def testToString(self):
"""Tests that the __unicode__ function creates a string"""
user = User(username="******")
user.save()
rpx_data = RpxData(user=user)
rpx_data.save()
rpx_string = str(rpx_data)
self.assert_(rpx_string.__class__ == str)
RpxBackend.delete_user(self.backend, user)
def create_user(self, rpx_auth_info):
"""Creates user based on the RPX authentication info."""
username = rpx_auth_info.get_user_name()
user = dbutils.db_create(User, username=username, email=rpx_auth_info.get_email())
if not user:
raise Exception('Cannot create user (name = %s)' % username)
self.logger.debug("RpxBackend: Created user(%s) as %s\r\n" % (user.username, str(user)))
user.is_active = True
user.is_staff = False
user.is_superuser = False
user.set_unusable_password()
user.save()
rpxdata = RpxData(key_name=self.create_rpx_key(rpx_auth_info.get_rpx_id()), user=user)
rpxdata.save()
self.logger.debug("RpxBackend: RpxData created\r\n")
return user
def testDeleteUser(self):
"""Tests RpxBackend.delete_user().
Tests that both the user and the associated RPX data entries are deleted.
"""
user, auth_info = self.__create_normal_user__()
user_key = user.key()
number_of_users_entries = User.all().count()
number_of_rpx_entries = RpxData.all().count()
RpxBackend.delete_user(self.backend, user)
self.assert_(User.all().count() == number_of_users_entries - 1)
self.assert_(RpxData.all().count() == number_of_rpx_entries - 1)
self.assert_(RpxBackend.get_user(self.backend, user_key) == None)
def map_id_to_existing_user(self, token, user):
"""Map existing user to new open ID.
This function should be used to add new open IDs to users that already
are authenticated.
"""
if not token and not user:
raise ValueError
auth_info = api.get_auth_info(token)
if auth_info.get_status() == RpxAuthInfo.OK:
# Make sure that this id isn't used
existing_user = self.get_user_by_rpx_id(auth_info.get_rpx_id())
if not existing_user:
rpxdata = RpxData(key_name=self.create_rpx_key(auth_info.get_rpx_id()), user=user)
rpxdata.save()
def get_user_by_rpx_id(self, rpx_id):
"""Returns user using the RPX ID."""
if not rpx_id:
raise ValueError
rpxData = RpxData.get_by_key_name(self.create_rpx_key(rpx_id)) # Returns None if not found
if (rpxData):
return rpxData.user
else:
return None
def testGetUserFromId(self):
"""Tests RpxBackend.get_user().
Make sure it handles None and negative results.
"""
try:
RpxBackend.get_user(self.backend, None)
self.assert_(False)
except:
pass
self.assert_(RpxBackend.get_user(self.backend, "willnotfind") == None)
user = User(username="******")
user.save()
rpx_data = RpxData(user=user)
rpx_data.save()
#Test that is can handle key from non User class and returns None
self.assert_(RpxBackend.get_user(self.backend, rpx_data.key()) == None)
RpxBackend.delete_user(self.backend, user)
def authenticate(self, token=''):
"""
TODO: pass in a message array here which can be filled with an error
message with failure response
"""
from django.utils import simplejson
import urllib
import urllib2
url = 'https://rpxnow.com/api/v2/auth_info'
args = {
'format': 'json',
'apiKey': settings.RPXNOW_API_KEY,
'token': token
}
r = urllib2.urlopen(url=url,
data=urllib.urlencode(args),
)
json = simplejson.load(r)
if json['stat'] <> 'ok':
return None
profile = json['profile']
rpx_id = profile['identifier']
nickname = profile.get('displayName') or \
profile.get('preferredUsername')
email = profile.get('email', '')
profile_pic_url = profile.get('photo')
info_page_url = profile.get('url')
provider=profile.get("providerName")
user=self.get_user_by_rpx_id(rpx_id)
if not user:
#no match, create a new user - but there may be duplicate user names.
username=nickname
user=None
try:
i=0
while True:
User.objects.get(username=username)
username=permute_name(nickname, i)
i+=1
except User.DoesNotExist:
#available name!
user=User.objects.create_user(username, email)
rpxdata=RpxData(identifier=rpx_id)
# Store the origonal nickname for display
user.first_name = nickname
user.save()
rpxdata.user=user
rpxdata.save()
if profile_pic_url:
user.rpxdata.profile_pic_url=profile_pic_url
if info_page_url:
user.rpxdata.info_page_url=info_page_url
if provider:
user.rpxdata.provider=provider
user.rpxdata.save()
return user
def authenticate(self, token=''):
"""
TODO: pass in a message array here which can be filled with an error
message with failure response
"""
api = RpxApi()
json = api.get_auth_info(token)
if json['stat'] <> 'ok':
return None
profile = json['profile']
rpx_id = profile['identifier']
nickname = profile.get('displayName') or \
profile.get('preferredUsername')
email = profile.get('email', '')
profile_pic_url = profile.get('photo')
info_page_url = profile.get('url')
provider=profile.get("providerName")
user=self.get_user_by_rpx_id(rpx_id)
if not user:
# no match. we can try to match on email, though, provided that doesn't steal
# an rpx association
if email and profile['providerName'] in TRUSTED_PROVIDERS:
#beware - this would allow account theft, so we only allow it
#for trusted providers
user_candidates=User.objects.all().filter(
rpxdata=None).filter(email=email)
# if unambiguous, do it. otherwise, don't.
if user_candidates.count()==1:
[user]=user_candidates
rpxdata=RpxData(identifier=rpx_id)
else:
return None
else:
#no match, create a new user - but there may be duplicate user names.
username=nickname
user=None
try:
i=0
while True:
User.objects.get(username=username)
username=permute_name(nickname, i)
i+=1
except User.DoesNotExist:
#available name!
user=User.objects.create_user(username, email)
rpxdata = RpxData(identifier=rpx_id)
rpxdata.user=user
try:
rpxdata.save()
except:
# the object already exists
return False
rpxdata = RpxData.objects.get(identifier=rpx_id)
api.save_data(json, rpxdata, user)
if profile_pic_url:
rpxdata.profile_pic_url=profile_pic_url
if info_page_url:
rpxdata.info_page_url=info_page_url
if provider:
rpxdata.provider=provider
rpxdata.save()
return user
