def test_get_user(self):
"""
Check if user returned by BrowserIDBackend.get_user is correct.
"""
user = new_user('*****@*****.**')
backend = BrowserIDBackend()
self.assertEqual(backend.get_user(user.pk), user)
def browserid_authenticate(request, assertion):
"""
Verify a BrowserID login attempt. If the BrowserID assertion is
good, but no account exists on AMO, create one.
Request is only needed for logging. :(
"""
backend = BrowserIDBackend()
result = backend.verify(assertion, settings.SITE_URL)
if not result:
return (None, None)
email = result['email']
users = UserProfile.objects.filter(email=email)
if len(users) == 1:
users[0].user.backend = 'django_browserid.auth.BrowserIDBackend'
return (users[0], None)
username = autocreate_username(email.partition('@')[0])
if (settings.REGISTER_USER_LIMIT and
UserProfile.objects.count() > settings.REGISTER_USER_LIMIT
and not can_override_reg_limit(request)):
_m = ('Sorry, no more registrations are allowed. '
'<a href="https://developer.mozilla.org/en-US/apps">'
'Learn more</a>')
return (None, _m)
profile = UserProfile.objects.create(username=username, email=email)
profile.create_django_user()
profile.user.backend = 'django_browserid.auth.BrowserIDBackend'
profile.user.save()
profile.save()
log_cef('New Account', 5, request, username=username,
signature='AUTHNOTICE',
msg='User created a new account (from BrowserID)')
return (profile, None)
def test_get_user(self):
# If a user is retrieved by the BrowserIDBackend, it should have
# 'django_browserid.auth.BrowserIDBackend' for the backend attribute.
user = new_user('*****@*****.**')
backend = BrowserIDBackend()
self.assertEqual(
backend.get_user(user.id).backend,
'django_browserid.auth.BrowserIDBackend')
def test_verify_called_with_extra_kwargs(self):
backend = BrowserIDBackend()
verifier = MockVerifier('*****@*****.**')
verifier.verify = Mock(wraps=verifier.verify)
backend.get_verifier = lambda: verifier
backend.authenticate(assertion='asdf', audience='http://testserver', foo='bar')
verifier.verify.assert_called_with('asdf', 'http://testserver', foo='bar')
def auth(self, verified_email=None):
"""
Attempt to authenticate a user with BrowserIDBackend.
If verified_email is None, verification will fail, otherwise it will
pass and return the specified email.
"""
with mock_browserid(verified_email):
backend = BrowserIDBackend()
return backend.authenticate(assertion='asdf', audience='asdf')
def test_authenticate_verify_exception(self):
"""
If the verifier raises an exception, log it as a warning and
return None.
"""
backend = BrowserIDBackend()
verifier = Mock()
exception = Exception()
backend.get_verifier = lambda: verifier
verifier.verify.side_effect = exception
with patch('django_browserid.auth.logger') as logger:
self.assertEqual(backend.authenticate('asdf', 'asdf'), None)
logger.warn.assert_called_with(exception)
def test_create_user_integrity_error(self, logger):
# If an IntegrityError is raised during user creation, attempt to re-fetch the user in case
# the user was created since we checked for the existing account.
backend = BrowserIDBackend()
backend.User = Mock()
error = IntegrityError()
backend.User.objects.create_user.side_effect = error
backend.User.objects.get.return_value = 'asdf'
self.assertEqual(backend.create_user('*****@*****.**'), 'asdf')
# If get raises a DoesNotExist exception, re-raise the original exception.
backend.User.DoesNotExist = Exception
backend.User.objects.get.side_effect = backend.User.DoesNotExist
with self.assertRaises(IntegrityError) as e:
backend.create_user('*****@*****.**')
self.assertEqual(e.exception, error)
def browserid_verify(request):
next = request.REQUEST.get('next')
redirect_to = next or getattr(settings, 'LOGIN_REDIRECT_URL', '/')
redirect_to_failure = getattr(settings, 'LOGIN_REDIRECT_URL_FAILURE', '/')
form = BrowserIDForm(data=request.POST)
if form.is_valid():
verifier = BrowserIDBackend().get_verifier()
result = verifier.verify(form.cleaned_data['assertion'],
get_audience(request))
if result:
if (request.user.is_authenticated()
and request.user.email != result.email):
# User is already signed and wants to change their email.
request.user.email = result.email
request.user.save()
return redirect(reverse('users.edit_profile'))
else:
# Verified so log in
email = result.email
user = User.objects.filter(email=email)
contributor = 'contributor' in request.POST
if len(user) == 0:
# Add the email to the session and redirect to signup
request.session['browserid-email'] = email
signup_url = reverse('users.browserid_signup')
return redirect('%s?%s' %
(signup_url, urlencode({'next': next})))
else:
user = user[0]
user.backend = 'django_browserid.auth.BrowserIDBackend'
if contributor:
add_to_contributors(request, user)
auth.login(request, user)
return redirect(redirect_to)
return redirect(redirect_to_failure)
def test_auth_copes_with_false(verify):
# Test that authenticate copes with False.
verify.return_value = False
assert BrowserIDBackend().authenticate(**authenticate_kwargs) is None
def _auth(self, backend=None, verified_email=None):
if backend is None:
backend = BrowserIDBackend()
with mock_browserid(verified_email):
return backend.authenticate(assertion='asdf', audience='asdf')
def test_authenticated_user(self):
user = auth.models.User.objects.create_user('asdf', '*****@*****.**')
response = self.info(user, BrowserIDBackend())
response_data = json.loads(smart_text(response.content))
eq_(response_data['userEmail'], '*****@*****.**')
def setUp(self):
self.backend = BrowserIDBackend()
self.verifier = Mock()
self.backend.get_verifier = lambda: self.verifier
