class OAuthServiceTest(TestWithMongo): def setUp(self, *args, **kwargs): self.store = TestingMongoStore(self.conn, self.database_name) def test_get_login_url(self): managers = {"google": MockOAuthManager("google", "user1"), "github": MockOAuthManager("github", "user1")} oauth_service = OAuthService(self.store, managers) login_url = oauth_service.get_url_for_provider_login("google") self.assertEqual(login_url, "url for google login") login_url = oauth_service.get_url_for_provider_login("github") self.assertEqual(login_url, "url for github login") def test_login_and_register(self): # User exists with same token, url must be login url uid, brl_user = self.store.generate_non_persistent_user() managers = {"google": MockOAuthManager("google", brl_user), "github": MockOAuthManager("github", brl_user)} oauth_service = OAuthService(self.store, managers) user = User(brl_user) user.oauth_google_token = "ACCESS_TOKEN_google_%s" % brl_user self.store.create_user(user, uid) state_string = generate_state_string("google") url = oauth_service.handle_register_or_login(state_string, "somecode") self.assertIn("/accounts/login?", url) # User exists but not token, just email, so user is saved # with access token and go to login uid, brl_user = self.store.generate_non_persistent_user() managers = {"google": MockOAuthManager("google", brl_user), "github": MockOAuthManager("github", brl_user)} oauth_service = OAuthService(self.store, managers) user = User(brl_user) user.email = "*****@*****.**" % brl_user self.store.create_user(user, uid) state_string = generate_state_string("github") url = oauth_service.handle_register_or_login(state_string, "somecode") user = self.store.read_user(brl_user) self.assertEquals(user.oauth_github_token, "ACCESS_TOKEN_github_%s" % brl_user) self.assertIn("/accounts/login?", url) # User NO NOT exist (token nor email are found) # with access token and go to register page managers = {"google": MockOAuthManager("google", "fakeuser"), "github": MockOAuthManager("github", "fakeuser")} oauth_service = OAuthService(self.store, managers) state_string = generate_state_string("github") url = oauth_service.handle_register_or_login(state_string, "somecode") self.assertIn("/accounts/signup?access_token=ACCESS_TOKEN_github", url) self.assertIn("provider=github", url)
class OAuthServiceTest(TestWithMongo): def setUp(self, *args, **kwargs): self.store = TestingMongoStore(self.conn, self.database_name) def test_get_login_url(self): managers = { "google": MockOAuthManager("google", "user1"), "github": MockOAuthManager("github", "user1") } oauth_service = OAuthService(self.store, managers) login_url = oauth_service.get_url_for_provider_login("google") self.assertEqual(login_url, "url for google login") login_url = oauth_service.get_url_for_provider_login("github") self.assertEqual(login_url, "url for github login") def test_login_and_register(self): # User exists with same token, url must be login url uid, brl_user = self.store.generate_non_persistent_user() managers = { "google": MockOAuthManager("google", brl_user), "github": MockOAuthManager("github", brl_user) } oauth_service = OAuthService(self.store, managers) user = User(brl_user) user.oauth_google_token = "ACCESS_TOKEN_google_%s" % brl_user self.store.create_user(user, uid) state_string = generate_state_string("google") url = oauth_service.handle_register_or_login(state_string, "somecode") self.assertIn("/accounts/login?", url) # User exists but not token, just email, so user is saved # with access token and go to login uid, brl_user = self.store.generate_non_persistent_user() managers = { "google": MockOAuthManager("google", brl_user), "github": MockOAuthManager("github", brl_user) } oauth_service = OAuthService(self.store, managers) user = User(brl_user) user.email = "*****@*****.**" % brl_user self.store.create_user(user, uid) state_string = generate_state_string("github") url = oauth_service.handle_register_or_login(state_string, "somecode") user = self.store.read_user(brl_user) self.assertEquals(user.oauth_github_token, "ACCESS_TOKEN_github_%s" % brl_user) self.assertIn("/accounts/login?", url) # User NO NOT exist (token nor email are found) # with access token and go to register page managers = { "google": MockOAuthManager("google", "fakeuser"), "github": MockOAuthManager("github", "fakeuser") } oauth_service = OAuthService(self.store, managers) state_string = generate_state_string("github") url = oauth_service.handle_register_or_login(state_string, "somecode") self.assertIn("/accounts/signup?access_token=ACCESS_TOKEN_github", url) self.assertIn("provider=github", url)
