Files
.circleci
.dependabot
.github
app
bin
config
db
dist
lib
log
nanobox
public
spec
controllers
activitypub
admin
api
auth
concerns
oauth
authorizations_controller_spec.rb
authorized_applications_controller_spec.rb
tokens_controller_spec.rb
settings
well_known
about_controller_spec.rb
account_follow_controller_spec.rb
account_unfollow_controller_spec.rb
accounts_controller_spec.rb
application_controller_spec.rb
authorize_interactions_controller_spec.rb
emojis_controller_spec.rb
follower_accounts_controller_spec.rb
following_accounts_controller_spec.rb
home_controller_spec.rb
intents_controller_spec.rb
invites_controller_spec.rb
manifests_controller_spec.rb
media_controller_spec.rb
relationships_controller_spec.rb
remote_follow_controller_spec.rb
remote_interaction_controller_spec.rb
shares_controller_spec.rb
statuses_controller_spec.rb
tags_controller_spec.rb
fabricators
features
fixtures
helpers
lib
mailers
models
policies
presenters
requests
routing
serializers
services
support
validators
views
workers
rails_helper.rb
spec_helper.rb
streaming
vendor
.buildpacks
.codeclimate.yml
.dockerignore
.editorconfig
.env.nanobox
.env.production.sample
.env.test
.env.vagrant
.eslintignore
.eslintrc.js
.foreman
.gitattributes
.gitignore
.haml-lint.yml
.nanoignore
.nvmrc
.profile
.rspec
.rubocop.yml
.ruby-version
.sass-lint.yml
.slugignore
.yarnclean
AUTHORS.md
Aptfile
CHANGELOG.md
CODE_OF_CONDUCT.md
CONTRIBUTING.md
Capfile
Dockerfile
Gemfile
Gemfile.lock
LICENSE
Procfile
Procfile.dev
README.md
Rakefile
Vagrantfile
app.json
babel.config.js
boxfile.yml
config.ru
crowdin.yml
docker-compose.yml
package.json
postcss.config.js
priv-config
scalingo.json
yarn.lock
hometown/spec/controllers/oauth/authorizations_controller_spec.rb
Eugen Rochko 2288d50a7b Add force_login option to OAuth authorize page ()
* Add force_login option to OAuth authorize page

For when a user needs to sign into an app from multiple accounts
on the same server

* When logging out from modal header, redirect back after re-login
2018-09-09 04:10:44 +02:00

74 lines
2.1 KiB
Ruby

# frozen_string_literal: true
require 'rails_helper'
RSpec.describe Oauth::AuthorizationsController, type: :controller do
render_views
let(:app) { Doorkeeper::Application.create!(name: 'test', redirect_uri: 'http://localhost/', scopes: 'read') }
describe 'GET #new' do
subject do
get :new, params: { client_id: app.uid, response_type: 'code', redirect_uri: 'http://localhost/', scope: 'read' }
end
shared_examples 'stores location for user' do
it 'stores location for user' do
subject
expect(controller.stored_location_for(:user)).to eq "/oauth/authorize?client_id=#{app.uid}&redirect_uri=http%3A%2F%2Flocalhost%2F&response_type=code&scope=read"
end
end
context 'when signed in' do
let!(:user) { Fabricate(:user) }
before do
sign_in user, scope: :user
end
it 'returns http success' do
subject
expect(response).to have_http_status(200)
end
it 'gives options to authorize and deny' do
subject
expect(response.body).to match(/Authorize/)
end
include_examples 'stores location for user'
context 'when app is already authorized' do
before do
Doorkeeper::AccessToken.find_or_create_for(
app,
user.id,
app.scopes,
Doorkeeper.configuration.access_token_expires_in,
Doorkeeper.configuration.refresh_token_enabled?
)
end
it 'redirects to callback' do
subject
expect(response).to redirect_to(/\A#{app.redirect_uri}/)
end
it 'does not redirect to callback with force_login=true' do
get :new, params: { client_id: app.uid, response_type: 'code', redirect_uri: 'http://localhost/', scope: 'read', force_login: 'true' }
expect(response.body).to match(/Authorize/)
end
end
end
context 'when not signed in' do
it 'redirects' do
subject
expect(response).to redirect_to '/auth/sign_in'
end
include_examples 'stores location for user'
end
end
end