discourse/spec/system/social_authentication_spec.rb

364 lines
12 KiB
Ruby

# frozen_string_literal: true
shared_context "with omniauth setup" do |signup_page_object, login_page_object|
include OmniauthHelpers
let(:login_form) { login_page_object }
let(:signup_form) { signup_page_object }
before { OmniAuth.config.test_mode = true }
end
shared_examples "social authentication scenarios" do |signup_page_object, login_page_object|
include_context "with omniauth setup", signup_page_object, login_page_object
context "when user does not exist" do
context "with Facebook" do
before { SiteSetting.enable_facebook_logins = true }
after { reset_omniauth_config(:facebook) }
it "fills the signup form" do
mock_facebook_auth
visit("/")
signup_form.open.click_social_button("facebook")
expect(signup_form).to be_open
expect(signup_form).to have_no_password_input
expect(signup_form).to have_valid_username
expect(signup_form).to have_valid_email
signup_form.click_create_account
expect(page).to have_css(".header-dropdown-toggle.current-user")
end
end
context "with Google" do
before { SiteSetting.enable_google_oauth2_logins = true }
after { reset_omniauth_config(:google_oauth2) }
it "fills the signup form" do
mock_google_auth
visit("/")
signup_form.open.click_social_button("google_oauth2")
expect(signup_form).to be_open
expect(signup_form).to have_no_password_input
expect(signup_form).to have_valid_username
expect(signup_form).to have_valid_email
signup_form.click_create_account
expect(page).to have_css(".header-dropdown-toggle.current-user")
end
context "when the email is not verified" do
it "needs to verify email" do
mock_google_auth(verified: false)
visit("/")
signup_form.open.click_social_button("google_oauth2")
expect(signup_form).to be_open
expect(signup_form).to have_no_password_input
expect(signup_form).to have_valid_username
expect(signup_form).to have_valid_email
signup_form.click_create_account
expect(page).to have_css(".account-created")
end
end
end
context "with Github" do
before { SiteSetting.enable_github_logins = true }
after { reset_omniauth_config(:github) }
it "fills the signup form" do
mock_github_auth
visit("/")
signup_form.open.click_social_button("github")
expect(signup_form).to be_open
expect(signup_form).to have_no_password_input
expect(signup_form).to have_valid_username
expect(signup_form).to have_valid_email
signup_form.click_create_account
expect(page).to have_css(".header-dropdown-toggle.current-user")
end
context "when the email is not verified" do
it "needs to verify email" do
mock_github_auth(verified: false)
visit("/")
signup_form.open.click_social_button("github")
expect(signup_form).to be_open
expect(signup_form).to have_no_password_input
expect(signup_form).to have_valid_username
expect(signup_form).to have_valid_email
signup_form.click_create_account
expect(page).to have_css(".account-created")
end
end
end
context "with Twitter" do
before { SiteSetting.enable_twitter_logins = true }
after { reset_omniauth_config(:twitter) }
it "fills the signup form" do
mock_twitter_auth
visit("/")
signup_form.open.click_social_button("twitter")
expect(signup_form).to be_open
expect(signup_form).to have_no_password_input
signup_form.fill_email(OmniauthHelpers::EMAIL)
expect(signup_form).to have_valid_username
expect(signup_form).to have_valid_email
signup_form.click_create_account
expect(page).to have_css(".account-created")
end
context "when the email is not verified" do
it "needs to verify email" do
mock_twitter_auth(verified: false)
visit("/")
signup_form.open.click_social_button("twitter")
expect(signup_form).to be_open
expect(signup_form).to have_no_password_input
signup_form.fill_email(OmniauthHelpers::EMAIL)
expect(signup_form).to have_valid_username
expect(signup_form).to have_valid_email
signup_form.click_create_account
expect(page).to have_css(".account-created")
end
end
end
context "with Discord" do
before { SiteSetting.enable_discord_logins = true }
after { reset_omniauth_config(:discord) }
it "fills the signup form" do
mock_discord_auth
visit("/")
signup_form.open.click_social_button("discord")
expect(signup_form).to be_open
expect(signup_form).to have_no_password_input
expect(signup_form).to have_valid_username
expect(signup_form).to have_valid_email
signup_form.click_create_account
expect(page).to have_css(".header-dropdown-toggle.current-user")
end
end
context "with Linkedin" do
before do
SiteSetting.linkedin_oidc_client_id = "12345"
SiteSetting.linkedin_oidc_client_secret = "abcde"
SiteSetting.enable_linkedin_oidc_logins = true
end
after { reset_omniauth_config(:linkedin_oidc) }
it "fills the signup form" do
mock_linkedin_auth
visit("/")
signup_form.open.click_social_button("linkedin_oidc")
expect(signup_form).to be_open
expect(signup_form).to have_no_password_input
expect(signup_form).to have_valid_username
expect(signup_form).to have_valid_email
