Merge pull request #4213 from fantasticfears/sso

FIX: Importing user avatar when new user login by SSO
This commit is contained in:
Sam 2016-09-01 18:05:18 -07:00 committed by GitHub
commit 211c374df6
3 changed files with 73 additions and 1 deletions

View File

@ -80,6 +80,7 @@ class DiscourseSingleSignOn < SingleSignOn
user.moderator = moderator unless moderator.nil?
# optionally save the user and sso_record if they have changed
user.user_avatar.save! if user.user_avatar
user.save!
if bio && (user.user_profile.bio_raw.blank? || SiteSetting.sso_overrides_bio)
@ -118,11 +119,13 @@ class DiscourseSingleSignOn < SingleSignOn
sso_record.last_payload = unsigned_payload
sso_record.external_id = external_id
else
UserAvatar.import_url_for_user(avatar_url, user) if avatar_url.present?
user.create_single_sign_on_record(last_payload: unsigned_payload,
external_id: external_id,
external_username: username,
external_email: email,
external_name: name)
external_name: name,
external_avatar_url: avatar_url)
end
end

View File

@ -376,6 +376,63 @@ describe SessionController do
end
end
describe '.sso_provider' do
before do
SiteSetting.enable_sso_provider = true
SiteSetting.enable_sso = false
SiteSetting.enable_local_logins = true
SiteSetting.sso_secret = "topsecret"
@sso = SingleSignOn.new
@sso.nonce = "mynonce"
@sso.sso_secret = SiteSetting.sso_secret
@sso.return_sso_url = "http://somewhere.over.rainbow/sso"
@user = Fabricate(:user, password: "frogs", active: true, admin: true)
EmailToken.update_all(confirmed: true)
end
it "successfully logs in and redirects user to return_sso_url when the user is not logged in" do
get :sso_provider, Rack::Utils.parse_query(@sso.payload)
expect(response).to redirect_to("/login")
xhr :post, :create, login: @user.username, password: "frogs", format: :json
location = cookies[:sso_destination_url]
# javascript code will handle redirection of user to return_sso_url
expect(location).to match(/^http:\/\/somewhere.over.rainbow\/sso/)
payload = location.split("?")[1]
sso2 = SingleSignOn.parse(payload, "topsecret")
expect(sso2.email).to eq(@user.email)
expect(sso2.name).to eq(@user.name)
expect(sso2.username).to eq(@user.username)
expect(sso2.external_id).to eq(@user.id.to_s)
expect(sso2.admin).to eq(true)
expect(sso2.moderator).to eq(false)
end
it "successfully redirects user to return_sso_url when the user is logged in" do
log_in_user(@user)
get :sso_provider, Rack::Utils.parse_query(@sso.payload)
location = response.header["Location"]
expect(location).to match(/^http:\/\/somewhere.over.rainbow\/sso/)
payload = location.split("?")[1]
sso2 = SingleSignOn.parse(payload, "topsecret")
expect(sso2.email).to eq(@user.email)
expect(sso2.name).to eq(@user.name)
expect(sso2.username).to eq(@user.username)
expect(sso2.external_id).to eq(@user.id.to_s)
expect(sso2.admin).to eq(true)
expect(sso2.moderator).to eq(false)
end
end
describe '.create' do
let(:user) { Fabricate(:user) }

View File

@ -19,6 +19,12 @@ describe DiscourseSingleSignOn do
sso.username = "sam"
sso.name = "sam saffron"
sso.external_id = "100"
sso.avatar_url = "https://cdn.discourse.org/user_avatar.png"
sso.avatar_force_update = false
sso.bio = "about"
sso.admin = false
sso.moderator = false
sso.suppress_welcome_message = false
sso.require_activation = false
sso.custom_fields["a"] = "Aa"
sso.custom_fields["b.b"] = "B.b"
@ -31,6 +37,12 @@ describe DiscourseSingleSignOn do
expect(parsed.username).to eq sso.username
expect(parsed.name).to eq sso.name
expect(parsed.external_id).to eq sso.external_id
expect(parsed.avatar_url).to eq sso.avatar_url
expect(parsed.avatar_force_update).to eq sso.avatar_force_update
expect(parsed.bio).to eq sso.bio
expect(parsed.admin).to eq sso.admin
expect(parsed.moderator).to eq sso.moderator
expect(parsed.suppress_welcome_message).to eq sso.suppress_welcome_message
expect(parsed.require_activation).to eq false
expect(parsed.custom_fields["a"]).to eq "Aa"
expect(parsed.custom_fields["b.b"]).to eq "B.b"