|
121 | 121 |
|
122 | 122 | it "sets the domain as the verified domain in the session" do |
123 | 123 | post "/ap/auth/verify", params: { domain: external_domain1, auth_type: "mastodon" } |
124 | | - expect(read_secure_session[described_class::DOMAIN_SESSION_KEY]).to eq(external_domain1) |
| 124 | + expect(server_session[described_class::DOMAIN_SESSION_KEY]).to eq(external_domain1) |
125 | 125 | end |
126 | 126 |
|
127 | 127 | it "creates a client" do |
|
158 | 158 |
|
159 | 159 | it "does not set the domain in the session" do |
160 | 160 | post "/ap/auth/verify", params: { domain: external_domain2, auth_type: "mastodon" } |
161 | | - expect(read_secure_session[described_class::DOMAIN_SESSION_KEY]).to eq(nil) |
| 161 | + expect(server_session[described_class::DOMAIN_SESSION_KEY]).to eq(nil) |
162 | 162 | end |
163 | 163 |
|
164 | 164 | it "does not create a client" do |
|
211 | 211 |
|
212 | 212 | it "sets the domain as the verified domain in the session" do |
213 | 213 | post "/ap/auth/verify", params: { domain: external_domain1, auth_type: "discourse" } |
214 | | - expect(read_secure_session[described_class::DOMAIN_SESSION_KEY]).to eq(external_domain1) |
| 214 | + expect(server_session[described_class::DOMAIN_SESSION_KEY]).to eq(external_domain1) |
215 | 215 | end |
216 | 216 |
|
217 | 217 | it "creates a client" do |
|
239 | 239 |
|
240 | 240 | context "with a verified domain in the session" do |
241 | 241 | before do |
242 | | - write_secure_session( |
243 | | - DiscourseActivityPub::AuthorizationController::DOMAIN_SESSION_KEY, |
244 | | - external_domain1, |
245 | | - ) |
| 242 | + server_session[ |
| 243 | + DiscourseActivityPub::AuthorizationController::DOMAIN_SESSION_KEY |
| 244 | + ] = external_domain1 |
246 | 245 | end |
247 | 246 |
|
248 | 247 | context "with an invalid auth_type" do |
|
288 | 287 | get "/ap/auth/authorize/discourse" |
289 | 288 | expect( |
290 | 289 | DiscourseActivityPubAuthorization.exists?( |
291 | | - read_secure_session[described_class::AUTHORIZATION_SESSION_KEY].to_i, |
| 290 | + server_session[described_class::AUTHORIZATION_SESSION_KEY].to_i, |
292 | 291 | ), |
293 | 292 | ).to eq(true) |
294 | 293 | end |
295 | 294 |
|
296 | 295 | it "saves a nonce to the session" do |
297 | 296 | ENV["ACTIVITY_PUB_TEST_RANDOM_HEX"] = "123" |
298 | 297 | get "/ap/auth/authorize/discourse" |
299 | | - expect(read_secure_session[described_class::NONCE_SESSION_KEY]).to eq("123") |
| 298 | + expect(server_session[described_class::NONCE_SESSION_KEY]).to eq("123") |
300 | 299 | end |
301 | 300 |
|
302 | 301 | it "redirects to the authorize url for the app" do |
|
323 | 322 | let!(:authorization) { Fabricate(:discourse_activity_pub_authorization_mastodon, user: user) } |
324 | 323 |
|
325 | 324 | before do |
326 | | - write_secure_session( |
327 | | - DiscourseActivityPub::AuthorizationController::AUTHORIZATION_SESSION_KEY, |
328 | | - authorization.id, |
329 | | - ) |
| 325 | + server_session[ |
| 326 | + DiscourseActivityPub::AuthorizationController::AUTHORIZATION_SESSION_KEY |
| 327 | + ] = authorization.id |
330 | 328 | end |
331 | 329 |
|
332 | 330 | context "with mastodon" do |
|
436 | 434 | end |
437 | 435 |
|
438 | 436 | before do |
439 | | - write_secure_session( |
440 | | - DiscourseActivityPub::AuthorizationController::AUTHORIZATION_SESSION_KEY, |
441 | | - authorization.id, |
442 | | - ) |
| 437 | + server_session[ |
| 438 | + DiscourseActivityPub::AuthorizationController::AUTHORIZATION_SESSION_KEY |
| 439 | + ] = authorization.id |
443 | 440 | end |
444 | 441 |
|
445 | 442 | context "with a nonce in the session" do |
446 | 443 | let!(:nonce) { "12345" } |
447 | 444 |
|
448 | 445 | before do |
449 | | - write_secure_session( |
450 | | - DiscourseActivityPub::AuthorizationController::NONCE_SESSION_KEY, |
451 | | - nonce, |
452 | | - ) |
| 446 | + server_session[ |
| 447 | + DiscourseActivityPub::AuthorizationController::NONCE_SESSION_KEY |
| 448 | + ] = nonce |
453 | 449 | end |
454 | 450 |
|
455 | 451 | context "when the callback has a valid payload" do |
|
0 commit comments