def test_third_party_auth(self, url_name, current_backend, current_provider):
params = [
('course_id', 'edX/DemoX/Demo_Course'),
('enrollment_action', 'enroll'),
('course_mode', 'honor'),
('email_opt_in', 'true'),
('next', '/custom/final/destination'),
]
# Simulate a running pipeline
if current_backend is not None:
pipeline_target = "student_account.views.third_party_auth.pipeline"
with simulate_running_pipeline(pipeline_target, current_backend):
response = self.client.get(reverse(url_name), params)
# Do NOT simulate a running pipeline
else:
response = self.client.get(reverse(url_name), params)
# This relies on the THIRD_PARTY_AUTH configuration in the test settings
expected_providers = [
{
"name": "Facebook",
"iconClass": "fa-facebook",
"loginUrl": self._third_party_login_url("facebook", "login", params),
"registerUrl": self._third_party_login_url("facebook", "register", params)
},
{
"name": "Google",
"iconClass": "fa-google-plus",
"loginUrl": self._third_party_login_url("google-oauth2", "login", params),
"registerUrl": self._third_party_login_url("google-oauth2", "register", params)
}
]
self._assert_third_party_auth_data(response, current_backend, current_provider, expected_providers)
def test_third_party_auth(self, url_name, current_backend,
current_provider):
# Simulate a running pipeline
if current_backend is not None:
pipeline_target = "student_account.views.third_party_auth.pipeline"
with simulate_running_pipeline(pipeline_target, current_backend):
response = self.client.get(reverse(url_name))
# Do NOT simulate a running pipeline
else:
response = self.client.get(reverse(url_name))
# This relies on the THIRD_PARTY_AUTH configuration in the test settings
expected_providers = [{
"name":
"Facebook",
"iconClass":
"fa-facebook",
"loginUrl":
self._third_party_login_url("facebook", "login"),
"registerUrl":
self._third_party_login_url("facebook", "register")
}, {
"name":
"Google",
"iconClass":
"fa-google-plus",
"loginUrl":
self._third_party_login_url("google-oauth2", "login"),
"registerUrl":
self._third_party_login_url("google-oauth2", "register")
}]
self._assert_third_party_auth_data(response, current_provider,
expected_providers)
def test_third_party_auth(self, url_name, current_backend, current_provider):
# Simulate a running pipeline
if current_backend is not None:
pipeline_target = "student_account.views.third_party_auth.pipeline"
with simulate_running_pipeline(pipeline_target, current_backend):
response = self.client.get(reverse(url_name))
# Do NOT simulate a running pipeline
else:
response = self.client.get(reverse(url_name))
# This relies on the THIRD_PARTY_AUTH configuration in the test settings
expected_providers = [
{
"name": "Facebook",
"iconClass": "fa-facebook",
"loginUrl": self._third_party_login_url("facebook", "login"),
"registerUrl": self._third_party_login_url("facebook", "register")
},
{
"name": "Google",
"iconClass": "fa-google-plus",
"loginUrl": self._third_party_login_url("google-oauth2", "login"),
"registerUrl": self._third_party_login_url("google-oauth2", "register")
}
]
self._assert_third_party_auth_data(response, current_provider, expected_providers)
def test_saml_auth_with_error(
self,
url_name,
current_backend,
current_provider,
enterprise_customer_mock,
):
params = []
request = RequestFactory().get(reverse(url_name), params, HTTP_ACCEPT='text/html')
SessionMiddleware().process_request(request)
request.user = AnonymousUser()
self.enable_saml()
dummy_idp = 'testshib'
self._configure_testshib_provider(current_provider, dummy_idp)
enterprise_customer_data = {
'uuid': '72416e52-8c77-4860-9584-15e5b06220fb',
'name': 'Dummy Enterprise',
'identity_provider': dummy_idp,
}
enterprise_customer_mock.return_value = enterprise_customer_data
dummy_error_message = 'Authentication failed: SAML login failed ' \
'["invalid_response"] [SAML Response must contain 1 assertion]'
# Add error message for error in auth pipeline
MessageMiddleware().process_request(request)
messages.error(request, dummy_error_message, extra_tags='social-auth')
# Simulate a running pipeline
pipeline_response = {
'response': {
'idp_name': dummy_idp
}
}
pipeline_target = 'openedx.core.djangoapps.user_authn.views.login_form.third_party_auth.pipeline'
with simulate_running_pipeline(pipeline_target, current_backend, **pipeline_response):
with mock.patch('edxmako.request_context.get_current_request', return_value=request):
response = login_and_registration_form(request)
expected_error_message = Text(_(
u'We are sorry, you are not authorized to access {platform_name} via this channel. '
u'Please contact your learning administrator or manager in order to access {platform_name}.'
