def test_sanity_csp(debug):
# If DEBUG == True, the django-csp middleware is present, and Persona isn't
# allowed by CSP, log a debug message warning about it.
# Test if allowed properly.
with patch_settings(CSP_DEFAULT_SRC=[],
CSP_SCRIPT_SRC=['https://login.persona.org'],
CSP_FRAME_SRC=['https://login.persona.org']):
verify('post', assertion='asdf')
debug.called = False
debug.reset_mock()
# Test fallback to default-src.
with patch_settings(CSP_DEFAULT_SRC=['https://login.persona.org'],
CSP_SCRIPT_SRC=[],
CSP_FRAME_SRC=[]):
verify('post', assertion='asdf')
debug.called = False
debug.reset_mock()
# Test incorrect csp.
with patch_settings(CSP_DEFAULT_SRC=[],
CSP_SCRIPT_SRC=[],
CSP_FRAME_SRC=[]):
verify('post', assertion='asdf')
debug.called = True
debug.reset_mock()
# Test partial incorrectness.
with patch_settings(CSP_DEFAULT_SRC=[],
CSP_SCRIPT_SRC=['https://login.persona.org'],
CSP_FRAME_SRC=[]):
verify('post', assertion='asdf')
debug.called = True
def test_sanity_csp(debug):
# If DEBUG == True, the django-csp middleware is present, and Persona isn't
# allowed by CSP, log a debug message warning about it.
# Test if allowed properly.
with patch_settings(CSP_DEFAULT_SRC=[],
CSP_SCRIPT_SRC=['https://login.persona.org'],
CSP_FRAME_SRC=['https://login.persona.org']):
verify('post', assertion='asdf')
debug.called = False
debug.reset_mock()
# Test fallback to default-src.
with patch_settings(CSP_DEFAULT_SRC=['https://login.persona.org'],
CSP_SCRIPT_SRC=[],
CSP_FRAME_SRC=[]):
verify('post', assertion='asdf')
debug.called = False
debug.reset_mock()
# Test incorrect csp.
with patch_settings(CSP_DEFAULT_SRC=[],
CSP_SCRIPT_SRC=[],
CSP_FRAME_SRC=[]):
verify('post', assertion='asdf')
debug.called = True
debug.reset_mock()
# Test partial incorrectness.
with patch_settings(CSP_DEFAULT_SRC=[],
CSP_SCRIPT_SRC=['https://login.persona.org'],
CSP_FRAME_SRC=[]):
verify('post', assertion='asdf')
debug.called = True
def verify(request_type, success_url=None, failure_url=None, **kwargs):
"""
Call the verify view function. All kwargs not specified above will be passed
as GET or POST arguments.
"""
if request_type == 'get':
request = factory.get('/browserid/verify', kwargs)
else:
request = factory.post('/browserid/verify', kwargs)
# Patch settings prior to importing verify
patches = {'BROWSERID_CREATE_USER': True, 'SITE_URL': 'http://testserver'}
if success_url is not None:
patches['LOGIN_REDIRECT_URL'] = success_url
if failure_url is not None:
patches['LOGIN_REDIRECT_URL_FAILURE'] = failure_url
# We need to reload verify for the setting changes to take effect.
with patch_settings(**patches):
reload(views)
verify_view = views.Verify.as_view()
with patch.object(auth, 'login'):
response = verify_view(request)
return response
def verify(request_type, success_url=None, failure_url=None, **kwargs):
"""
Call the verify view function. All kwargs not specified above will be passed
as GET or POST arguments.
"""
if request_type == 'get':
request = factory.get('/browserid/verify', kwargs)
else:
request = factory.post('/browserid/verify', kwargs)
# Patch settings prior to importing verify
patches = {'BROWSERID_CREATE_USER': True, 'SITE_URL': 'http://testserver'}
if success_url is not None:
patches['LOGIN_REDIRECT_URL'] = success_url
if failure_url is not None:
patches['LOGIN_REDIRECT_URL_FAILURE'] = failure_url
# We need to reload verify for the setting changes to take effect.
with patch_settings(**patches):
reload(views)
verify_view = views.Verify.as_view()
with patch.object(auth, 'login'):
response = verify_view(request)
return response
def test_override_verify_class(self):
# Reload so that the settings.BROWSERID_VERIFY_CLASS takes effect.
path = 'django_browserid.tests.test_urls.MyVerifyClass'
with patch_settings(BROWSERID_VERIFY_CLASS=path):
reload(urls)
view = resolve('/login/', urls).func
self.assertEqual(view, MyVerifyClass.as_view())
# Reset urls back to normal.
reload(urls)
