]> git.openstreetmap.org Git - rails.git/blobdiff - test/integration/user_creation_test.rb
Be paranoid when sending password reset emails
[rails.git] / test / integration / user_creation_test.rb
index a39e423c0899589b32be3da8df7c7956c7f09315..59efeaabbf7e439adc3c2db98d511dffd7dd0d1f 100644 (file)
@@ -2,159 +2,168 @@ require "test_helper"
 
 class UserCreationTest < ActionDispatch::IntegrationTest
   def setup
 
 class UserCreationTest < ActionDispatch::IntegrationTest
   def setup
-    I18n.locale = "en"
-
     OmniAuth.config.test_mode = true
 
     stub_request(:get, /.*gravatar.com.*d=404/).to_return(:status => 404)
   end
 
   def teardown
     OmniAuth.config.test_mode = true
 
     stub_request(:get, /.*gravatar.com.*d=404/).to_return(:status => 404)
   end
 
   def teardown
-    I18n.locale = "en"
-
     OmniAuth.config.mock_auth[:openid] = nil
     OmniAuth.config.mock_auth[:google] = nil
     OmniAuth.config.mock_auth[:facebook] = nil
     OmniAuth.config.mock_auth[:openid] = nil
     OmniAuth.config.mock_auth[:google] = nil
     OmniAuth.config.mock_auth[:facebook] = nil
-    OmniAuth.config.mock_auth[:windowslive] = nil
+    OmniAuth.config.mock_auth[:microsoft] = nil
     OmniAuth.config.mock_auth[:github] = nil
     OmniAuth.config.mock_auth[:wikipedia] = nil
     OmniAuth.config.test_mode = false
   end
 
   def test_create_user_form
     OmniAuth.config.mock_auth[:github] = nil
     OmniAuth.config.mock_auth[:wikipedia] = nil
     OmniAuth.config.test_mode = false
   end
 
   def test_create_user_form
-    I18n.available_locales.each do |locale|
-      reset!
-      get "/user/new", :headers => { "HTTP_ACCEPT_LANGUAGE" => locale.to_s }
-      follow_redirect!
-      assert_response :success
-      assert_template "users/new"
-    end
+    get "/user/new"
+    follow_redirect!
+    assert_response :success
+    assert_template "users/new"
   end
 
   def test_user_create_submit_duplicate_email
   end
 
   def test_user_create_submit_duplicate_email
-    Locale.available.each do |locale|
-      dup_email = create(:user).email
-      display_name = "#{locale}_new_tester"
-      assert_difference("User.count", 0) do
-        assert_difference("ActionMailer::Base.deliveries.size", 0) do
-          perform_enqueued_jobs do
-            post "/user/new",
-                 :params => { :user => { :email => dup_email,
-                                         :email_confirmation => dup_email,
-                                         :display_name => display_name,
-                                         :pass_crypt => "testtest",
-                                         :pass_crypt_confirmation => "testtest" } },
-                 :headers => { "HTTP_ACCEPT_LANGUAGE" => locale.to_s }
-          end
+    dup_email = create(:user).email
+    display_name = "new_tester"
+    assert_difference("User.count", 0) do
+      assert_difference("ActionMailer::Base.deliveries.size", 0) do
+        perform_enqueued_jobs do
+          post "/user/new",
+               :params => { :user => { :email => dup_email,
+                                       :email_confirmation => dup_email,
+                                       :display_name => display_name,
+                                       :pass_crypt => "testtest",
+                                       :pass_crypt_confirmation => "testtest" } }
         end
       end
         end
       end
-      assert_response :success
-      assert_template "users/new"
-      assert_equal locale.to_s, response.headers["Content-Language"]
-      assert_select "form"
-      assert_select "form > div.form-group > input.is-invalid#user_email"
-      assert_no_missing_translations
     end
     end
+    assert_response :success
+    assert_template "users/new"
+    assert_select "form"
+    assert_select "form > div > input.is-invalid#user_email"
   end
 
   def test_user_create_submit_duplicate_username
   end
 
   def test_user_create_submit_duplicate_username
-    I18n.available_locales.each do |locale|
-      dup_display_name = create(:user).display_name
-      email = "#{locale}_new_tester"
-      assert_difference("User.count", 0) do
-        assert_difference("ActionMailer::Base.deliveries.size", 0) do
-          perform_enqueued_jobs do
-            post "/user/new",
-                 :params => { :user => { :email => email,
-                                         :email_confirmation => email,
-                                         :display_name => dup_display_name,
-                                         :pass_crypt => "testtest",
-                                         :pass_crypt_confirmation => "testtest" } },
-                 :headers => { "HTTP_ACCEPT_LANGUAGE" => locale.to_s }
-          end
+    dup_display_name = create(:user).display_name
+    email = "new_tester"
+    assert_difference("User.count", 0) do
+      assert_difference("ActionMailer::Base.deliveries.size", 0) do
+        perform_enqueued_jobs do
+          post "/user/new",
+               :params => { :user => { :email => email,
+                                       :email_confirmation => email,
+                                       :display_name => dup_display_name,
+                                       :pass_crypt => "testtest",
+                                       :pass_crypt_confirmation => "testtest" } }
         end
       end
         end
       end
-      assert_response :success
-      assert_template "users/new"
-      assert_select "form > div.form-group > input.is-invalid#user_display_name"
-      assert_no_missing_translations
     end
     end
+    assert_response :success
+    assert_template "users/new"
+    assert_select "form > div > input.is-invalid#user_display_name"
+  end
+
+  def test_user_create_submit_mismatched_passwords
+    email = "newtester@osm.org"
+    display_name = "new_tester"
+    assert_difference("User.count", 0) do
+      assert_difference("ActionMailer::Base.deliveries.size", 0) do
+        perform_enqueued_jobs do
+          post "/user/new",
+               :params => { :user => { :email => email,
+                                       :email_confirmation => email,
+                                       :display_name => display_name,
+                                       :pass_crypt => "testtest",
+                                       :pass_crypt_confirmation => "blahblah" } }
+        end
+      end
+    end
+    assert_response :success
+    assert_template "users/new"
+    assert_select "form > div > input.is-invalid#user_pass_crypt_confirmation"
   end
 
