Testcases for the Ominiauth controller openid connect

CHANGELOG.md

@@ -4,6 +4,8 @@
 
 ### Added
 
+ - Test cases for CILogon(openid_connection) changes in Omniauth controller - [#869](https://github.com/portagenetwork/roadmap/pull/869/)
+
  - Implemented openid_connection SSO with CILogon [#872](https://github.com/portagenetwork/roadmap/pull/872)
 
  - Create GET "/api/ca_dashboard/stats" endpoint to fetch Plan, User, and Org-related statistics [#852](https://github.com/portagenetwork/roadmap/pull/852)

app/controllers/users/omniauth_callbacks_controller.rb

@@ -49,8 +49,15 @@ def openid_connect
                                                       attrs: auth,
                                                       identifiable: current_user)
 
-        flash[:notice] = _('Linked succesfully')
+        flash[:notice] = _('Linked successfully')
+
         redirect_to root_path
+      elsif user.id != current_user.id
+        # If a user was found but does NOT match the current user then the identifier has
+        # already been attached to another account (likely the user has 2 accounts)
+        flash[:alert] = format(_('The current %{description} iD has been already linked to a user with email %{email}'),
+                               description: identifier_scheme.description, email: user.email)
+        redirect_to edit_user_registration_path
       end
     end
     # rubocop:enable Metrics/AbcSize, Metrics/MethodLength

