def test_third_party_auth(self, url_name, current_backend, current_provider): params = [ ('course_id', 'edX/DemoX/Demo_Course'), ('enrollment_action', 'enroll'), ('course_mode', 'honor'), ('email_opt_in', 'true'), ('next', '/custom/final/destination'), ] # Simulate a running pipeline if current_backend is not None: pipeline_target = "student_account.views.third_party_auth.pipeline" with simulate_running_pipeline(pipeline_target, current_backend): response = self.client.get(reverse(url_name), params) # Do NOT simulate a running pipeline else: response = self.client.get(reverse(url_name), params) # This relies on the THIRD_PARTY_AUTH configuration in the test settings expected_providers = [ { "name": "Facebook", "iconClass": "fa-facebook", "loginUrl": self._third_party_login_url("facebook", "login", params), "registerUrl": self._third_party_login_url("facebook", "register", params) }, { "name": "Google", "iconClass": "fa-google-plus", "loginUrl": self._third_party_login_url("google-oauth2", "login", params), "registerUrl": self._third_party_login_url("google-oauth2", "register", params) } ] self._assert_third_party_auth_data(response, current_backend, current_provider, expected_providers)
def test_third_party_auth(self, url_name, current_backend, current_provider): # Simulate a running pipeline if current_backend is not None: pipeline_target = "student_account.views.third_party_auth.pipeline" with simulate_running_pipeline(pipeline_target, current_backend): response = self.client.get(reverse(url_name)) # Do NOT simulate a running pipeline else: response = self.client.get(reverse(url_name)) # This relies on the THIRD_PARTY_AUTH configuration in the test settings expected_providers = [{ "name": "Facebook", "iconClass": "fa-facebook", "loginUrl": self._third_party_login_url("facebook", "login"), "registerUrl": self._third_party_login_url("facebook", "register") }, { "name": "Google", "iconClass": "fa-google-plus", "loginUrl": self._third_party_login_url("google-oauth2", "login"), "registerUrl": self._third_party_login_url("google-oauth2", "register") }] self._assert_third_party_auth_data(response, current_provider, expected_providers)
def test_third_party_auth(self, url_name, current_backend, current_provider): # Simulate a running pipeline if current_backend is not None: pipeline_target = "student_account.views.third_party_auth.pipeline" with simulate_running_pipeline(pipeline_target, current_backend): response = self.client.get(reverse(url_name)) # Do NOT simulate a running pipeline else: response = self.client.get(reverse(url_name)) # This relies on the THIRD_PARTY_AUTH configuration in the test settings expected_providers = [ { "name": "Facebook", "iconClass": "fa-facebook", "loginUrl": self._third_party_login_url("facebook", "login"), "registerUrl": self._third_party_login_url("facebook", "register") }, { "name": "Google", "iconClass": "fa-google-plus", "loginUrl": self._third_party_login_url("google-oauth2", "login"), "registerUrl": self._third_party_login_url("google-oauth2", "register") } ] self._assert_third_party_auth_data(response, current_provider, expected_providers)
def test_saml_auth_with_error( self, url_name, current_backend, current_provider, enterprise_customer_mock, ): params = [] request = RequestFactory().get(reverse(url_name), params, HTTP_ACCEPT='text/html') SessionMiddleware().process_request(request) request.user = AnonymousUser() self.enable_saml() dummy_idp = 'testshib' self._configure_testshib_provider(current_provider, dummy_idp) enterprise_customer_data = { 'uuid': '72416e52-8c77-4860-9584-15e5b06220fb', 'name': 'Dummy Enterprise', 'identity_provider': dummy_idp, } enterprise_customer_mock.return_value = enterprise_customer_data dummy_error_message = 'Authentication failed: SAML login failed ' \ '["invalid_response"] [SAML Response must contain 1 assertion]' # Add error message for error in auth pipeline MessageMiddleware().process_request(request) messages.error(request, dummy_error_message, extra_tags='social-auth') # Simulate a running pipeline pipeline_response = { 'response': { 'idp_name': dummy_idp } } pipeline_target = 'openedx.core.djangoapps.user_authn.views.login_form.third_party_auth.pipeline' with simulate_running_pipeline(pipeline_target, current_backend, **pipeline_response): with mock.patch('edxmako.request_context.get_current_request', return_value=request): response = login_and_registration_form(request) expected_error_message = Text(_( u'We are sorry, you are not authorized to access {platform_name} via this channel. ' u'Please contact your learning administrator or manager in order to access {platform_name}.' u'{line_break}{line_break}' u'Error Details:{line_break}{error_message}') ).format( platform_name=settings.PLATFORM_NAME, error_message=dummy_error_message, line_break=HTML('<br/>') ) self._assert_saml_auth_data_with_error( response, current_backend, current_provider, expected_error_message )
