Adding upstream version 9.0.3.

Signed-off-by: Daniel Baumann <daniel@debian.org>
author: Daniel Baumann <daniel@debian.org> 2024-10-18 20:33:49 +0200
committer: Daniel Baumann <daniel@debian.org> 2024-12-12 23:57:56 +0100
commit: e68b9d00a6e05b3a941f63ffb696f91e554ac5ec (patch)
tree: 97775d6c13b0f416af55314eb6a89ef792474615 /tests/integration/remote_test.go
parent: Initial commit. (diff)
download: forgejo-e68b9d00a6e05b3a941f63ffb696f91e554ac5ec.tar.xz
forgejo-e68b9d00a6e05b3a941f63ffb696f91e554ac5ec.zip
1 files changed, 206 insertions, 0 deletions
diff --git a/tests/integration/remote_test.go b/tests/integration/remote_test.go
new file mode 100644
index 0000000..c59b4c7
--- /dev/null
+++ b/tests/integration/remote_test.go
@@ -0,0 +1,206 @@
+// Copyright Earl Warren <contact@earl-warren.org>
+// SPDX-License-Identifier: MIT
+
+package integration
+
+import (
+	"context"
+	"fmt"
+	"net/http"
+	"testing"
+
+	auth_model "code.gitea.io/gitea/models/auth"
+	"code.gitea.io/gitea/models/unittest"
+	user_model "code.gitea.io/gitea/models/user"
+	"code.gitea.io/gitea/modules/test"
+	remote_service "code.gitea.io/gitea/services/remote"
+	"code.gitea.io/gitea/tests"
+
+	"github.com/markbates/goth"
+	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
+)
+
+func TestRemote_MaybePromoteUserSuccess(t *testing.T) {
+	defer tests.PrepareTestEnv(t)()
+
+	//
+	// OAuth2 authentication source GitLab
+	//
+	gitlabName := "gitlab"
+	_ = addAuthSource(t, authSourcePayloadGitLabCustom(gitlabName))
+	//
+	// Remote authentication source matching the GitLab authentication source
+	//
+	remoteName := "remote"
+	remote := createRemoteAuthSource(t, remoteName, "http://mygitlab.eu", gitlabName)
+
+	//
+	// Create a user as if it had previously been created by the remote
+	// authentication source.
+	//
+	gitlabUserID := "5678"
+	gitlabEmail := "gitlabuser@example.com"
+	userBeforeSignIn := &user_model.User{
+		Name:        "gitlabuser",
+		Type:        user_model.UserTypeRemoteUser,
+		LoginType:   auth_model.Remote,
+		LoginSource: remote.ID,
+		LoginName:   gitlabUserID,
+	}
+	defer createUser(context.Background(), t, userBeforeSignIn)()
+
+	//
+	// A request for user information sent to Goth will return a
+	// goth.User exactly matching the user created above.
+	//
+	defer mockCompleteUserAuth(func(res http.ResponseWriter, req *http.Request) (goth.User, error) {
+		return goth.User{
+			Provider: gitlabName,
+			UserID:   gitlabUserID,
+			Email:    gitlabEmail,
+		}, nil
+	})()
+	req := NewRequest(t, "GET", fmt.Sprintf("/user/oauth2/%s/callback?code=XYZ&state=XYZ", gitlabName))
+	resp := MakeRequest(t, req, http.StatusSeeOther)
+	assert.Equal(t, "/", test.RedirectURL(resp))
+	userAfterSignIn := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: userBeforeSignIn.ID})
+
+	// both are about the same user
+	assert.Equal(t, userBeforeSignIn.ID, userAfterSignIn.ID)
+	// the login time was updated, proof the login succeeded
+	assert.Greater(t, userAfterSignIn.LastLoginUnix, userBeforeSignIn.LastLoginUnix)
+	// the login type was promoted from Remote to OAuth2
+	assert.Equal(t, auth_model.Remote, userBeforeSignIn.LoginType)
+	assert.Equal(t, auth_model.OAuth2, userAfterSignIn.LoginType)
+	// the OAuth2 email was used to set the missing user email
+	assert.Equal(t, "", userBeforeSignIn.Email)
+	assert.Equal(t, gitlabEmail, userAfterSignIn.Email)
+}
+
+func TestRemote_MaybePromoteUserFail(t *testing.T) {
+	defer tests.PrepareTestEnv(t)()
+
+	ctx := context.Background()
+	//
+	// OAuth2 authentication source GitLab
+	//
+	gitlabName := "gitlab"
+	gitlabSource := addAuthSource(t, authSourcePayloadGitLabCustom(gitlabName))
+	//
+	// Remote authentication source matching the GitLab authentication source
+	//
+	remoteName := "remote"
+	remoteSource := createRemoteAuthSource(t, remoteName, "http://mygitlab.eu", gitlabName)
+
+	{
+		promoted, reason, err := remote_service.MaybePromoteRemoteUser(ctx, &auth_model.Source{}, "", "")
+		require.NoError(t, err)
+		assert.False(t, promoted)
