sorcery 0.11.0 → 0.15.1

data/spec/controllers/controller_oauth_spec.rb

@@ -20,7 +20,7 @@ def stub_all_oauth_requests!
       'in_reply_to_status_id_str' => nil, 'created_at' => 'Sun Mar 06 23:01:12 +0000 2011',
       'contributors' => nil, 'place' => nil, 'retweeted' => false, 'in_reply_to_status_id' => nil,
       'in_reply_to_user_id_str' => nil, 'coordinates' => nil, 'retweet_count' => 0,
-      'id' => 44533012284706816, 'id_str' => '44533012284706816'
+      'id' => 44_533_012_284_706_816, 'id_str' => '44533012284706816'
     },
     'show_all_inline_media' => false, 'geo_enabled' => true,
     'profile_sidebar_border_color' => 'a8c7f7', 'url' => nil, 'followers_count' => 10,
@@ -32,7 +32,7 @@ def stub_all_oauth_requests!
     'is_translator' => false, 'contributors_enabled' => false, 'protected' => false,
     'follow_request_sent' => false, 'time_zone' => 'Greenland', 'profile_text_color' => '333333',
     'name' => 'Noam Ben Ari', 'friends_count' => 10, 'profile_sidebar_fill_color' => 'C0DFEC',
-    'id' => 123, 'id_str' => '91434812', 'profile_background_tile' => false, 'utc_offset' => -10800
+    'id' => 123, 'id_str' => '91434812', 'profile_background_tile' => false, 'utc_offset' => -10_800
   }.to_json
 
   session[:request_token] = req_token.token
@@ -50,7 +50,7 @@ describe SorceryController, type: :controller do
 
   before(:all) do
     sorcery_reload!([:external])
-    sorcery_controller_property_set(:external_providers, [:twitter, :jira])
+    sorcery_controller_property_set(:external_providers, %i[twitter jira])
     sorcery_controller_external_property_set(:twitter, :key, 'eYVNBjBDi33aa9GkA3w')
     sorcery_controller_external_property_set(:twitter, :secret, 'XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8')
     sorcery_controller_external_property_set(:twitter, :callback_url, 'http://blabla.com')
@@ -179,7 +179,7 @@ describe SorceryController, type: :controller do
 
   describe SorceryController, 'OAuth with user activation features' do
     before(:all) do
-      sorcery_reload!([:activity_logging, :external])
+      sorcery_reload!(%i[activity_logging external])
     end
 
     context 'when twitter' do
@@ -215,16 +215,16 @@ describe SorceryController, type: :controller do
   describe SorceryController, 'OAuth with session timeout features' do
     before(:all) do
       if SORCERY_ORM == :active_record
-        ActiveRecord::Migrator.migrate("#{Rails.root}/db/migrate/external")
+        MigrationHelper.migrate("#{Rails.root}/db/migrate/external")
         User.reset_column_information
       end
 
-      sorcery_reload!([:session_timeout, :external])
+      sorcery_reload!(%i[session_timeout external])
     end
 
     after(:all) do
       if SORCERY_ORM == :active_record
-        ActiveRecord::Migrator.rollback("#{Rails.root}/db/migrate/external")
+        MigrationHelper.rollback("#{Rails.root}/db/migrate/external")
       end
     end
 

data/spec/controllers/controller_remember_me_spec.rb

@@ -6,12 +6,18 @@ describe SorceryController, type: :controller do
   # ----------------- REMEMBER ME -----------------------
   context 'with remember me features' do
     before(:all) do
+      if SORCERY_ORM == :active_record
+        MigrationHelper.migrate("#{Rails.root}/db/migrate/remember_me")
+        User.reset_column_information
+      end
+
       sorcery_reload!([:remember_me])
     end
 
