def post(self, *args, **kwargs):
self.change_email = False
if not self.request.user.is_authenticated():
return super(BrowserIDVerify, self).post(*args, **kwargs)
self.change_email = True
assertion = self.request.POST.get('assertion')
if not assertion:
return self.login_failure()
verifier = RemoteVerifier()
audience = get_audience(self.request)
result = verifier.verify(assertion, audience)
if not result:
messages.error(self.request, _('Authentication failed.'))
return self.login_failure()
email = result.email
if User.objects.filter(email=email).exists():
error_msg = "Email '{0}' already exists in the database.".format(
email)
messages.error(self.request, _(error_msg))
return self.login_failure()
self.user = self.request.user
self.user.email = email
self.user.save()
return self.login_success()
def post(self, *args, **kwargs):
self.change_email = False
if not self.request.user.is_authenticated():
return super(BrowserIDVerify, self).post(*args, **kwargs)
self.change_email = True
assertion = self.request.POST.get('assertion')
if not assertion:
return self.login_failure()
verifier = RemoteVerifier()
audience = get_audience(self.request)
result = verifier.verify(assertion, audience)
if not result:
messages.error(self.request, _('Authentication failed.'))
return self.login_failure()
email = result.email
if User.objects.filter(email=email).exists():
error_msg = "Email '{0}' already exists in the database.".format(email)
messages.error(self.request, _(error_msg))
return self.login_failure()
self.user = self.request.user
self.user.email = email
self.user.save()
return self.login_success()
def test_verify_invalid_json(self):
# If the response contains invalid JSON, return a failure result.
verifier = RemoteVerifier()
with patch('django_browserid.base.requests.post') as post:
post.return_value = self._response(content='{asg9=3{{{}}{')
result = verifier.verify('asdf', 'http://testserver')
ok_(not result)
ok_(result.reason.startswith('Could not parse verifier response'))
def test_verify_invalid_json(self):
# If the response contains invalid JSON, return a failure result.
verifier = RemoteVerifier()
with patch('django_browserid.base.requests.post') as post:
post.return_value = self._response(content='{asg9=3{{{}}{')
result = verifier.verify('asdf', 'http://testserver')
ok_(not result)
ok_(result.reason.startswith('Could not parse verifier response'))
def test_verify_success(self):
# If the response contains valid JSON, return a result object for that response.
verifier = RemoteVerifier()
with patch('django_browserid.base.requests.post') as post:
post.return_value = self._response(
content='{"status": "okay", "email": "*****@*****.**"}')
result = verifier.verify('asdf', 'http://testserver')
ok_(result)
eq_(result.email, '*****@*****.**')
def test_verify_success(self):
# If the response contains valid JSON, return a result object for that response.
verifier = RemoteVerifier()
with patch('django_browserid.base.requests.post') as post:
post.return_value = self._response(
content='{"status": "okay", "email": "*****@*****.**"}')
result = verifier.verify('asdf', 'http://testserver')
ok_(result)
eq_(result.email, '*****@*****.**')
def test_verify_kwargs(self):
# Any keyword arguments passed to verify should be passed on as POST arguments.
verifier = RemoteVerifier()
with patch('django_browserid.base.requests.post') as post:
post.return_value = self._response(content='{"status":"failure"}')
verifier.verify('asdf', 'http://testserver', foo='bar', baz=5)
# foo parameter passed with 'bar' value.
eq_(post.call_args[1]['data']['foo'], 'bar')
eq_(post.call_args[1]['data']['baz'], 5)
def test_verify_kwargs(self):
# Any keyword arguments passed to verify should be passed on as POST arguments.
verifier = RemoteVerifier()
with patch('django_browserid.base.requests.post') as post:
post.return_value = self._response(content='{"status":"failure"}')
verifier.verify('asdf', 'http://testserver', foo='bar', baz=5)
# foo parameter passed with 'bar' value.
eq_(post.call_args[1]['data']['foo'], 'bar')
eq_(post.call_args[1]['data']['baz'], 5)
def test_verify_request_exception(self):
# If a RequestException is raised during the POST, raise a BrowserIDException with the
# RequestException as the cause.
verifier = RemoteVerifier()
request_exception = requests.exceptions.RequestException()
with patch('django_browserid.base.requests.post') as post:
post.side_effect = request_exception
with self.assertRaises(BrowserIDException) as cm:
verifier.verify('asdf', 'http://testserver')
eq_(cm.exception.exc, request_exception)
def test_verify_request_exception(self):
# If a RequestException is raised during the POST, raise a BrowserIDException with the
# RequestException as the cause.
verifier = RemoteVerifier()
request_exception = requests.exceptions.RequestException()
with patch('django_browserid.base.requests.post') as post:
post.side_effect = request_exception
with self.assertRaises(BrowserIDException) as cm:
verifier.verify('asdf', 'http://testserver')
eq_(cm.exception.exc, request_exception)
def post(self, *args, **kwargs):
self.add_email = False
if not self.request.user.is_authenticated():
return super(BrowserIDVerify, self).post(*args, **kwargs)
self.add_email = True
assertion = self.request.POST.get('assertion')
if not assertion:
return self.login_failure()
verifier = RemoteVerifier()
audience = get_audience(self.request)
result = verifier.verify(assertion, audience)
if not result:
messages.error(self.request, _('Authentication failed.'))
return self.login_failure()
email = result.email
kwargs = {
'type': ExternalAccount.TYPE_EMAIL,
'user': self.request.user.userprofile,
'identifier': email
}
email_exists = User.objects.filter(email=email).exists()
alternate_email_exists = ExternalAccount.objects.filter(
**kwargs).exists()
if email_exists or alternate_email_exists:
error_msg = "Email '{0}' already exists in the database.".format(
email)
messages.error(self.request, _(error_msg))
return self.login_failure()
ExternalAccount.objects.create(**kwargs)
return self.login_success()
def post(self, *args, **kwargs):
self.add_email = False
if not self.request.user.is_authenticated():
return super(BrowserIDVerify, self).post(*args, **kwargs)
self.add_email = True
assertion = self.request.POST.get('assertion')
if not assertion:
return self.login_failure()
verifier = RemoteVerifier()
audience = get_audience(self.request)
result = verifier.verify(assertion, audience)
if not result:
messages.error(self.request, _('Authentication failed.'))
return self.login_failure()
email = result.email
kwargs = {
'type': ExternalAccount.TYPE_EMAIL,
'user': self.request.user.userprofile,
'identifier': email
}
email_exists = User.objects.filter(email=email).exists()
alternate_email_exists = ExternalAccount.objects.filter(**kwargs).exists()
if email_exists or alternate_email_exists:
error_msg = "Email '{0}' already exists in the database.".format(email)
messages.error(self.request, _(error_msg))
return self.login_failure()
ExternalAccount.objects.create(**kwargs)
return self.login_success()
def get_verifier(self):
"""
Create a verifier for verifying assertions. Uses a
:class:`django_browserid.base.RemoteVerifier` by default.
"""
return RemoteVerifier()