Ejemplo n.º 1
0
def auth_process(request, backend):
    """Authenticate using social backend"""
    data = request.POST if request.method == 'POST' else request.GET

    # Save extra data into session.
    for field_name in setting('SOCIAL_AUTH_FIELDS_STORED_IN_SESSION', []):
        if field_name in data:
            request.session[field_name] = data[field_name]

    # Save any defined next value into session
    if REDIRECT_FIELD_NAME in data:
        # Check and sanitize a user-defined GET/POST next field value
        redirect = data[REDIRECT_FIELD_NAME]
        if setting('SOCIAL_AUTH_SANITIZE_REDIRECTS', True):
            redirect = sanitize_redirect(request.get_host(), redirect)
        request.session[REDIRECT_FIELD_NAME] = (redirect or
                                                resolve_url(DEFAULT_REDIRECT))

    # Clean any partial pipeline info before starting the process
    clean_partial_pipeline(request)

    if backend.uses_redirect:
        return HttpResponseRedirect(backend.auth_url())
    else:
        return HttpResponse(backend.auth_html(),
                            content_type='text/html;charset=UTF-8')
Ejemplo n.º 2
0
def disconnect(request, backend, association_id=None):
    """Disconnects given backend from current logged in user."""
    backend.disconnect(request.user, association_id)
    url = request.REQUEST.get(REDIRECT_FIELD_NAME, '') or \
          backend_setting(backend, 'SOCIAL_AUTH_DISCONNECT_REDIRECT_URL') or \
          resolve_url(DEFAULT_REDIRECT)
    return HttpResponseRedirect(url)
Ejemplo n.º 3
0
def associate_complete(request, backend, *args, **kwargs):
    """Authentication complete process"""
    # pop redirect value before the session is trashed on login()
    redirect_value = request.session.get(REDIRECT_FIELD_NAME, '')
    user = auth_complete(request, backend, request.user, *args, **kwargs)

    if not user:
        url = resolve_url(backend_setting(backend, 'LOGIN_ERROR_URL',
                                          LOGIN_ERROR_URL))
    elif isinstance(user, HttpResponse):
        return user
    else:
        url = redirect_value or \
              backend_setting(backend,
                              'SOCIAL_AUTH_NEW_ASSOCIATION_REDIRECT_URL') or \
              DEFAULT_REDIRECT
    return HttpResponseRedirect(resolve_url(url))
Ejemplo n.º 4
0
    def test_login_succeful(self):
        """

        """
        response = self.client.get('http://%s%s' % (self.SERVER_NAME, self.reverse('socialauth_begin', 'facebook')))
        # social_auth must redirect to service page
        self.assertEqual(response.status_code, 302)

        # Open first redirect page, it contains user login form because
        # we don't have cookie to send to twitter
        parser = FormParserByID('login_form')
        content = self.get_content(response['Location'], use_cookies=True)
        parser.feed(content)
        auth = {'email': self.user,
                'pass': self.passwd}

        # Check that action and values were loaded properly
        self.assertTrue(parser.action)
        self.assertTrue(parser.values)

        # Post login form, will return authorization or redirect page
        parser.values.update(auth)
        redirect = self.get_redirect(parser.action, parser.values,
                                   use_cookies=True)
        # If page contains a form#login_form, then we are in the app
        # authorization page because the app is not authorized yet,
        # otherwise the app already gained permission and twitter sends
        # a page that redirects to redirect_url
        if 'login_form' in content:
            # authorization form post, returns redirect_page
            parser = FormParserByID('login_form')
            parser.feed(content)
            self.assertTrue(parser.action)
            self.assertTrue(parser.values)
            parser.values.update(auth)
            redirect = self.get_redirect(parser.action, parser.values,
                                             use_cookies=True)
            redirect_page = redirect.read()
        else:
            redirect = self.get_redirect(redirect.headers['Location'],
                use_cookies=True)
            redirect_page = redirect.read()

        if 'uiserver_form' in redirect_page:
            # authorization form post, returns redirect_page
            parser = FormParserByID('uiserver_form')
            parser.feed(redirect_page)
            self.assertTrue(parser.action)
            self.assertTrue(parser.values)
            parser.values.update(auth)
            redirect = self.get_redirect(parser.action, parser.values,
                use_cookies=True)


        self.assertTrue(resolve_url(setting('LOGIN_REDIRECT_URL')) in
                        self.make_relative(redirect.headers['Location']))
Ejemplo n.º 5
0
    def test_login_successful(self):
        response = self.client.get(self.reverse('socialauth_begin', 'twitter'))
        # social_auth must redirect to service page
        self.assertEqual(response.status_code, 302)

        # Open first redirect page, it contains user login form because
        # we don't have cookie to send to twitter
        login_content = self.get_content(response['Location'])
        parser = FormParserByID('oauth_form')
        parser.feed(login_content)
        auth = {'session[username_or_email]': self.user,
                'session[password]': self.passwd}

        # Check that action and values were loaded properly
        self.assertTrue(parser.action)
        self.assertTrue(parser.values)

        # Post login form, will return authorization or redirect page
        parser.values.update(auth)
        content = self.get_content(parser.action, data=parser.values)