-    after(:each) do
-      session = nil
-      cookies = nil
+    after(:all) do
+      if SORCERY_ORM == :active_record
+        MigrationHelper.rollback("#{Rails.root}/db/migrate/remember_me")
+      end
     end
 
     before(:each) do
@@ -31,17 +37,17 @@ describe SorceryController, type: :controller do
     end
 
     it 'clears cookie on forget_me!' do
-      cookies['remember_me_token'] == { value: 'asd54234dsfsd43534', expires: 3600 }
-      get :test_logout
+      request.cookies[:remember_me_token] = { value: 'asd54234dsfsd43534', expires: 3600 }
+      get :test_logout_with_forget_me
 
-      expect(cookies['remember_me_token']).to be_nil
+      expect(response.cookies[:remember_me_token]).to be_nil
     end
 
     it 'clears cookie on force_forget_me!' do
-      cookies['remember_me_token'] == { value: 'asd54234dsfsd43534', expires: 3600 }
+      request.cookies[:remember_me_token] = { value: 'asd54234dsfsd43534', expires: 3600 }
       get :test_logout_with_force_forget_me
 
-      expect(cookies['remember_me_token']).to be_nil
+      expect(response.cookies[:remember_me_token]).to be_nil
     end
 
     it 'login(email,password,remember_me) logs user in and remembers' do
@@ -80,6 +86,8 @@ describe SorceryController, type: :controller do
 
       expect(User.sorcery_adapter).to receive(:find_by_remember_me_token).with('token').and_return(user)
 
+      expect(subject).to receive(:after_remember_me!).with(user)
+
       get :test_login_from_cookie
 
       expect(assigns[:current_user]).to eq user

data/spec/controllers/controller_session_timeout_spec.rb

@@ -24,7 +24,7 @@ describe SorceryController, type: :controller do
       get :test_should_be_logged_in
 
       expect(session[:user_id]).not_to be_nil
-      expect(response).to be_a_success
+      expect(response).to be_successful
     end
 
     it 'resets session after session timeout' do
@@ -36,6 +36,87 @@ describe SorceryController, type: :controller do
       expect(response).to be_a_redirect
     end
 
+    context "with 'invalidate_active_sessions_enabled'" do
+      it 'does not reset the session if invalidate_sessions_before is nil' do
+        sorcery_controller_property_set(:session_timeout_invalidate_active_sessions_enabled, true)
+        login_user user
+        allow(user).to receive(:invalidate_sessions_before) { nil }
+
+        get :test_should_be_logged_in
+
+        expect(session[:user_id]).not_to be_nil
+        expect(response).to be_successful
+      end
+
+      it 'does not reset the session if it was not created before invalidate_sessions_before' do
+        sorcery_controller_property_set(:session_timeout_invalidate_active_sessions_enabled, true)
+        login_user user
+        allow(user).to receive(:invalidate_sessions_before) { Time.now.in_time_zone - 10.minutes }
+
+        get :test_should_be_logged_in
+
+        expect(session[:user_id]).not_to be_nil
+        expect(response).to be_successful
+      end
+
+      it 'resets the session if the session was created before invalidate_sessions_before' do
+        sorcery_controller_property_set(:session_timeout_invalidate_active_sessions_enabled, true)
+        login_user user
+        allow(user).to receive(:invalidate_sessions_before) { Time.now.in_time_zone }
+        get :test_should_be_logged_in
+
+        expect(session[:user_id]).to be_nil
+        expect(response).to be_a_redirect
+      end
+
+      it 'resets active sessions on next action if invalidate_active_sessions! is called' do
+        sorcery_controller_property_set(:session_timeout_invalidate_active_sessions_enabled, true)
+        # precondition that the user is logged in
+        login_user user
+        get :test_should_be_logged_in
+        expect(response).to be_successful
+
+        allow(user).to receive(:send) { |_method, value| allow(user).to receive(:invalidate_sessions_before) { value } }
+        allow(user).to receive(:save)
+        get :test_invalidate_active_session
+        expect(response).to be_successful
+
+        get :test_should_be_logged_in
+        expect(session[:user_id]).to be_nil
+        expect(response).to be_a_redirect
+      end
+
+      it 'allows login after invalidate_active_sessions! is called' do
+        sorcery_controller_property_set(:session_timeout_invalidate_active_sessions_enabled, true)
+        # precondition that the user is logged in
+        login_user user
+        get :test_should_be_logged_in
+        expect(response).to be_successful
+
+        allow(user).to receive(:send) { |_method, value| allow(user).to receive(:invalidate_sessions_before) { value } }
+        allow(user).to receive(:save)
+        # Call to invalidate
+        get :test_invalidate_active_session
+        expect(response).to be_successful
+
+        # Check that existing sessions were logged out
+        get :test_should_be_logged_in
+        expect(session[:user_id]).to be_nil
+        expect(response).to be_a_redirect
+
+        # Check that new session is allowed to login
+        login_user user
+        get :test_should_be_logged_in
+        expect(response).to be_successful
+        expect(session[:user_id]).not_to be_nil
+
+        # Check an additional request to make sure not logged out on next request
+        get :test_should_be_logged_in
+        expect(response).to be_successful
+        expect(session[:user_id]).not_to be_nil
+      end
+    end
+
     it 'works if the session is stored as a string or a Time' do
       session[:login_time] = Time.now.to_s
       # TODO: ???
@@ -44,7 +125,7 @@ describe SorceryController, type: :controller do
       get :test_login, params: { email: 'bla@bla.com', password: 'secret' }
 
