nolint:bodyclose
(t *testing.T)
| 198 | |
| 199 | // nolint:bodyclose |
| 200 | func TestUserOAuth2Github(t *testing.T) { |
| 201 | t.Parallel() |
| 202 | |
| 203 | stateActive := "active" |
| 204 | statePending := "pending" |
| 205 | |
| 206 | t.Run("NotInAllowedOrganization", func(t *testing.T) { |
| 207 | t.Parallel() |
| 208 | client := coderdtest.New(t, &coderdtest.Options{ |
| 209 | GithubOAuth2Config: &coderd.GithubOAuth2Config{ |
| 210 | OAuth2Config: &testutil.OAuth2Config{}, |
| 211 | ListOrganizationMemberships: func(ctx context.Context, client *http.Client) ([]*github.Membership, error) { |
| 212 | return []*github.Membership{{ |
| 213 | State: &stateActive, |
| 214 | Organization: &github.Organization{ |
| 215 | Login: github.String("kyle"), |
| 216 | }, |
| 217 | }}, nil |
| 218 | }, |
| 219 | }, |
| 220 | }) |
| 221 | |
| 222 | resp := oauth2Callback(t, client) |
| 223 | require.Equal(t, http.StatusUnauthorized, resp.StatusCode) |
| 224 | }) |
| 225 | t.Run("NotInAllowedTeam", func(t *testing.T) { |
| 226 | t.Parallel() |
| 227 | client := coderdtest.New(t, &coderdtest.Options{ |
| 228 | GithubOAuth2Config: &coderd.GithubOAuth2Config{ |
| 229 | AllowOrganizations: []string{"coder"}, |
| 230 | AllowTeams: []coderd.GithubOAuth2Team{{"another", "something"}, {"coder", "frontend"}}, |
| 231 | OAuth2Config: &testutil.OAuth2Config{}, |
| 232 | ListOrganizationMemberships: func(ctx context.Context, client *http.Client) ([]*github.Membership, error) { |
| 233 | return []*github.Membership{{ |
| 234 | State: &stateActive, |
| 235 | Organization: &github.Organization{ |
| 236 | Login: github.String("coder"), |
| 237 | }, |
| 238 | }}, nil |
| 239 | }, |
| 240 | AuthenticatedUser: func(ctx context.Context, client *http.Client) (*github.User, error) { |
| 241 | return &github.User{ |
| 242 | ID: github.Int64(100), |
| 243 | Login: github.String("kyle"), |
| 244 | Name: github.String("Kylium Carbonate"), |
| 245 | }, nil |
| 246 | }, |
| 247 | TeamMembership: func(ctx context.Context, client *http.Client, org, team, username string) (*github.Membership, error) { |
| 248 | return nil, xerrors.New("no perms") |
| 249 | }, |
| 250 | }, |
| 251 | }) |
| 252 | |
| 253 | resp := oauth2Callback(t, client) |
| 254 | require.Equal(t, http.StatusUnauthorized, resp.StatusCode) |
| 255 | }) |
| 256 | t.Run("UnverifiedEmail", func(t *testing.T) { |
| 257 | t.Parallel() |
nothing calls this directly
no test coverage detected