class UserServiceTest(TestWithMongo): def setUp(self, *args, **kwargs): self.store = TestingMongoStore(self.conn, self.database_name) _, self.brl_user = self.store.generate_non_persistent_user() self.user_service = UserService(self.store, self.brl_user) self.email = "*****@*****.**" % self.brl_user self.plain_password = "******" allow_mailing = False self.bii_user = self.user_service.register(self.brl_user, self.email, self.plain_password, allow_mailing) self.manager = JWTConfirmEmailManagerFactory.new() _, self.confirmed_user, _ = self.user_service.confirm_account(self.bii_user.confirmation_token) def test_used_register(self): '''Resgister and confirm user''' self.assertEqual(self.bii_user.ID, self.confirmed_user) def test_invite_register(self): # Input login ok self.user_service.register("newuser", "*****@*****.**", self.plain_password, True, invited_by=self.brl_user) saved_user = self.store.read_user("newuser") self.assertEquals(saved_user.invited_by, self.brl_user) # Input login bad (not exist) self.assertRaises(ControledErrorException, self.user_service.register, "newuser2", "*****@*****.**", self.plain_password, True, invited_by="noexistuser") # Input by email ok self.user_service.register("newuser2", "*****@*****.**", self.plain_password, True, invited_by=self.email) saved_user = self.store.read_user("newuser2") self.assertEquals(saved_user.invited_by, self.brl_user) # Input by email error self.assertRaises(ControledErrorException, self.user_service.register, "newuser3", "*****@*****.**", self.plain_password, True, invited_by="*****@*****.**") def test_invalid_token(self): '''Obtain a valid token and then change password. Token must be invalid''' brl_user, token_1 = self.user_service.authenticate(self.brl_user, self.plain_password) # Check the token is valid manager = JWTCredentialsManagerFactory.new(self.store) brl_user_test = manager.get_user(token_1) self.assertEqual(brl_user, brl_user_test) sleep(0.1) # Sleep a moment and change the password # Now change password and re-check old token self.user_service.change_password(self.brl_user, self.plain_password, "Newp@sW0rd") # Check the token is invalid (can't authenticate) self.assertRaises(DecodeError, manager.get_user, token_1) @patch('biicode.server.user.user_service.get_oauth_service') def test_oauth_register(self, get_oauth_service): # Check that if provider and access_token is passed to register, user # is activated automatically and access_token is stored in user email = "*****@*****.**" _, brl_user = self.store.generate_non_persistent_user() oauth_service = Mock() oauth_service.get_user_info = Mock(return_value=(brl_user, email)) get_oauth_service.return_value = oauth_service self.bii_user = self.user_service.register(brl_user, email, self.plain_password, True, "google", "THE_ACCESS_TOKEN") saved_user = self.store.read_user(brl_user) self.assertEqual(saved_user.oauth_google_token, "THE_ACCESS_TOKEN") self.assertIsNone(saved_user.oauth_github_token) self.assertEqual(saved_user.active, True) # Now check the github token email = "*****@*****.**" _, brl_user = self.store.generate_non_persistent_user() oauth_service = Mock() oauth_service.get_user_info = Mock(return_value=(brl_user, email)) get_oauth_service.return_value = oauth_service self.bii_user = self.user_service.register(brl_user, email, self.plain_password, True, "github", "THE_GITHUB_ACCESS_TOKEN") saved_user = self.store.read_user(brl_user) self.assertEqual(saved_user.oauth_github_token, "THE_GITHUB_ACCESS_TOKEN") self.assertIsNone(saved_user.oauth_google_token) self.assertEqual(saved_user.active, True) # Now check that if email has been changed in registration process # user is not auto activated, but token is stored email = "*****@*****.**" _, brl_user = self.store.generate_non_persistent_user() oauth_service = Mock() oauth_service.get_user_info = Mock(return_value=(brl_user, "*****@*****.**")) get_oauth_service.return_value = oauth_service self.bii_user = self.user_service.register(brl_user, email, self.plain_password, True, "github", "THE_GITHUB_ACCESS_TOKEN") saved_user = self.store.read_user(brl_user) self.assertEqual(saved_user.oauth_github_token, "THE_GITHUB_ACCESS_TOKEN") self.assertIsNone(saved_user.oauth_google_token) self.assertEqual(saved_user.active, False) # Finally if get user info returns none (invalid token) nothing registration process keeps # normal email = "*****@*****.**" _, brl_user = self.store.generate_non_persistent_user() oauth_service = Mock() oauth_service.get_user_info = Mock(return_value=None) get_oauth_service.return_value = oauth_service self.bii_user = self.user_service.register(brl_user, email, self.plain_password, True, "github", "THE_GITHUB_ACCESS_TOKEN") saved_user = self.store.read_user(brl_user) self.assertIsNone(saved_user.oauth_github_token) self.assertIsNone(saved_user.oauth_google_token) self.assertEqual(saved_user.active, False)
class UserServiceTest(TestWithMongo): def setUp(self, *args, **kwargs): self.store = TestingMongoStore(self.conn, self.database_name) _, self.brl_user = self.store.generate_non_persistent_user() self.user_service = UserService(self.store, self.brl_user) self.email = "*****@*****.**" % self.brl_user self.plain_password = "******" allow_mailing = False self.bii_user = self.user_service.register(self.brl_user, self.email, self.plain_password, allow_mailing) self.manager = JWTConfirmEmailManagerFactory.new() _, self.confirmed_user, _ = self.user_service.confirm_account( self.bii_user.confirmation_token) def test_used_register(self): '''Resgister and confirm user''' self.assertEqual(self.bii_user.ID, self.confirmed_user) def test_invite_register(self): # Input login ok self.user_service.register("newuser", "*****@*****.**", self.plain_password, True, invited_by=self.brl_user) saved_user = self.store.read_user("newuser") self.assertEquals(saved_user.invited_by, self.brl_user) # Input login bad (not exist) self.assertRaises(ControledErrorException, self.user_service.register, "newuser2", "*****@*****.**", self.plain_password, True, invited_by="noexistuser") # Input by email ok self.user_service.register("newuser2", "*****@*****.**", self.plain_password, True, invited_by=self.email) saved_user = self.store.read_user("newuser2") self.assertEquals(saved_user.invited_by, self.brl_user) # Input by email error self.assertRaises(ControledErrorException, self.user_service.register, "newuser3", "*****@*****.**", self.plain_password, True, invited_by="*****@*****.**") def test_invalid_token(self): '''Obtain a valid token and then change password. Token must be invalid''' brl_user, token_1 = self.user_service.authenticate( self.brl_user, self.plain_password) # Check the token is valid manager = JWTCredentialsManagerFactory.new(self.store) brl_user_test = manager.get_user(token_1) self.assertEqual(brl_user, brl_user_test) sleep(0.1) # Sleep a moment and change the password # Now change password and re-check old token self.user_service.change_password(self.brl_user, self.plain_password, "Newp@sW0rd") # Check the token is invalid (can't authenticate) self.assertRaises(DecodeError, manager.get_user, token_1) @patch('biicode.server.user.user_service.get_oauth_service') def test_oauth_register(self, get_oauth_service): # Check that if provider and access_token is passed to register, user # is activated automatically and access_token is stored in user email = "*****@*****.**" _, brl_user = self.store.generate_non_persistent_user() oauth_service = Mock() oauth_service.get_user_info = Mock(return_value=(brl_user, email)) get_oauth_service.return_value = oauth_service self.bii_user = self.user_service.register(brl_user, email, self.plain_password, True, "google", "THE_ACCESS_TOKEN") saved_user = self.store.read_user(brl_user) self.assertEqual(saved_user.oauth_google_token, "THE_ACCESS_TOKEN") self.assertIsNone(saved_user.oauth_github_token) self.assertEqual(saved_user.active, True) # Now check the github token email = "*****@*****.**" _, brl_user = self.store.generate_non_persistent_user() oauth_service = Mock() oauth_service.get_user_info = Mock(return_value=(brl_user, email)) get_oauth_service.return_value = oauth_service self.bii_user = self.user_service.register(brl_user, email, self.plain_password, True, "github", "THE_GITHUB_ACCESS_TOKEN") saved_user = self.store.read_user(brl_user) self.assertEqual(saved_user.oauth_github_token, "THE_GITHUB_ACCESS_TOKEN") self.assertIsNone(saved_user.oauth_google_token) self.assertEqual(saved_user.active, True) # Now check that if email has been changed in registration process # user is not auto activated, but token is stored email = "*****@*****.**" _, brl_user = self.store.generate_non_persistent_user() oauth_service = Mock() oauth_service.get_user_info = Mock( return_value=(brl_user, "*****@*****.**")) get_oauth_service.return_value = oauth_service self.bii_user = self.user_service.register(brl_user, email, self.plain_password, True, "github", "THE_GITHUB_ACCESS_TOKEN") saved_user = self.store.read_user(brl_user) self.assertEqual(saved_user.oauth_github_token, "THE_GITHUB_ACCESS_TOKEN") self.assertIsNone(saved_user.oauth_google_token) self.assertEqual(saved_user.active, False) # Finally if get user info returns none (invalid token) nothing registration process keeps # normal email = "*****@*****.**" _, brl_user = self.store.generate_non_persistent_user() oauth_service = Mock() oauth_service.get_user_info = Mock(return_value=None) get_oauth_service.return_value = oauth_service self.bii_user = self.user_service.register(brl_user, email, self.plain_password, True, "github", "THE_GITHUB_ACCESS_TOKEN") saved_user = self.store.read_user(brl_user) self.assertIsNone(saved_user.oauth_github_token) self.assertIsNone(saved_user.oauth_google_token) self.assertEqual(saved_user.active, False)