From 16ffe69d2994c05c6500e6fd575ffc2432c47526 Mon Sep 17 00:00:00 2001 From: Jason Frey Date: Wed, 23 Oct 2024 17:57:51 -0400 Subject: [PATCH] Add external auth spec Follow up to #9295. If we revert that PR's changes, and run these tests they fail when it tries to Marshal.dump the params internal IO object. Note that the actual failure in test is slightly different from prod. In test we get `TypeError: no _dump_data is defined for class StringIO` because the TestRequest has a StringIO internally. In prod we get `can't dump IO` because the real request has a real IO object internally. Even so, this test still demonstrates the Marshal issue, while also providing an end-to-end test for external auth login. --- spec/controllers/dashboard_controller_spec.rb | 40 +++++++++++++++++++ 1 file changed, 40 insertions(+) diff --git a/spec/controllers/dashboard_controller_spec.rb b/spec/controllers/dashboard_controller_spec.rb index a891712ffee..c9371a5a7eb 100644 --- a/spec/controllers/dashboard_controller_spec.rb +++ b/spec/controllers/dashboard_controller_spec.rb @@ -90,6 +90,46 @@ end end + context "external auth support" do + before { EvmSpecHelper.create_guid_miq_server_zone } + + let(:user) { FactoryBot.create(:user, :role => "random") } + let(:user_name) { user.userid } + let(:user_domain) { "ipa.example.org" } + let(:user_email) { "#{user_name}@#{user_domain}" } + let(:user_group) { user.miq_groups.first.description } + + it "initiates a task when logging in" do + stub_settings_merge(:authentication => {:mode => 'httpd', :httpd_role => true}) + request.headers.merge!( + "HTTP_X_REMOTE_USER" => user_name, + "HTTP_X_REMOTE_USER_EMAIL" => user_email, + "HTTP_X_REMOTE_USER_DOMAIN" => user_domain, + "HTTP_X_REMOTE_USER_GROUPS" => user_group + ) + skip_data_checks + post :external_authenticate, :params => {:user_name => user_name, :user_password => 'dummy'} + expect_failed_login # Not really failed, but waiting to complete + + # In Rails test environment, we use memory session storage, but in production + # we use memcached. memcached Marshal.dump's the session, so we do that here + # manually to ensure it doesn't blow up. + Marshal.load(Marshal.dump(session)) + + task = MiqTask.first + expect(task).to have_attributes( + :name => "External httpd User Authorization of '#{user_name}'", + :message => "User authorized successfully", + :state => "Finished", + :status => "Ok", + :userid => user_email + ) + + post :wait_for_task, :params => {:task_id => task.id} + expect_successful_login(user) + end + end + context "SAML and OIDC support" do before { EvmSpecHelper.create_guid_miq_server_zone }