   def test_user_create_success
   end
 
   def test_user_create_success
-    I18n.available_locales.each do |locale|
-      new_email = "#{locale}newtester@osm.org"
-      display_name = "#{locale}_new_tester"
-
-      assert_difference("User.count", 0) do
-        assert_difference("ActionMailer::Base.deliveries.size", 0) do
-          perform_enqueued_jobs do
-            post "/user/new",
-                 :params => { :user => { :email => new_email,
-                                         :email_confirmation => new_email,
-                                         :display_name => display_name,
-                                         :pass_crypt => "testtest",
-                                         :pass_crypt_confirmation => "testtest" } }
-          end
+    new_email = "newtester@osm.org"
+    display_name = "new_tester"
+
+    assert_difference("User.count", 0) do
+      assert_difference("ActionMailer::Base.deliveries.size", 0) do
+        perform_enqueued_jobs do
+          post "/user/new",
+               :params => { :user => { :email => new_email,
+                                       :email_confirmation => new_email,
+                                       :display_name => display_name,
+                                       :pass_crypt => "testtest",
+                                       :pass_crypt_confirmation => "testtest" } }
         end
       end
         end
       end
+    end
 
 
-      assert_redirected_to "/user/terms"
+    assert_redirected_to "/user/terms"
 
 
-      assert_difference("User.count") do
-        assert_difference("ActionMailer::Base.deliveries.size", 1) do
-          perform_enqueued_jobs do
-            post "/user/save",
-                 :headers => { "HTTP_ACCEPT_LANGUAGE" => locale.to_s },
-                 :params => { :read_ct => 1, :read_tou => 1 }
-            follow_redirect!
-          end
+    assert_difference("User.count") do
+      assert_difference("ActionMailer::Base.deliveries.size", 1) do
+        perform_enqueued_jobs do
+          post "/user/save",
+               :params => { :read_ct => 1, :read_tou => 1 }
+          follow_redirect!
         end
       end
         end
       end
+    end
 
 
-      # Check the e-mail
-      register_email = ActionMailer::Base.deliveries.first
+    assert_response :success
+    assert_template "confirmations/confirm"
 
 
-      assert_equal register_email.to.first, new_email
-      # Check that the confirm account url is correct
-      assert_match(/#{@url}/, register_email.body.to_s)
+    user = User.find_by(:email => "newtester@osm.org")
+    assert_not_nil user
+    assert_not_predicate user, :active?
 
 
-      # Check the page
-      assert_response :success
-      assert_template "confirmations/confirm"
+    register_email = ActionMailer::Base.deliveries.first
+    assert_equal register_email.to.first, new_email
+    found_confirmation_url = register_email.parts.first.parts.first.to_s =~ %r{\shttp://test.host(/\S+)\s}
+    assert found_confirmation_url
+    confirmation_url = Regexp.last_match(1)
+    ActionMailer::Base.deliveries.clear
 
 
-      ActionMailer::Base.deliveries.clear
-    end
+    post confirmation_url
+
+    assert_response :redirect
+    assert_redirected_to welcome_path
+
+    user.reload
+    assert_predicate user, :active?
+
+    assert_equal user, User.authenticate(:username => new_email, :password => "testtest")
   end
 
   def test_user_create_no_tou_failure
   end
 
   def test_user_create_no_tou_failure
-    I18n.available_locales.each do |locale|
-      new_email = "#{locale}newtester@osm.org"
-      display_name = "#{locale}_new_tester"
-
-      assert_difference("User.count", 0) do
-        assert_difference("ActionMailer::Base.deliveries.size", 0) do
-          perform_enqueued_jobs do
-            post "/user/new",
-                 :params => { :user => { :email => new_email,
-                                         :email_confirmation => new_email,
-                                         :display_name => display_name,
-                                         :pass_crypt => "testtest",
-                                         :pass_crypt_confirmation => "testtest" } }
-          end
+    new_email = "#newtester@osm.org"
+    display_name = "new_tester"
+
+    assert_difference("User.count", 0) do
+      assert_difference("ActionMailer::Base.deliveries.size", 0) do
+        perform_enqueued_jobs do
+          post "/user/new",
+               :params => { :user => { :email => new_email,
+                                       :email_confirmation => new_email,
+                                       :display_name => display_name,
+                                       :pass_crypt => "testtest",
+                                       :pass_crypt_confirmation => "testtest" } }
         end
       end
         end
       end
+    end
 