u'{line_break}{line_break}'
u'Error Details:{line_break}{error_message}')
).format(
platform_name=settings.PLATFORM_NAME,
error_message=dummy_error_message,
line_break=HTML('<br/>')
)
self._assert_saml_auth_data_with_error(
response,
current_backend,
current_provider,
expected_error_message
)
def test_third_party_auth(self, url_name, current_backend, current_provider):
params = [
('course_id', 'course-v1:Org+Course+Run'),
('enrollment_action', 'enroll'),
('course_mode', CourseMode.DEFAULT_MODE_SLUG),
('email_opt_in', 'true'),
('next', '/custom/final/destination'),
]
# Simulate a running pipeline
if current_backend is not None:
pipeline_target = "student_account.views.third_party_auth.pipeline"
with simulate_running_pipeline(pipeline_target, current_backend):
response = self.client.get(reverse(url_name), params)
# Do NOT simulate a running pipeline
else:
response = self.client.get(reverse(url_name), params)
# This relies on the THIRD_PARTY_AUTH configuration in the test settings
expected_providers = [
{
"id": "oa2-dummy",
"name": "Dummy",
"iconClass": None,
"iconImage": settings.MEDIA_URL + "icon.svg",
"loginUrl": self._third_party_login_url("dummy", "login", params),
"registerUrl": self._third_party_login_url("dummy", "register", params)
},
{
"id": "oa2-facebook",
"name": "Facebook",
"iconClass": "fa-facebook",
"iconImage": None,
"loginUrl": self._third_party_login_url("facebook", "login", params),
"registerUrl": self._third_party_login_url("facebook", "register", params)
},
{
"id": "oa2-google-oauth2",
"name": "Google",
"iconClass": "fa-google-plus",
"iconImage": None,
"loginUrl": self._third_party_login_url("google-oauth2", "login", params),
"registerUrl": self._third_party_login_url("google-oauth2", "register", params)
},
]
self._assert_third_party_auth_data(response, current_backend, current_provider, expected_providers)
def test_third_party_auth(self, url_name, current_backend, current_provider):
params = [
("course_id", "course-v1:Org+Course+Run"),
("enrollment_action", "enroll"),
("course_mode", CourseMode.DEFAULT_MODE_SLUG),
("email_opt_in", "true"),
("next", "/custom/final/destination"),
]
# Simulate a running pipeline
if current_backend is not None:
pipeline_target = "student_account.views.third_party_auth.pipeline"
with simulate_running_pipeline(pipeline_target, current_backend):
response = self.client.get(reverse(url_name), params)
# Do NOT simulate a running pipeline
else:
response = self.client.get(reverse(url_name), params)
# This relies on the THIRD_PARTY_AUTH configuration in the test settings
expected_providers = [
{
"id": "oa2-dummy",
"name": "Dummy",
"iconClass": None,
"iconImage": settings.MEDIA_URL + "icon.svg",
"loginUrl": self._third_party_login_url("dummy", "login", params),
"registerUrl": self._third_party_login_url("dummy", "register", params),
},
{
"id": "oa2-facebook",
"name": "Facebook",
"iconClass": "fa-facebook",
"iconImage": None,
"loginUrl": self._third_party_login_url("facebook", "login", params),
"registerUrl": self._third_party_login_url("facebook", "register", params),
},
{
"id": "oa2-google-oauth2",
"name": "Google",
"iconClass": "fa-google-plus",
"iconImage": None,
"loginUrl": self._third_party_login_url("google-oauth2", "login", params),
"registerUrl": self._third_party_login_url("google-oauth2", "register", params),
},
]
self._assert_third_party_auth_data(response, current_backend, current_provider, expected_providers)
def test_running_pipeline(self, current_backend, current_provider,
add_user_details):
"""
Test that when third party pipeline is running, the api returns details
of current provider
"""
email = '*****@*****.**' if add_user_details else None
params = {'next': self.query_params['redirect_to']}
# Simulate a running pipeline
pipeline_target = 'openedx.core.djangoapps.user_authn.views.login_form.third_party_auth.pipeline'
with simulate_running_pipeline(pipeline_target,
current_backend,
email=email):
response = self.client.get(self.url, self.query_params)
