Exemple #1
0
 def testToString(self):
     """Tests that the __unicode__ function creates a string"""
     
     user = User(username="******")
     user.save()
     rpx_data = RpxData(user=user)
     rpx_data.save()
     rpx_string = str(rpx_data)
     self.assert_(rpx_string.__class__ == str)
     
     RpxBackend.delete_user(self.backend, user)
Exemple #2
0
    def create_user(self, rpx_auth_info):
        """Creates user based on the RPX authentication info."""
        username = rpx_auth_info.get_user_name()

        user = dbutils.db_create(User, username=username, email=rpx_auth_info.get_email())
        if not user:
            raise Exception('Cannot create user (name = %s)' % username)
        self.logger.debug("RpxBackend: Created user(%s) as %s\r\n" % (user.username, str(user)))
        user.is_active = True
        user.is_staff = False
        user.is_superuser = False
        user.set_unusable_password()
        user.save()
        rpxdata = RpxData(key_name=self.create_rpx_key(rpx_auth_info.get_rpx_id()), user=user)
        rpxdata.save()
        self.logger.debug("RpxBackend: RpxData created\r\n")

        return user
Exemple #3
0
 def testDeleteUser(self):
     """Tests RpxBackend.delete_user().
     
     Tests that both the user and the associated RPX data entries are deleted.
     
     """
     user, auth_info = self.__create_normal_user__()
     
     user_key = user.key()
     
     number_of_users_entries = User.all().count()
     number_of_rpx_entries = RpxData.all().count()
     
     RpxBackend.delete_user(self.backend, user)
     
     self.assert_(User.all().count() == number_of_users_entries - 1)
     self.assert_(RpxData.all().count() == number_of_rpx_entries - 1)
     self.assert_(RpxBackend.get_user(self.backend, user_key) == None)
Exemple #4
0
    def map_id_to_existing_user(self, token, user):
        """Map existing user to new open ID.

        This function should be used to add new open IDs to users that already
        are authenticated.
        
        """
        if not token and not user:
            raise ValueError
        
        auth_info = api.get_auth_info(token)
        
        if auth_info.get_status() == RpxAuthInfo.OK:
            
            # Make sure that this id isn't used
            existing_user = self.get_user_by_rpx_id(auth_info.get_rpx_id())
            
            if not existing_user:
                rpxdata = RpxData(key_name=self.create_rpx_key(auth_info.get_rpx_id()), user=user)
                rpxdata.save()
Exemple #5
0
    def get_user_by_rpx_id(self, rpx_id):
        """Returns user using the RPX ID."""
        if not rpx_id:
            raise ValueError
        
        rpxData = RpxData.get_by_key_name(self.create_rpx_key(rpx_id)) # Returns None if not found

        if (rpxData):
            return rpxData.user
        else:
            return None
Exemple #6
0
 def testGetUserFromId(self):
     """Tests RpxBackend.get_user().
     
     Make sure it handles None and negative results.
     
     """
     
     try:
         RpxBackend.get_user(self.backend, None)
         self.assert_(False)
     except:
         pass
     
     self.assert_(RpxBackend.get_user(self.backend, "willnotfind") == None)
     
     user = User(username="******")
     user.save()
     rpx_data = RpxData(user=user)
     rpx_data.save()
     
     #Test that is can handle key from non User class and returns None
     self.assert_(RpxBackend.get_user(self.backend, rpx_data.key()) == None)
     
     RpxBackend.delete_user(self.backend, user)
Exemple #7
0
    def authenticate(self, token=''):
        """
        TODO: pass in a message array here which can be filled with an error
        message with failure response
        """
        from django.utils import simplejson
        import urllib
        import urllib2

        url = 'https://rpxnow.com/api/v2/auth_info'
        args = {
          'format': 'json',
          'apiKey': settings.RPXNOW_API_KEY,
          'token': token
        }
        r = urllib2.urlopen(url=url,
          data=urllib.urlencode(args),
        )
        json = simplejson.load(r)
        if json['stat'] <> 'ok':
            return None
        profile = json['profile']
        rpx_id = profile['identifier']
        nickname = profile.get('displayName') or \
          profile.get('preferredUsername')
        email = profile.get('email', '')
        profile_pic_url = profile.get('photo')
        info_page_url = profile.get('url')
        provider=profile.get("providerName")

        user=self.get_user_by_rpx_id(rpx_id)
        
        if not user:
            #no match, create a new user - but there may be duplicate user names.
            username=nickname
            user=None
            try:
                i=0
                while True:
                    User.objects.get(username=username)
                    username=permute_name(nickname, i)
                    i+=1
            except User.DoesNotExist:
                #available name!
                user=User.objects.create_user(username, email)
            rpxdata=RpxData(identifier=rpx_id)
            # Store the origonal nickname for display
            user.first_name = nickname
            user.save()
            rpxdata.user=user
            rpxdata.save()
            
        if profile_pic_url:
            user.rpxdata.profile_pic_url=profile_pic_url
        if info_page_url:
            user.rpxdata.info_page_url=info_page_url
        if provider:
            user.rpxdata.provider=provider
        
        user.rpxdata.save()
        return user
    def authenticate(self, token=''):
        """
        TODO: pass in a message array here which can be filled with an error
        message with failure response
        """
        api = RpxApi()
        json = api.get_auth_info(token)
        if json['stat'] <> 'ok':
            return None
        profile = json['profile']
        rpx_id = profile['identifier']
        nickname = profile.get('displayName') or \
          profile.get('preferredUsername')
        email = profile.get('email', '')
        profile_pic_url = profile.get('photo')
        info_page_url = profile.get('url')
        provider=profile.get("providerName")

        user=self.get_user_by_rpx_id(rpx_id)
        
        if not user:
            # no match. we can try to match on email, though, provided that doesn't steal
            # an rpx association
            if email and profile['providerName'] in TRUSTED_PROVIDERS:
                #beware - this would allow account theft, so we only allow it
                #for trusted providers
                user_candidates=User.objects.all().filter(
                  rpxdata=None).filter(email=email)
                # if unambiguous, do it. otherwise, don't.
                if user_candidates.count()==1:
                    [user]=user_candidates
                    rpxdata=RpxData(identifier=rpx_id)
                else:
                    return None
            else:
                #no match, create a new user - but there may be duplicate user names.
                username=nickname
                user=None
                try:
                    i=0
                    while True:
                        User.objects.get(username=username)
                        username=permute_name(nickname, i)
                        i+=1
                except User.DoesNotExist:
                    #available name!
                    user=User.objects.create_user(username, email)
                rpxdata = RpxData(identifier=rpx_id)
                rpxdata.user=user
                try:
                    rpxdata.save()
                except:
                    # the object already exists
                    return False
        rpxdata = RpxData.objects.get(identifier=rpx_id)
        api.save_data(json, rpxdata, user)
        if profile_pic_url:
            rpxdata.profile_pic_url=profile_pic_url
        if info_page_url:
            rpxdata.info_page_url=info_page_url
        if provider:
            rpxdata.provider=provider
        rpxdata.save()
        return user