def signin_return(self): """Handle returned request from OpenID 2.0 IdP.""" session = api_utils.get_user_session() if pecan.request.GET.get(const.OPENID_ERROR): api_utils.delete_params_from_user_session([const.CSRF_TOKEN]) self._auth_failure(pecan.request.GET.get(const.OPENID_ERROR)) if pecan.request.GET.get(const.OPENID_MODE) == 'cancel': api_utils.delete_params_from_user_session([const.CSRF_TOKEN]) self._auth_failure('Authentication canceled.') session_token = session.get(const.CSRF_TOKEN) request_token = pecan.request.GET.get(const.CSRF_TOKEN) if request_token != session_token: api_utils.delete_params_from_user_session([const.CSRF_TOKEN]) self._auth_failure('Authentication failed. Please try again.') api_utils.verify_openid_request(pecan.request) user_info = { 'openid': pecan.request.GET.get(const.OPENID_CLAIMED_ID), 'email': pecan.request.GET.get(const.OPENID_NS_SREG_EMAIL), 'fullname': pecan.request.GET.get(const.OPENID_NS_SREG_FULLNAME) } user = db.user_save(user_info) api_utils.delete_params_from_user_session([const.CSRF_TOKEN]) session[const.USER_OPENID] = user.openid session.save() pecan.redirect(CONF.ui_url)
def test_verify_openid_request(self, mock_abort, mock_post): mock_response = mock.Mock() mock_response.content = ('is_valid:true\n' 'ns:http://specs.openid.net/auth/2.0\n') mock_response.status_code = 200 mock_post.return_value = mock_response mock_request = mock.Mock() mock_request.params = { const.OPENID_NS_SREG_EMAIL: '*****@*****.**', const.OPENID_NS_SREG_FULLNAME: 'foo' } self.assertTrue(api_utils.verify_openid_request(mock_request)) mock_response.content = ('is_valid:false\n' 'ns:http://specs.openid.net/auth/2.0\n') api_utils.verify_openid_request(mock_request) mock_abort.assert_called_once_with( 401, 'Authentication is failed. Try again.') mock_abort.reset_mock() mock_response.content = ('is_valid:true\n' 'ns:http://specs.openid.net/auth/2.0\n') mock_request.params = { const.OPENID_NS_SREG_EMAIL: '*****@*****.**', } api_utils.verify_openid_request(mock_request) mock_abort.assert_called_once_with( 401, 'Authentication is failed. ' 'Please permit access to your name.')
def test_verify_openid_request(self, mock_abort, mock_post): mock_response = mock.Mock() mock_response.content = ('is_valid:true\n' 'ns:http://specs.openid.net/auth/2.0\n') mock_response.status_code = 200 mock_post.return_value = mock_response mock_request = mock.Mock() mock_request.params = { const.OPENID_NS_SREG_EMAIL: '*****@*****.**', const.OPENID_NS_SREG_FULLNAME: 'foo' } self.assertTrue(api_utils.verify_openid_request(mock_request)) mock_response.content = ('is_valid:false\n' 'ns:http://specs.openid.net/auth/2.0\n') api_utils.verify_openid_request(mock_request) mock_abort.assert_called_once_with( 401, 'Authentication is failed. Try again.' ) mock_abort.reset_mock() mock_response.content = ('is_valid:true\n' 'ns:http://specs.openid.net/auth/2.0\n') mock_request.params = { const.OPENID_NS_SREG_EMAIL: '*****@*****.**', } api_utils.verify_openid_request(mock_request) mock_abort.assert_called_once_with( 401, 'Authentication is failed. ' 'Please permit access to your name.' )
def test_verify_openid_request(self, mock_abort, mock_post): mock_response = mock.Mock() mock_response.content = "is_valid:true\n" "ns:http://specs.openid.net/auth/2.0\n" mock_response.status_code = 200 mock_post.return_value = mock_response mock_request = mock.Mock() mock_request.params = {const.OPENID_NS_SREG_EMAIL: "*****@*****.**", const.OPENID_NS_SREG_FULLNAME: "foo"} self.assertEqual(True, api_utils.verify_openid_request(mock_request)) mock_response.content = "is_valid:false\n" "ns:http://specs.openid.net/auth/2.0\n" api_utils.verify_openid_request(mock_request) mock_abort.assert_called_once_with(401, "Authentication is failed. Try again.") mock_abort.reset_mock() mock_response.content = "is_valid:true\n" "ns:http://specs.openid.net/auth/2.0\n" mock_request.params = {const.OPENID_NS_SREG_EMAIL: "*****@*****.**"} api_utils.verify_openid_request(mock_request) mock_abort.assert_called_once_with(401, "Authentication is failed. " "Please permit access to your name.")