def test_existing_user_is_returned_and_updated(self): """ If there's an existing User with the same User ID as that of the fetched user profile, then the existing User should be returned but updated with latest profile info. """ user = UserFactory.create(oauth_user_id='12345') user_info = dict(id='12345', email='*****@*****.**', given_name='Rob', family_name='Charlwood', name='Rob Charlwood') backend = OauthenticationBackend() with mock.patch('accounts.backends.get_user_info', return_value=user_info): result = backend.authenticate(oauth_credentials=MockCredentials()) self.assertEqual(result, user) # Now check that # (1) the returned user has been updated with the latest profile info # (2) User object in the DB has been updated with latest profile info user.refresh_from_db() for user_obj in result, user: self._check_user_info_values_match_user_fields(user_info, result) self._check_user_info_values_match_user_fields(user_info, user)
def test_conflicting_user_with_same_email_is_not_reused(self): """ If there's an existing User with the right email address but a different oauth_user_id, then the existing user should have its email field wiped (because it's unqiue) and a new user should be created and returned. """ user = UserFactory.create(oauth_user_id='9999', email='*****@*****.**') user_info = dict(id='12345', email='*****@*****.**', given_name='Rob', family_name='Charlwood', name='Rob Charlwood') backend = OauthenticationBackend() with mock.patch('accounts.backends.get_user_info', return_value=user_info): result = backend.authenticate(oauth_credentials=MockCredentials()) # It should have created a new user self.assertNotEqual(result, user) self.assertEqual(get_user_model().objects.count(), 2) # The existing user should now have a blank 'email' field user.refresh_from_db() self.assertEqual(user.email, '') # We should get a new user object with correct email & oauth_user_id self._check_user_info_values_match_user_fields(user_info, result) # And because it created a new user via oauth, it shouldn't have a # usable password self._check_has_unusable_password(result)
def test_pre_created_user_is_matched_by_email(self): """ If there's an existing User with the right email address but a username of None, then this is a pre-created User, which should be updated with the User ID and returned. """ user = UserFactory.create(oauth_user_id=None, email='*****@*****.**') user_info = dict(id='12345', email='*****@*****.**', given_name='Rob', family_name='Charlwood', name='Rob Charlwood') backend = OauthenticationBackend() with mock.patch('accounts.backends.get_user_info', return_value=user_info): result = backend.authenticate(oauth_credentials=MockCredentials()) # It should have used the existing user but updated it with the new # profile values self.assertEqual(result, user) # Now check that # (1) the returned user has been updated with the latest profile info # (2) User object in the DB has been updated with latest profile info user.refresh_from_db() for user_obj in result, user: self._check_user_info_values_match_user_fields(user_info, result) self._check_user_info_values_match_user_fields(user_info, user)
def test_step_two_log_in_fails(self): factory = RequestFactory() request = factory.get('/') request.session = {} user = UserFactory.create() with mock.patch('accounts.views.messages.error') as messages_error: with mock.patch(mock_step_two, return_value=MockCredentials()): with mock.patch( 'accounts.views.auth.authenticate', return_value=user ) as authenticate: with mock.patch('accounts.views.auth.login') as login_mock: authenticate.return_value = None response = OauthStepTwo.as_view()(request) self.assertTrue(authenticate.called) self.assertTrue(messages_error.called) self.assertFalse(login_mock.called) self.assertEqual( messages_error.call_args[0][1], 'Try connecting your account again.' ) # And we expect it to redirect us on to the login view self.assertEqual(response.status_code, 302) self.assertEqual(response['Location'], settings.LOGIN_URL)
def test_create_unknown_user_setting_respected(self): User = get_user_model() user_info = dict(id='12345', email='*****@*****.**', given_name='Rob', family_name='Charlwood', name='Rob Charlwood') backend = OauthenticationBackend() with mock.patch('accounts.backends.get_user_info', return_value=user_info): result = backend.authenticate(oauth_credentials=MockCredentials()) self.assertEqual(result, None) self.assertEqual(User.objects.count(), 0)
def test_user_info_without_values_saves_empty_strings(self): """ If user_info does not contain given_name, first_name, family_name, instead of erroring we save empty strings and continue. """ user_info = dict(id='12345', email='*****@*****.**') EMPTY_VALUE = '' EMPTY_FIELDS = ['first_name', 'last_name', 'full_name'] backend = OauthenticationBackend() with mock.patch('accounts.backends.get_user_info', return_value=user_info): result = backend.authenticate(oauth_credentials=MockCredentials()) for field in EMPTY_FIELDS: self.assertEqual(getattr(result, field), EMPTY_VALUE)
def test_non_existent_user_is_created(self): user_info = dict(id='12345', email='*****@*****.**', given_name='Rob', family_name='Charlwood', name='Rob Charlwood') backend = OauthenticationBackend() with mock.patch('accounts.backends.get_user_info', return_value=user_info): result = backend.authenticate(oauth_credentials=MockCredentials()) self._check_user_info_values_match_user_fields(user_info, result) # It's a new user which (so far) is oauth-based only, so shouldn't # have a password self._check_has_unusable_password(result)
def test_is_authenticated_refresh_required(self): """ Test our custom User.is_authenticated property. """ # create past past = timezone.now() - timezone.timedelta(days=1) # create a user who token has expired user_with_tokens = UserFactory.create( username='******', email='*****@*****.**', access_token='1', refresh_token='2', token_expiry=past) # adding this because of random No route to host errors with mock.patch( 'accounts.models.OAuth2Credentials') as mock_oauth: mock_oauth.return_value = MockCredentials(access_token='foo') self.assertTrue(user_with_tokens.is_authenticated)
def test_step_two_logs_user_in(self): factory = RequestFactory() request = factory.get('/') request.session = {} user = UserFactory.create() with mock.patch(mock_step_two, return_value=MockCredentials()): with mock.patch( 'accounts.views.auth.authenticate', return_value=user ) as authenticate: with mock.patch('accounts.views.auth.login') as login_mock: response = OauthStepTwo.as_view()(request) self.assertTrue(authenticate.called) self.assertTrue(login_mock.called) # And we expect it to redirect us on to the dashboard view self.assertEqual(response.status_code, 302) self.assertEqual(response['Location'], settings.LOGIN_REDIRECT_URL)
def test_existing_token_missing_tz(self): user = UserFactory.create(oauth_user_id='12345') user_info = dict(id='12345', email='*****@*****.**', given_name='Rob', family_name='Charlwood', name='Rob Charlwood') backend = OauthenticationBackend() with mock.patch('accounts.backends.get_user_info', return_value=user_info): result = backend.authenticate(oauth_credentials=MockCredentials( token_expiry=datetime.datetime.now())) self.assertEqual(result, user) # Now check that # (1) the returned user has been updated with the latest profile info # (2) User object in the DB has been updated with latest profile info user.refresh_from_db() for user_obj in result, user: self._check_user_info_values_match_user_fields(user_info, result) self._check_user_info_values_match_user_fields(user_info, user)
def test_failure_to_fetch_google_profile_returns_no_user(self): backend = OauthenticationBackend() with mock.patch('accounts.backends.get_user_info', return_value=None): self.assertIsNone( backend.authenticate(oauth_credentials=MockCredentials()))