self.assertEqual(response.status_code, 200)
self.assertEqual(
response.data,
self.get_context(params, current_provider, current_backend,
add_user_details))
def test_get_idp_logout_url_from_running_pipeline(self, idp_type,
backend_name):
"""
Test idp logout url setting for running pipeline
"""
self.enable_saml()
idp_slug = "test"
idp_config = {"logout_url": "http://example.com/logout"}
getattr(self,
'configure_{idp_type}_provider'.format(idp_type=idp_type))(
enabled=True,
name="Test Provider",
slug=idp_slug,
backend_name=backend_name,
other_settings=json.dumps(idp_config))
request = mock.MagicMock()
kwargs = {"response": {"idp_name": idp_slug}}
with simulate_running_pipeline("third_party_auth.pipeline",
backend_name, **kwargs):
logout_url = pipeline.get_idp_logout_url_from_running_pipeline(
request)
self.assertEqual(idp_config['logout_url'], logout_url)
def test_third_party_auth(self, url_name, current_backend,
current_provider,
expected_enterprise_customer_mock_attrs,
add_user_details, enterprise_customer_mock_1,
enterprise_customer_mock_2):
params = [
('course_id', 'course-v1:Org+Course+Run'),
('enrollment_action', 'enroll'),
('course_mode', CourseMode.DEFAULT_MODE_SLUG),
('email_opt_in', 'true'),
('next', '/custom/final/destination'),
]
if expected_enterprise_customer_mock_attrs:
expected_ec = {
'name': expected_enterprise_customer_mock_attrs['name'],
'branding_configuration': {
'logo':
'https://host.com/logo.jpg',
'welcome_message':
expected_enterprise_customer_mock_attrs['welcome_msg']
}
}
else:
expected_ec = None
email = None
if add_user_details:
email = '*****@*****.**'
enterprise_customer_mock_1.return_value = expected_ec
enterprise_customer_mock_2.return_value = expected_ec
# Simulate a running pipeline
if current_backend is not None:
pipeline_target = "openedx.core.djangoapps.user_authn.views.login_form.third_party_auth.pipeline"
with simulate_running_pipeline(pipeline_target,
current_backend,
email=email):
response = self.client.get(reverse(url_name),
params,
HTTP_ACCEPT="text/html")
# Do NOT simulate a running pipeline
else:
response = self.client.get(reverse(url_name),
params,
HTTP_ACCEPT="text/html")
# This relies on the THIRD_PARTY_AUTH configuration in the test settings
expected_providers = [
{
"id":
"oa2-dummy",
"name":
"Dummy",
"iconClass":
None,
"iconImage":
settings.MEDIA_URL + "icon.svg",
"loginUrl":
self._third_party_login_url("dummy", "login", params),
"registerUrl":
self._third_party_login_url("dummy", "register", params)
},
{
"id":
"oa2-facebook",
"name":
"Facebook",
"iconClass":
"fa-facebook",
"iconImage":
None,
"loginUrl":
self._third_party_login_url("facebook", "login", params),
"registerUrl":
self._third_party_login_url("facebook", "register", params)
},
{
"id":
"oa2-google-oauth2",
"name":
"Google",
"iconClass":
"fa-google-plus",
"iconImage":
None,
"loginUrl":
self._third_party_login_url("google-oauth2", "login", params),
"registerUrl":
self._third_party_login_url("google-oauth2", "register",
params)
},
]
self._assert_third_party_auth_data(response, current_backend,
current_provider,
expected_providers, expected_ec,
add_user_details)
def test_third_party_auth(
self,
url_name,
current_backend,
current_provider,
expected_enterprise_customer_mock_attrs,
add_user_details,
enterprise_customer_mock_1,
enterprise_customer_mock_2
):
params = [
('course_id', 'course-v1:Org+Course+Run'),
('enrollment_action', 'enroll'),
('course_mode', CourseMode.DEFAULT_MODE_SLUG),
('email_opt_in', 'true'),
('next', '/custom/final/destination'),
]
if expected_enterprise_customer_mock_attrs:
expected_ec = {
'name': expected_enterprise_customer_mock_attrs['name'],
'branding_configuration': {
'logo': 'https://host.com/logo.jpg',
'welcome_message': expected_enterprise_customer_mock_attrs['welcome_msg']
}
}
else:
expected_ec = None
email = None
if add_user_details:
email = '*****@*****.**'
enterprise_customer_mock_1.return_value = expected_ec
enterprise_customer_mock_2.return_value = expected_ec
