def disconnect(self, provider, trans, disconnect_redirect_url=None, association_id=None):
on_the_fly_config(trans.sa_session)
self.config[setting_name('DISCONNECT_REDIRECT_URL')] =\
disconnect_redirect_url if disconnect_redirect_url is not None else ()
strategy = Strategy(trans.request, trans.session, Storage, self.config)
backend = self._load_backend(strategy, self.config['redirect_uri'])
response = do_disconnect(backend, trans.user, association_id)
if isinstance(response, six.string_types):
return True, "", response
return response.get('success', False), response.get('message', ""), ""
def disconnect(self, provider, trans, disconnect_redirect_url=None, association_id=None):
self._on_the_fly_config(trans)
self.config[setting_name('DISCONNECT_REDIRECT_URL')] =\
disconnect_redirect_url if disconnect_redirect_url is not None else ()
strategy = Strategy(trans, Storage, self.config)
backend = self._load_backend(strategy, self.config['redirect_uri'])
response = do_disconnect(backend, self._get_current_user(trans), association_id)
if isinstance(response, six.string_types):
return True, "", response
return response.get('success', False), response.get('message', ""), ""
def disconnect(request, provider, association_id=None):
request.social_strategy = DjangoStrategy(DjangoStorage, request)
try:
backend_cls = get_backend(BACKENDS, provider)
backend_obj = backend_cls(request.social_strategy, "")
except MissingBackend:
raise Http404('Backend not found')
return do_disconnect(backend_obj,
request.user,
association_id,
redirect_name=REDIRECT_FIELD_NAME)
def _disconnect():
"""Disconnects given backend from current logged in user."""
def on_disconnected(backend):
providers = current.plugin_social_auth.plugin.SOCIAL_AUTH_PROVIDERS
display_name = backend in providers and providers[backend]
current.plugin_social_auth.session.flash = \
'%s %s' % (current.plugin_social_auth.T('Removed logon: '), display_name or backend)
try:
return do_disconnect(current.strategy, get_current_user(),
association_id=current.request.vars.association_id,
on_disconnected=on_disconnected)
except Exception as e:
process_exception(e)
def test_full_pipeline_succeeds_for_unlinking_account(self):
# First, create, the request and strategy that store pipeline state,
# configure the backend, and mock out wire traffic.
request, strategy = self.get_request_and_strategy(
auth_entry=pipeline.AUTH_ENTRY_LOGIN, redirect_uri='social:complete')
request.backend.auth_complete = mock.MagicMock(return_value=self.fake_auth_complete(strategy))
user = self.create_user_models_for_existing_account(
strategy, '*****@*****.**', 'password', self.get_username())
self.assert_social_auth_exists_for_user(user, strategy)
# We're already logged in, so simulate that the cookie is set correctly
self.set_logged_in_cookies(request)
# Instrument the pipeline to get to the dashboard with the full
# expected state.
self.client.get(
pipeline.get_login_url(self.provider.provider_id, pipeline.AUTH_ENTRY_LOGIN))
actions.do_complete(request.backend, social_views._do_login, # pylint: disable=protected-access
request=request)
with self._patch_edxmako_current_request(strategy.request):
signin_user(strategy.request)
login_user(strategy.request)
actions.do_complete(request.backend, social_views._do_login, user=user, # pylint: disable=protected-access
request=request)
# First we expect that we're in the linked state, with a backend entry.
self.assert_account_settings_context_looks_correct(account_settings_context(request), linked=True)
self.assert_social_auth_exists_for_user(request.user, strategy)
# Fire off the disconnect pipeline to unlink.
self.assert_redirect_after_pipeline_completes(
actions.do_disconnect(
request.backend,
request.user,
None,
redirect_field_name=auth.REDIRECT_FIELD_NAME
)
)
# Now we expect to be in the unlinked state, with no backend entry.
self.assert_account_settings_context_looks_correct(account_settings_context(request), linked=False)
self.assert_social_auth_does_not_exist_for_user(user, strategy)
def test_full_pipeline_succeeds_for_unlinking_account(self):
# First, create, the request and strategy that store pipeline state,
# configure the backend, and mock out wire traffic.
request, strategy = self.get_request_and_strategy(
auth_entry=pipeline.AUTH_ENTRY_LOGIN, redirect_uri='social:complete')
request.backend.auth_complete = mock.MagicMock(return_value=self.fake_auth_complete(strategy))
user = self.create_user_models_for_existing_account(
strategy, '*****@*****.**', 'password', self.get_username())
self.assert_social_auth_exists_for_user(user, strategy)
# We're already logged in, so simulate that the cookie is set correctly
self.set_logged_in_cookies(request)