       expect(session[:user_id]).not_to be_nil
-      expect(response).to be_a_success
+      expect(response).to be_successful
     end
 
     context "with 'session_timeout_from_last_action'" do
@@ -62,7 +143,7 @@ describe SorceryController, type: :controller do
         get :test_should_be_logged_in
 
         expect(session[:user_id]).not_to be_nil
-        expect(response).to be_a_success
+        expect(response).to be_successful
       end
 
       it "with 'session_timeout_from_last_action' logs out if there was no activity" do
@@ -75,5 +156,11 @@ describe SorceryController, type: :controller do
         expect(response).to be_a_redirect
       end
     end
+
+    it 'registers login time on remember_me callback' do
+      expect(subject).to receive(:register_login_time).with(user)
+
+      subject.send(:after_remember_me!, user)
+    end
   end
 end

data/spec/controllers/controller_spec.rb

@@ -132,7 +132,7 @@ describe SorceryController, type: :controller do
       sorcery_controller_property_set(:not_authenticated_action, :test_not_authenticated_action)
       get :test_logout
 
-      expect(response).to be_a_success
+      expect(response).to be_successful
     end
 
     it 'require_login before_action saves the url that the user originally wanted' do
@@ -143,13 +143,23 @@ describe SorceryController, type: :controller do
     end
 
     it 'require_login before_action does not save the url that the user originally wanted upon all non-get http methods' do
-      [:post, :put, :delete].each do |m|
+      %i[post put delete].each do |m|
         send(m, :some_action)
 
         expect(session[:return_to_url]).to be_nil
       end
     end
 
+    it 'require_login before_action does not save the url for JSON requests' do
+      get :some_action, format: :json
+      expect(session[:return_to_url]).to be_nil
+    end
+
+    it 'require_login before_action does not save the url for XHR requests' do
+      get :some_action, xhr: true
+      expect(session[:return_to_url]).to be_nil
+    end
+
     it 'on successful login the user is redirected to the url he originally wanted' do
       session[:return_to_url] = 'http://test.host/some_action'
       post :test_return_to, params: { email: 'bla@bla.com', password: 'secret' }
@@ -161,7 +171,7 @@ describe SorceryController, type: :controller do
     # --- auto_login(user) ---
     specify { should respond_to(:auto_login) }
 