 
-      assert_redirected_to "/user/terms"
-
-      perform_enqueued_jobs do
-        post "/user/save",
-             :headers => { "HTTP_ACCEPT_LANGUAGE" => locale.to_s }
-        assert_redirected_to "/user/terms"
-      end
+    assert_redirected_to "/user/terms"
 
 
-      ActionMailer::Base.deliveries.clear
+    perform_enqueued_jobs do
+      post "/user/save"
+      assert_redirected_to "/user/terms"
     end
     end
+
+    ActionMailer::Base.deliveries.clear
   end
 
   # Check that the user can successfully recover their password
   end
 
   # Check that the user can successfully recover their password
@@ -200,11 +209,11 @@ class UserCreationTest < ActionDispatch::IntegrationTest
 
     assert_equal register_email.to.first, new_email
     # Check that the confirm account url is correct
 
     assert_equal register_email.to.first, new_email
     # Check that the confirm account url is correct
-    confirm_regex = Regexp.new("/user/redirect_tester/confirm\\?confirm_string=([a-zA-Z0-9]*)")
+    confirm_regex = Regexp.new("confirm_string=([a-zA-Z0-9%_-]*)")
     email_text_parts(register_email).each do |part|
       assert_match confirm_regex, part.body.to_s
     end
     email_text_parts(register_email).each do |part|
       assert_match confirm_regex, part.body.to_s
     end
-    confirm_string = email_text_parts(register_email).first.body.match(confirm_regex)[1]
+    confirm_string = CGI.unescape(email_text_parts(register_email).first.body.match(confirm_regex)[1])
 
     # Check the page
     assert_response :success
 
     # Check the page
     assert_response :success
@@ -213,11 +222,11 @@ class UserCreationTest < ActionDispatch::IntegrationTest
     ActionMailer::Base.deliveries.clear
 
     # Go to the confirmation page
     ActionMailer::Base.deliveries.clear
 
     # Go to the confirmation page
-    get "/user/#{display_name}/confirm", :params => { :confirm_string => confirm_string }
+    get "/user/#{display_name}/confirm", :params => { :referer => "/welcome", :confirm_string => confirm_string }
     assert_response :success
     assert_template "confirmations/confirm"
 
     assert_response :success
     assert_template "confirmations/confirm"
 
-    post "/user/#{display_name}/confirm", :params => { :confirm_string => confirm_string }
+    post "/user/#{display_name}/confirm", :params => { :referer => "/welcome", :confirm_string => confirm_string }
     assert_response :redirect
     follow_redirect!
     assert_response :success
     assert_response :redirect
     follow_redirect!
     assert_response :success
@@ -353,11 +362,11 @@ class UserCreationTest < ActionDispatch::IntegrationTest
 
     assert_equal register_email.to.first, new_email
     # Check that the confirm account url is correct
 
     assert_equal register_email.to.first, new_email
     # Check that the confirm account url is correct
-    confirm_regex = Regexp.new("/user/redirect_tester_openid/confirm\\?confirm_string=([a-zA-Z0-9]*)")
+    confirm_regex = Regexp.new("confirm_string=([a-zA-Z0-9%_-]*)")
     email_text_parts(register_email).each do |part|
       assert_match confirm_regex, part.body.to_s
     end
     email_text_parts(register_email).each do |part|
       assert_match confirm_regex, part.body.to_s
     end
-    confirm_string = email_text_parts(register_email).first.body.match(confirm_regex)[1]
+    confirm_string = CGI.unescape(email_text_parts(register_email).first.body.match(confirm_regex)[1])
 
     # Check the page
     assert_response :success
 
     # Check the page
     assert_response :success
@@ -366,11 +375,11 @@ class UserCreationTest < ActionDispatch::IntegrationTest
     ActionMailer::Base.deliveries.clear
 
     # Go to the confirmation page
     ActionMailer::Base.deliveries.clear
 
     # Go to the confirmation page
-    get "/user/#{display_name}/confirm", :params => { :confirm_string => confirm_string }
+    get "/user/#{display_name}/confirm", :params => { :referer => "/welcome", :confirm_string => confirm_string }
     assert_response :success
     assert_template "confirmations/confirm"
 
     assert_response :success
     assert_template "confirmations/confirm"
 
