Commit 797b497b authored by Douwe Maan's avatar Douwe Maan

Merge branch 'bug/geo-oauth-routes' into 'master'

Geo: Make sure OAuth routes that we generate for Geo matches with the ones in Rails routes

This will prevent errors in OAuth authentication for Geo.

Fixes #650

See merge request !444
parents 8a72d3ae d7a3414a
...@@ -66,13 +66,11 @@ class GeoNode < ActiveRecord::Base ...@@ -66,13 +66,11 @@ class GeoNode < ActiveRecord::Base
end end
def oauth_callback_url def oauth_callback_url
URI.join(uri, "#{uri.path}/", 'oauth/geo/callback').to_s Gitlab::Routing.url_helpers.oauth_geo_callback_url(url_helper_args)
end end
def oauth_logout_url(state) def oauth_logout_url(state)
logout_uri = URI.join(uri, "#{uri.path}/", 'oauth/geo/logout') Gitlab::Routing.url_helpers.oauth_geo_logout_url(url_helper_args.merge(state: state))
logout_uri.query = "state=#{state}"
logout_uri.to_s
end end
def missing_oauth_application? def missing_oauth_application?
...@@ -81,6 +79,14 @@ class GeoNode < ActiveRecord::Base ...@@ -81,6 +79,14 @@ class GeoNode < ActiveRecord::Base
private private
def url_helper_args
if relative_url_root
relative_url = relative_url_root.starts_with?('/') ? relative_url_root : "/#{relative_url_root}"
end
{ protocol: schema, host: host, port: port, script_name: relative_url }
end
def refresh_bulk_notify_worker_status def refresh_bulk_notify_worker_status
if Gitlab::Geo.primary? if Gitlab::Geo.primary?
Gitlab::Geo.bulk_notify_job.try(:enable!) Gitlab::Geo.bulk_notify_job.try(:enable!)
......
...@@ -53,11 +53,13 @@ Rails.application.routes.draw do ...@@ -53,11 +53,13 @@ Rails.application.routes.draw do
authorizations: 'oauth/authorizations' authorizations: 'oauth/authorizations'
end end
namespace :oauth, path: 'geo', controller: 'geo_auth', as: 'oauth_geo' do namespace :oauth do
scope path: 'geo', controller: :geo_auth, as: :geo do
get 'auth' get 'auth'
get 'callback' get 'callback'
get 'logout' get 'logout'
end end
end
# Autocomplete # Autocomplete
get '/autocomplete/users' => 'autocomplete#users' get '/autocomplete/users' => 'autocomplete#users'
......
...@@ -3,7 +3,7 @@ require 'spec_helper' ...@@ -3,7 +3,7 @@ require 'spec_helper'
describe Gitlab::Geo::OauthSession do describe Gitlab::Geo::OauthSession do
subject { described_class.new } subject { described_class.new }
let(:oauth_app) { FactoryGirl.create(:doorkeeper_application) } let(:oauth_app) { FactoryGirl.create(:doorkeeper_application) }
let(:oauth_return_to) { 'http://localhost:3000/oath/geo/callback' } let(:oauth_return_to) { 'http://localhost:3000/oauth/geo/callback' }
let(:dummy_state) { 'salt:hmac:return_to' } let(:dummy_state) { 'salt:hmac:return_to' }
let(:valid_state) { described_class.new(return_to: oauth_return_to).generate_oauth_state } let(:valid_state) { described_class.new(return_to: oauth_return_to).generate_oauth_state }
let(:access_token) { FactoryGirl.create(:doorkeeper_access_token).token } let(:access_token) { FactoryGirl.create(:doorkeeper_access_token).token }
......
...@@ -8,6 +8,7 @@ describe GeoNode, type: :model do ...@@ -8,6 +8,7 @@ describe GeoNode, type: :model do
subject(:node) { FactoryGirl.create(:geo_node) } subject(:node) { FactoryGirl.create(:geo_node) }
let(:dummy_url) { 'https://localhost:3000/gitlab' } let(:dummy_url) { 'https://localhost:3000/gitlab' }
let(:url_helpers) { Gitlab::Application.routes.url_helpers }
context 'associations' do context 'associations' do
it { is_expected.to belong_to(:geo_node_key).dependent(:destroy) } it { is_expected.to belong_to(:geo_node_key).dependent(:destroy) }
...@@ -186,6 +187,25 @@ describe GeoNode, type: :model do ...@@ -186,6 +187,25 @@ describe GeoNode, type: :model do
it 'returns oauth callback url based on node uri' do it 'returns oauth callback url based on node uri' do
expect(new_node.oauth_callback_url).to eq(oauth_callback_url) expect(new_node.oauth_callback_url).to eq(oauth_callback_url)
end end
it 'returns url that matches rails url_helpers generated one' do
route = url_helpers.oauth_geo_callback_url(protocol: 'https:', host: 'localhost', port: 3000, script_name: '/gitlab')
expect(new_node.oauth_callback_url).to eq(route)
end
end
describe '#oauth_logout_url' do
let(:fake_state) { URI.encode('fakestate') }
let(:oauth_logout_url) { "https://localhost:3000/gitlab/oauth/geo/logout?state=#{fake_state}" }
it 'returns oauth logout url based on node uri' do
expect(new_node.oauth_logout_url(fake_state)).to eq(oauth_logout_url)
end
it 'returns url that matches rails url_helpers generated one' do
route = url_helpers.oauth_geo_logout_url(protocol: 'https:', host: 'localhost', port: 3000, script_name: '/gitlab', state: fake_state)
expect(new_node.oauth_logout_url(fake_state)).to eq(route)
end
end end
describe '#missing_oauth_application?' do describe '#missing_oauth_application?' do
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment