def test_effective_principals_when_theres_no_lti_user(
self, pyramid_request, _helpers):
pyramid_request.lti_user = None
policy = LTIAuthenticationPolicy()
principals = policy.effective_principals(pyramid_request)
_helpers.authenticated_userid.assert_not_called()
assert principals == [security.Everyone]
def test_effective_principals_when_theres_an_lti_user(
self, pyramid_request, _helpers):
policy = LTIAuthenticationPolicy()
principals = policy.effective_principals(pyramid_request)
_helpers.authenticated_userid.assert_called_once_with(
pyramid_request.lti_user)
assert principals == [
security.Everyone,
security.Authenticated,
_helpers.authenticated_userid.return_value,
"lti_user",
]
def test_it_returns_None_if_theres_no_lti_user(self, method_name,
pyramid_request):
pyramid_request.lti_user = None
policy = LTIAuthenticationPolicy()
method = getattr(policy, method_name)
assert method(pyramid_request) is None
class AuthenticationPolicy:
"""Top-level authentication policy that delegates to sub-policies."""
def __init__(self, lms_secret):
self._lti_authentication_policy = LTIAuthenticationPolicy()
self._auth_tkt_authentication_policy = AuthTktAuthenticationPolicy(
lms_secret, callback=groupfinder, hashalg="sha512"
)
def authenticated_userid(self, request):
return self._policy(request).authenticated_userid(request)
def unauthenticated_userid(self, request):
return self._policy(request).unauthenticated_userid(request)
def effective_principals(self, request):
return self._policy(request).effective_principals(request)
def remember(self, request, userid, **kw):
return self._policy(request).remember(request, userid, **kw)
def forget(self, request):
return self._policy(request).forget(request)
@functools.lru_cache(maxsize=1)
def _policy(self, request):
if self._lti_authentication_policy.authenticated_userid(request):
return self._lti_authentication_policy
return self._auth_tkt_authentication_policy
def test_it_returns_the_lti_userid(self, method_name, pyramid_request,
_helpers):
policy = LTIAuthenticationPolicy()
method = getattr(policy, method_name)
userid = method(pyramid_request)
_helpers.authenticated_userid.assert_called_once_with(
pyramid_request.lti_user)
assert userid == _helpers.authenticated_userid.return_value
def test_forget(self, pyramid_request):
LTIAuthenticationPolicy().forget(pyramid_request)
def test_remember(self, pyramid_request):
LTIAuthenticationPolicy().remember(pyramid_request,
"TEST_USERID",
kwarg=mock.sentinel.kwarg)
def __init__(self, lms_secret):
self._lti_authentication_policy = LTIAuthenticationPolicy()
self._auth_tkt_authentication_policy = AuthTktAuthenticationPolicy(
lms_secret, callback=groupfinder, hashalg="sha512"
)