        # If page contains a form#login_form, then we are in the app
        # authorization page because the app is not authorized yet,
        # otherwise the app already gained permission and twitter sends
        # a page that redirects to redirect_url
        if 'login_form' in content:
            # authorization form post, returns redirect_page
            parser = FormParserByID('login_form').feed(content)
            self.assertTrue(parser.action)
            self.assertTrue(parser.values)
            parser.values.update(auth)
            redirect_page = self.get_content(parser.action, data=parser.values)
        else:
            redirect_page = content

        parser = RefreshParser()
        parser.feed(redirect_page)
        self.assertTrue(parser.value)

        response = self.client.get(self.make_relative(parser.value))
        self.assertEqual(response.status_code, 302)
        location = self.make_relative(response['Location'])
        login_redirect = resolve_url(setting('LOGIN_REDIRECT_URL'))
        self.assertTrue(location == login_redirect)
Ejemplo n.º 6
0
    def test_login_succeful(self):
        if self.name not in settings.SOCIAL_AUTH_ENABLED_BACKENDS:
            self.skipTest("Google OpenID is not enabled")
        response = self.client.get(self.reverse("socialauth_begin", "google"))

        parser = FormParserByID("openid_message")
        parser.feed(response.content)
        # Check that action and values were loaded properly
        self.assertTrue(parser.action)
        self.assertTrue(parser.values)
        content = self.get_content(parser.action, parser.values, use_cookies=True)

        parser = FormParserByID("gaia_loginform")
        parser.feed(content)
        auth = {"Email": self.user, "Passwd": self.passwd}
        parser.values.update(auth)
        # Check that action and values were loaded properly
        self.assertTrue(parser.action)
        self.assertTrue(parser.values)

        content = self.get_content(parser.action, parser.values, use_cookies=True)
        parser = RefreshParser()
        parser.feed(content)

        # approved?
        result = self.get_redirect(parser.value, use_cookies=True)
        if result.headers.get("Location", ""):  # approved?
            # damn, google has a hell of redirects :-(
            result = self.get_redirect(result.headers["Location"], use_cookies=True)
            result = self.get_redirect(result.headers["Location"], use_cookies=True)
            result = self.get_redirect(result.headers["Location"], use_cookies=True)

        # app was not approved
        if self.SERVER_NAME not in result.headers.get("Location", ""):
            content = self.get_content(parser.value, use_cookies=True)
            parser = FormParser()
            parser.feed(content)
            parser.values["submit_true"] = "yes"
            parser.values["remember_choices"] = "yes"
            result = self.get_redirect(parser.action, parser.values, use_cookies=True)

        response = self.client.get(self.make_relative(result.headers["Location"]))
        self.assertTrue(resolve_url(setting("LOGIN_REDIRECT_URL")) in self.make_relative(response["Location"]))
Ejemplo n.º 7
0
def complete_process(request, backend, *args, **kwargs):
    """Authentication complete process"""
    # pop redirect value before the session is trashed on login()
    redirect_value = request.session.get(REDIRECT_FIELD_NAME, '') or \
                     request.REQUEST.get(REDIRECT_FIELD_NAME, '')
    user = auth_complete(request, backend, *args, **kwargs)

    if isinstance(user, HttpResponse):
        return user

    if not user and request.user.is_authenticated():
        return HttpResponseRedirect(redirect_value)

    msg = None
    if user:
        if getattr(user, 'is_active', True):
            # catch is_new flag before login() might reset the instance
            is_new = getattr(user, 'is_new', False)
            login(request, user)
            # user.social_user is the used UserSocialAuth instance defined
            # in authenticate process
            social_user = user.social_user
            if redirect_value:
                request.session[REDIRECT_FIELD_NAME] = redirect_value

            if setting('SOCIAL_AUTH_SESSION_EXPIRATION', True):
                # Set session expiration date if present and not disabled by
                # setting. Use last social-auth instance for current provider,
                # users can associate several accounts with a same provider.
                expiration = social_user.expiration_datetime()
                if expiration:
                    try:
                        request.session.set_expiry(expiration)
                    except OverflowError:
                        # Handle django time zone overflow, set default expiry.
                        request.session.set_expiry(None)

            # store last login backend name in session
            request.session['social_auth_last_login_backend'] = \
                    social_user.provider

            # Remove possible redirect URL from session, if this is a new
            # account, send him to the new-users-page if defined.
            new_user_redirect = backend_setting(backend,
                                           'SOCIAL_AUTH_NEW_USER_REDIRECT_URL')
            if new_user_redirect and is_new:
                url = new_user_redirect
            else:
                url = redirect_value or \
                      backend_setting(backend,
                                      'SOCIAL_AUTH_LOGIN_REDIRECT_URL') or \
                      DEFAULT_REDIRECT
        else:
            msg = setting('SOCIAL_AUTH_INACTIVE_USER_MESSAGE', None)
            url = backend_setting(backend, 'SOCIAL_AUTH_INACTIVE_USER_URL',
                                  LOGIN_ERROR_URL)
    else:
        msg = setting('LOGIN_ERROR_MESSAGE', None)
        url = backend_setting(backend, 'LOGIN_ERROR_URL', LOGIN_ERROR_URL)
    if msg:
        messages.error(request, msg)

    url = resolve_url(url)
    if redirect_value and redirect_value != url:
        redirect_value = quote(redirect_value)
        if '?' in url:
            url += '&%s=%s' % (REDIRECT_FIELD_NAME, redirect_value)
        else:
            url += '?%s=%s' % (REDIRECT_FIELD_NAME, redirect_value)
    return HttpResponseRedirect(url)
Ejemplo n.º 8
0
 def get_redirect_uri(self, request, exception):
     if self.backend is not None:
         return resolve_url(backend_setting(self.backend,
                                            'SOCIAL_AUTH_BACKEND_ERROR_URL')
                            or settings.LOGIN_ERROR_URL)
     return resolve_url(settings.LOGIN_ERROR_URL)