discourse-openid-connect/spec/lib/openid_connect_authenticato...

63 lines
1.6 KiB
Ruby

# frozen_string_literal: true
require 'rails_helper'
require_relative '../../lib/omniauth_open_id_connect'
describe OpenIDConnectAuthenticator do
let(:authenticator) { described_class.new }
let(:user) { Fabricate(:user) }
let(:hash) { OmniAuth::AuthHash.new(
provider: "oidc",
uid: "123456789",
info: {
name: "John Doe",
email: user.email
},
extra: {
raw_info: {
email: user.email,
name: "John Doe"
}
}
)}
context "when email_verified is not supplied" do
# Some IDPs do not supply this information
# In this case we trust that they have verified the address
it 'matches the user' do
result = authenticator.after_authenticate(hash)
expect(result.user).to eq(user)
end
end
context "when email_verified is true" do
it 'matches the user' do
hash[:extra][:raw_info][:email_verified] = true
result = authenticator.after_authenticate(hash)
expect(result.user).to eq(user)
end
it 'matches the user as a true string' do
hash[:extra][:raw_info][:email_verified] = 'true'
result = authenticator.after_authenticate(hash)
expect(result.user).to eq(user)
end
end
context "when email_verified is false" do
it 'does not match the user' do
hash[:extra][:raw_info][:email_verified] = false
result = authenticator.after_authenticate(hash)
expect(result.user).to eq(nil)
end
it 'does not match the user as a false string' do
hash[:extra][:raw_info][:email_verified] = 'false'
result = authenticator.after_authenticate(hash)
expect(result.user).to eq(nil)
end
end
end