# Simulate a running pipeline
if current_backend is not None:
pipeline_target = "openedx.core.djangoapps.user_authn.views.login_form.third_party_auth.pipeline"
with simulate_running_pipeline(pipeline_target, current_backend, email=email):
response = self.client.get(reverse(url_name), params, HTTP_ACCEPT="text/html")
# Do NOT simulate a running pipeline
else:
response = self.client.get(reverse(url_name), params, HTTP_ACCEPT="text/html")
# This relies on the THIRD_PARTY_AUTH configuration in the test settings
expected_providers = [
{
"id": "oa2-dummy",
"name": "Dummy",
"iconClass": None,
"iconImage": settings.MEDIA_URL + "icon.svg",
"loginUrl": self._third_party_login_url("dummy", "login", params),
"registerUrl": self._third_party_login_url("dummy", "register", params)
},
{
"id": "oa2-facebook",
"name": "Facebook",
"iconClass": "fa-facebook",
"iconImage": None,
"loginUrl": self._third_party_login_url("facebook", "login", params),
"registerUrl": self._third_party_login_url("facebook", "register", params)
},
{
"id": "oa2-google-oauth2",
"name": "Google",
"iconClass": "fa-google-plus",
"iconImage": None,
"loginUrl": self._third_party_login_url("google-oauth2", "login", params),
"registerUrl": self._third_party_login_url("google-oauth2", "register", params)
},
]
self._assert_third_party_auth_data(
response,
current_backend,
current_provider,
expected_providers,
expected_ec,
add_user_details
)
def test_third_party_auth(
self,
url_name,
current_backend,
current_provider,
expected_enterprise_customer_mock_attrs,
enterprise_customer_mock
):
params = [
('course_id', 'course-v1:Org+Course+Run'),
('enrollment_action', 'enroll'),
('course_mode', CourseMode.DEFAULT_MODE_SLUG),
('email_opt_in', 'true'),
('next', '/custom/final/destination'),
]
if expected_enterprise_customer_mock_attrs:
expected_ec = mock.MagicMock(
branding_configuration=mock.MagicMock(
logo=mock.MagicMock(
url=expected_enterprise_customer_mock_attrs['logo']
),
welcome_message=expected_enterprise_customer_mock_attrs['welcome_msg']
)
)
expected_ec.name = expected_enterprise_customer_mock_attrs['name']
else:
expected_ec = None
enterprise_customer_mock.return_value = expected_ec
# Simulate a running pipeline
if current_backend is not None:
pipeline_target = "student_account.views.third_party_auth.pipeline"
with simulate_running_pipeline(pipeline_target, current_backend):
response = self.client.get(reverse(url_name), params, HTTP_ACCEPT="text/html")
# Do NOT simulate a running pipeline
else:
response = self.client.get(reverse(url_name), params, HTTP_ACCEPT="text/html")
# This relies on the THIRD_PARTY_AUTH configuration in the test settings
expected_providers = [
{
"id": "oa2-dummy",
"name": "Dummy",
"iconClass": None,
"iconImage": settings.MEDIA_URL + "icon.svg",
"loginUrl": self._third_party_login_url("dummy", "login", params),
"registerUrl": self._third_party_login_url("dummy", "register", params)
},
{
"id": "oa2-facebook",
"name": "Facebook",
"iconClass": "fa-facebook",
"iconImage": None,
"loginUrl": self._third_party_login_url("facebook", "login", params),
"registerUrl": self._third_party_login_url("facebook", "register", params)
},
{
"id": "oa2-google-oauth2",
"name": "Google",
"iconClass": "fa-google-plus",
"iconImage": None,
"loginUrl": self._third_party_login_url("google-oauth2", "login", params),
"registerUrl": self._third_party_login_url("google-oauth2", "register", params)
},
]
self._assert_third_party_auth_data(
response,
current_backend,
current_provider,
expected_providers,
expected_ec
)
def test_saml_auth_with_error(
self,
url_name,
current_backend,
current_provider,
expected_enterprise_customer_mock_attrs,
enterprise_customer_mock,
):
params = []
request = RequestFactory().get(reverse(url_name),
params,
HTTP_ACCEPT='text/html')
SessionMiddleware().process_request(request)
request.user = AnonymousUser()
self.enable_saml()
dummy_idp = 'testshib'
self._configure_testshib_provider(current_provider, dummy_idp)
