def test_authenticate_invalid_user(mocker, settings, data):
mocker.patch('flask_multipass.providers.ldap.providers.get_user_by_id',
return_value=(None, {'cn': ['Configuration']}))
ldap_conn = MagicMock(simple_bind_s=MagicMock())
mocker.patch('flask_multipass.providers.ldap.util.ReconnectLDAPObject', return_value=ldap_conn)
auth_provider = LDAPAuthProvider(None, 'LDAP test provider', settings)
with pytest.raises(NoSuchUser):
auth_provider.process_local_login(data)
def test_authenticate_invalid_credentials(mocker, settings, data):
def user_dn(user):
return 'dn={0},dc=example,dc=com'.format(user)
mocker.patch('flask_multipass.providers.ldap.providers.get_user_by_id',
return_value=(user_dn(data['username']), {settings['ldap']['uid']: [data['username']]}))
ldap_conn = MagicMock(simple_bind_s=MagicMock(side_effect=[None, INVALID_CREDENTIALS]))
mocker.patch('flask_multipass.providers.ldap.util.ReconnectLDAPObject', return_value=ldap_conn)
auth_provider = LDAPAuthProvider(None, 'LDAP test provider', settings)
with pytest.raises(InvalidCredentials):
auth_provider.process_local_login(data)
ldap_conn.simple_bind_s.assert_called_with(user_dn(data['username']), data['password'])
def test_authenticate_invalid_user(mocker, settings, data):
mocker.patch('flask_multipass.providers.ldap.providers.get_user_by_id',
return_value=(None, {
'cn': ['Configuration']
}))
ldap_conn = MagicMock(simple_bind_s=MagicMock())
mocker.patch('flask_multipass.providers.ldap.util.ReconnectLDAPObject',
return_value=ldap_conn)
auth_provider = LDAPAuthProvider(None, 'LDAP test provider', settings)
with pytest.raises(NoSuchUser):
auth_provider.process_local_login(data)
def test_authenticate(mocker, settings, data):
def user_dn(user):
return 'dn={0},dc=example,dc=com'.format(user)
mocker.patch('flask_multipass.providers.ldap.providers.get_user_by_id',
return_value=(user_dn(data['username']), {settings['ldap']['uid']: [data['username']]}))
ldap_conn = MagicMock(simple_bind_s=MagicMock())
mocker.patch('flask_multipass.providers.ldap.util.ReconnectLDAPObject', return_value=ldap_conn)
multipass = MagicMock()
auth_provider = LDAPAuthProvider(multipass, 'LDAP test provider', settings)
auth_provider.process_local_login(data)
ldap_conn.simple_bind_s.assert_called_with(user_dn(data['username']), data['password'])
auth_info = multipass.handle_auth_success.call_args[0][0]
assert auth_info.data['identifier'] == data['username']
def test_default_authp_settings(mocker, required_settings, expected_settings):
certifi = mocker.patch('flask_multipass.providers.ldap.providers.certifi')
certifi.where.return_value = '/default/ca-certs-file'
multipass = MagicMock()
authp = LDAPAuthProvider(multipass, 'LDAP test provider',
{'ldap': required_settings})
assert authp.ldap_settings == expected_settings
def test_authenticate_invalid_credentials(mocker, settings, data):
def user_dn(user):
return 'dn={0},dc=example,dc=com'.format(user)
mocker.patch('flask_multipass.providers.ldap.providers.get_user_by_id',
return_value=(user_dn(data['username']), {
settings['ldap']['uid']: [data['username']]
}))
ldap_conn = MagicMock(simple_bind_s=MagicMock(
side_effect=[None, INVALID_CREDENTIALS]))
mocker.patch('flask_multipass.providers.ldap.util.ReconnectLDAPObject',
return_value=ldap_conn)
auth_provider = LDAPAuthProvider(None, 'LDAP test provider', settings)
with pytest.raises(InvalidCredentials):
auth_provider.process_local_login(data)
ldap_conn.simple_bind_s.assert_called_with(user_dn(data['username']),
data['password'])
def test_authenticate(mocker, settings, data):
def user_dn(user):
return 'dn={0},dc=example,dc=com'.format(user)
mocker.patch('flask_multipass.providers.ldap.providers.get_user_by_id',
return_value=(user_dn(data['username']), {
settings['ldap']['uid']: [data['username']]
}))
ldap_conn = MagicMock(simple_bind_s=MagicMock())
mocker.patch('flask_multipass.providers.ldap.util.ReconnectLDAPObject',
return_value=ldap_conn)
multipass = MagicMock()
auth_provider = LDAPAuthProvider(multipass, 'LDAP test provider', settings)
auth_provider.process_local_login(data)
ldap_conn.simple_bind_s.assert_called_with(user_dn(data['username']),
data['password'])
auth_info = multipass.handle_auth_success.call_args[0][0]
assert auth_info.data['identifier'] == data['username']