-    it 'auto_login(user) los in a user instance' do
+    it 'auto_login(user) logs in a user instance' do
       session[:user_id] = nil
       subject.auto_login(user)
 

data/spec/orm/active_record.rb

@@ -9,11 +9,11 @@ class TestUser < ActiveRecord::Base
 end
 
 def setup_orm
-  ActiveRecord::Migrator.migrate(migrations_path)
+  MigrationHelper.migrate(migrations_path)
 end
 
 def teardown_orm
-  ActiveRecord::Migrator.rollback(migrations_path)
+  MigrationHelper.rollback(migrations_path)
 end
 
 def migrations_path

data/spec/providers/example_provider_spec.rb

@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+require 'sorcery/providers/base'
+
+describe Sorcery::Providers::ExampleProvider do
+  before(:all) do
+    sorcery_reload!([:external])
+    sorcery_controller_property_set(:external_providers, [:example_provider])
+  end
+
+  context 'fetching a multi-word custom provider' do
+    it 'returns the provider' do
+      expect(Sorcery::Controller::Config.example_provider).to be_a(Sorcery::Providers::ExampleProvider)
+    end
+  end
+end

data/spec/providers/example_spec.rb

@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+require 'sorcery/providers/base'
+
+describe Sorcery::Providers::Example do
+  before(:all) do
+    sorcery_reload!([:external])
+    sorcery_controller_property_set(:external_providers, [:example])
+  end
+
+  context 'fetching a single-word custom provider' do
+    it 'returns the provider' do
+      expect(Sorcery::Controller::Config.example).to be_a(Sorcery::Providers::Example)
+    end
+  end
+end

data/spec/providers/vk_spec.rb

@@ -0,0 +1,42 @@
+require 'spec_helper'
+require 'sorcery/providers/base'
+require 'sorcery/providers/vk'
+require 'webmock/rspec'
+
+describe Sorcery::Providers::Vk do
+  include WebMock::API
+
+  let(:provider) { Sorcery::Controller::Config.vk }
+
+  before(:all) do
+    sorcery_reload!([:external])
+    sorcery_controller_property_set(:external_providers, [:vk])
+    sorcery_controller_external_property_set(:vk, :key, 'KEY')
+    sorcery_controller_external_property_set(:vk, :secret, 'SECRET')
+  end
+
+  def stub_vk_authorize
+    stub_request(:post, %r{https\:\/\/oauth\.vk\.com\/access_token}).to_return(
+      status: 200,
+      body: '{"access_token":"TOKEN","expires_in":86329,"user_id":1}',
+      headers: { 'content-type' => 'application/json' }
+    )
+  end
+
+  context 'getting user info hash' do
+    it 'should provide VK API version' do
+      stub_vk_authorize
+      sorcery_controller_external_property_set(:vk, :api_version, '5.71')
+
+      get_user = stub_request(
+        :get,
+        'https://api.vk.com/method/getProfiles?access_token=TOKEN&fields=&scope=email&uids=1&v=5.71'
+      ).to_return(body: '{"response":[{"id":1}]}')
+
+      token = provider.process_callback({ code: 'CODE' }, nil)
+      provider.get_user_hash(token)
+
+      expect(get_user).to have_been_requested
+    end
+  end
+end

data/spec/rails_app/app/assets/config/manifest.js

@@ -0,0 +1 @@
+{}

data/spec/rails_app/app/controllers/sorcery_controller.rb

@@ -4,7 +4,13 @@ class SorceryController < ActionController::Base
   protect_from_forgery
 
   before_action :require_login_from_http_basic, only: [:test_http_basic_auth]
-  before_action :require_login, only: [:test_logout, :test_logout_with_force_forget_me, :test_should_be_logged_in, :some_action]
+  before_action :require_login, only: %i[
+    test_logout
+    test_logout_with_forget_me
+    test_logout_with_force_forget_me
+    test_should_be_logged_in
+    some_action
+  ]
 
   def index; end
 
@@ -45,6 +51,13 @@ class SorceryController < ActionController::Base
     head :ok
   end
 
