def test_handle_no_user(self):
     """
     This is a complex functional/integration test, hitting the following:
         create_user
             identifier_from_data
             create_profile
                 update_profile_from_graph
             handle_unauthenticated_user
                 login_user
                 persist
     """
     class session_like_obj(dict):
         # an alternative to http://code.djangoproject.com/ticket/10899
         def __init__(self):
             dict.__init__(self)
             self['_auth_user_id'] = 'notme'
             self.flush = lambda: True
             self.set_expiry = Mock()
     pseudo_session = session_like_obj()
     self.request.session = pseudo_session
     callback = DefaultFacebookCallback()
     user_data = {'name':'new_user','id':'newfacebookid'}
     resp = callback.handle_no_user(self.request, self.access, self.token,
             user_data)
     ident = callback.identifier_from_data(user_data)
     expected_user = User.objects.get(username=ident)
     # was the expected user created and returned
     self.assertEquals(resp,expected_user)
     # was the set_expiry method called on the session
     # could check expected date also
     self.assertTrue(pseudo_session.set_expiry.called)
     # check that user data was persisted
     assoc_obj = UserAssociation.objects.get(identifier=user_data['id'])
     self.assertEquals(self.token.expires, assoc_obj.expires)
 def test_update_profile_from_graph(self):
     callback = DefaultFacebookCallback()
     class DummyProfile(object):
         def __init__(self):
             self.color = "blue"
     profile = DummyProfile()
     ret_p = callback.update_profile_from_graph(self.request, self.access,
             self.token, profile)
     self.assertEquals(ret_p.color,'red')
Exemple #3
0
    def post(self, request, format=None):
        
        #return 200 if user is already authenticated
        if request.user is not None :
            logger.debug("mobileauth invoked with user %s on session" % request.user);
            if request.user.is_authenticated():
                logger.debug("mobileauth invoked with authenticated user on session");
                return Response(None,status=204);

        #validate the access token by hitting graph.facebook.com
        fbAuthToken = request.DATA['access_token'];
        if fbAuthToken is None:
            return Response("access_token is missing", status=400);
        urlStream = urllib.urlopen("https://graph.facebook.com/me?access_token=%s" % fbAuthToken);
        raw_data = urlStream.read();
        fbResponseCode = urlStream.getcode();
        if fbResponseCode <> 200:
            logger.debug("failed to verify access token. response code: %s. message: %s" % (fbResponseCode, raw_data));
            return Response("failed to verify access token", status=500);
        fbResponse = json.loads(raw_data);
        fbUserId = fbResponse['id'];
        
        #let an instance of the LaFacebook default callback handle Django auth
        lafbCallback = DefaultFacebookCallback()
        existing_user = lafbCallback.lookup_user(None, None, fbResponse);
        logger.debug("existing user? %s" % existing_user);
        if existing_user is None:
            #create user record
            access = OAuthAccess()
            existing_user = lafbCallback.create_user(request._request, access, OAuth20Token(fbAuthToken), fbResponse);
        else:
            username = existing_user.username;
            logger.debug("query for user %s" % username);
            userObj = User.objects.get(username=username);
            lafbCallback.login_user(request._request, userObj);
            
        #return success & the user id if everything worked
        response = {};
        response['id'] = fbResponse['id'];
        logger.debug("existing_user %s", existing_user);
        authUserPk = existing_user.id;
        response['token'] = Token.objects.get(user=existing_user).key;
        logger.debug("csrf dict: %s" % csrf.get_token(request));
        if existing_user.is_authenticated():
            return Response(response, status=200);
        else:
            return Response("Authentication failed for %s" % fbUserId, status=500);
 def test_fectch_user_data(self):
     callback = DefaultFacebookCallback()
     ud = callback.fetch_user_data(self.request, self.access, 'faketoken')
     self.assertEquals(ud['id'], 'facebookid')
 def test_lookup_user_does_not_exist(self):
     callback = DefaultFacebookCallback()
     user = callback.lookup_user(self.request, self.access,{'id':'bad-id'})
     self.assertEquals(user,None)
 def test_lookup_user_exists(self):
     callback = DefaultFacebookCallback()
     user = callback.lookup_user(self.request, self.access,{'id':'facebookid'})
     self.assertEquals(user, self.test_user)