gazagnaire.org / ocaml-auth
User authentication and session management for web applications
0
fork

Configure Feed

Select the types of activity you want to include in your feed.

Parse GitLab confirmed_at to set email_verified

GitLab's /api/v4/user returns confirmed_at as an ISO 8601 timestamp
when the user has verified their email. Parse it and set
email_verified accordingly, instead of hardcoding false.

Email is now only populated when confirmed_at is present, consistent
with the Google and GitHub treatment.

Thomas Gazagnaire b33385fb 2df71d9b

+15 -3
+15 -3
test/test_auth.ml
··· 290 290 Alcotest.(check bool) "email_verified false" false u.email_verified 291 291 292 292 let test_gitlab_userinfo () = 293 + (* With confirmed_at — email is verified *) 293 294 let body = 294 - {|{"id":98765,"username":"jdoe","email":"jdoe@gitlab.com","name":"Jane Doe","avatar_url":"https://gitlab.com/uploads/-/system/user/avatar/98765/avatar.png"}|} 295 + {|{"id":98765,"username":"jdoe","email":"jdoe@gitlab.com","confirmed_at":"2024-01-15T10:00:00Z","name":"Jane Doe","avatar_url":"https://gitlab.com/uploads/-/system/user/avatar/98765/avatar.png"}|} 295 296 in 296 - match Oauth.parse_userinfo Gitlab body with 297 + (match Oauth.parse_userinfo Gitlab body with 297 298 | Error e -> Alcotest.fail e 298 299 | Ok u -> 299 300 Alcotest.(check string) "uid" "98765" u.uid; 300 - Alcotest.(check string) "login" "jdoe" u.login 301 + Alcotest.(check string) "login" "jdoe" u.login; 302 + Alcotest.(check (option string)) "email" (Some "jdoe@gitlab.com") u.email; 303 + Alcotest.(check bool) "email_verified" true u.email_verified); 304 + (* Without confirmed_at — email is unverified and dropped *) 305 + let body_unconfirmed = 306 + {|{"id":98765,"username":"jdoe","email":"jdoe@gitlab.com","name":"Jane Doe","avatar_url":"https://gitlab.com/uploads/-/system/user/avatar/98765/avatar.png"}|} 307 + in 308 + match Oauth.parse_userinfo Gitlab body_unconfirmed with 309 + | Error e -> Alcotest.fail e 310 + | Ok u -> 311 + Alcotest.(check (option string)) "unconfirmed email dropped" None u.email; 312 + Alcotest.(check bool) "email_verified false" false u.email_verified 301 313 302 314 let test_google_userinfo_rejects_missing_sub () = 303 315 let body = {|{"email":"user@gmail.com","name":"No Sub"}|} in