+  def test_logout_with_forget_me
+    remember_me!
+    forget_me!
+    logout
+    head :ok
+  end
+
   def test_logout_with_force_forget_me
     remember_me!
     force_forget_me!
@@ -52,6 +65,11 @@ class SorceryController < ActionController::Base
     head :ok
   end
 
+  def test_invalidate_active_session
+    invalidate_active_sessions!
+    head :ok
+  end
+
   def test_login_with_remember
     @user = login(params[:email], params[:password])
     remember_me!
@@ -132,12 +150,28 @@ class SorceryController < ActionController::Base
     login_at(:slack)
   end
 
+  def login_at_test_line
+    login_at(:line)
+  end
+
   def login_at_test_with_state
     login_at(:facebook, state: 'bla')
   end
 
+  def login_at_test_instagram
+    login_at(:instagram)
+  end
+
+  def login_at_test_auth0
+    login_at(:auth0)
+  end
+
+  def login_at_test_discord
+    login_at(:discord)
+  end
+
   def test_login_from_twitter
-    if @user = login_from(:twitter)
+    if (@user = login_from(:twitter))
       redirect_to 'bla', notice: 'Success!'
     else
       redirect_to 'blu', alert: 'Failed!'
@@ -147,7 +181,7 @@ class SorceryController < ActionController::Base
   alias test_login_from test_login_from_twitter
 
   def test_login_from_facebook
-    if @user = login_from(:facebook)
+    if (@user = login_from(:facebook))
       redirect_to 'bla', notice: 'Success!'
     else
       redirect_to 'blu', alert: 'Failed!'
@@ -155,7 +189,7 @@ class SorceryController < ActionController::Base
   end
 
   def test_login_from_github
-    if @user = login_from(:github)
+    if (@user = login_from(:github))
       redirect_to 'bla', notice: 'Success!'
     else
       redirect_to 'blu', alert: 'Failed!'
@@ -163,7 +197,7 @@ class SorceryController < ActionController::Base
   end
 
   def test_login_from_paypal
-    if @user = login_from(:paypal)
+    if (@user = login_from(:paypal))
       redirect_to 'bla', notice: 'Success!'
     else
       redirect_to 'blu', alert: 'Failed!'
@@ -171,7 +205,7 @@ class SorceryController < ActionController::Base
   end
 
   def test_login_from_wechat
-    if @user = login_from(:wechat)
+    if (@user = login_from(:wechat))
       redirect_to 'bla', notice: 'Success!'
     else
       redirect_to 'blu', alert: 'Failed!'
@@ -179,7 +213,7 @@ class SorceryController < ActionController::Base
   end
 
   def test_login_from_microsoft
-    if @user = login_from(:microsoft)
+    if (@user = login_from(:microsoft))
       redirect_to 'bla', notice: 'Success!'
     else
       redirect_to 'blu', alert: 'Failed!'
@@ -187,7 +221,7 @@ class SorceryController < ActionController::Base
   end
 
   def test_login_from_google
-    if @user = login_from(:google)
+    if (@user = login_from(:google))
       redirect_to 'bla', notice: 'Success!'
     else
       redirect_to 'blu', alert: 'Failed!'
@@ -195,7 +229,7 @@ class SorceryController < ActionController::Base
   end
 
   def test_login_from_liveid
-    if @user = login_from(:liveid)
+    if (@user = login_from(:liveid))
       redirect_to 'bla', notice: 'Success!'
     else
       redirect_to 'blu', alert: 'Failed!'
@@ -203,7 +237,7 @@ class SorceryController < ActionController::Base
   end
 
   def test_login_from_vk
-    if @user = login_from(:vk)
+    if (@user = login_from(:vk))
       redirect_to 'bla', notice: 'Success!'
     else
       redirect_to 'blu', alert: 'Failed!'
@@ -211,7 +245,7 @@ class SorceryController < ActionController::Base
   end
 
