def test_get_user(self): """ Check if user returned by BrowserIDBackend.get_user is correct. """ user = new_user('*****@*****.**') backend = BrowserIDBackend() self.assertEqual(backend.get_user(user.pk), user)
def browserid_authenticate(request, assertion): """ Verify a BrowserID login attempt. If the BrowserID assertion is good, but no account exists on AMO, create one. Request is only needed for logging. :( """ backend = BrowserIDBackend() result = backend.verify(assertion, settings.SITE_URL) if not result: return (None, None) email = result['email'] users = UserProfile.objects.filter(email=email) if len(users) == 1: users[0].user.backend = 'django_browserid.auth.BrowserIDBackend' return (users[0], None) username = autocreate_username(email.partition('@')[0]) if (settings.REGISTER_USER_LIMIT and UserProfile.objects.count() > settings.REGISTER_USER_LIMIT and not can_override_reg_limit(request)): _m = ('Sorry, no more registrations are allowed. ' '<a href="https://developer.mozilla.org/en-US/apps">' 'Learn more</a>') return (None, _m) profile = UserProfile.objects.create(username=username, email=email) profile.create_django_user() profile.user.backend = 'django_browserid.auth.BrowserIDBackend' profile.user.save() profile.save() log_cef('New Account', 5, request, username=username, signature='AUTHNOTICE', msg='User created a new account (from BrowserID)') return (profile, None)
def test_get_user(self): # If a user is retrieved by the BrowserIDBackend, it should have # 'django_browserid.auth.BrowserIDBackend' for the backend attribute. user = new_user('*****@*****.**') backend = BrowserIDBackend() self.assertEqual( backend.get_user(user.id).backend, 'django_browserid.auth.BrowserIDBackend')
def test_verify_called_with_extra_kwargs(self): backend = BrowserIDBackend() verifier = MockVerifier('*****@*****.**') verifier.verify = Mock(wraps=verifier.verify) backend.get_verifier = lambda: verifier backend.authenticate(assertion='asdf', audience='http://testserver', foo='bar') verifier.verify.assert_called_with('asdf', 'http://testserver', foo='bar')
def auth(self, verified_email=None): """ Attempt to authenticate a user with BrowserIDBackend. If verified_email is None, verification will fail, otherwise it will pass and return the specified email. """ with mock_browserid(verified_email): backend = BrowserIDBackend() return backend.authenticate(assertion='asdf', audience='asdf')
def test_authenticate_verify_exception(self): """ If the verifier raises an exception, log it as a warning and return None. """ backend = BrowserIDBackend() verifier = Mock() exception = Exception() backend.get_verifier = lambda: verifier verifier.verify.side_effect = exception with patch('django_browserid.auth.logger') as logger: self.assertEqual(backend.authenticate('asdf', 'asdf'), None) logger.warn.assert_called_with(exception)
def test_create_user_integrity_error(self, logger): # If an IntegrityError is raised during user creation, attempt to re-fetch the user in case # the user was created since we checked for the existing account. backend = BrowserIDBackend() backend.User = Mock() error = IntegrityError() backend.User.objects.create_user.side_effect = error backend.User.objects.get.return_value = 'asdf' self.assertEqual(backend.create_user('*****@*****.**'), 'asdf') # If get raises a DoesNotExist exception, re-raise the original exception. backend.User.DoesNotExist = Exception backend.User.objects.get.side_effect = backend.User.DoesNotExist with self.assertRaises(IntegrityError) as e: backend.create_user('*****@*****.**') self.assertEqual(e.exception, error)
def browserid_verify(request): next = request.REQUEST.get('next') redirect_to = next or getattr(settings, 'LOGIN_REDIRECT_URL', '/') redirect_to_failure = getattr(settings, 'LOGIN_REDIRECT_URL_FAILURE', '/') form = BrowserIDForm(data=request.POST) if form.is_valid(): verifier = BrowserIDBackend().get_verifier() result = verifier.verify(form.cleaned_data['assertion'], get_audience(request)) if result: if (request.user.is_authenticated() and request.user.email != result.email): # User is already signed and wants to change their email. request.user.email = result.email request.user.save() return redirect(reverse('users.edit_profile')) else: # Verified so log in email = result.email user = User.objects.filter(email=email) contributor = 'contributor' in request.POST if len(user) == 0: # Add the email to the session and redirect to signup request.session['browserid-email'] = email signup_url = reverse('users.browserid_signup') return redirect('%s?%s' % (signup_url, urlencode({'next': next}))) else: user = user[0] user.backend = 'django_browserid.auth.BrowserIDBackend' if contributor: add_to_contributors(request, user) auth.login(request, user) return redirect(redirect_to) return redirect(redirect_to_failure)
def test_auth_copes_with_false(verify): # Test that authenticate copes with False. verify.return_value = False assert BrowserIDBackend().authenticate(**authenticate_kwargs) is None
def _auth(self, backend=None, verified_email=None): if backend is None: backend = BrowserIDBackend() with mock_browserid(verified_email): return backend.authenticate(assertion='asdf', audience='asdf')
def test_authenticated_user(self): user = auth.models.User.objects.create_user('asdf', '*****@*****.**') response = self.info(user, BrowserIDBackend()) response_data = json.loads(smart_text(response.content)) eq_(response_data['userEmail'], '*****@*****.**')
def setUp(self): self.backend = BrowserIDBackend() self.verifier = Mock() self.backend.get_verifier = lambda: self.verifier