FIX: Correct OmniAuth route ordering

/auth/failure should be given higher precedence than /auth/:provider
2024-11-23 01:16:38 -06:00 · 2019-08-08 15:49:09 +01:00 · 2019-08-08 15:49:09 +01:00 · 90108b2450
commit 90108b2450
parent 3008ecccbd
2 changed files with 7 additions and 1 deletions
--- a/config/routes.rb
+++ b/config/routes.rb
@ -599,9 +599,9 @@ Discourse::Application.routes.draw do
    end
  end

+  match "/auth/failure", to: "users/omniauth_callbacks#failure", via: [:get, :post]
  get "/auth/:provider", to: "users/omniauth_callbacks#confirm_request"
  match "/auth/:provider/callback", to: "users/omniauth_callbacks#complete", via: [:get, :post]
-  match "/auth/failure", to: "users/omniauth_callbacks#failure", via: [:get, :post]
  get "/associate/:token", to: "users/associate_accounts#connect_info", constraints: { token: /\h{32}/ }
  post "/associate/:token", to: "users/associate_accounts#connect", constraints: { token: /\h{32}/ }

--- a/spec/requests/omniauth_callbacks_controller_spec.rb
+++ b/spec/requests/omniauth_callbacks_controller_spec.rb
@ -84,6 +84,12 @@ RSpec.describe Users::OmniauthCallbacksController do
      SiteSetting.enable_google_oauth2_logins = true
    end

+    it "should display the failure message if needed" do
+      get "/auth/failure"
+      expect(response.status).to eq(200)
+      expect(response.body).to include(I18n.t("login.omniauth_error"))
+    end
+
    describe "request" do
      it "should error for non existant authenticators" do
        post "/auth/fake_auth"