# Instrument the pipeline to get to the dashboard with the full
# expected state.
self.client.get(
pipeline.get_login_url(self.provider.provider_id, pipeline.AUTH_ENTRY_LOGIN))
actions.do_complete(request.backend, social_views._do_login, # pylint: disable=protected-access
request=request)
with self._patch_edxmako_current_request(strategy.request):
signin_user(strategy.request)
login_user(strategy.request)
actions.do_complete(request.backend, social_views._do_login, user=user, # pylint: disable=protected-access
request=request)
# First we expect that we're in the linked state, with a backend entry.
self.assert_account_settings_context_looks_correct(account_settings_context(request), linked=True)
self.assert_social_auth_exists_for_user(request.user, strategy)
# Fire off the disconnect pipeline to unlink.
self.assert_redirect_to_dashboard_looks_correct(
actions.do_disconnect(
request.backend,
request.user,
None,
redirect_field_name=auth.REDIRECT_FIELD_NAME
)
)
# Now we expect to be in the unlinked state, with no backend entry.
self.assert_account_settings_context_looks_correct(account_settings_context(request), linked=False)
self.assert_social_auth_does_not_exist_for_user(user, strategy)
def test_full_pipeline_succeeds_for_unlinking_testshib_account(
self,
mock_get_enterprise_customer_for_learner_settings_view,
mock_get_enterprise_customer_for_learner,
mock_enterprise_customer_for_request,
):
# First, create, the request and strategy that store pipeline state,
# configure the backend, and mock out wire traffic.
self.provider = self._configure_testshib_provider()
request, strategy = self.get_request_and_strategy(
auth_entry=pipeline.AUTH_ENTRY_LOGIN,
redirect_uri='social:complete')
request.backend.auth_complete = MagicMock(
return_value=self.fake_auth_complete(strategy))
user = self.create_user_models_for_existing_account(
strategy, '*****@*****.**', 'password', self.get_username())
self.assert_social_auth_exists_for_user(user, strategy)
request.user = user
# We're already logged in, so simulate that the cookie is set correctly
self.set_logged_in_cookies(request)
# linking a learner with enterprise customer.
enterprise_customer = EnterpriseCustomerFactory()
assert EnterpriseCustomerUser.objects.count(
) == 0, "Precondition check: no link records should exist"
EnterpriseCustomerUser.objects.link_user(enterprise_customer,
user.email)
self.assertTrue(
EnterpriseCustomerUser.objects.filter(
enterprise_customer=enterprise_customer,
user_id=user.id).count() == 1)
EnterpriseCustomerIdentityProvider.objects.get_or_create(
enterprise_customer=enterprise_customer,
provider_id=self.provider.provider_id)
enterprise_customer_data = {
'uuid': enterprise_customer.uuid,
'name': enterprise_customer.name,
'identity_provider': 'saml-default',
}
mock_enterprise_customer_for_request.return_value = enterprise_customer_data
mock_get_enterprise_customer_for_learner.return_value = enterprise_customer_data
mock_get_enterprise_customer_for_learner_settings_view.return_value = enterprise_customer_data
# Instrument the pipeline to get to the dashboard with the full expected state.
self.client.get(
pipeline.get_login_url(self.provider.provider_id,
pipeline.AUTH_ENTRY_LOGIN))
actions.do_complete(
request.backend,
social_views._do_login, # pylint: disable=protected-access
request=request)
with self._patch_edxmako_current_request(strategy.request):
login_user(strategy.request)
actions.do_complete(
request.backend,
social_views._do_login,
user=user, # pylint: disable=protected-access
request=request)
# First we expect that we're in the linked state, with a backend entry.
self.assert_account_settings_context_looks_correct(
account_settings_context(request), linked=True)
self.assert_social_auth_exists_for_user(request.user, strategy)
FEATURES_WITH_ENTERPRISE_ENABLED = settings.FEATURES.copy()
FEATURES_WITH_ENTERPRISE_ENABLED[
'ENABLE_ENTERPRISE_INTEGRATION'] = True
with patch.dict("django.conf.settings.FEATURES",
FEATURES_WITH_ENTERPRISE_ENABLED):
# Fire off the disconnect pipeline without the user information.
actions.do_disconnect(request.backend,
None,
None,
redirect_field_name=auth.REDIRECT_FIELD_NAME,
request=request)
self.assertNotEqual(
EnterpriseCustomerUser.objects.filter(
enterprise_customer=enterprise_customer,
user_id=user.id).count(), 0)
# Fire off the disconnect pipeline to unlink.
self.assert_redirect_after_pipeline_completes(
actions.do_disconnect(
request.backend,
user,
None,
redirect_field_name=auth.REDIRECT_FIELD_NAME,
request=request))
# Now we expect to be in the unlinked state, with no backend entry.
self.assert_account_settings_context_looks_correct(
account_settings_context(request), linked=False)
self.assert_social_auth_does_not_exist_for_user(user, strategy)
self.assertEqual(
EnterpriseCustomerUser.objects.filter(
enterprise_customer=enterprise_customer,
user_id=user.id).count(), 0)
def disconnect(request, backend, association_id=None):
"""Disconnects given backend from current logged in user."""
