def test_login_user_with_idp_already_in_db(db_session): """ Test that if a user is already in the database, has identity_provider configured, and logs in, the session will contain the user's information. """ email = "*****@*****.**" provider = "Test Provider" id_from_idp = "Provider_ID_0001" test_user = User(username=email, email=email, id_from_idp=id_from_idp, is_admin=False) test_idp = IdentityProvider(name=provider) test_user.identity_provider = test_idp db_session.add(test_user) db_session.commit() user_id = str(test_user.id) login_user(email, provider, email=email, id_from_idp=id_from_idp) assert test_user.identity_provider.name == provider assert test_user.id_from_idp == id_from_idp assert test_user.email == email assert flask.session["username"] == email assert flask.session["provider"] == provider assert flask.session["user_id"] == user_id assert flask.g.user == test_user
def login_user(username, provider, fence_idp=None, shib_idp=None, email=None): """ Login a user with the given username and provider. Set values in Flask session to indicate the user being logged in. In addition, commit the user and associated idp information to the db. Args: username (str): specific username of user to be logged in provider (str): specfic idp of user to be logged in fence_idp (str, optional): Downstreawm fence IdP shib_idp (str, optional): Downstreawm shibboleth IdP email (str, optional): email of user (may or may not match username depending on the IdP) """ def set_flask_session_values(user): """ Helper fuction to set user values in the session. Args: user (User): User object """ flask.session["username"] = user.username flask.session["user_id"] = str(user.id) flask.session["provider"] = user.identity_provider.name if fence_idp: flask.session["fence_idp"] = fence_idp if shib_idp: flask.session["shib_idp"] = shib_idp flask.g.user = user flask.g.scopes = ["_all"] flask.g.token = None user = query_for_user(session=current_session, username=username) if user: _update_users_email(user, email) # This expression is relevant to those users who already have user and # idp info persisted to the database. We return early to avoid # unnecessarily re-saving that user and idp info. if user.identity_provider and user.identity_provider.name == provider: set_flask_session_values(user) return else: if email: user = User(username=username, email=email) else: user = User(username=username) idp = (current_session.query(IdentityProvider).filter( IdentityProvider.name == provider).first()) if not idp: idp = IdentityProvider(name=provider) user.identity_provider = idp current_session.add(user) current_session.commit() set_flask_session_values(user)
def login_user(request, username, provider): user = current_session.query( User).filter(User.username == username).first() if not user: user = User(username=username) idp = ( current_session.query(IdentityProvider) .filter(IdentityProvider.name == provider).first() ) if not idp: idp = IdentityProvider(name=provider) user.identity_provider = idp current_session.add(user) current_session.commit() flask.g.user = user flask.g.scopes = ["_all"] flask.g.token = None
def login_user(request, username, provider): user = query_for_user(session=current_session, username=username) if not user: user = User(username=username) idp = (current_session.query(IdentityProvider).filter( IdentityProvider.name == provider).first()) if not idp: idp = IdentityProvider(name=provider) user.identity_provider = idp current_session.add(user) current_session.commit() flask.session["username"] = username flask.session["provider"] = provider flask.session["user_id"] = str(user.id) flask.g.user = user flask.g.scopes = ["_all"] flask.g.token = None