BookStack Code Mirror - bookstack/blob - tests/Auth/SocialAuthTest.php

   1 <?php namespace Tests\Auth;
   2
   3 use BookStack\Auth\SocialAccount;
   4 use BookStack\Auth\User;
   5 use DB;
   6 use Laravel\Socialite\Contracts\Factory;
   7 use Laravel\Socialite\Contracts\Provider;
   8 use Mockery;
   9 use Tests\TestCase;
  10
  11 class SocialAuthTest extends TestCase
  12 {
  13
  14     public function test_social_registration()
  15     {
  16         $user = factory(User::class)->make();
  17
  18         $this->setSettings(['registration-enabled' => 'true']);
  19         config(['GOOGLE_APP_ID' => 'abc123', 'GOOGLE_APP_SECRET' => '123abc', 'APP_URL' => 'http://localhost']);
  20
  21         $mockSocialite = $this->mock(Factory::class);
  22         $mockSocialDriver = Mockery::mock(Provider::class);
  23         $mockSocialUser = Mockery::mock(\Laravel\Socialite\Contracts\User::class);
  24
  25         $mockSocialite->shouldReceive('driver')->twice()->with('google')->andReturn($mockSocialDriver);
  26         $mockSocialDriver->shouldReceive('redirect')->once()->andReturn(redirect('/'));
  27         $mockSocialDriver->shouldReceive('user')->once()->andReturn($mockSocialUser);
  28
  29         $mockSocialUser->shouldReceive('getId')->twice()->andReturn(1);
  30         $mockSocialUser->shouldReceive('getEmail')->twice()->andReturn($user->email);
  31         $mockSocialUser->shouldReceive('getName')->once()->andReturn($user->name);
  32         $mockSocialUser->shouldReceive('getAvatar')->once()->andReturn('avatar_placeholder');
  33
  34         $this->get('/register/service/google');
  35         $this->get('/login/service/google/callback');
  36         $this->assertDatabaseHas('users', ['name' => $user->name, 'email' => $user->email]);
  37         $user = $user->whereEmail($user->email)->first();
  38         $this->assertDatabaseHas('social_accounts', ['user_id' => $user->id]);
  39     }
  40
  41     public function test_social_login()
  42     {
  43         config([
  44             'GOOGLE_APP_ID' => 'abc123', 'GOOGLE_APP_SECRET' => '123abc',
  45             'GITHUB_APP_ID' => 'abc123', 'GITHUB_APP_SECRET' => '123abc',
  46             'APP_URL' => 'http://localhost'
  47         ]);
  48
  49         $mockSocialite = $this->mock(Factory::class);
  50         $mockSocialDriver = Mockery::mock(Provider::class);
  51         $mockSocialUser = Mockery::mock(\Laravel\Socialite\Contracts\User::class);
  52
  53         $mockSocialUser->shouldReceive('getId')->twice()->andReturn('logintest123');
  54
  55         $mockSocialDriver->shouldReceive('user')->twice()->andReturn($mockSocialUser);
  56         $mockSocialite->shouldReceive('driver')->twice()->with('google')->andReturn($mockSocialDriver);
  57         $mockSocialite->shouldReceive('driver')->twice()->with('github')->andReturn($mockSocialDriver);
  58         $mockSocialDriver->shouldReceive('redirect')->twice()->andReturn(redirect('/'));
  59
  60         // Test login routes
  61         $resp = $this->get('/login');
  62         $resp->assertElementExists('a#social-login-google[href$="/login/service/google"]');
  63         $resp = $this->followingRedirects()->get("/login/service/google");
  64         $resp->assertSee('login-form');
  65
  66         // Test social callback
  67         $resp = $this->followingRedirects()->get('/login/service/google/callback');
  68         $resp->assertSee('login-form');
  69         $resp->assertSee(trans('errors.social_account_not_used', ['socialAccount' => 'Google']));
  70
  71         $resp = $this->get('/login');
  72         $resp->assertElementExists('a#social-login-github[href$="/login/service/github"]');
  73         $resp = $this->followingRedirects()->get("/login/service/github");
  74         $resp->assertSee('login-form');
  75
  76
  77         // Test social callback with matching social account
  78         DB::table('social_accounts')->insert([
  79             'user_id' => $this->getAdmin()->id,
  80             'driver' => 'github',
  81             'driver_id' => 'logintest123'
  82         ]);
  83         $resp = $this->followingRedirects()->get('/login/service/github/callback');
  84         $resp->assertDontSee("login-form");
  85     }
  86
  87     public function test_social_account_detach()
  88     {
  89         $editor = $this->getEditor();
  90         config([
  91             'GITHUB_APP_ID' => 'abc123', 'GITHUB_APP_SECRET' => '123abc',
  92             'APP_URL' => 'http://localhost'
  93         ]);
  94
  95         $socialAccount = SocialAccount::query()->forceCreate([
  96             'user_id' => $editor->id,
  97             'driver' => 'github',
  98             'driver_id' => 'logintest123',
  99         ]);
 100
 101         $resp = $this->actingAs($editor)->get($editor->getEditUrl());
 102         $resp->assertElementContains('form[action$="/login/service/github/detach"]', 'Disconnect Account');
 103
 104         $resp = $this->post('/login/service/github/detach');
 105         $resp->assertRedirect($editor->getEditUrl());
 106         $resp = $this->followRedirects($resp);
 107         $resp->assertSee('Github account was successfully disconnected from your profile.');
 108
 109         $this->assertDatabaseMissing('social_accounts', ['id' => $socialAccount->id]);
 110     }
 111
 112     public function test_social_autoregister()
 113     {
 114         config([
 115             'services.google.client_id' => 'abc123', 'services.google.client_secret' => '123abc',
