5e263baed2
- name: :oidc → Identifier for this login provider in the app. - scope: [:openid, :email, :profile] → Tells the provider we want the user’s ID (openid), their email, and basic profile info (name, picture, etc.). - response_type: :code → Uses Authorization Code Flow, which is more secure because tokens are not exposed in the URL. - issuer: Rails.application.secrets.oidc_issuer → The base URL of the OIDC provider (e.g., Auth0). Used to find its config. - discovery: true → Automatically fetches the provider’s endpoints from its discovery document instead of manually setting them. - client_auth_method: :basic → Sends client ID and secret using HTTP Basic Auth when exchanging the code for tokens. Add system tests for OIDC Auth Edit the oauth docs to support OIDC auth
77 lines
2.0 KiB
Ruby
77 lines
2.0 KiB
Ruby
require "rails_helper"
|
|
|
|
describe Devise::OmniauthFormComponent do
|
|
describe "#oauth_logins" do
|
|
let(:component) { Devise::OmniauthFormComponent.new("sign_up") }
|
|
|
|
before do
|
|
Setting["feature.facebook_login"] = false
|
|
Setting["feature.twitter_login"] = false
|
|
Setting["feature.google_login"] = false
|
|
Setting["feature.wordpress_login"] = false
|
|
Setting["feature.saml_login"] = false
|
|
Setting["feature.oidc_login"] = false
|
|
end
|
|
|
|
it "is not rendered when all authentications are disabled" do
|
|
render_inline component
|
|
|
|
expect(page).not_to be_rendered
|
|
end
|
|
|
|
it "renders the twitter link when the feature is enabled" do
|
|
Setting["feature.twitter_login"] = true
|
|
|
|
render_inline component
|
|
|
|
expect(page).to have_button "Twitter"
|
|
expect(page).to have_button count: 1
|
|
end
|
|
|
|
it "renders the facebook link when the feature is enabled" do
|
|
Setting["feature.facebook_login"] = true
|
|
|
|
render_inline component
|
|
|
|
expect(page).to have_button "Facebook"
|
|
expect(page).to have_button count: 1
|
|
end
|
|
|
|
it "renders the google link when the feature is enabled" do
|
|
Setting["feature.google_login"] = true
|
|
|
|
render_inline component
|
|
|
|
expect(page).to have_button "Google"
|
|
expect(page).to have_button count: 1
|
|
end
|
|
|
|
it "renders the wordpress link when the feature is enabled" do
|
|
Setting["feature.wordpress_login"] = true
|
|
|
|
render_inline component
|
|
|
|
expect(page).to have_button "Wordpress"
|
|
expect(page).to have_button count: 1
|
|
end
|
|
|
|
it "renders the SAML link when the feature is enabled" do
|
|
Setting["feature.saml_login"] = true
|
|
|
|
render_inline component
|
|
|
|
expect(page).to have_button "SAML"
|
|
expect(page).to have_button count: 1
|
|
end
|
|
|
|
it "renders the OIDC link when the feature is enabled" do
|
|
Setting["feature.oidc_login"] = true
|
|
|
|
render_inline component
|
|
|
|
expect(page).to have_button "OIDC"
|
|
expect(page).to have_button count: 1
|
|
end
|
|
end
|
|
end
|