FIX: Importing user avatar when new user login by SSO

2025-09-06 10:50:21 +08:00 · 2016-08-29 09:28:19 +08:00 · 2016-08-29 09:28:19 +08:00 · 0217973374
commit 0217973374
parent 22b8c0d44e
3 changed files with 73 additions and 1 deletions
--- a/spec/controllers/session_controller_spec.rb
+++ b/spec/controllers/session_controller_spec.rb
@ -376,6 +376,63 @@ describe SessionController do
    end
  end

+  describe '.sso_provider' do
+    before do
+      SiteSetting.enable_sso_provider = true
+      SiteSetting.enable_sso = false
+      SiteSetting.enable_local_logins = true
+      SiteSetting.sso_secret = "topsecret"
+
+      @sso = SingleSignOn.new
+      @sso.nonce = "mynonce"
+      @sso.sso_secret = SiteSetting.sso_secret
+      @sso.return_sso_url = "http://somewhere.over.rainbow/sso"
+
+      @user = Fabricate(:user, password: "frogs", active: true, admin: true)
+      EmailToken.update_all(confirmed: true)
+    end
+
+    it "successfully logs in and redirects user to return_sso_url when the user is not logged in" do
+      get :sso_provider, Rack::Utils.parse_query(@sso.payload)
+      expect(response).to redirect_to("/login")
+
+      xhr :post, :create, login: @user.username, password: "frogs", format: :json
+
+      location = cookies[:sso_destination_url]
+      # javascript code will handle redirection of user to return_sso_url
+      expect(location).to match(/^http:\/\/somewhere.over.rainbow\/sso/)
+
+      payload = location.split("?")[1]
+      sso2 = SingleSignOn.parse(payload, "topsecret")
+
+      expect(sso2.email).to eq(@user.email)
+      expect(sso2.name).to eq(@user.name)
+      expect(sso2.username).to eq(@user.username)
+      expect(sso2.external_id).to eq(@user.id.to_s)
+      expect(sso2.admin).to eq(true)
+      expect(sso2.moderator).to eq(false)
+    end
+
+    it "successfully redirects user to return_sso_url when the user is logged in" do
+      log_in_user(@user)
+
+      get :sso_provider, Rack::Utils.parse_query(@sso.payload)
+
+      location = response.header["Location"]
+      expect(location).to match(/^http:\/\/somewhere.over.rainbow\/sso/)
+
+      payload = location.split("?")[1]
+      sso2 = SingleSignOn.parse(payload, "topsecret")
+
+      expect(sso2.email).to eq(@user.email)
+      expect(sso2.name).to eq(@user.name)
+      expect(sso2.username).to eq(@user.username)
+      expect(sso2.external_id).to eq(@user.id.to_s)
+      expect(sso2.admin).to eq(true)
+      expect(sso2.moderator).to eq(false)
+    end
+  end
+
  describe '.create' do

    let(:user) { Fabricate(:user) }