-    post "/user/#{display_name}/confirm", :params => { :confirm_string => confirm_string }
+    post "/user/#{display_name}/confirm", :params => { :referer => "/welcome", :confirm_string => confirm_string }
     assert_response :redirect
     follow_redirect!
     assert_response :success
     assert_response :redirect
     follow_redirect!
     assert_response :success
@@ -378,15 +387,14 @@ class UserCreationTest < ActionDispatch::IntegrationTest
   end
 
   def test_user_create_google_success
   end
 
   def test_user_create_google_success
-    OmniAuth.config.add_mock(:google, :uid => "123454321", :extra => {
-                               :id_info => { "openid_id" => "http://localhost:1123/new.tester" }
-                             })
-
     new_email = "newtester-google@osm.org"
     display_name = "new_tester-google"
     password = "testtest"
     new_email = "newtester-google@osm.org"
     display_name = "new_tester-google"
     password = "testtest"
+
+    OmniAuth.config.add_mock(:google, :uid => "123454321", :info => { "email" => new_email })
+
     assert_difference("User.count") do
     assert_difference("User.count") do
-      assert_difference("ActionMailer::Base.deliveries.size", 1) do
+      assert_no_difference("ActionMailer::Base.deliveries.size") do
         perform_enqueued_jobs do
           post "/user/new",
                :params => { :user => { :email => new_email,
         perform_enqueued_jobs do
           post "/user/new",
                :params => { :user => { :email => new_email,
@@ -413,6 +421,7 @@ class UserCreationTest < ActionDispatch::IntegrationTest
                                        :pass_crypt_confirmation => password },
                             :read_ct => 1, :read_tou => 1 }
           assert_response :redirect
                                        :pass_crypt_confirmation => password },
                             :read_ct => 1, :read_tou => 1 }
           assert_response :redirect
+          assert_redirected_to welcome_path
           follow_redirect!
         end
       end
           follow_redirect!
         end
       end
@@ -420,7 +429,7 @@ class UserCreationTest < ActionDispatch::IntegrationTest
 
     # Check the page
     assert_response :success
 
     # Check the page
     assert_response :success
-    assert_template "confirmations/confirm"
+    assert_template "site/welcome"
 
     ActionMailer::Base.deliveries.clear
   end
 
     ActionMailer::Base.deliveries.clear
   end
@@ -507,11 +516,11 @@ class UserCreationTest < ActionDispatch::IntegrationTest
 
     assert_equal register_email.to.first, new_email
     # Check that the confirm account url is correct
 
     assert_equal register_email.to.first, new_email
     # Check that the confirm account url is correct
-    confirm_regex = Regexp.new("/user/redirect_tester_google/confirm\\?confirm_string=([a-zA-Z0-9]*)")
+    confirm_regex = Regexp.new("confirm_string=([a-zA-Z0-9%_-]*)")
     email_text_parts(register_email).each do |part|
       assert_match confirm_regex, part.body.to_s
     end
     email_text_parts(register_email).each do |part|
       assert_match confirm_regex, part.body.to_s
     end
-    confirm_string = email_text_parts(register_email).first.body.match(confirm_regex)[1]
+    confirm_string = CGI.unescape(email_text_parts(register_email).first.body.match(confirm_regex)[1])
 
     # Check the page
     assert_response :success
 
     # Check the page
     assert_response :success
@@ -520,11 +529,11 @@ class UserCreationTest < ActionDispatch::IntegrationTest
     ActionMailer::Base.deliveries.clear
 
     # Go to the confirmation page
     ActionMailer::Base.deliveries.clear
 
     # Go to the confirmation page
-    get "/user/#{display_name}/confirm", :params => { :confirm_string => confirm_string }
+    get "/user/#{display_name}/confirm", :params => { :referer => "/welcome", :confirm_string => confirm_string }
     assert_response :success
     assert_template "confirmations/confirm"
 
     assert_response :success
     assert_template "confirmations/confirm"
 
-    post "/user/#{display_name}/confirm", :params => { :confirm_string => confirm_string }
+    post "/user/#{display_name}/confirm", :params => { :referer => "/welcome", :confirm_string => confirm_string }
     assert_response :redirect
     follow_redirect!
     assert_response :success
     assert_response :redirect
     follow_redirect!
     assert_response :success
@@ -532,13 +541,14 @@ class UserCreationTest < ActionDispatch::IntegrationTest
   end
 
   def test_user_create_facebook_success
   end
 
   def test_user_create_facebook_success
-    OmniAuth.config.add_mock(:facebook, :uid => "123454321")
-
     new_email = "newtester-facebook@osm.org"
     display_name = "new_tester-facebook"
     password = "testtest"
     new_email = "newtester-facebook@osm.org"
     display_name = "new_tester-facebook"
     password = "testtest"
+
+    OmniAuth.config.add_mock(:facebook, :uid => "123454321", :info => { "email" => new_email })
+
     assert_difference("User.count") do
     assert_difference("User.count") do
-      assert_difference("ActionMailer::Base.deliveries.size", 1) do
+      assert_no_difference("ActionMailer::Base.deliveries.size") do
         perform_enqueued_jobs do
           post "/user/new",
                :params => { :user => { :email => new_email,
         perform_enqueued_jobs do
           post "/user/new",
                :params => { :user => { :email => new_email,
@@ -565,6 +575,7 @@ class UserCreationTest < ActionDispatch::IntegrationTest
                                        :pass_crypt_confirmation => password },
                             :read_ct => 1, :read_tou => 1 }
           assert_response :redirect
                                        :pass_crypt_confirmation => password },
                             :read_ct => 1, :read_tou => 1 }
           assert_response :redirect
+          assert_redirected_to welcome_path
           follow_redirect!
         end
       end
           follow_redirect!
         end
       end
@@ -572,7 +583,7 @@ class UserCreationTest < ActionDispatch::IntegrationTest
 
