def test_saml_auth_with_error( self, url_name, current_backend, current_provider, enterprise_customer_mock, ): params = [] request = RequestFactory().get(reverse(url_name), params, HTTP_ACCEPT='text/html') SessionMiddleware().process_request(request) request.user = AnonymousUser() self.enable_saml() dummy_idp = 'testshib' self._configure_testshib_provider(current_provider, dummy_idp) enterprise_customer_data = { 'uuid': '72416e52-8c77-4860-9584-15e5b06220fb', 'name': 'Dummy Enterprise', 'identity_provider': dummy_idp, } enterprise_customer_mock.return_value = enterprise_customer_data dummy_error_message = 'Authentication failed: SAML login failed ' \ '["invalid_response"] [SAML Response must contain 1 assertion]' # Add error message for error in auth pipeline MessageMiddleware().process_request(request) messages.error(request, dummy_error_message, extra_tags='social-auth') # Simulate a running pipeline pipeline_response = { 'response': { 'idp_name': dummy_idp } } pipeline_target = 'openedx.core.djangoapps.user_authn.views.login_form.third_party_auth.pipeline' with simulate_running_pipeline(pipeline_target, current_backend, **pipeline_response): with mock.patch('common.djangoapps.edxmako.request_context.get_current_request', return_value=request): response = login_and_registration_form(request) expected_error_message = Text(_( 'We are sorry, you are not authorized to access {platform_name} via this channel. ' 'Please contact your learning administrator or manager in order to access {platform_name}.' '{line_break}{line_break}' 'Error Details:{line_break}{error_message}') ).format( platform_name=settings.PLATFORM_NAME, error_message=dummy_error_message, line_break=HTML('<br/>') ) self._assert_saml_auth_data_with_error( response, current_backend, current_provider, expected_error_message )
def test_running_pipeline(self, current_backend, current_provider, add_user_details): """ Test that when third party pipeline is running, the api returns details of current provider """ email = '*****@*****.**' if add_user_details else None params = { 'next': self.query_params['next'] } # Simulate a running pipeline pipeline_target = 'openedx.core.djangoapps.user_authn.views.login_form.third_party_auth.pipeline' with simulate_running_pipeline(pipeline_target, current_backend, email=email): response = self.client.get(self.url, self.query_params) assert response.status_code == 200 assert response.data == self.get_context(params, current_provider, current_backend, add_user_details)
def test_get_idp_logout_url_from_running_pipeline(self, idp_type, backend_name): """ Test idp logout url setting for running pipeline """ self.enable_saml() idp_slug = "test" idp_config = {"logout_url": "http://example.com/logout"} getattr(self, f'configure_{idp_type}_provider')( enabled=True, name="Test Provider", slug=idp_slug, backend_name=backend_name, other_settings=json.dumps(idp_config)) request = mock.MagicMock() kwargs = {"response": {"idp_name": idp_slug}} with simulate_running_pipeline( "common.djangoapps.third_party_auth.pipeline", backend_name, **kwargs): logout_url = pipeline.get_idp_logout_url_from_running_pipeline( request) assert idp_config['logout_url'] == logout_url
def test_third_party_auth( self, url_name, current_backend, current_provider, expected_enterprise_customer_mock_attrs, add_user_details, enterprise_customer_mock, ): params = [ ('course_id', 'course-v1:Org+Course+Run'), ('enrollment_action', 'enroll'), ('course_mode', CourseMode.DEFAULT_MODE_SLUG), ('email_opt_in', 'true'), ('next', '/custom/final/destination'), ] if expected_enterprise_customer_mock_attrs: expected_ec = { 'name': expected_enterprise_customer_mock_attrs['name'], 'branding_configuration': { 'logo': 'https://host.com/logo.jpg', 'welcome_message': expected_enterprise_customer_mock_attrs['welcome_msg'] } } else: expected_ec = None email = None if add_user_details: email = '*****@*****.**' enterprise_customer_mock.return_value = expected_ec # Simulate a running pipeline if current_backend is not None: pipeline_target = "openedx.core.djangoapps.user_authn.views.login_form.third_party_auth.pipeline" with simulate_running_pipeline(pipeline_target, current_backend, email=email): response = self.client.get(reverse(url_name), params, HTTP_ACCEPT="text/html") # Do NOT simulate a running pipeline else: response = self.client.get(reverse(url_name), params, HTTP_ACCEPT="text/html") # This relies on the THIRD_PARTY_AUTH configuration in the test settings expected_providers = [ { "id": "oa2-dummy", "name": "Dummy", "iconClass": None, "iconImage": settings.MEDIA_URL + "icon.svg", "loginUrl": self._third_party_login_url("dummy", "login", params), "registerUrl": self._third_party_login_url("dummy", "register", params) }, { "id": "oa2-facebook", "name": "Facebook", "iconClass": "fa-facebook", "iconImage": None, "loginUrl": self._third_party_login_url("facebook", "login", params), "registerUrl": self._third_party_login_url("facebook", "register", params) }, { "id": "oa2-google-oauth2", "name": "Google", "iconClass": "fa-google-plus", "iconImage": None, "loginUrl": self._third_party_login_url("google-oauth2", "login", params), "registerUrl": self._third_party_login_url("google-oauth2", "register", params) }, ] self._assert_third_party_auth_data(response, current_backend, current_provider, expected_providers, expected_ec, add_user_details)