def test_no_safari_workaround(self, fb_redirect, update_user_info):
"""
If the user is not using Safari, do not redirect to the workaround.
"""
payload = create_payload(user_id=1)
self.load_app(payload, HTTP_USER_AGENT='Safari/5.04 Chrome/7.5')
ok_(not fb_redirect.called)
def test_invalid_secret(self):
"""
If the secret used for decoding doesn't match the secret used for
encoding, return None.
"""
payload = create_payload()
signed_request = self.create_signed_request(payload, 'secret')
eq_(decode_signed_request(signed_request, 'other_secret'), None)
def test_no_authorization(self, update_user_info):
"""
If the user has yet to authorize the app, ask the user for
authorization via the oauth_redirect.html template.
"""
payload = create_payload(user_id=None)
response = self.load_app(payload)
self.assertTemplateUsed(response, 'facebook/oauth_redirect.html')
def test_has_authorization(self, update_user_info):
"""
If the user has authorized the app and isn't new, show the main
banner view.
"""
payload = create_payload(user_id=1)
response = self.load_app(payload)
self.assertTemplateUsed(response, 'facebook/banner_list.html')
def test_invalid_secret(self):
"""
If the secret used for decoding doesn't match the secret used for
encoding, return None.
"""
payload = create_payload()
signed_request = self.create_signed_request(payload, 'secret')
eq_(decode_signed_request(signed_request, 'other_secret'), None)
def test_safari_workaround_done(self, fb_redirect, update_user_info):
"""
If the user is using Safari and hasthe workaround cookie, do not send
them to the workaround page.
"""
payload = create_payload(user_id=1)
self.client.cookies[SAFARI_WORKAROUND_KEY] = '1'
self.load_app(payload, HTTP_USER_AGENT='Safari/5.04')
del self.client.cookies[SAFARI_WORKAROUND_KEY]
ok_(not fb_redirect.called)
def test_safari_workaround(self, fb_redirect, update_user_info):
"""
If the user is using Safari and hasn't gone through the workaround yet,
send them to the workaround page.
"""
fb_redirect.return_value = HttpResponse()
payload = create_payload(user_id=1)
self.load_app(payload, HTTP_USER_AGENT='Safari/5.04')
ok_(fb_redirect.called)
self.assert_viewname_url(fb_redirect.call_args[0][1],
'facebook.safari_workaround')
def test_country_missing(self, login, update_user_info):
"""
If the user's country is not included in the signed_request, keep their
old country value intact.
"""
user = FacebookUserFactory.create(country='us')
payload = create_payload(user_id=user.id)
del payload['user']['country']
self.load_app(payload)
eq_(login.called, True)
eq_(login.call_args[0][1].country, 'us')
def test_country_saved(self, login, update_user_info):
"""
When a user enters the app, their country should be set and
login should be called with the updated user object so that it will be
saved to the database.
"""
user = FacebookUserFactory.create(country='us')
payload = create_payload(user_id=user.id, country='fr')
self.load_app(payload)
eq_(login.called, True)
eq_(login.call_args[0][1].country, 'fr')
def test_no_authorization(self, fb_redirect, update_user_info):
"""
If the user has yet to authorize the app, redirect them to the pre-auth
promo page.
"""
fb_redirect.return_value = HttpResponse('blah')
payload = create_payload(user_id=None)
response = self.load_app(payload)
eq_(response, fb_redirect.return_value)
with self.activate('en-US'):
ok_(fb_redirect.call_args[0][1]
.endswith(reverse('facebook.pre_auth_promo')))
def test_no_safari_workaround(self, fb_redirect, update_user_info):
"""
If the user is not using Safari, do not redirect to the workaround.
"""
with self.activate('en-US'):
workaround_url = absolutify(reverse('facebook.safari_workaround'))
fb_redirect.return_value = HttpResponse('blah')
payload = create_payload(user_id=1)
response = self.load_app(payload,
HTTP_USER_AGENT='Safari/5.04 Chrome/7.5')
eq_(response, fb_redirect.return_value)
ok_(fb_redirect.call_args[0][1] != workaround_url)
def test_has_authorization(self, fb_redirect, update_user_info):
"""
If the user has authorized the app and isn't new, redirect to the main
banner view.
"""
fb_redirect.return_value = HttpResponse('blah')
payload = create_payload(user_id=1)
response = self.load_app(payload)
# Assert that the return value of fb_redirect was returned, and that
# fb_redirect was given a url that ends with the banner_list url.
eq_(response, fb_redirect.return_value)
with self.activate('en-US'):
ok_(fb_redirect.call_args[0][1]
.endswith(reverse('facebook.banner_list')))
def test_safari_workaround_done(self, fb_redirect, update_user_info):
"""
If the user is using Safari and hasthe workaround cookie, do not send
them to the workaround page.
"""
with self.activate('en-US'):
workaround_url = absolutify(reverse('facebook.safari_workaround'))
fb_redirect.return_value = HttpResponse('blah')
payload = create_payload(user_id=1)
self.client.cookies[SAFARI_WORKAROUND_KEY] = '1'
response = self.load_app(payload, HTTP_USER_AGENT='Safari/5.04')
del self.client.cookies[SAFARI_WORKAROUND_KEY]
# Ensure that the redirect URL is NOT the safari workaround url
eq_(response, fb_redirect.return_value)
ok_(fb_redirect.call_args[0][1] != workaround_url)
def process_view(self, request, view_func, view_args, view_kwargs):
"""Mock in signed_request if user is viewing the login view."""
if not request._fb_debug:
return None
# Add patcher to requests to avoid stopping them when they haven't
# started.
request.csp_patcher = self.csp_patcher
request.csp_patcher.start()
user_id = getattr(settings, 'FACEBOOK_DEBUG_USER_ID', None)
if view_func == load_app and user_id:
request.method = 'POST'
post = request.POST.copy()
post['signed_request'] = 'signed_request'
request.POST = post
request.decode_patcher = self.decode_patcher
decode_mock = request.decode_patcher.start()
decode_mock.return_value = create_payload(user_id=user_id)
def test_invalid_algorithm(self):
"""If the declared algorithm isn't supported, return None."""
payload = create_payload(algorithm='not-supported')
signed_request = self.create_signed_request(payload, 'secret')
eq_(decode_signed_request(signed_request, 'secret'), None)
def test_valid_request(self):
"""If the signed request is valid, return the decoded payload."""
payload = create_payload()
signed_request = self.create_signed_request(payload, 'secret')
eq_(decode_signed_request(signed_request, 'secret'), payload)
def test_valid_request(self):
"""If the signed request is valid, return the decoded payload."""
payload = create_payload()
signed_request = self.create_signed_request(payload, 'secret')
eq_(decode_signed_request(signed_request, 'secret'), payload)
def test_invalid_algorithm(self):
"""If the declared algorithm isn't supported, return None."""
payload = create_payload(algorithm='not-supported')
signed_request = self.create_signed_request(payload, 'secret')
eq_(decode_signed_request(signed_request, 'secret'), None)