-<?php namespace Tests;
+<?php namespace Tests\Auth;
use BookStack\Auth\Role;
use BookStack\Auth\User;
+use Tests\TestCase;
class Saml2Test extends TestCase
{
$this->assertDatabaseHas('users', [
'external_auth_id' => 'user',
- 'email_confirmed' => true,
+ 'email_confirmed' => false,
'name' => 'Barry Scott'
]);
$acsPost = $this->post('/saml2/acs');
$acsPost->assertRedirect('/');
$errorMessage = session()->get('error');
- $this->assertEquals('
Registration unsuccessful since a user already exists with email address "[email protected]"', $errorMessage);
+ $this->assertEquals('
A user with the email [email protected] already exists but with different credentials.', $errorMessage);
});
}
$this->assertPermissionError($resp);
}
+ public function test_email_domain_restriction_active_on_new_saml_login()
+ {
+ $this->setSettings([
+ 'registration-restrict' => 'testing.com'
+ ]);
+ config()->set([
+ 'saml2.onelogin.strict' => false,
+ ]);
+
+ $this->withPost(['SAMLResponse' => $this->acsPostData], function () {
+ $acsPost = $this->post('/saml2/acs');
+ $acsPost->assertRedirect('/login');
+ $errorMessage = session()->get('error');
+ $this->assertStringContainsString('That email domain does not have access to this application', $errorMessage);
+ });
+ }
+
protected function withGet(array $options, callable $callback)
{
return $this->withGlobal($_GET, $options, $callback);
projects / bookstack / blobdiff