   def test_login_from_jira
-    if @user = login_from(:jira)
+    if (@user = login_from(:jira))
       redirect_to 'bla', notice: 'Success!'
     else
       redirect_to 'blu', alert: 'Failed!'
@@ -219,7 +253,7 @@ class SorceryController < ActionController::Base
   end
 
   def test_login_from_salesforce
-    if @user = login_from(:salesforce)
+    if (@user = login_from(:salesforce))
       redirect_to 'bla', notice: 'Success!'
     else
       redirect_to 'blu', alert: 'Failed!'
@@ -227,7 +261,39 @@ class SorceryController < ActionController::Base
   end
 
   def test_login_from_slack
-    if @user = login_from(:slack)
+    if (@user = login_from(:slack))
+      redirect_to 'bla', notice: 'Success!'
+    else
+      redirect_to 'blu', alert: 'Failed!'
+    end
+  end
+
+  def test_login_from_instagram
+    if (@user = login_from(:instagram))
+      redirect_to 'bla', notice: 'Success!'
+    else
+      redirect_to 'blu', alert: 'Failed!'
+    end
+  end
+
+  def test_login_from_auth0
+    if (@user = login_from(:auth0))
+      redirect_to 'bla', notice: 'Success!'
+    else
+      redirect_to 'blu', alert: 'Failed!'
+    end
+  end
+
+  def test_login_from_line
+    if @user = login_from(:line)
+      redirect_to 'bla', notice: 'Success!'
+    else
+      redirect_to 'blu', alert: 'Failed!'
+    end
+  end
+
+  def test_login_from_discord
+    if (@user = login_from(:discord))
       redirect_to 'bla', notice: 'Success!'
     else
       redirect_to 'blu', alert: 'Failed!'
@@ -235,7 +301,7 @@ class SorceryController < ActionController::Base
   end
 
   def test_return_to_with_external_twitter
-    if @user = login_from(:twitter)
+    if (@user = login_from(:twitter))
       redirect_back_or_to 'bla', notice: 'Success!'
     else
       redirect_to 'blu', alert: 'Failed!'
@@ -243,7 +309,7 @@ class SorceryController < ActionController::Base
   end
 
   def test_return_to_with_external_jira
-    if @user = login_from(:jira)
+    if (@user = login_from(:jira))
       redirect_back_or_to 'bla', notice: 'Success!'
     else
       redirect_to 'blu', alert: 'Failed!'
@@ -253,7 +319,7 @@ class SorceryController < ActionController::Base
   alias test_return_to_with_external test_return_to_with_external_twitter
 
   def test_return_to_with_external_facebook
-    if @user = login_from(:facebook)
+    if (@user = login_from(:facebook))
       redirect_back_or_to 'bla', notice: 'Success!'
     else
       redirect_to 'blu', alert: 'Failed!'
@@ -261,7 +327,7 @@ class SorceryController < ActionController::Base
   end
 
   def test_return_to_with_external_github
-    if @user = login_from(:github)
+    if (@user = login_from(:github))
       redirect_back_or_to 'bla', notice: 'Success!'
     else
       redirect_to 'blu', alert: 'Failed!'
@@ -269,7 +335,7 @@ class SorceryController < ActionController::Base
   end
 
   def test_return_to_with_external_paypal
-    if @user = login_from(:paypal)
+    if (@user = login_from(:paypal))
       redirect_back_or_to 'bla', notice: 'Success!'
     else
       redirect_to 'blu', alert: 'Failed!'
@@ -277,7 +343,7 @@ class SorceryController < ActionController::Base
   end
 
   def test_return_to_with_external_wechat
-    if @user = login_from(:wechat)
+    if (@user = login_from(:wechat))
       redirect_back_or_to 'bla', notice: 'Success!'
     else
       redirect_to 'blu', alert: 'Failed!'
@@ -285,7 +351,7 @@ class SorceryController < ActionController::Base
   end
 