     # Check the page
     assert_response :success
 
     # Check the page
     assert_response :success
-    assert_template "confirmations/confirm"
+    assert_template "site/welcome"
 
     ActionMailer::Base.deliveries.clear
   end
 
     ActionMailer::Base.deliveries.clear
   end
@@ -657,11 +668,11 @@ class UserCreationTest < ActionDispatch::IntegrationTest
 
     assert_equal register_email.to.first, new_email
     # Check that the confirm account url is correct
 
     assert_equal register_email.to.first, new_email
     # Check that the confirm account url is correct
-    confirm_regex = Regexp.new("/user/redirect_tester_facebook/confirm\\?confirm_string=([a-zA-Z0-9]*)")
+    confirm_regex = Regexp.new("confirm_string=([a-zA-Z0-9%_-]*)")
     email_text_parts(register_email).each do |part|
       assert_match confirm_regex, part.body.to_s
     end
     email_text_parts(register_email).each do |part|
       assert_match confirm_regex, part.body.to_s
     end
-    confirm_string = email_text_parts(register_email).first.body.match(confirm_regex)[1]
+    confirm_string = CGI.unescape(email_text_parts(register_email).first.body.match(confirm_regex)[1])
 
     # Check the page
     assert_response :success
 
     # Check the page
     assert_response :success
@@ -670,38 +681,39 @@ class UserCreationTest < ActionDispatch::IntegrationTest
     ActionMailer::Base.deliveries.clear
 
     # Go to the confirmation page
     ActionMailer::Base.deliveries.clear
 
     # Go to the confirmation page
-    get "/user/#{display_name}/confirm", :params => { :confirm_string => confirm_string }
+    get "/user/#{display_name}/confirm", :params => { :referer => "/welcome", :confirm_string => confirm_string }
     assert_response :success
     assert_template "confirmations/confirm"
 
     assert_response :success
     assert_template "confirmations/confirm"
 
-    post "/user/#{display_name}/confirm", :params => { :confirm_string => confirm_string }
+    post "/user/#{display_name}/confirm", :params => { :referer => "/welcome", :confirm_string => confirm_string }
     assert_response :redirect
     follow_redirect!
     assert_response :success
     assert_template "site/welcome"
   end
 
     assert_response :redirect
     follow_redirect!
     assert_response :success
     assert_template "site/welcome"
   end
 
-  def test_user_create_windowslive_success
-    OmniAuth.config.add_mock(:windowslive, :uid => "123454321")
-
-    new_email = "newtester-windowslive@osm.org"
-    display_name = "new_tester-windowslive"
+  def test_user_create_microsoft_success
+    new_email = "newtester-microsoft@osm.org"
+    display_name = "new_tester-microsoft"
     password = "testtest"
     password = "testtest"
+
+    OmniAuth.config.add_mock(:microsoft, :uid => "123454321", :info => { "email" => new_email })
+
     assert_difference("User.count") do
     assert_difference("User.count") do
-      assert_difference("ActionMailer::Base.deliveries.size", 1) do
+      assert_difference("ActionMailer::Base.deliveries.size", 0) do
         perform_enqueued_jobs do
           post "/user/new",
                :params => { :user => { :email => new_email,
                                        :email_confirmation => new_email,
                                        :display_name => display_name,
         perform_enqueued_jobs do
           post "/user/new",
                :params => { :user => { :email => new_email,
                                        :email_confirmation => new_email,
                                        :display_name => display_name,
-                                       :auth_provider => "windowslive",
+                                       :auth_provider => "microsoft",
                                        :pass_crypt => "",
                                        :pass_crypt_confirmation => "" } }
           assert_response :redirect
                                        :pass_crypt => "",
                                        :pass_crypt_confirmation => "" } }
           assert_response :redirect
-          assert_redirected_to auth_path(:provider => "windowslive", :origin => "/user/new")
+          assert_redirected_to auth_path(:provider => "microsoft", :origin => "/user/new")
           post response.location
           assert_response :redirect
           post response.location
           assert_response :redirect
-          assert_redirected_to auth_success_path(:provider => "windowslive")
+          assert_redirected_to auth_success_path(:provider => "microsoft")
           follow_redirect!
           assert_response :redirect
           assert_redirected_to "/user/terms"
           follow_redirect!
           assert_response :redirect
           assert_redirected_to "/user/terms"
@@ -709,12 +721,13 @@ class UserCreationTest < ActionDispatch::IntegrationTest
                :params => { :user => { :email => new_email,
                                        :email_confirmation => new_email,
                                        :display_name => display_name,
                :params => { :user => { :email => new_email,
                                        :email_confirmation => new_email,
                                        :display_name => display_name,
-                                       :auth_provider => "windowslive",
+                                       :auth_provider => "microsoft",
                                        :auth_uid => "123454321",
                                        :pass_crypt => password,
                                        :pass_crypt_confirmation => password },
                             :read_ct => 1, :read_tou => 1 }
           assert_response :redirect
                                        :auth_uid => "123454321",
                                        :pass_crypt => password,
                                        :pass_crypt_confirmation => password },
                             :read_ct => 1, :read_tou => 1 }
           assert_response :redirect
+          assert_redirected_to welcome_path
           follow_redirect!
         end
       end
           follow_redirect!
         end
       end
@@ -722,16 +735,16 @@ class UserCreationTest < ActionDispatch::IntegrationTest
 
