def test_delete_params_from_user_session(self, mock_get_user_session): mock_session = mock.MagicMock(**{"foo": "bar", "answer": 42}) mock_get_user_session.return_value = mock_session api_utils.delete_params_from_user_session(("foo", "answer")) self.assertNotIn("foo", mock_session.__dir__) self.assertNotIn("answer", mock_session.__dir__) mock_session.save.called_once_with()
def signin(self): """Handle signin request.""" session = api_utils.get_user_session() if api_utils.is_authenticated(): pecan.redirect(CONF.ui_url) else: api_utils.delete_params_from_user_session([const.USER_OPENID]) csrf_token = api_utils.get_token() session[const.CSRF_TOKEN] = csrf_token session.save() return_endpoint = parse.urljoin(CONF.api.api_url, CONF.osid.openid_return_to) return_to = api_utils.set_query_params(return_endpoint, {const.CSRF_TOKEN: csrf_token}) params = { const.OPENID_MODE: CONF.osid.openid_mode, const.OPENID_NS: CONF.osid.openid_ns, const.OPENID_RETURN_TO: return_to, const.OPENID_CLAIMED_ID: CONF.osid.openid_claimed_id, const.OPENID_IDENTITY: CONF.osid.openid_identity, const.OPENID_REALM: CONF.api.api_url, const.OPENID_NS_SREG: CONF.osid.openid_ns_sreg, const.OPENID_NS_SREG_REQUIRED: CONF.osid.openid_sreg_required, } url = CONF.osid.openstack_openid_endpoint url = api_utils.set_query_params(url, params) pecan.redirect(location=url)
def test_delete_params_from_user_session(self, mock_get_user_session): mock_session = mock.MagicMock(**{'foo': 'bar', 'answer': 42}) mock_get_user_session.return_value = mock_session api_utils.delete_params_from_user_session(('foo', 'answer')) self.assertNotIn('foo', mock_session.__dir__) self.assertNotIn('answer', mock_session.__dir__) mock_session.save.called_once_with()
def signin_return(self): """Handle returned request from OpenID 2.0 IdP.""" session = api_utils.get_user_session() #if pecan.request.GET.get(const.OPENID_ERROR): # api_utils.delete_params_from_user_session([const.CSRF_TOKEN]) # self._auth_failure(pecan.request.GET.get(const.OPENID_ERROR)) #if pecan.request.GET.get(const.OPENID_MODE) == 'cancel': # api_utils.delete_params_from_user_session([const.CSRF_TOKEN]) # self._auth_failure('Authentication canceled.') session_token = session.get(const.CSRF_TOKEN) request_token = pecan.request.GET.get(const.CSRF_TOKEN) if request_token != session_token: api_utils.delete_params_from_user_session([const.CSRF_TOKEN]) self._auth_failure('Authentication failed. Please try again.') api_utils.verify_openid_request(pecan.request) user_info = { 'openid': '0', #pecan.request.GET.get(const.OPENID_CLAIMED_ID), 'email': '*****@*****.**', #pecan.request.GET.get(const.OPENID_NS_SREG_EMAIL), 'fullname': 'A B' #pecan.request.GET.get(const.OPENID_NS_SREG_FULLNAME) } user = db.user_save(user_info) api_utils.delete_params_from_user_session([const.CSRF_TOKEN]) session[const.USER_OPENID] = user.openid session.save() pecan.redirect(CONF.ui_url)
def signout(self): """Handle signout request.""" if api_utils.is_authenticated(): api_utils.delete_params_from_user_session([const.USER_OPENID]) params = {'openid_logout': CONF.osid.openid_logout_endpoint} url = parse.urljoin(CONF.ui_url, '/#/logout?' + parse.urlencode(params)) pecan.redirect(url)
def signout(self): """Handle signout request.""" if api_utils.is_authenticated(): api_utils.delete_params_from_user_session([const.USER_OPENID]) params = { 'openid_logout': CONF.osid.openid_logout_endpoint } url = parse.urljoin(CONF.ui_url, '/#/logout?' + parse.urlencode(params)) pecan.redirect(url)
def signin_return(self): """Handle returned request from OpenID 2.0 IdP.""" session = api_utils.get_user_session() if pecan.request.GET.get(const.OPENID_ERROR): api_utils.delete_params_from_user_session([const.CSRF_TOKEN]) self._auth_failure(pecan.request.GET.get(const.OPENID_ERROR)) if pecan.request.GET.get(const.OPENID_MODE) == 'cancel': api_utils.delete_params_from_user_session([const.CSRF_TOKEN]) self._auth_failure('Authentication canceled.') session_token = session.get(const.CSRF_TOKEN) request_token = pecan.request.GET.get(const.CSRF_TOKEN) if request_token != session_token: api_utils.delete_params_from_user_session([const.CSRF_TOKEN]) self._auth_failure('Authentication failed. Please try again.') api_utils.verify_openid_request(pecan.request) user_info = { 'openid': pecan.request.GET.get(const.OPENID_CLAIMED_ID), 'email': pecan.request.GET.get(const.OPENID_NS_SREG_EMAIL), 'fullname': pecan.request.GET.get(const.OPENID_NS_SREG_FULLNAME) } user = db.user_save(user_info) api_utils.delete_params_from_user_session([const.CSRF_TOKEN]) session[const.USER_OPENID] = user.openid session.save() pecan.redirect(CONF.ui_url)
def signout(self): """Handle signout request.""" if api_utils.is_authenticated(): api_utils.delete_params_from_user_session([const.USER_OPENID]) pecan.redirect(CONF.ui_url)