   def test_return_to_with_external_microsoft
-    if @user = login_from(:microsoft)
+    if (@user = login_from(:microsoft))
       redirect_back_or_to 'bla', notice: 'Success!'
     else
       redirect_to 'blu', alert: 'Failed!'
@@ -293,7 +359,7 @@ class SorceryController < ActionController::Base
   end
 
   def test_return_to_with_external_google
-    if @user = login_from(:google)
+    if (@user = login_from(:google))
       redirect_back_or_to 'bla', notice: 'Success!'
     else
       redirect_to 'blu', alert: 'Failed!'
@@ -301,7 +367,7 @@ class SorceryController < ActionController::Base
   end
 
   def test_return_to_with_external_liveid
-    if @user = login_from(:liveid)
+    if (@user = login_from(:liveid))
       redirect_back_or_to 'bla', notice: 'Success!'
     else
       redirect_to 'blu', alert: 'Failed!'
@@ -309,7 +375,7 @@ class SorceryController < ActionController::Base
   end
 
   def test_return_to_with_external_vk
-    if @user = login_from(:vk)
+    if (@user = login_from(:vk))
       redirect_back_or_to 'bla', notice: 'Success!'
     else
       redirect_to 'blu', alert: 'Failed!'
@@ -317,7 +383,7 @@ class SorceryController < ActionController::Base
   end
 
   def test_return_to_with_external_salesforce
-    if @user = login_from(:salesforce)
+    if (@user = login_from(:salesforce))
       redirect_back_or_to 'bla', notice: 'Success!'
     else
       redirect_to 'blu', alert: 'Failed!'
@@ -325,7 +391,39 @@ class SorceryController < ActionController::Base
   end
 
   def test_return_to_with_external_slack
-    if @user = login_from(:slack)
+    if (@user = login_from(:slack))
+      redirect_back_or_to 'bla', notice: 'Success!'
+    else
+      redirect_to 'blu', alert: 'Failed!'
+    end
+  end
+
+  def test_return_to_with_external_instagram
+    if (@user = login_from(:instagram))
+      redirect_back_or_to 'bla', notice: 'Success!'
+    else
+      redirect_to 'blu', alert: 'Failed!'
+    end
+  end
+
+  def test_return_to_with_external_auth0
+    if (@user = login_from(:auth0))
+      redirect_back_or_to 'bla', notice: 'Success!'
+    else
+      redirect_to 'blu', alert: 'Failed!'
+    end
+  end
+
+  def test_return_to_with_external_line
+    if @user = login_from(:line)
+      redirect_back_or_to 'bla', notice: 'Success!'
+    else
+      redirect_to 'blu', alert: 'Failed!'
+    end
+  end
+
+  def test_return_to_with_external_discord
+    if (@user = login_from(:discord))
       redirect_back_or_to 'bla', notice: 'Success!'
     else
       redirect_to 'blu', alert: 'Failed!'
@@ -335,7 +433,7 @@ class SorceryController < ActionController::Base
   def test_create_from_provider
     provider = params[:provider]
     login_from(provider)
-    if @user = create_from(provider)
+    if (@user = create_from(provider))
       redirect_to 'bla', notice: 'Success!'
     else
       redirect_to 'blu', alert: 'Failed!'
@@ -344,12 +442,13 @@ class SorceryController < ActionController::Base
 
   def test_add_second_provider
     provider = params[:provider]
-    if logged_in?
-      if @user = add_provider_to_user(provider)
-        redirect_to 'bla', notice: 'Success!'
-      else
-        redirect_to 'blu', alert: 'Failed!'
-      end
+
+    return unless logged_in?
+
+    if (@user = add_provider_to_user(provider))
+      redirect_to 'bla', notice: 'Success!'
+    else
+      redirect_to 'blu', alert: 'Failed!'
     end
   end