app/views/translation_io_exports/_cilogon.html.erb

@@ -0,0 +1 @@
+<%= _('CILogon') %>

spec/controllers/omniauth_callbacks_controller_spec.rb

@@ -1,62 +1,142 @@
 # frozen_string_literal: true
 
 require 'rails_helper'
-require 'byebug'
-
-# RSpec.describe Users::OmniauthCallbacksController, type: :controller do
-#   describe '#openid_connect' do
-#     let(:auth) do
-#       OmniAuth::AuthHash.new(
-#         provider: 'openid_connect',
-#         uid: '123545',
-#         info: {
-#           email: 'test@example.com'
-#         }
-#       )
-#     end
-
-#     before do
-#       OmniAuth.config.test_mode = true
-#       OmniAuth.config.mock_auth[:openid_connect] = auth
-#       request.env['omniauth.auth'] = OmniAuth.config.mock_auth[:openid_connect]
-#       request.env['devise.mapping'] = Devise.mappings[:user] # If using Devise
-#     end
-
-#     let(:user) { create(:user) } # Defining the user
-
-#     context 'when the email is missing and user does not exist' do
-#       before do
-#         allow(User).to receive(:from_omniauth).and_return(nil)
-#         allow(auth.info).to receive(:email).and_return(nil)
-#         get :openid_connect
-#       end
-
-#       it 'redirects to the registration page with a flash message' do
-#         expect(flash[:notice]).to eq('Something went wrong, Please try signing-up here.')
-#         expect(response).to redirect_to(new_user_registration_path)
-#       end
-#     end
-
-#     context 'with correct credentials' do
-#       before do
-#         create(:org, managed: false, is_other: true)
-#         @org = create(:org, managed: true)
-#         @identifier_scheme = create(:identifier_scheme,
-#                                     name: 'openid_connect',
-#                                     description: 'CILogon',
-#                                     active: true,
-#                                     identifier_prefix: 'https://www.cilogon.org/')
-
-#         Rails.application.env_config['devise.mapping'] = Devise.mappings[:user]
-#         Rails.application.env_config['omniauth.auth'] = OmniAuth.config.mock_auth[:openid_connect]
-#         allow(User).to receive(:from_omniauth).and_return(user)
-#         # get :openid_connect
-#       end
-
-#       it 'links account from external credentials' do
-#         expect(flash[:notice]).to eq('Linked successfully')
-#         expect(response).to redirect_to(root_path)
-#       end
-#     end
-#   end
-# end
+
+RSpec.describe Users::OmniauthCallbacksController, type: :controller do
+  before do
+    # Setup Devise mapping
+    @request.env['devise.mapping'] = Devise.mappings[:user]
+    create(:org, managed: false, is_other: true)
+    @org = create(:org, managed: true)
+    @identifier_scheme = create(:identifier_scheme,
+                                name: 'openid_connect',
+                                description: 'CILogon',
+                                active: true,
+                                identifier_prefix: 'https://www.cilogon.org/')
+
+    # Mock OmniAuth data for OpenID Connect with necessary info
+    OmniAuth.config.mock_auth[:openid_connect] = OmniAuth::AuthHash.new({
+                                                                          provider: 'openid_connect',
+                                                                          uid: '12345',
+                                                                          info: {
+                                                                            email: 'user@organization.ca',
+                                                                            first_name: 'Test',
+                                                                            last_name: 'User',
+                                                                            name: 'Test User'
+                                                                          }
+                                                                        })
+
+    # Assign the mocked authentication hash to the request environment
+    @request.env['omniauth.auth'] = OmniAuth.config.mock_auth[:openid_connect]
+  end
+
+  after do
+    # Reset the `from_omniauth` method after each test
+    User.define_singleton_method(:from_omniauth) do |auth|
+      User.find_by(email: auth.info.email)
+    end
+  end
+
+  describe 'POST #openid_connect' do
+    let(:auth) { request.env['omniauth.auth'] }
+    let!(:identifier_scheme) { IdentifierScheme.create(name: auth.provider) }
+
+    context 'when the email is missing and the user does not exist' do
+      before do
+        # Simulate missing email
+        OmniAuth.config.mock_auth[:openid_connect].info.email = nil
+        @request.env['omniauth.auth'] = OmniAuth.config.mock_auth[:openid_connect]
+      end
+
+      it 'redirects to the registration page with a flash message' do
+        post :openid_connect
+
+        expect(response).to redirect_to(new_user_registration_path)
+        expect(flash[:notice]).to eq('Something went wrong, Please try signing-up here.')
+      end
+    end
+
+    context 'when the user is not signed in but already exists' do
+      # let!(:user) { User.create(email: auth.info.email, password: 'password123') }
+      let!(:user) { User.create(email: 'user@organization.ca', firstname: 'Test', surname: 'User', org: @org) }
+
+      before do
+        def User.from_omniauth(_auth)
+          User.find_by(email: 'user@organization.ca')
+        end
+      end
+
+      it 'signs in the existing user' do
+        post :openid_connect
+        # expect(subject.current_user).to eq(user)
+        expect(response).to redirect_to(root_path)
+        expect(flash[:notice]).to be_nil
+      end
+    end
+
+    context 'when the user is signed in and needs to link their OpenID Connect account' do
+      let!(:user) { User.create(email: 'user@organization.ca', firstname: 'Test', surname: 'User', org: @org) }
+      let(:current_user) { create(:user) }
+
+      before do
+        sign_in current_user
+
+        # Ensure from_omniauth returns nil, indicating no user is associated with the auth
+        # User.define_singleton_method(:from_omniauth) do |_auth|
+        #   nil
+        # end
+      end
+
+      it 'links identifier to current user, sets flash notice, and redirects to root path' do
+        expect do
+          post :openid_connect
+          current_user.reload # Ensure we have the latest state of the user
+        end.to change(current_user.identifiers, :count).by(1)
+
+        expect(flash[:notice]).to eq('Linked successfully')
+        expect(response).to redirect_to(root_path)
+      end
+    end
+
+    context 'when the user found via omniauth is different from the current_user' do
+      let(:current_user) { create(:user) }
+      # Ensure different_user is created before test runs
+      let!(:different_user) do
+        create(:user, email: 'different_user@example.com')
+      end
+      before do
+        sign_in current_user
+
+        # Mocking the from_omniauth method to return a different user
+        # We use `let!` to ensure `different_user` is accessible here
+        User.define_singleton_method(:from_omniauth) do |_auth|
+          User.find_by(email: 'different_user@example.com')
+        end
+      end
+
+      it 'sets flash alert and redirects to edit user registration path' do
+        post :openid_connect
+
+        expect(flash[:alert]).to eq(
+          "The current #{@identifier_scheme.description} iD has been already linked " \
+          "to a user with email #{different_user.email}"
+        )
+        expect(response).to redirect_to(edit_user_registration_path)
+      end
+    end
+
+    context 'when an unknown error occurs' do
+      before do
+        def User.from_omniauth(_auth)
+          raise StandardError, 'Unexpected error'
+        end
+      end
+
+      it 'handles the error and raises an exception' do
+        expect do
+          post :openid_connect
+        end.to raise_error(StandardError, 'Unexpected error')
+      end
+    end
+  end
+end