return do_disconnect(request.backend,
request.user,
association_id,
redirect_name=REDIRECT_FIELD_NAME)
def revoke(self, user, *args, **kwargs):
do_disconnect(self, user)
def disconnect(request, backend, association_id=None):
"""Disconnects given backend from current logged in user."""
return do_disconnect(request.backend, request.user, association_id,
redirect_name=REDIRECT_FIELD_NAME)
def test_full_pipeline_succeeds_for_unlinking_testshib_account(self):
# First, create, the request and strategy that store pipeline state,
# configure the backend, and mock out wire traffic.
self.provider = self._configure_testshib_provider()
request, strategy = self.get_request_and_strategy(
auth_entry=pipeline.AUTH_ENTRY_LOGIN, redirect_uri='social:complete')
request.backend.auth_complete = MagicMock(return_value=self.fake_auth_complete(strategy))
user = self.create_user_models_for_existing_account(
strategy, '*****@*****.**', 'password', self.get_username())
self.assert_social_auth_exists_for_user(user, strategy)
request.user = user
# We're already logged in, so simulate that the cookie is set correctly
self.set_logged_in_cookies(request)
# linking a learner with enterprise customer.
enterprise_customer = EnterpriseCustomerFactory()
assert EnterpriseCustomerUser.objects.count() == 0, "Precondition check: no link records should exist"
EnterpriseCustomerUser.objects.link_user(enterprise_customer, user.email)
self.assertTrue(
EnterpriseCustomerUser.objects.filter(enterprise_customer=enterprise_customer, user_id=user.id).count() == 1
)
EnterpriseCustomerIdentityProvider.objects.get_or_create(enterprise_customer=enterprise_customer,
provider_id=self.provider.provider_id)
# Instrument the pipeline to get to the dashboard with the full expected state.
self.client.get(
pipeline.get_login_url(self.provider.provider_id, pipeline.AUTH_ENTRY_LOGIN))
actions.do_complete(request.backend, social_views._do_login, # pylint: disable=protected-access
request=request)
with self._patch_edxmako_current_request(strategy.request):
signin_user(strategy.request)
login_user(strategy.request)
actions.do_complete(request.backend, social_views._do_login, user=user, # pylint: disable=protected-access
request=request)
# First we expect that we're in the linked state, with a backend entry.
self.assert_account_settings_context_looks_correct(account_settings_context(request), linked=True)
self.assert_social_auth_exists_for_user(request.user, strategy)
# Fire off the disconnect pipeline without the user information.
actions.do_disconnect(
request.backend,
None,
None,
redirect_field_name=auth.REDIRECT_FIELD_NAME,
request=request
)
self.assertFalse(
EnterpriseCustomerUser.objects.filter(enterprise_customer=enterprise_customer, user_id=user.id).count() == 0
)
# Fire off the disconnect pipeline to unlink.
self.assert_redirect_to_dashboard_looks_correct(
actions.do_disconnect(
request.backend,
user,
None,
redirect_field_name=auth.REDIRECT_FIELD_NAME,
request=request
)
)
# Now we expect to be in the unlinked state, with no backend entry.
self.assert_account_settings_context_looks_correct(account_settings_context(request), linked=False)
self.assert_social_auth_does_not_exist_for_user(user, strategy)
self.assertTrue(
EnterpriseCustomerUser.objects.filter(enterprise_customer=enterprise_customer, user_id=user.id).count() == 0
)
def disconnect(backend, association_id=None):
return do_disconnect(g.backend, g.user, association_id)
def disconnect(request):
return do_disconnect(request.backend,
request.user,
request.matchdict.get('association_id'),
redirect_name='next')
def disconnect(backend, association_id=None):
"""Disconnects given backend from current logged in user."""
return do_disconnect(g.backend, current_user, association_id)
def post(self):
do_disconnect()
def disconnect(self, backend, association_id=None):
user = getattr(cherrypy.request, 'user', None)
return do_disconnect(self.backend, user, association_id)
def POST(self, backend, association_id=None):
return do_disconnect(self.backend, self.get_current_user(),
association_id)
