissingSamlEmailAttributeError')
+ end
+
+ it 'raises an error when id is missing' do
+ mock_saml_omniauth(email: Faker::Internet.email, id: nil)
+
+ response = post(
+ "/auth/saml/#{azure_provider.id}/callback",
+ nil,
+ {
+ 'omniauth.auth' => OmniAuth.config.mock_auth[:saml],
+ },
+ )
+
+ expect(response.body).to eq('Osso::Error::MissingSamlIdAttributeError')
end
end
end
end