Group SAML settings link to metadata URL

Also adds url_helper for use with paths from Rack middleware

Group SAML settings link to metadata URL
Also adds url_helper for use with paths from Rack middleware
c10d067f · James Edwards-Jones · c97bcc38 · c10d067f · c10d067f · c10d067f
Commit c10d067f authored May 22, 2018 by James Edwards-Jones
6 changed files
--- a/ee/app/helpers/ee/gitlab_routing_helper.rb
+++ b/ee/app/helpers/ee/gitlab_routing_helper.rb
@@ -38,5 +38,21 @@ module EE
    def license_management_settings_path(project)
      project_settings_ci_cd_path(project, anchor: 'js-license-management')
    end
+
+    def self.url_helper(route_name)
+      define_method("#{route_name}_url") do |*args|
+        path = public_send(:"#{route_name}_path", *args) # rubocop:disable GitlabSecurity/PublicSend
+        options = Rails.application.routes.default_url_options.merge(path: path)
+        ActionDispatch::Http::URL.full_url_for(options)
+      end
+    end
+
+    url_helper :user_group_saml_omniauth_metadata
+    def user_group_saml_omniauth_metadata_path(group)
+      params = { group_path: group.path, token:  group.saml_discovery_token }
+      path = '/users/auth/group_saml/metadata'
+
+      ActionDispatch::Http::URL.path_for(path: path, params: params)
+    end
  end
 end
--- a/ee/app/views/groups/saml_providers/_info.html.haml
+++ b/ee/app/views/groups/saml_providers/_info.html.haml
@@ -21,6 +21,11 @@
  .well-segment.borderless
    = render 'info_row', field: :issuer, label_text: 'Identifier'
    .form-text.text-muted= _('Also called "Issuer" or "Relying party trust identifier"')
+  .well-segment.borderless
+    %label= _("GitLab metadata URL")
+    - metadata_url = user_group_saml_omniauth_metadata_url(@group)
+    %div= link_to metadata_url, metadata_url
+    .form-text.text-muted= _("Used to help configure your identity provider")
  - if @saml_provider.persisted?
    .well-segment.borderless
      %label= _("GitLab single sign on URL")

--- a/ee/spec/features/groups/saml_providers_spec.rb
+++ b/ee/spec/features/groups/saml_providers_spec.rb
@@ -40,6 +40,17 @@ describe 'SAML provider settings' do
      end
    end

+    it 'provides metadata XML' do
+      visit group_saml_providers_path(group)
+
+      StrategyHelpers.without_test_mode do
+        click_link('metadata')
+      end
+
+      expect(page.body).to include(callback_path)
+      expect(response_headers['Content-Type']).to have_content("application/xml")
+    end
+
    it 'allows creation of new provider' do
      visit group_saml_providers_path(group)


--- a/ee/spec/helpers/ee/gitlab_routing_helper_spec.rb
+++ b/ee/spec/helpers/ee/gitlab_routing_helper_spec.rb
@@ -84,4 +84,32 @@ describe EE::GitlabRoutingHelper do
      end
    end
  end
+
+  describe '#user_group_saml_omniauth_metadata_path' do
+    subject do
+      helper.user_group_saml_omniauth_metadata_path(group)
+    end
+
+    before do
+      group.update!(saml_discovery_token: 'sometoken')
+    end
+
+    it 'uses metadata path' do
+      expect(subject).to start_with('/users/auth/group_saml/metadata')
+    end
+
+    it 'appends group path and token' do
+      expect(subject).to end_with('?group_path=foo&token=sometoken')
+    end
+  end
+
+  describe '#user_group_saml_omniauth_metadata_url' do
+    subject do
+      helper.user_group_saml_omniauth_metadata_url(group)
+    end
+
+    it 'creates full metadata URL' do
+      expect(subject).to start_with 'http://localhost/users/auth/group_saml/metadata?group_path=foo&token='
+    end
+  end
 end
--- a/ee/spec/support/omniauth_strategy.rb
+++ b/ee/spec/support/omniauth_strategy.rb
@@ -13,23 +13,27 @@ module StrategyHelpers
  def auth_hash
    last_request.env['omniauth.auth']
  end
-end
-
-RSpec.configure do |config|
-  config.include StrategyHelpers, type: :strategy

-  config.around(:all, type: :strategy) do |example|
-    begin
+  def self.without_test_mode
    original_mode = OmniAuth.config.test_mode
    original_on_failure = OmniAuth.config.on_failure

    OmniAuth.config.test_mode = false
    OmniAuth.config.on_failure = OmniAuth::FailureEndpoint

-      example.run
+    yield
  ensure
    OmniAuth.config.test_mode = original_mode
    OmniAuth.config.on_failure = original_on_failure
  end
+end
+
+RSpec.configure do |config|
+  config.include StrategyHelpers, type: :strategy
+
+  config.around(:all, type: :strategy) do |example|
+    StrategyHelpers.without_test_mode do
+      example.run
+    end
  end
 end
--- a/locale/gitlab.pot
+++ b/locale/gitlab.pot
@@ -4108,6 +4108,9 @@ msgstr ""
 msgid "GitLab User"
 msgstr ""

+msgid "GitLab metadata URL"
+msgstr ""
+
 msgid "GitLab project export"
 msgstr ""

@@ -9115,6 +9118,9 @@ msgstr ""
 msgid "Used by members to sign in to your group in GitLab"
 msgstr ""

+msgid "Used to help configure your identity provider"
+msgstr ""
+
 msgid "User Cohorts are only shown when the %{usage_ping_link_start}usage ping%{usage_ping_link_end} is enabled."
 msgstr ""