Commit 349faff3 authored by Giorgenes Gelatti's avatar Giorgenes Gelatti

Refactor http helpers in specs

parent 6abf565a
......@@ -17,7 +17,7 @@ module API
end
def find_job_from_http_basic_auth
return unless headers
return unless request.headers
token = decode_token
......@@ -27,7 +27,7 @@ module API
end
def find_deploy_token_from_http_basic_auth
return unless headers
return unless request.headers
token = decode_token
......@@ -45,7 +45,7 @@ module API
private
def decode_token
encoded_credentials = headers['Authorization'].to_s.split('Basic ', 2).second
encoded_credentials = request.headers['Authorization'].to_s.split('Basic ', 2).second
Base64.decode64(encoded_credentials || '').split(':', 2).second
end
end
......
......@@ -3,83 +3,78 @@
require 'spec_helper'
RSpec.describe API::Helpers::PackagesManagerClientsHelpers do
include HttpBasicAuthHelpers
let_it_be(:personal_access_token) { create(:personal_access_token) }
let_it_be(:username) { personal_access_token.user.username }
let_it_be(:helper) { Class.new.include(described_class).new }
let(:password) { personal_access_token.token }
describe '#find_job_from_http_basic_auth' do
let_it_be(:user) { personal_access_token.user }
let(:env) do
{
'rack.input' => ''
}
end
let(:job) { create(:ci_build, user: user) }
let(:password) { job.token }
let(:headers) { { Authorization: basic_http_auth(username, password) } }
let(:request) { ActionDispatch::Request.new(env) }
subject { helper.find_job_from_http_basic_auth }
before do
allow(helper).to receive(:request).and_return(request)
end
before do
allow(helper).to receive(:headers).and_return(headers&.with_indifferent_access)
end
shared_examples 'invalid auth header' do
context 'with an invalid Authorization header' do
before do
env.merge!(build_auth_headers('Invalid'))
end
context 'with a valid Authorization header' do
it { is_expected.to eq job }
it { is_expected.to be nil }
end
end
context 'with an invalid Authorization header' do
where(:headers) do
[
[{ Authorization: 'Invalid' }],
[{}],
[nil]
]
shared_examples 'valid auth header' do
context 'with a valid Authorization header' do
before do
env.merge!(basic_auth_header(username, password))
end
with_them do
context 'with an unknown password' do
let(:password) { 'Unknown' }
it { is_expected.to be nil }
end
it { is_expected.to eq expected_result }
end
end
describe '#find_job_from_http_basic_auth' do
let_it_be(:user) { personal_access_token.user }
let(:job) { create(:ci_build, user: user) }
let(:password) { job.token }
context 'with an unknown Authorization header' do
let(:password) { 'Unknown' }
subject { helper.find_job_from_http_basic_auth }
it { is_expected.to be nil }
it_behaves_like 'valid auth header' do
let(:expected_result) { job }
end
it_behaves_like 'invalid auth header'
end
describe '#find_deploy_token_from_http_basic_auth' do
let_it_be(:deploy_token) { create(:deploy_token) }
let(:token) { deploy_token.token }
let(:headers) { { Authorization: basic_http_auth(deploy_token.username, token) } }
let(:username) { deploy_token.username }
let(:password) { token }
subject { helper.find_deploy_token_from_http_basic_auth }
before do
allow(helper).to receive(:headers).and_return(headers&.with_indifferent_access)
end
context 'with a valid Authorization header' do
it { is_expected.to eq deploy_token }
it_behaves_like 'valid auth header' do
let(:expected_result) { deploy_token }
end
context 'with an invalid Authorization header' do
where(:headers) do
[
[{ Authorization: 'Invalid' }],
[{}],
[nil]
]
end
with_them do
it { is_expected.to be nil }
end
end
context 'with an invalid token' do
let(:token) { 'Unknown' }
it { is_expected.to be nil }
end
it_behaves_like 'invalid auth header'
end
describe '#uploaded_package_file' do
......@@ -113,8 +108,4 @@ RSpec.describe API::Helpers::PackagesManagerClientsHelpers do
end
end
end
def basic_http_auth(username, password)
ActionController::HttpAuthentication::Basic.encode_credentials(username, password)
end
end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment