def generate_external_user_with_resp(service_url, user=True, release=True):
"""
Generate mock user, external credential and cas response for tests.
:param service_url: the service url
:param user: set to `False` if user does not exists
:param release: set to `False` if attributes are not released due to privacy settings
:return: existing user object or new user, valid external credential, valid cas response
"""
cas_resp = make_external_response(release=release)
validated_credentials = cas.validate_external_credential(cas_resp.user)
if user:
user = UserFactory.build()
user.external_identity = {
validated_credentials['provider']: {
validated_credentials['id']: 'VERIFIED'
}
}
user.save()
return user, validated_credentials, cas_resp
else:
user = {
'external_id_provider': validated_credentials['provider'],
'external_id': validated_credentials['id'],
'fullname': '',
'access_token': cas_resp.attributes['accessToken'],
'service_url': service_url,
}
return user, validated_credentials, cas_resp
def generate_external_user_with_resp(service_url, user=True, release=True):
"""
Generate mock user, external credential and cas response for tests.
:param service_url: the service url
:param user: set to `False` if user does not exists
:param release: set to `False` if attributes are not released due to privacy settings
:return: existing user object or new user, valid external credential, valid cas response
"""
cas_resp = make_external_response(release=release)
validated_credentials = cas.validate_external_credential(cas_resp.user)
if user:
user = UserFactory.build()
user.external_identity = {
validated_credentials['provider']: {
validated_credentials['id']: 'VERIFIED'
}
}
user.save()
return user, validated_credentials, cas_resp
else:
user = {
'external_id_provider': validated_credentials['provider'],
'external_id': validated_credentials['id'],
'fullname': validated_credentials['id'],
'access_token': cas_resp.attributes['accessToken'],
'service_url': service_url,
}
return user, validated_credentials, cas_resp
def test_get_user_from_cas_resp_already_authorized(self):
mock_response = make_external_response()
validated_creds = cas.validate_external_credential(mock_response.user)
self.user.external_identity = {validated_creds["provider"]: {validated_creds["id"]: "VERIFIED"}}
self.user.save()
user, _, action = cas.get_user_from_cas_resp(mock_response)
assert_equal(user._id, self.user._id)
assert_equal(action, "authenticate")
def test_get_user_by_external_info(self):
user = UserFactory.build()
validated_creds = cas.validate_external_credential(make_external_response().user)
user.external_identity = {
validated_creds['provider']: {
validated_creds['id']: 'VERIFIED'
}
}
user.save()
assert_equal(auth.get_user(external_id_provider=validated_creds['provider'], external_id=validated_creds['id']), user)
def test_make_response_from_ticket_invalidates_verification_key(self, mock_service_validate):
self.user.verification_key = fake.md5()
self.user.save()
mock_response = make_external_response()
validated_creds = cas.validate_external_credential(mock_response.user)
self.user.external_identity = {validated_creds["provider"]: {validated_creds["id"]: "VERIFIED"}}
self.user.save()
mock_service_validate.return_value = mock_response
ticket = fake.md5()
service_url = "http://accounts.osf.io/?ticket=" + ticket
resp = cas.make_response_from_ticket(ticket, service_url)
def test_get_user_from_cas_resp_already_authorized(self):
mock_response = make_external_response()
validated_creds = cas.validate_external_credential(mock_response.user)
self.user.external_identity = {
validated_creds['provider']: {
validated_creds['id']: 'VERIFIED'
}
}
self.user.save()
user, _, action = cas.get_user_from_cas_resp(mock_response)
assert_equal(user._id, self.user._id)
assert_equal(action, 'authenticate')
def test_make_response_from_ticket_no_user(self, mock_service_validate, mock_get_user_from_cas_resp):
mock_response = make_external_response()
mock_service_validate.return_value = mock_response
validated_creds = cas.validate_external_credential(mock_response.user)
mock_get_user_from_cas_resp.return_value = (None, validated_creds, 'external_first_login')
ticket = fake.md5()
service_url = 'http://localhost:5000/'
resp = cas.make_response_from_ticket(ticket, service_url)
assert_equal(mock_service_validate.call_count, 1)
assert_true(mock_get_user_from_cas_resp.call_count, 1)
assert_equal(resp.status_code, 302)
assert_equal(resp.location, '/external-login/email')
def test_make_response_from_ticket_no_user(self, mock_service_validate, mock_get_user_from_cas_resp):
mock_response = make_external_response()
mock_service_validate.return_value = mock_response
validated_creds = cas.validate_external_credential(mock_response.user)
mock_get_user_from_cas_resp.return_value = (None, validated_creds, 'external_first_login')
ticket = fake.md5()
service_url = 'http://localhost:5000/'
resp = cas.make_response_from_ticket(ticket, service_url)
assert_equal(mock_service_validate.call_count, 1)
assert_true(mock_get_user_from_cas_resp.call_count, 1)
assert_equal(resp.status_code, 302)
assert_equal(resp.location, '/external-login/email')
def test_get_user_from_cas_resp_already_authorized(self):
mock_response = make_external_response()
validated_creds = cas.validate_external_credential(mock_response.user)
self.user.external_identity = {
validated_creds['provider']: {
validated_creds['id']: 'VERIFIED'
}
}
self.user.save()
user, external_credential, action = cas.get_user_from_cas_resp(mock_response)
assert_equal(user._id, self.user._id)
assert_equal(external_credential, validated_creds)
assert_equal(action, 'authenticate')
def test_make_response_from_ticket_with_user(self, mock_service_validate):
mock_response = make_external_response()
mock_service_validate.return_value = mock_response
validated_creds = cas.validate_external_credential(mock_response.user)
self.user.external_identity = {validated_creds["provider"]: {validated_creds["id"]: "VERIFIED"}}
self.user.save()
ticket = fake.md5()
service_url = "http://accounts.osf.io/?ticket=" + ticket
resp = cas.make_response_from_ticket(ticket, service_url)
assert_equal(resp.status_code, 302)
assert_equal(mock_service_validate.call_count, 1)
first_call_args = mock_service_validate.call_args[0]
assert_equal(first_call_args[0], ticket)
assert_equal(first_call_args[1], "http://accounts.osf.io/")
def test_make_response_from_ticket_invalidates_verification_key(self, mock_service_validate):
self.user.verification_key = fake.md5()
self.user.save()
mock_response = make_external_response()
validated_creds = cas.validate_external_credential(mock_response.user)
self.user.external_identity = {
validated_creds['provider']: {
validated_creds['id']: 'VERIFIED'
}
}
self.user.save()
mock_service_validate.return_value = mock_response
ticket = fake.md5()
service_url = 'http://accounts.osf.io/?ticket=' + ticket
resp = cas.make_response_from_ticket(ticket, service_url)
def test_make_response_from_ticket_generates_new_verification_key(self, mock_service_validate):
self.user.verification_key = fake.md5()
self.user.save()
mock_response = make_external_response()
validated_creds = cas.validate_external_credential(mock_response.user)
self.user.external_identity = {
validated_creds['provider']: {
validated_creds['id']: 'VERIFIED'
}
}
self.user.save()
mock_service_validate.return_value = mock_response
ticket = fake.md5()
service_url = 'http://localhost:5000/'
verification_key = self.user.verification_key
resp = cas.make_response_from_ticket(ticket, service_url)
assert_not_equal(self.user.verification_key, verification_key)
def test_make_response_from_ticket_generates_new_verification_key(self, mock_service_validate):
self.user.verification_key = fake.md5()
self.user.save()
mock_response = make_external_response()
validated_creds = cas.validate_external_credential(mock_response.user)
self.user.external_identity = {
validated_creds['provider']: {
validated_creds['id']: 'VERIFIED'
}
}
self.user.save()
mock_service_validate.return_value = mock_response
ticket = fake.md5()
service_url = 'http://localhost:5000/'
verification_key = self.user.verification_key
resp = cas.make_response_from_ticket(ticket, service_url)
self.user.reload()
assert_not_equal(self.user.verification_key, verification_key)
def test_make_response_from_ticket_with_user(self, mock_service_validate):
mock_response = make_external_response()
mock_service_validate.return_value = mock_response
validated_creds = cas.validate_external_credential(mock_response.user)
self.user.external_identity = {
validated_creds['provider']: {
validated_creds['id']: 'VERIFIED'
}
}
self.user.save()
ticket = fake.md5()
service_url = 'http://accounts.osf.io/?ticket=' + ticket
resp = cas.make_response_from_ticket(ticket, service_url)
assert_equal(resp.status_code, 302)
assert_equal(mock_service_validate.call_count, 1)
first_call_args = mock_service_validate.call_args[0]
assert_equal(first_call_args[0], ticket)
assert_equal(first_call_args[1], 'http://accounts.osf.io/')
def test_make_response_from_ticket_with_user(self, mock_service_validate, mock_get_user_from_cas_resp):
mock_response = make_external_response()
mock_service_validate.return_value = mock_response
validated_creds = cas.validate_external_credential(mock_response.user)
self.user.external_identity = {
validated_creds['provider']: {
validated_creds['id']: 'VERIFIED'
}
}
self.user.save()
mock_get_user_from_cas_resp.return_value = (self.user, validated_creds, 'authenticate')
ticket = fake.md5()
service_url = 'http://localhost:5000/'
resp = cas.make_response_from_ticket(ticket, service_url)
assert_equal(mock_service_validate.call_count, 1)
assert_true(mock_get_user_from_cas_resp.call_count, 1)
assert_equal(resp.status_code, 302)
assert_in('/logout?service=', resp.headers['Location'])
assert_in('/login?service=', resp.headers['Location'])
def test_make_response_from_ticket_with_user(self, mock_service_validate, mock_get_user_from_cas_resp):
mock_response = make_external_response()
mock_service_validate.return_value = mock_response
validated_creds = cas.validate_external_credential(mock_response.user)
self.user.external_identity = {
validated_creds['provider']: {
validated_creds['id']: 'VERIFIED'
}
}
self.user.save()
mock_get_user_from_cas_resp.return_value = (self.user, validated_creds, 'authenticate')
ticket = fake.md5()
service_url = 'http://localhost:5000/'
resp = cas.make_response_from_ticket(ticket, service_url)
assert_equal(mock_service_validate.call_count, 1)
assert_true(mock_get_user_from_cas_resp.call_count, 1)
assert_equal(resp.status_code, 302)
assert_in('/logout?service=', resp.headers['Location'])
assert_in('/login?service=', resp.headers['Location'])
def generate_external_user_with_resp(user=True, release=True):
"""
Generate mock user, external credential and cas response for tests.
:param user: set to `False` if user does not exists
:param release: set to `False` if attributes are not released due to privacy settings
:return: existing user object or new user, valid external credential, valid cas response
"""
cas_resp = make_external_response(release=release)
validated_credentials = cas.validate_external_credential(cas_resp.user)
if user:
user = UserFactory.build()
user.external_identity = {validated_credentials["provider"]: {validated_credentials["id"]: "VERIFIED"}}
user.save()
return user, validated_credentials, cas_resp
else:
user = {
"external_id_provider": validated_credentials["provider"],
"external_id": validated_credentials["id"],
"fullname": validated_credentials["id"],
"access_token": cas_resp.attributes["accessToken"],
}
return user, validated_credentials, cas_resp