signup_form.click_create_account
expect(page).to have_css(".header-dropdown-toggle.current-user")
end
end
# These tests use Google, but they should be the same for all providers
context "when opening the external auth from /login" do
before { SiteSetting.enable_google_oauth2_logins = true }
after { reset_omniauth_config(:google_oauth2) }
it "fills the signup form" do
mock_google_auth
visit("/")
signup_form.open.click_social_button("google_oauth2")
expect(signup_form).to be_open
expect(signup_form).to have_no_password_input
expect(signup_form).to have_valid_username
expect(signup_form).to have_valid_email
signup_form.click_create_account
expect(page).to have_css(".header-dropdown-toggle.current-user")
end
end
context "when overriding local fields" do
before do
SiteSetting.enable_google_oauth2_logins = true
SiteSetting.auth_overrides_name = true
SiteSetting.auth_overrides_username = true
end
after { reset_omniauth_config(:google_oauth2) }
it "fills the signup form and disables the inputs" do
mock_google_auth
visit("/")
signup_form.open.click_social_button("google_oauth2")
expect(signup_form).to be_open
expect(signup_form).to have_no_password_input
expect(signup_form).to have_valid_username
expect(signup_form).to have_valid_email
expect(signup_form).to have_disabled_username
expect(signup_form).to have_disabled_email
expect(signup_form).to have_disabled_name
signup_form.click_create_account
expect(page).to have_css(".header-dropdown-toggle.current-user")
end
end
context "when skipping the signup form" do
before do
SiteSetting.enable_google_oauth2_logins = true
SiteSetting.auth_skip_create_confirm = true
end
after { reset_omniauth_config(:google_oauth2) }
it "creates the account directly" do
mock_google_auth
visit("/")
signup_form.open.click_social_button("google_oauth2")
expect(page).to have_css(".header-dropdown-toggle.current-user")
end
end
end
context "when user exists" do
fab!(:user) do
Fabricate(
:user,
email: OmniauthHelpers::EMAIL,
username: OmniauthHelpers::USERNAME,
password: "supersecurepassword",
)
end
context "with Facebook" do
before { SiteSetting.enable_facebook_logins = true }
after { reset_omniauth_config(:facebook) }
it "logs in user" do
mock_facebook_auth
visit("/")
signup_form.open.click_social_button("facebook")
expect(page).to have_css(".header-dropdown-toggle.current-user")
end
end
context "with Google" do
before { SiteSetting.enable_google_oauth2_logins = true }
after { reset_omniauth_config(:google_oauth2) }
it "logs in user" do
mock_google_auth
visit("/")
signup_form.open.click_social_button("google_oauth2")
expect(page).to have_css(".header-dropdown-toggle.current-user")
end
end
context "with Github" do
before { SiteSetting.enable_github_logins = true }
after { reset_omniauth_config(:github) }
it "logs in user" do
mock_github_auth
visit("/")
signup_form.open.click_social_button("github")
expect(page).to have_css(".header-dropdown-toggle.current-user")
end
end
context "with Twitter" do
before { SiteSetting.enable_twitter_logins = true }
after { reset_omniauth_config(:twitter) }
it "logs in user" do
UserAssociatedAccount.create!(
provider_name: "twitter",
user_id: user.id,
provider_uid: OmniauthHelpers::UID,
)
mock_twitter_auth
visit("/")
signup_form.open.click_social_button("twitter")
expect(page).to have_css(".header-dropdown-toggle.current-user")
end
end
context "with Discord" do
before { SiteSetting.enable_discord_logins = true }
after { reset_omniauth_config(:discord) }
it "logs in user" do
mock_discord_auth
visit("/")
signup_form.open.click_social_button("discord")
expect(page).to have_css(".header-dropdown-toggle.current-user")
end
end
context "with Linkedin" do
before do
SiteSetting.linkedin_oidc_client_id = "12345"
SiteSetting.linkedin_oidc_client_secret = "abcde"
SiteSetting.enable_linkedin_oidc_logins = true
end
after { reset_omniauth_config(:linkedin_oidc) }
it "logs in user" do
mock_linkedin_auth
visit("/")
signup_form.open.click_social_button("linkedin_oidc")
expect(page).to have_css(".header-dropdown-toggle.current-user")
end
end
end
end
describe "Social authentication", type: :system do
context "when desktop" do
include_examples "social authentication scenarios",
PageObjects::Modals::Signup.new,
PageObjects::Modals::Login.new
end
context "when mobile", mobile: true do
include_examples "social authentication scenarios",
PageObjects::Modals::Signup.new,
PageObjects::Modals::Login.new
end
context "when fullpage desktop" do
before { SiteSetting.experimental_full_page_login = true }
include_examples "social authentication scenarios",
PageObjects::Pages::Signup.new,
PageObjects::Pages::Login.new
end
context "when fullpage mobile", mobile: true do
before { SiteSetting.experimental_full_page_login = true }
include_examples "social authentication scenarios",
PageObjects::Pages::Signup.new,
PageObjects::Pages::Login.new
end
end