Commit 95aec8a

mokha <mokha@cisco.com>
2018-09-19 23:10:01
return with a 401 when not authorized.
main
1 parent f92596f
Changed files (3)
app
controllers
scim
controller.rb
views
scim
unauthorized.scim.jbuilder
spec
requests
scim
v2
users_spec.rb
app/controllers/scim/controller.rb
@@ -38,7 +38,7 @@ module Scim
       Current.token = authenticate_with_http_token do |token|
         Token.authenticate(token)
       end
-      render plain: "Unauthorized", status: :unauthorized unless Current.user?
+      render "unauthorized", status: :unauthorized unless Current.user?
     end
 
     def apply_scim_content_type
app/views/scim/unauthorized.scim.jbuilder
@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+
+json.schemas ["urn:ietf:params:scim:api:messages:2.0:Error"]
+json.detail "Unauthorized"
+json.status "401"
spec/requests/scim/v2/users_spec.rb
@@ -88,6 +88,20 @@ describe '/scim/v2/users' do
       specify { expect(json[:detail]).to be_present }
       specify { expect(json[:status]).to eql('404') }
     end
+
+    context "when a valid Authorization header is not provided" do
+      let(:user) { create(:user) }
+      let(:token) { SecureRandom.uuid }
+      let(:json) { JSON.parse(response.body, symbolize_names: true) }
+
+      before { get "/scim/v2/users/#{user.to_param}", headers: headers }
+
+      specify { expect(response).to have_http_status(:unauthorized) }
+      specify { expect(json[:schemas]).to match_array(['urn:ietf:params:scim:api:messages:2.0:Error']) }
+      specify { expect(json[:detail]).to be_present }
+      specify { expect(json[:detail]).to be_instance_of(String) }
+      specify { expect(json[:status]).to eql('401') }
+    end
   end
 
   describe "GET /scim/v2/users" do