     # Check the page
     assert_response :success
 
     # Check the page
     assert_response :success
-    assert_template "confirmations/confirm"
+    assert_template "site/welcome"
 
     ActionMailer::Base.deliveries.clear
   end
 
 
     ActionMailer::Base.deliveries.clear
   end
 
-  def test_user_create_windowslive_failure
-    OmniAuth.config.mock_auth[:windowslive] = :connection_failed
+  def test_user_create_microsoft_failure
+    OmniAuth.config.mock_auth[:microsoft] = :connection_failed
 
 
-    new_email = "newtester-windowslive2@osm.org"
-    display_name = "new_tester-windowslive2"
+    new_email = "newtester-microsoft2@osm.org"
+    display_name = "new_tester-microsoft2"
     assert_difference("User.count", 0) do
       assert_difference("ActionMailer::Base.deliveries.size", 0) do
         perform_enqueued_jobs do
     assert_difference("User.count", 0) do
       assert_difference("ActionMailer::Base.deliveries.size", 0) do
         perform_enqueued_jobs do
@@ -739,17 +752,17 @@ class UserCreationTest < ActionDispatch::IntegrationTest
                :params => { :user => { :email => new_email,
                                        :email_confirmation => new_email,
                                        :display_name => display_name,
                :params => { :user => { :email => new_email,
                                        :email_confirmation => new_email,
                                        :display_name => display_name,
-                                       :auth_provider => "windowslive",
+                                       :auth_provider => "microsoft",
                                        :pass_crypt => "",
                                        :pass_crypt_confirmation => "" } }
           assert_response :redirect
                                        :pass_crypt => "",
                                        :pass_crypt_confirmation => "" } }
           assert_response :redirect
-          assert_redirected_to auth_path(:provider => "windowslive", :origin => "/user/new")
+          assert_redirected_to auth_path(:provider => "microsoft", :origin => "/user/new")
           post response.location
           assert_response :redirect
           post response.location
           assert_response :redirect
-          assert_redirected_to auth_success_path(:provider => "windowslive")
+          assert_redirected_to auth_success_path(:provider => "microsoft")
           follow_redirect!
           assert_response :redirect
           follow_redirect!
           assert_response :redirect
-          assert_redirected_to auth_failure_path(:strategy => "windowslive", :message => "connection_failed", :origin => "/user/new")
+          assert_redirected_to auth_failure_path(:strategy => "microsoft", :message => "connection_failed", :origin => "/user/new")
           follow_redirect!
           assert_response :redirect
           follow_redirect!
           follow_redirect!
           assert_response :redirect
           follow_redirect!
@@ -762,11 +775,11 @@ class UserCreationTest < ActionDispatch::IntegrationTest
     ActionMailer::Base.deliveries.clear
   end
 
     ActionMailer::Base.deliveries.clear
   end
 
-  def test_user_create_windowslive_redirect
-    OmniAuth.config.add_mock(:windowslive, :uid => "123454321")
+  def test_user_create_microsoft_redirect
+    OmniAuth.config.add_mock(:microsoft, :uid => "123454321")
 
 
-    new_email = "redirect_tester_windowslive@osm.org"
-    display_name = "redirect_tester_windowslive"
+    new_email = "redirect_tester_microsoft@osm.org"
+    display_name = "redirect_tester_microsoft"
     # nothing special about this page, just need a protected page to redirect back to.
     referer = "/traces/mine"
     assert_difference("User.count") do
     # nothing special about this page, just need a protected page to redirect back to.
     referer = "/traces/mine"
     assert_difference("User.count") do
@@ -776,15 +789,15 @@ class UserCreationTest < ActionDispatch::IntegrationTest
                :params => { :user => { :email => new_email,
                                        :email_confirmation => new_email,
                                        :display_name => display_name,
                :params => { :user => { :email => new_email,
                                        :email_confirmation => new_email,
                                        :display_name => display_name,
-                                       :auth_provider => "windowslive",
+                                       :auth_provider => "microsoft",
                                        :pass_crypt => "",
                                        :pass_crypt_confirmation => "" },
                             :referer => referer }
           assert_response :redirect
                                        :pass_crypt => "",
                                        :pass_crypt_confirmation => "" },
                             :referer => referer }
           assert_response :redirect
-          assert_redirected_to auth_path(:provider => "windowslive", :origin => "/user/new")
+          assert_redirected_to auth_path(:provider => "microsoft", :origin => "/user/new")
           post response.location
           assert_response :redirect
           post response.location
           assert_response :redirect
-          assert_redirected_to auth_success_path(:provider => "windowslive")
+          assert_redirected_to auth_success_path(:provider => "microsoft")
           follow_redirect!
           assert_response :redirect
           assert_redirected_to "/user/terms"
           follow_redirect!
           assert_response :redirect
           assert_redirected_to "/user/terms"
@@ -792,7 +805,7 @@ class UserCreationTest < ActionDispatch::IntegrationTest
                :params => { :user => { :email => new_email,
                                        :email_confirmation => new_email,
                                        :display_name => display_name,
                :params => { :user => { :email => new_email,
                                        :email_confirmation => new_email,
                                        :display_name => display_name,
-                                       :auth_provider => "windowslive",
+                                       :auth_provider => "microsoft",
                                        :auth_uid => "http://localhost:1123/new.tester",
                                        :pass_crypt => "testtest",
                                        :pass_crypt_confirmation => "testtest" },
                                        :auth_uid => "http://localhost:1123/new.tester",
                                        :pass_crypt => "testtest",
                                        :pass_crypt_confirmation => "testtest" },
@@ -807,11 +820,11 @@ class UserCreationTest < ActionDispatch::IntegrationTest
 
