zydronium/internetee-registry
1
0
Fork 0
mirror of https://github.com/internetee/registry.git synced 2025-06-05 04:07:33 +02:00
Code Issues Projects Releases Packages Wiki Activity

Fix CookieOverflow error using current Tara test keys

Browse source
This commit is contained in:
Alex Sherman 2021-03-11 17:16:16 +05:00
parent 0cb45f6e60
commit cb4ff1876d
3 changed files with 20 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

2
app/controllers/sso/tara_controller.rb
View file

@ -14,7 +14,7 @@ module Sso
# rubocop:disable Style/AndOr
def callback(user, registrar: true)
session[:omniauth_hash] = user_hash
session[:omniauth_hash] = user_hash.delete_if { |key, _| key == 'credentials' }
(show_error(registrar: registrar) and return) unless user
flash[:notice] = t(:signed_in_successfully)

2
config/application.yml.sample
View file

@ -170,7 +170,7 @@ tara_issuer: 'https://tara-test.ria.ee'
tara_identifier: 'identifier'
tara_secret: 'secret'
tara_redirect_uri: 'redirect_url'
tara_keys: "{\"kty\":\"RSA\",\"kid\":\"de6cc4\",\"n\":\"jWwAjT_03ypme9ZWeSe7c-jY26NO50Wo5I1LBnPW2JLc0dPMj8v7y4ehiRpClYNTaSWcLd4DJmlKXDXXudEUWwXa7TtjBFJfzlZ-1u0tDvJ-H9zv9MzO7UhUFytztUEMTrtStdhGbzkzdEZZCgFYeo2i33eXxzIR1nGvI05d9Y-e_LHnNE2ZKTa89BC7ZiCXq5nfAaCgQna_knh4kFAX-KgiPRAtsiDHcAWKcBY3qUVcb-5XAX8p668MlGLukzsh5tFkQCbJVyNtmlbIHdbGvVHPb8C0H3oLYciv1Fjy_tS1lO7OT_cb3GVp6Ql-CG0uED_8pkpVtfsGRviub4_ElQ\",\"e\":\"AQAB\"}"
tara_keys: "{\"kty\":\"RSA\",\"kid\":\"public:xWbbVoYq9EwMqphp\",\"n\":\"2vlgaxaUJYUWjkNM_b-ruADW3gyGnkPvxDyEXWeLyP668vn5aTrSdZ42psr6Vpu6V1MEjMr27bnE7swqndfmspqJHKlp47fO9orWWNGmrHFtClxU36wqFiIg9V39hbHdoXqZVdLywwjx6KLgsuYff95KvwfDqUK9IxxADm91ckD9m9aoQaPTrn8KsB9uhkyEchejNHRg7EGZDvWHF-aiQHCMnieSowiapPd7kTYGemPMheVyY_Zwvyya8DkvjnVa8HlrmbzjMjGdSRq5dVL0lCxb4-OlZ-QZuORUBqZ5xEAhWg2Jl6oG0slj3z8l_fd7l2oj7THNoepYWTnzUDxsN1hvRLzFnJh8MNUklYHWf8CFrwmPdqGDs0jeLP2v7X8LJeQ-Ly3GHsUBai1aVORZXCHq1Tzt2XyQhvPVt_3WoaVKJBi4hjz0CLKlSE0eUv9TWL58CU76tU98dxOwSb6hhqEu3xn6mLApyyEZzeUdYdJutDFQuTYz2pb1yqMFqlp2LHa49p7Q5TvBp4pKOxwjrqnlKTsasL8BU2vA9xHuEEYttVzAPWjH_5-BfoJ8GKQTLaXc6LOmWIZcMDVM8QEOkLXQdUtlaPVz-2wl9Q_FwhoBzXSZujEYQVcSZznxIdNyV4nvn2mo56isITX18PTcdyZ4V-wWlS5PuUNVVRQHWE0\",\"e\":\"AQAB\"}"
tara_rant_identifier: 'identifier'
tara_rant_secret: 'secret'

18
test/system/registrar_area/tara/tara_users_test.rb
View file

@ -34,6 +34,18 @@ class TaraUsersTest < ApplicationSystemTestCase
assert_text('Signed in successfully')
end
def test_existing_user_logs_in_without_cookie_overflow
@existing_user_hash['credentials'] = massive_hash
OmniAuth.config.mock_auth[:tara] = OmniAuth::AuthHash.new(@existing_user_hash)
visit new_registrar_user_session_path
assert_nothing_raised do
click_link('Sign in')
end
assert_text('Signed in successfully')
end
def test_nonexisting_user_gets_error_message
OmniAuth.config.mock_auth[:tara] = OmniAuth::AuthHash.new(@new_user_hash)
@ -42,4 +54,10 @@ class TaraUsersTest < ApplicationSystemTestCase
assert_text('No such user')
end
def massive_hash
o = [('a'..'z'), ('A'..'Z')].map(&:to_a).flatten
string = (0...5000).map { o[rand(o.length)] }.join
{"access_token":"AT-540-Fj5gbPvJp4jPkO-4EdgzIhIhhJapoRTM","token_type":"bearer","expires_in":600,"id_token":string}
end
end