BigW Consortium Gitlab

  1. 06 Jul, 2017 13 commits
    • Add Jasmine tests for `OAuthRememberMe` · 8d49a9fd
      Timothy Andrew authored
    • Fix build for !11963. · 7c2f5bb4
      Timothy Andrew authored
      - Don't use `request.env['omniauth.params']` if it isn't present.
      
      - Remove the `saml` section from the `gitlab.yml` test section. Some tests
        depend on this section not being initially present, so it can be overridden
        in the test. This MR doesn't add any tests for SAML, so we didn't really need
        this in the first place anyway.
      
      - Clean up the test -> omniauth section of `gitlab.yml`
    • Implement review comments for !11963 from @filipa. · f1caa0b3
      Timothy Andrew authored
      - Disable an ESLint check rather than work around it (by
        converting `OAuthRememberMe` from a regular class to a
        static class.
      
      - Scope `$` calls inside `OAuthRememberMe`
    • Implement review comments for !11963 from @adamniedzielski. · 8fa08ea3
      Timothy Andrew authored
      - Change double quotes to single quotes.
      - Why is `OmniAuth.config.full_host` being reassigned in the integration test?
      - Use `map` over `map!` to avoid `dup` in the `gitlab:info` rake task
      - Other minor changes
    • Don't allow the `gitlab:env:info` rake task to mutate the list of omniauth providers. · 56754848
      Timothy Andrew authored
      - The test for `rake gitlab:env:info` executed the rake task, which mutated the
        list of omniauth providers, breaking subsequent tests relying on this list.
      
      - I've changed the rake task to duplicate the providers list before modifying it.
    • Add CHANGELOG entry for CE MR 11963 · 1e9dfb73
      Timothy Andrew authored
    • Add Omniauth OAuth config to the test section of `gitlab.yml` · 15dba34c
      Timothy Andrew authored
      - I tried to get this to work by stubbing out portions of the config within the
        test. This didn't work as expected because Devise/Omniauth loaded before the
        stub could run, and the stubbed config was ignored.
      
      - I attempted to fix this by reloading Devise/Omniauth after stubbing the
        config. This successfully got Devise to load the stubbed providers, but failed
        while trying to access a route such as `user_gitlab_omniauth_authorize_path`.
      
      - I spent a while trying to figure this out (even trying
        `Rails.application.reload_routes!`), but nothing seemed to work.
      
      - I settled for adding this config directly to `gitlab.yml` rather than go down
        this path any further.
    • Add more providers to the OAuth login integration tests. · fd948558
      Timothy Andrew authored
      - Added saml, authentiq, cas3, and auth0
      - Crowd seems to be a special case that will be handled separately.
    • Add integration tests around OAuth login. · e936db96
      Timothy Andrew authored
      - There was previously a test for `saml` login in `login_spec`, but this didn't
        seem to be passing. A lot of things didn't seem right here, and I suspect that
        this test hasn't been running. I'll investigate this further.
      
      - It took almost a whole working day to figure out this line:
      
          OmniAuth.config.full_host = ->(request) { request['REQUEST_URI'].sub(request['REQUEST_PATH'], '') }
      
        As always, it's obvious in retrospect, but it took some digging to figure out
        tests were failing and returning 404s during the callback phase.
      
      - Test all OAuth providers - github, twitter, bitbucket, gitlab, google, and facebook
    • Implement "remember me" for OAuth-based login. · 633793cf
      Timothy Andrew authored
      - Pass a `remember_me` query parameter along with the initial OAuth request, and
        pick this parameter up during the omniauth callback from
        request.env['omniauth.params']`.
      
      - For 2FA-based login, copy the `remember_me` param from `omniauth.params` to
        `params`, which the 2FA process will pick up.
      
      - For non-2FA-based login, simply call the `remember_me` devise method to set
        the session cookie.
  2. 03 Jul, 2017 13 commits
  3. 02 Jul, 2017 4 commits
  4. 30 Jun, 2017 10 commits