diff --git a/engines/dfc_provider/app/services/dfc_provider/authorization_control.rb b/engines/dfc_provider/app/services/dfc_provider/authorization_control.rb index 071ac4dda9..dcdbd8ad5f 100644 --- a/engines/dfc_provider/app/services/dfc_provider/authorization_control.rb +++ b/engines/dfc_provider/app/services/dfc_provider/authorization_control.rb @@ -48,7 +48,9 @@ module DfcProvider end def find_ofn_user(payload) - Spree::User.find_by(email: payload["email"]) + return if payload["email"].blank? + + Spree::User.find_by(uid: payload["email"]) end end end diff --git a/engines/dfc_provider/spec/controllers/dfc_provider/catalog_items_controller_spec.rb b/engines/dfc_provider/spec/controllers/dfc_provider/catalog_items_controller_spec.rb index 89ed6c9177..40b2227907 100644 --- a/engines/dfc_provider/spec/controllers/dfc_provider/catalog_items_controller_spec.rb +++ b/engines/dfc_provider/spec/controllers/dfc_provider/catalog_items_controller_spec.rb @@ -7,7 +7,7 @@ describe DfcProvider::CatalogItemsController, type: :controller do render_views - let!(:user) { create(:user) } + let!(:user) { create(:oidc_user) } let!(:enterprise) { create(:distributor_enterprise, owner: user) } let!(:product) { create(:simple_product, supplier: enterprise ) } let!(:variant) { product.variants.first } diff --git a/engines/dfc_provider/spec/controllers/dfc_provider/supplied_products_controller_spec.rb b/engines/dfc_provider/spec/controllers/dfc_provider/supplied_products_controller_spec.rb index a0312a7cec..dd555262a2 100644 --- a/engines/dfc_provider/spec/controllers/dfc_provider/supplied_products_controller_spec.rb +++ b/engines/dfc_provider/spec/controllers/dfc_provider/supplied_products_controller_spec.rb @@ -7,7 +7,7 @@ describe DfcProvider::SuppliedProductsController, type: :controller do render_views - let!(:user) { create(:user) } + let!(:user) { create(:oidc_user) } let!(:enterprise) { create(:distributor_enterprise, owner: user) } let!(:product) { create(:simple_product, supplier: enterprise ) } let!(:variant) { product.variants.first } diff --git a/engines/dfc_provider/spec/services/authorization_control_spec.rb b/engines/dfc_provider/spec/services/authorization_control_spec.rb index a5880b0671..ea52c5806e 100644 --- a/engines/dfc_provider/spec/services/authorization_control_spec.rb +++ b/engines/dfc_provider/spec/services/authorization_control_spec.rb @@ -5,15 +5,31 @@ require DfcProvider::Engine.root.join("spec/spec_helper") describe DfcProvider::AuthorizationControl do include AuthorizationHelper - let(:user) { create(:user) } + let(:user) { create(:oidc_user) } describe "with OIDC token" do - it "finds a user" do + it "finds the right user" do + create(:oidc_user) # another user token = allow_token_for(email: user.email) expect(auth(token).user).to eq user end + it "ignores blank email" do + create(:user, uid: nil) + create(:user, uid: "") + token = allow_token_for(email: nil) + + expect(auth(token).user).to eq nil + end + + it "ignores non-existent user" do + user + token = allow_token_for(email: generate(:random_email)) + + expect(auth(token).user).to eq nil + end + it "ignores expired signatures" do token = allow_token_for(exp: Time.now.to_i, email: user.email) @@ -24,7 +40,8 @@ describe DfcProvider::AuthorizationControl do def auth(token) described_class.new( double(:request, - headers: { "Authorization" => "Bearer #{token}" }) + headers: { "Authorization" => "Bearer #{token}" }, + env: { 'warden' => nil }) ) end end diff --git a/spec/factories/user_factory.rb b/spec/factories/user_factory.rb index c31d148d4f..8a5d7b4c3d 100644 --- a/spec/factories/user_factory.rb +++ b/spec/factories/user_factory.rb @@ -46,5 +46,11 @@ FactoryBot.define do user.spree_roles << Spree::Role.find_or_create_by!(name: 'admin') end end + + factory :oidc_user do + after(:create) do |user| + user.update uid: user.email + end + end end end