+		assert.Equal(t, remote_service.ReasonNotAuth2, reason)
+	}
+
+	{
+		remoteSource.Type = auth_model.OAuth2
+		promoted, reason, err := remote_service.MaybePromoteRemoteUser(ctx, remoteSource, "", "")
+		require.NoError(t, err)
+		assert.False(t, promoted)
+		assert.Equal(t, remote_service.ReasonBadAuth2, reason)
+		remoteSource.Type = auth_model.Remote
+	}
+
+	{
+		promoted, reason, err := remote_service.MaybePromoteRemoteUser(ctx, gitlabSource, "unknownloginname", "")
+		require.NoError(t, err)
+		assert.False(t, promoted)
+		assert.Equal(t, remote_service.ReasonLoginNameNotExists, reason)
+	}
+
+	{
+		remoteUserID := "844"
+		remoteUser := &user_model.User{
+			Name:        "withmailuser",
+			Type:        user_model.UserTypeRemoteUser,
+			LoginType:   auth_model.Remote,
+			LoginSource: remoteSource.ID,
+			LoginName:   remoteUserID,
+			Email:       "some@example.com",
+		}
+		defer createUser(context.Background(), t, remoteUser)()
+		promoted, reason, err := remote_service.MaybePromoteRemoteUser(ctx, gitlabSource, remoteUserID, "")
+		require.NoError(t, err)
+		assert.False(t, promoted)
+		assert.Equal(t, remote_service.ReasonEmailIsSet, reason)
+	}
+
+	{
+		remoteUserID := "7464"
+		nonexistentloginsource := int64(4344)
+		remoteUser := &user_model.User{
+			Name:        "badsourceuser",
+			Type:        user_model.UserTypeRemoteUser,
+			LoginType:   auth_model.Remote,
+			LoginSource: nonexistentloginsource,
+			LoginName:   remoteUserID,
+		}
+		defer createUser(context.Background(), t, remoteUser)()
+		promoted, reason, err := remote_service.MaybePromoteRemoteUser(ctx, gitlabSource, remoteUserID, "")
+		require.NoError(t, err)
+		assert.False(t, promoted)
+		assert.Equal(t, remote_service.ReasonNoSource, reason)
+	}
+
+	{
+		remoteUserID := "33335678"
+		remoteUser := &user_model.User{
+			Name:        "badremoteuser",
+			Type:        user_model.UserTypeRemoteUser,
+			LoginType:   auth_model.Remote,
+			LoginSource: gitlabSource.ID,
+			LoginName:   remoteUserID,
+		}
+		defer createUser(context.Background(), t, remoteUser)()
+		promoted, reason, err := remote_service.MaybePromoteRemoteUser(ctx, gitlabSource, remoteUserID, "")
+		require.NoError(t, err)
+		assert.False(t, promoted)
+		assert.Equal(t, remote_service.ReasonSourceWrongType, reason)
+	}
+
+	{
+		unrelatedName := "unrelated"
+		unrelatedSource := addAuthSource(t, authSourcePayloadGitHubCustom(unrelatedName))
+		assert.NotNil(t, unrelatedSource)
+
+		remoteUserID := "488484"
+		remoteEmail := "4848484@example.com"
+		remoteUser := &user_model.User{
+			Name:        "unrelateduser",
+			Type:        user_model.UserTypeRemoteUser,
+			LoginType:   auth_model.Remote,
+			LoginSource: remoteSource.ID,
+			LoginName:   remoteUserID,
+		}
+		defer createUser(context.Background(), t, remoteUser)()
+		promoted, reason, err := remote_service.MaybePromoteRemoteUser(ctx, unrelatedSource, remoteUserID, remoteEmail)
+		require.NoError(t, err)
+		assert.False(t, promoted)
+		assert.Equal(t, remote_service.ReasonNoMatch, reason)
+	}
+
+	{
+		remoteUserID := "5678"
+		remoteEmail := "gitlabuser@example.com"
+		remoteUser := &user_model.User{
+			Name:        "remoteuser",
+			Type:        user_model.UserTypeRemoteUser,
+			LoginType:   auth_model.Remote,
+			LoginSource: remoteSource.ID,
+			LoginName:   remoteUserID,
+		}
+		defer createUser(context.Background(), t, remoteUser)()
+		promoted, reason, err := remote_service.MaybePromoteRemoteUser(ctx, gitlabSource, remoteUserID, remoteEmail)
+		require.NoError(t, err)
+		assert.True(t, promoted)
+		assert.Equal(t, remote_service.ReasonPromoted, reason)
+	}
+}
author	Daniel Baumann <daniel@debian.org>	2024-10-18 20:33:49 +0200
committer	Daniel Baumann <daniel@debian.org>	2024-12-12 23:57:56 +0100
commit	e68b9d00a6e05b3a941f63ffb696f91e554ac5ec (patch)
tree	97775d6c13b0f416af55314eb6a89ef792474615 /tests/integration/remote_test.go
parent	Initial commit. (diff)
download	forgejo-e68b9d00a6e05b3a941f63ffb696f91e554ac5ec.tar.xz forgejo-e68b9d00a6e05b3a941f63ffb696f91e554ac5ec.zip