def test_backend_for_failed_auth(monkeypatch, django_user_model):
"""
Test CAS authentication failure.
"""
factory = RequestFactory()
request = factory.get('/login/')
request.session = {}
def mock_verify(ticket, service):
return None, {}
# we mock out the verify method so that we can bypass the external http
# calls needed for real authentication since we are testing the logic
# around authentication.
monkeypatch.setattr('django_cas_ng.backends._verify', mock_verify)
assert not django_user_model.objects.filter(
username='******',
).exists()
backend = CASBackend()
user = backend.authenticate(
ticket='fake-ticket', service='fake-service', request=request,
)
assert user is None
assert not django_user_model.objects.filter(
username='******',
).exists()
def test_backend_authentication_creating_a_user(monkeypatch, django_user_model):
"""
Test the case where CAS authentication is creating a new user.
"""
factory = RequestFactory()
request = factory.get('/login/')
request.session = {}
def mock_verify(ticket, service):
return '*****@*****.**', {'ticket': ticket, 'service': service}
# we mock out the verify method so that we can bypass the external http
# calls needed for real authentication since we are testing the logic
# around authentication.
monkeypatch.setattr('django_cas_ng.backends._verify', mock_verify)
# sanity check
assert not django_user_model.objects.filter(
username='******',
).exists()
backend = CASBackend()
user = backend.authenticate(
ticket='fake-ticket', service='fake-service', request=request,
)
assert user is not None
assert user.username == '*****@*****.**'
assert django_user_model.objects.filter(
username='******',
).exists()
def test_signal_when_user_already_exists(monkeypatch, django_user_model):
"""
Test that when CAS authentication creates a user, the signal is called with
`created = False`
"""
factory = RequestFactory()
request = factory.get("/login/")
request.session = {}
def mock_verify(ticket, service):
return "*****@*****.**", {"ticket": ticket, "service": service}
callback_values = {}
@receiver(cas_user_authenticated)
def callback(sender, **kwargs):
callback_values.update(kwargs)
# we mock out the verify method so that we can bypass the external http
# calls needed for real authentication since we are testing the logic
# around authentication.
monkeypatch.setattr("django_cas_ng.backends._verify", mock_verify)
# sanity check
existing_user = django_user_model.objects.create_user("*****@*****.**", "")
backend = CASBackend()
user = backend.authenticate(ticket="fake-ticket", service="fake-service", request=request)
assert "user" in callback_values
assert callback_values.get("user") == user == existing_user
assert callback_values.get("created") == False
assert "attributes" in callback_values
assert "ticket" in callback_values
assert "service" in callback_values
def test_signal_not_fired_if_auth_fails(monkeypatch, django_user_model):
"""
Test that the cas_user_authenticated signal is not fired when CAS
authentication fails.
"""
factory = RequestFactory()
request = factory.get('/login/')
request.session = {}
def mock_verify(ticket, service):
return None, {}
callback_values = {}
@receiver(cas_user_authenticated)
def callback(sender, **kwargs):
callback_values.update(kwargs)
# we mock out the verify method so that we can bypass the external http
# calls needed for real authentication since we are testing the logic
# around authentication.
monkeypatch.setattr('django_cas_ng.backends._verify', mock_verify)
# sanity check
backend = CASBackend()
user = backend.authenticate(
ticket='fake-ticket',
service='fake-service',
request=request,
)
assert user is None
assert callback_values == {}
def test_signal_not_fired_if_auth_fails(monkeypatch, django_user_model):
"""
Test that the cas_user_authenticated signal is not fired when CAS
authentication fails.
"""
factory = RequestFactory()
request = factory.get('/login/')
request.session = {}
def mock_verify(ticket, service):
return None, {}, None
callback_values = {}
@receiver(cas_user_authenticated)
def callback(sender, **kwargs):
callback_values.update(kwargs)
# we mock out the verify method so that we can bypass the external http
# calls needed for real authentication since we are testing the logic
# around authentication.
monkeypatch.setattr('cas.CASClientV2.verify_ticket', mock_verify)
# sanity check
backend = CASBackend()
user = backend.authenticate(
ticket='fake-ticket', service='fake-service', request=request,
)
assert user is None
assert callback_values == {}
def test_backend_for_failed_auth(monkeypatch, django_user_model):
"""
Test CAS authentication failure.
"""
factory = RequestFactory()
request = factory.get('/login/')
request.session = {}
def mock_verify(ticket, service):
return None, {}
# we mock out the verify method so that we can bypass the external http
# calls needed for real authentication since we are testing the logic
# around authentication.
monkeypatch.setattr('django_cas_ng.backends._verify', mock_verify)
assert not django_user_model.objects.filter(
username='******',
).exists()
backend = CASBackend()
user = backend.authenticate(
ticket='fake-ticket', service='fake-service', request=request,
)
assert user is None
assert not django_user_model.objects.filter(
username='******',
).exists()
def test_backend_authentication_creating_a_user(monkeypatch, django_user_model):
"""
Test the case where CAS authentication is creating a new user.
