mirror of
https://github.com/team-alembic/ash_authentication.git
synced 2024-09-19 12:52:55 +12:00
fix: sign in preparation without identity resource (#198)
This commit is contained in:
parent
73fd65c99c
commit
65e848c5e0
3 changed files with 49 additions and 1 deletions
|
@ -55,7 +55,7 @@ defmodule AshAuthentication.Strategy.OAuth2.SignInPreparation do
|
|||
end
|
||||
|
||||
defp maybe_update_identity(user, _query, strategy) when is_falsy(strategy.identity_resource),
|
||||
do: user
|
||||
do: {:ok, user}
|
||||
|
||||
defp maybe_update_identity(user, query, strategy) do
|
||||
strategy.identity_resource
|
||||
|
|
|
@ -42,6 +42,33 @@ defmodule AshAuthentication.Strategy.OAuth2.ActionsTest do
|
|||
assert claims["sub"] =~ "user?id=#{user.id}"
|
||||
end
|
||||
|
||||
test "it signs in an existing user when registration and identity are disabled" do
|
||||
{:ok, strategy} = Info.strategy(Example.User, :oauth2_without_identity)
|
||||
user = build_user()
|
||||
|
||||
assert {:ok, signed_in_user} =
|
||||
Actions.sign_in(
|
||||
strategy,
|
||||
%{
|
||||
"user_info" => %{
|
||||
"nickname" => user.username,
|
||||
"uid" => user.id,
|
||||
"sub" => "user:#{user.id}"
|
||||
},
|
||||
"oauth_tokens" => %{
|
||||
"access_token" => Ecto.UUID.generate(),
|
||||
"expires_in" => 86_400,
|
||||
"refresh_token" => Ecto.UUID.generate()
|
||||
}
|
||||
},
|
||||
[]
|
||||
)
|
||||
|
||||
assert signed_in_user.id == user.id
|
||||
assert {:ok, claims} = Jwt.peek(signed_in_user.__metadata__.token)
|
||||
assert claims["sub"] =~ "user?id=#{user.id}"
|
||||
end
|
||||
|
||||
test "it denies sign in for non-existing users when registration is disabled" do
|
||||
{:ok, strategy} = Info.strategy(Example.User, :oauth2)
|
||||
strategy = %{strategy | registration_enabled?: false}
|
||||
|
|
|
@ -79,6 +79,14 @@ defmodule Example.User do
|
|||
filter expr(username == get_path(^arg(:user_info), [:nickname]))
|
||||
end
|
||||
|
||||
read :sign_in_with_oauth2_without_identity do
|
||||
argument :user_info, :map, allow_nil?: false
|
||||
argument :oauth_tokens, :map, allow_nil?: false
|
||||
prepare AshAuthentication.Strategy.OAuth2.SignInPreparation
|
||||
|
||||
filter expr(username == get_path(^arg(:user_info), [:nickname]))
|
||||
end
|
||||
|
||||
create :register_with_github do
|
||||
argument :user_info, :map, allow_nil?: false
|
||||
argument :oauth_tokens, :map, allow_nil?: false
|
||||
|
@ -179,6 +187,19 @@ defmodule Example.User do
|
|||
identity_resource Example.UserIdentity
|
||||
end
|
||||
|
||||
oauth2 :oauth2_without_identity do
|
||||
client_id &get_config/2
|
||||
redirect_uri &get_config/2
|
||||
client_secret &get_config/2
|
||||
site &get_config/2
|
||||
authorize_url &get_config/2
|
||||
token_url &get_config/2
|
||||
user_url &get_config/2
|
||||
authorization_params scope: "openid profile email"
|
||||
auth_method :client_secret_post
|
||||
registration_enabled? false
|
||||
end
|
||||
|
||||
auth0 do
|
||||
client_id &get_config/2
|
||||
redirect_uri &get_config/2
|
||||
|
|
Loading…
Reference in a new issue