expected_ec = mock.MagicMock(branding_configuration=mock.MagicMock(
logo=mock.MagicMock(
url=expected_enterprise_customer_mock_attrs['logo']),
welcome_message=expected_enterprise_customer_mock_attrs[
'welcome_msg']))
expected_ec.name = expected_enterprise_customer_mock_attrs['name']
enterprise_customer_data = {
'uuid': '72416e52-8c77-4860-9584-15e5b06220fb',
'name': 'Dummy Enterprise',
'identity_provider': dummy_idp,
}
enterprise_customer_mock.return_value = enterprise_customer_data
dummy_error_message = 'Authentication failed: SAML login failed ' \
'["invalid_response"] [SAML Response must contain 1 assertion]'
# Add error message for error in auth pipeline
MessageMiddleware().process_request(request)
messages.error(request, dummy_error_message, extra_tags='social-auth')
# Simulate a running pipeline
pipeline_response = {'response': {'idp_name': dummy_idp}}
pipeline_target = 'student_account.views.third_party_auth.pipeline'
with simulate_running_pipeline(pipeline_target, current_backend,
**pipeline_response):
with mock.patch('edxmako.request_context.get_current_request',
return_value=request):
response = login_and_registration_form(request)
expected_error_message = Text(
_(u'We are sorry, you are not authorized to access {platform_name} via this channel. '
u'Please contact your {enterprise} administrator in order to access {platform_name} '
u'or contact {edx_support_link}.{line_break}'
u'{line_break}'
u'Error Details:{line_break}{error_message}')
).format(
platform_name=settings.PLATFORM_NAME,
enterprise=enterprise_customer_data['name'],
error_message=dummy_error_message,
edx_support_link=HTML(
'<a href="{edx_support_url}">{support_url_name}</a>').format(
edx_support_url=settings.SUPPORT_SITE_LINK,
support_url_name=_('edX Support'),
),
line_break=HTML('<br/>'))
self._assert_saml_auth_data_with_error(response, current_backend,
current_provider,
expected_error_message)
def test_third_party_auth(
self,
url_name,
current_backend,
current_provider,
expected_enterprise_customer_mock_attrs,
enterprise_customer_mock
):
params = [
('course_id', 'course-v1:Org+Course+Run'),
('enrollment_action', 'enroll'),
('course_mode', CourseMode.DEFAULT_MODE_SLUG),
('email_opt_in', 'true'),
('next', '/custom/final/destination'),
]
if expected_enterprise_customer_mock_attrs:
expected_ec = mock.MagicMock(
branding_configuration=mock.MagicMock(
logo=mock.MagicMock(
url=expected_enterprise_customer_mock_attrs['logo']
),
welcome_message=expected_enterprise_customer_mock_attrs['welcome_msg']
)
)
expected_ec.name = expected_enterprise_customer_mock_attrs['name']
else:
expected_ec = None
enterprise_customer_mock.return_value = expected_ec
# Simulate a running pipeline
if current_backend is not None:
pipeline_target = "student_account.views.third_party_auth.pipeline"
with simulate_running_pipeline(pipeline_target, current_backend):
response = self.client.get(reverse(url_name), params, HTTP_ACCEPT="text/html")
# Do NOT simulate a running pipeline
else:
response = self.client.get(reverse(url_name), params, HTTP_ACCEPT="text/html")
# This relies on the THIRD_PARTY_AUTH configuration in the test settings
expected_providers = [
{
"id": "oa2-dummy",
"name": "Dummy",
"iconClass": None,
"iconImage": settings.MEDIA_URL + "icon.svg",
"loginUrl": self._third_party_login_url("dummy", "login", params),
"registerUrl": self._third_party_login_url("dummy", "register", params)
},
{
"id": "oa2-facebook",
"name": "Facebook",
"iconClass": "fa-facebook",
"iconImage": None,
"loginUrl": self._third_party_login_url("facebook", "login", params),
"registerUrl": self._third_party_login_url("facebook", "register", params)
},
{
"id": "oa2-google-oauth2",
"name": "Google",
"iconClass": "fa-google-plus",
"iconImage": None,
"loginUrl": self._third_party_login_url("google-oauth2", "login", params),
"registerUrl": self._third_party_login_url("google-oauth2", "register", params)
},
]
self._assert_third_party_auth_data(
response,
current_backend,
current_provider,
expected_providers,
expected_ec
)