 116             'APP_URL' => 'http://localhost'
 117         ]);
 118
 119         $user = factory(User::class)->make();
 120         $mockSocialite = $this->mock(Factory::class);
 121         $mockSocialDriver = Mockery::mock(Provider::class);
 122         $mockSocialUser = Mockery::mock(\Laravel\Socialite\Contracts\User::class);
 123
 124         $mockSocialUser->shouldReceive('getId')->times(4)->andReturn(1);
 125         $mockSocialUser->shouldReceive('getEmail')->times(2)->andReturn($user->email);
 126         $mockSocialUser->shouldReceive('getName')->once()->andReturn($user->name);
 127         $mockSocialUser->shouldReceive('getAvatar')->once()->andReturn('avatar_placeholder');
 128
 129         $mockSocialDriver->shouldReceive('user')->times(2)->andReturn($mockSocialUser);
 130         $mockSocialite->shouldReceive('driver')->times(4)->with('google')->andReturn($mockSocialDriver);
 131         $mockSocialDriver->shouldReceive('redirect')->twice()->andReturn(redirect('/'));
 132
 133         $googleAccountNotUsedMessage = trans('errors.social_account_not_used', ['socialAccount' => 'Google']);
 134
 135         $this->get('/login/service/google');
 136         $resp = $this->followingRedirects()->get('/login/service/google/callback');
 137         $resp->assertSee($googleAccountNotUsedMessage);
 138
 139         config(['services.google.auto_register' => true]);
 140
 141         $this->get('/login/service/google');
 142         $resp = $this->followingRedirects()->get('/login/service/google/callback');
 143         $resp->assertDontSee($googleAccountNotUsedMessage);
 144
 145         $this->assertDatabaseHas('users', ['name' => $user->name, 'email' => $user->email, 'email_confirmed' => false]);
 146         $user = $user->whereEmail($user->email)->first();
 147         $this->assertDatabaseHas('social_accounts', ['user_id' => $user->id]);
 148     }
 149
 150     public function test_social_auto_email_confirm()
 151     {
 152         config([
 153             'services.google.client_id' => 'abc123', 'services.google.client_secret' => '123abc',
 154             'APP_URL' => 'http://localhost', 'services.google.auto_register' => true, 'services.google.auto_confirm' => true
 155         ]);
 156
 157         $user = factory(User::class)->make();
 158         $mockSocialite = $this->mock(Factory::class);
 159         $mockSocialDriver = Mockery::mock(Provider::class);
 160         $mockSocialUser = Mockery::mock(\Laravel\Socialite\Contracts\User::class);
 161
 162         $mockSocialUser->shouldReceive('getId')->times(3)->andReturn(1);
 163         $mockSocialUser->shouldReceive('getEmail')->times(2)->andReturn($user->email);
 164         $mockSocialUser->shouldReceive('getName')->once()->andReturn($user->name);
 165         $mockSocialUser->shouldReceive('getAvatar')->once()->andReturn('avatar_placeholder');
 166
 167         $mockSocialDriver->shouldReceive('user')->times(1)->andReturn($mockSocialUser);
 168         $mockSocialite->shouldReceive('driver')->times(2)->with('google')->andReturn($mockSocialDriver);
 169         $mockSocialDriver->shouldReceive('redirect')->once()->andReturn(redirect('/'));
 170
 171         $this->get('/login/service/google');
 172         $this->get('/login/service/google/callback');
 173
 174         $this->assertDatabaseHas('users', ['name' => $user->name, 'email' => $user->email, 'email_confirmed' => true]);
 175         $user = $user->whereEmail($user->email)->first();
 176         $this->assertDatabaseHas('social_accounts', ['user_id' => $user->id]);
 177     }
 178
 179     public function test_google_select_account_option_changes_redirect_url()
 180     {
 181         config()->set('services.google.select_account', 'true');
 182
 183         $resp = $this->get('/login/service/google');
 184         $this->assertStringContainsString('prompt=select_account', $resp->headers->get('Location'));
 185     }
 186
 187     public function test_social_registration_with_no_name_uses_email_as_name()
 188     {
 189         $user = factory(User::class)->make(['email' => '[email protected]']);
 190
 191         $this->setSettings(['registration-enabled' => 'true']);
 192         config(['GITHUB_APP_ID' => 'abc123', 'GITHUB_APP_SECRET' => '123abc', 'APP_URL' => 'http://localhost']);
 193
 194         $mockSocialite = $this->mock(Factory::class);
 195         $mockSocialDriver = Mockery::mock(Provider::class);
 196         $mockSocialUser = Mockery::mock(\Laravel\Socialite\Contracts\User::class);
 197
 198         $mockSocialite->shouldReceive('driver')->twice()->with('github')->andReturn($mockSocialDriver);
 199         $mockSocialDriver->shouldReceive('redirect')->once()->andReturn(redirect('/'));
 200         $mockSocialDriver->shouldReceive('user')->once()->andReturn($mockSocialUser);
 201
 202         $mockSocialUser->shouldReceive('getId')->twice()->andReturn(1);
 203         $mockSocialUser->shouldReceive('getEmail')->twice()->andReturn($user->email);
 204         $mockSocialUser->shouldReceive('getName')->once()->andReturn('');
 205         $mockSocialUser->shouldReceive('getAvatar')->once()->andReturn('avatar_placeholder');
 206
 207         $this->get('/register/service/github');
 208         $this->get('/login/service/github/callback');
 209         $this->assertDatabaseHas('users', ['name' => 'nonameuser', 'email' => $user->email]);
 210         $user = $user->whereEmail($user->email)->first();
 211         $this->assertDatabaseHas('social_accounts', ['user_id' => $user->id]);
 212     }
 213
 214 }