"""
factory = RequestFactory()
request = factory.get('/login/')
request.session = {}
def mock_verify(ticket, service):
return '*****@*****.**', {'ticket': ticket, 'service': service}
# we mock out the verify method so that we can bypass the external http
# calls needed for real authentication since we are testing the logic
# around authentication.
monkeypatch.setattr('django_cas_ng.backends._verify', mock_verify)
# sanity check
assert not django_user_model.objects.filter(
username='******',
).exists()
backend = CASBackend()
user = backend.authenticate(
ticket='fake-ticket', service='fake-service', request=request,
)
assert user is not None
assert user.username == '*****@*****.**'
assert django_user_model.objects.filter(
username='******',
).exists()
def test_signal_fired_if_django_auth_fails(monkeypatch, django_user_model,
settings):
"""
Test that the cas_user_cannot_authenticate signal is fired when CAS
authentication fails because CAS verified the signal but the user cannot login
"""
settings.CAS_CREATE_USER = False
factory = RequestFactory()
request = factory.get('/login/')
request.session = {}
def mock_verify(ticket, service):
return '*****@*****.**', {'ticket': ticket, 'service': service}, None
callback_values = {}
fail_callback_values = {}
@receiver(cas_user_authenticated)
def callback(sender, **kwargs):
callback_values.update(kwargs)
@receiver(cas_user_cannot_authenticate)
def fail_callback(sender, **kwargs):
fail_callback_values.update(kwargs)
# we mock out the verify method so that we can bypass the external http
# calls needed for real authentication since we are testing the logic
# around authentication.
monkeypatch.setattr('cas.CASClientV2.verify_ticket', mock_verify)
# sanity check
django_user_model.objects.filter(username='******').delete()
backend = CASBackend()
user = backend.authenticate(
ticket='fake-ticket',
service='fake-service',
request=request,
)
assert user is None
assert callback_values == {}
assert 'user' in fail_callback_values
assert fail_callback_values.get('user') == None
assert 'ticket' in fail_callback_values
assert 'request' in fail_callback_values
assert fail_callback_values.get('created') == False
def test_signal_when_user_already_exists(monkeypatch, django_user_model):
"""
Test that when CAS authentication creates a user, the signal is called with
`created = False`
"""
factory = RequestFactory()
request = factory.get('/login/')
request.session = {}
def mock_verify(ticket, service):
return '*****@*****.**', {'ticket': ticket, 'service': service}, None
callback_values = {}
fail_callback_values = {}
@receiver(cas_user_authenticated)
def callback(sender, **kwargs):
callback_values.update(kwargs)
@receiver(cas_user_cannot_authenticate)
def fail_callback(sender, **kwargs):
fail_callback_values.update(kwargs)
# we mock out the verify method so that we can bypass the external http
# calls needed for real authentication since we are testing the logic
# around authentication.
monkeypatch.setattr('cas.CASClientV2.verify_ticket', mock_verify)
# sanity check
existing_user = django_user_model.objects.create_user(
'*****@*****.**',
'',
)
backend = CASBackend()
user = backend.authenticate(
ticket='fake-ticket',
service='fake-service',
request=request,
)
assert 'user' in callback_values
assert callback_values.get('user') == user == existing_user
assert callback_values.get('created') == False
assert 'attributes' in callback_values
assert 'ticket' in callback_values
assert 'service' in callback_values
assert fail_callback_values == {}
def test_signal_when_user_is_created(monkeypatch, django_user_model):
"""
Test that when CAS authentication creates a user, the signal is called with
`created = True`
"""
factory = RequestFactory()
request = factory.get('/login/')
request.session = {}
def mock_verify(ticket, service):
return '*****@*****.**', {'ticket': ticket, 'service': service}
callback_values = {}
@receiver(cas_user_authenticated)
def callback(sender, **kwargs):
callback_values.update(kwargs)
# we mock out the verify method so that we can bypass the external http
# calls needed for real authentication since we are testing the logic
# around authentication.
monkeypatch.setattr('django_cas_ng.backends._verify', mock_verify)
# sanity check
assert not django_user_model.objects.filter(
username='******', ).exists()
backend = CASBackend()
user = backend.authenticate(
ticket='fake-ticket',
service='fake-service',
request=request,
)
assert 'user' in callback_values
assert callback_values.get('user') == user
assert callback_values.get('created') == True
assert 'attributes' in callback_values
assert 'ticket' in callback_values
assert 'service' in callback_values
def test_signal_when_user_already_exists(monkeypatch, django_user_model):
"""
Test that when CAS authentication creates a user, the signal is called with
`created = False`
"""
factory = RequestFactory()
request = factory.get('/login/')
request.session = {}
def mock_verify(ticket, service):
return '*****@*****.**', {'ticket': ticket, 'service': service}, None
callback_values = {}
@receiver(cas_user_authenticated)
def callback(sender, **kwargs):
callback_values.update(kwargs)
# we mock out the verify method so that we can bypass the external http
# calls needed for real authentication since we are testing the logic
# around authentication.
monkeypatch.setattr('cas.CASClientV2.verify_ticket', mock_verify)
# sanity check
existing_user = django_user_model.objects.create_user(
'*****@*****.**', '',
)
backend = CASBackend()
user = backend.authenticate(
ticket='fake-ticket', service='fake-service', request=request,
)
assert 'user' in callback_values
assert callback_values.get('user') == user == existing_user
assert callback_values.get('created') == False
assert 'attributes' in callback_values
assert 'ticket' in callback_values
assert 'service' in callback_values