     assert_equal register_email.to.first, new_email
     # Check that the confirm account url is correct
 
     assert_equal register_email.to.first, new_email
     # Check that the confirm account url is correct
-    confirm_regex = Regexp.new("/user/redirect_tester_windowslive/confirm\\?confirm_string=([a-zA-Z0-9]*)")
+    confirm_regex = Regexp.new("confirm_string=([a-zA-Z0-9%_-]*)")
     email_text_parts(register_email).each do |part|
       assert_match confirm_regex, part.body.to_s
     end
     email_text_parts(register_email).each do |part|
       assert_match confirm_regex, part.body.to_s
     end
-    confirm_string = email_text_parts(register_email).first.body.match(confirm_regex)[1]
+    confirm_string = CGI.unescape(email_text_parts(register_email).first.body.match(confirm_regex)[1])
 
     # Check the page
     assert_response :success
 
     # Check the page
     assert_response :success
@@ -820,11 +833,11 @@ class UserCreationTest < ActionDispatch::IntegrationTest
     ActionMailer::Base.deliveries.clear
 
     # Go to the confirmation page
     ActionMailer::Base.deliveries.clear
 
     # Go to the confirmation page
-    get "/user/#{display_name}/confirm", :params => { :confirm_string => confirm_string }
+    get "/user/#{display_name}/confirm", :params => { :referer => "/welcome", :confirm_string => confirm_string }
     assert_response :success
     assert_template "confirmations/confirm"
 
     assert_response :success
     assert_template "confirmations/confirm"
 
-    post "/user/#{display_name}/confirm", :params => { :confirm_string => confirm_string }
+    post "/user/#{display_name}/confirm", :params => { :referer => "/welcome", :confirm_string => confirm_string }
     assert_response :redirect
     follow_redirect!
     assert_response :success
     assert_response :redirect
     follow_redirect!
     assert_response :success
@@ -832,13 +845,14 @@ class UserCreationTest < ActionDispatch::IntegrationTest
   end
 
   def test_user_create_github_success
   end
 
   def test_user_create_github_success
-    OmniAuth.config.add_mock(:github, :uid => "123454321")
-
     new_email = "newtester-github@osm.org"
     display_name = "new_tester-github"
     password = "testtest"
     new_email = "newtester-github@osm.org"
     display_name = "new_tester-github"
     password = "testtest"
+
+    OmniAuth.config.add_mock(:github, :uid => "123454321", :info => { "email" => new_email })
+
     assert_difference("User.count") do
     assert_difference("User.count") do
-      assert_difference("ActionMailer::Base.deliveries.size", 1) do
+      assert_no_difference("ActionMailer::Base.deliveries.size") do
         perform_enqueued_jobs do
           post "/user/new",
                :params => { :user => { :email => new_email,
         perform_enqueued_jobs do
           post "/user/new",
                :params => { :user => { :email => new_email,
@@ -866,6 +880,7 @@ class UserCreationTest < ActionDispatch::IntegrationTest
                             :read_ct => 1,
                             :read_tou => 1 }
           assert_response :redirect
                             :read_ct => 1,
                             :read_tou => 1 }
           assert_response :redirect
+          assert_redirected_to welcome_path
           follow_redirect!
         end
       end
           follow_redirect!
         end
       end
@@ -873,7 +888,7 @@ class UserCreationTest < ActionDispatch::IntegrationTest
 
     # Check the page
     assert_response :success
 
     # Check the page
     assert_response :success
-    assert_template "confirmations/confirm"
+    assert_template "site/welcome"
 
     ActionMailer::Base.deliveries.clear
   end
 
     ActionMailer::Base.deliveries.clear
   end
@@ -959,11 +974,11 @@ class UserCreationTest < ActionDispatch::IntegrationTest
 
     assert_equal register_email.to.first, new_email
     # Check that the confirm account url is correct
 
     assert_equal register_email.to.first, new_email
     # Check that the confirm account url is correct
-    confirm_regex = Regexp.new("/user/redirect_tester_github/confirm\\?confirm_string=([a-zA-Z0-9]*)")
+    confirm_regex = Regexp.new("confirm_string=([a-zA-Z0-9%_-]*)")
     email_text_parts(register_email).each do |part|
       assert_match confirm_regex, part.body.to_s
     end
     email_text_parts(register_email).each do |part|
       assert_match confirm_regex, part.body.to_s
     end
-    confirm_string = email_text_parts(register_email).first.body.match(confirm_regex)[1]
+    confirm_string = CGI.unescape(email_text_parts(register_email).first.body.match(confirm_regex)[1])
 
     # Check the page
     assert_response :success
 
     # Check the page
     assert_response :success
@@ -972,11 +987,11 @@ class UserCreationTest < ActionDispatch::IntegrationTest
     ActionMailer::Base.deliveries.clear
 
     # Go to the confirmation page
     ActionMailer::Base.deliveries.clear
 
     # Go to the confirmation page
-    get "/user/#{display_name}/confirm", :params => { :confirm_string => confirm_string }
+    get "/user/#{display_name}/confirm", :params => { :referer => "/welcome", :confirm_string => confirm_string }
     assert_response :success
     assert_template "confirmations/confirm"
 
     assert_response :success
     assert_template "confirmations/confirm"
 
-    post "/user/#{display_name}/confirm", :params => { :confirm_string => confirm_string }
+    post "/user/#{display_name}/confirm", :params => { :referer => "/welcome", :confirm_string => confirm_string }
     assert_response :redirect
     follow_redirect!
     assert_response :success
     assert_response :redirect
     follow_redirect!
     assert_response :success
@@ -984,13 +999,14 @@ class UserCreationTest < ActionDispatch::IntegrationTest
   end
 
   def test_user_create_wikipedia_success
   end
 
   def test_user_create_wikipedia_success
-    OmniAuth.config.add_mock(:wikipedia, :uid => "123454321")
-
     new_email = "newtester-wikipedia@osm.org"
     display_name = "new_tester-wikipedia"
     password = "testtest"
     new_email = "newtester-wikipedia@osm.org"
     display_name = "new_tester-wikipedia"
     password = "testtest"
+
+    OmniAuth.config.add_mock(:wikipedia, :uid => "123454321", :info => { "email" => new_email })
+
     assert_difference("User.count") do
     assert_difference("User.count") do
-      assert_difference("ActionMailer::Base.deliveries.size", 1) do
+      assert_no_difference("ActionMailer::Base.deliveries.size") do
         perform_enqueued_jobs do
           post "/user/new",
                :params => { :user => { :email => new_email,
         perform_enqueued_jobs do
           post "/user/new",
                :params => { :user => { :email => new_email,
@@ -1018,6 +1034,7 @@ class UserCreationTest < ActionDispatch::IntegrationTest
                             :read_ct => 1,
                             :read_tou => 1 }
           assert_response :redirect
                             :read_ct => 1,
                             :read_tou => 1 }
           assert_response :redirect
+          assert_redirected_to welcome_path
           follow_redirect!
         end
       end
           follow_redirect!
         end
       end
@@ -1025,7 +1042,7 @@ class UserCreationTest < ActionDispatch::IntegrationTest
 
     # Check the page
     assert_response :success
 
     # Check the page
     assert_response :success
-    assert_template "confirmations/confirm"
+    assert_template "site/welcome"
 
     ActionMailer::Base.deliveries.clear
   end
 
     ActionMailer::Base.deliveries.clear
   end
@@ -1111,11 +1128,11 @@ class UserCreationTest < ActionDispatch::IntegrationTest
 
     assert_equal register_email.to.first, new_email
     # Check that the confirm account url is correct
 
     assert_equal register_email.to.first, new_email
     # Check that the confirm account url is correct
-    confirm_regex = Regexp.new("/user/redirect_tester_wikipedia/confirm\\?confirm_string=([a-zA-Z0-9]*)")
+    confirm_regex = Regexp.new("confirm_string=([a-zA-Z0-9%_-]*)")
     email_text_parts(register_email).each do |part|
       assert_match confirm_regex, part.body.to_s
     end
     email_text_parts(register_email).each do |part|
       assert_match confirm_regex, part.body.to_s
     end
-    confirm_string = email_text_parts(register_email).first.body.match(confirm_regex)[1]
+    confirm_string = CGI.unescape(email_text_parts(register_email).first.body.match(confirm_regex)[1])
 
     # Check the page
     assert_response :success
 
     # Check the page
     assert_response :success
@@ -1124,11 +1141,11 @@ class UserCreationTest < ActionDispatch::IntegrationTest
     ActionMailer::Base.deliveries.clear
 
     # Go to the confirmation page
     ActionMailer::Base.deliveries.clear
 
     # Go to the confirmation page
-    get "/user/#{display_name}/confirm", :params => { :confirm_string => confirm_string }
+    get "/user/#{display_name}/confirm", :params => { :referer => "/welcome", :confirm_string => confirm_string }
     assert_response :success
     assert_template "confirmations/confirm"
 
     assert_response :success
     assert_template "confirmations/confirm"
 
-    post "/user/#{display_name}/confirm", :params => { :confirm_string => confirm_string }
+    post "/user/#{display_name}/confirm", :params => { :referer => "/welcome", :confirm_string => confirm_string }
     assert_response :redirect
     follow_redirect!
     assert_response :success
     assert_response :redirect
     follow_redirect!
     assert_response :success