def test_third_party_auth(self, url_name, current_backend, current_provider): params = [ ('course_id', 'course-v1:Org+Course+Run'), ('enrollment_action', 'enroll'), ('course_mode', CourseMode.DEFAULT_MODE_SLUG), ('email_opt_in', 'true'), ('next', '/custom/final/destination'), ] # Simulate a running pipeline if current_backend is not None: pipeline_target = "student_account.views.third_party_auth.pipeline" with simulate_running_pipeline(pipeline_target, current_backend): response = self.client.get(reverse(url_name), params) # Do NOT simulate a running pipeline else: response = self.client.get(reverse(url_name), params) # This relies on the THIRD_PARTY_AUTH configuration in the test settings expected_providers = [ { "id": "oa2-dummy", "name": "Dummy", "iconClass": None, "iconImage": settings.MEDIA_URL + "icon.svg", "loginUrl": self._third_party_login_url("dummy", "login", params), "registerUrl": self._third_party_login_url("dummy", "register", params) }, { "id": "oa2-facebook", "name": "Facebook", "iconClass": "fa-facebook", "iconImage": None, "loginUrl": self._third_party_login_url("facebook", "login", params), "registerUrl": self._third_party_login_url("facebook", "register", params) }, { "id": "oa2-google-oauth2", "name": "Google", "iconClass": "fa-google-plus", "iconImage": None, "loginUrl": self._third_party_login_url("google-oauth2", "login", params), "registerUrl": self._third_party_login_url("google-oauth2", "register", params) }, ] self._assert_third_party_auth_data(response, current_backend, current_provider, expected_providers)
def test_third_party_auth(self, url_name, current_backend, current_provider): params = [ ("course_id", "course-v1:Org+Course+Run"), ("enrollment_action", "enroll"), ("course_mode", CourseMode.DEFAULT_MODE_SLUG), ("email_opt_in", "true"), ("next", "/custom/final/destination"), ] # Simulate a running pipeline if current_backend is not None: pipeline_target = "student_account.views.third_party_auth.pipeline" with simulate_running_pipeline(pipeline_target, current_backend): response = self.client.get(reverse(url_name), params) # Do NOT simulate a running pipeline else: response = self.client.get(reverse(url_name), params) # This relies on the THIRD_PARTY_AUTH configuration in the test settings expected_providers = [ { "id": "oa2-dummy", "name": "Dummy", "iconClass": None, "iconImage": settings.MEDIA_URL + "icon.svg", "loginUrl": self._third_party_login_url("dummy", "login", params), "registerUrl": self._third_party_login_url("dummy", "register", params), }, { "id": "oa2-facebook", "name": "Facebook", "iconClass": "fa-facebook", "iconImage": None, "loginUrl": self._third_party_login_url("facebook", "login", params), "registerUrl": self._third_party_login_url("facebook", "register", params), }, { "id": "oa2-google-oauth2", "name": "Google", "iconClass": "fa-google-plus", "iconImage": None, "loginUrl": self._third_party_login_url("google-oauth2", "login", params), "registerUrl": self._third_party_login_url("google-oauth2", "register", params), }, ] self._assert_third_party_auth_data(response, current_backend, current_provider, expected_providers)
def test_running_pipeline(self, current_backend, current_provider, add_user_details): """ Test that when third party pipeline is running, the api returns details of current provider """ email = '*****@*****.**' if add_user_details else None params = {'next': self.query_params['redirect_to']} # Simulate a running pipeline pipeline_target = 'openedx.core.djangoapps.user_authn.views.login_form.third_party_auth.pipeline' with simulate_running_pipeline(pipeline_target, current_backend, email=email): response = self.client.get(self.url, self.query_params) self.assertEqual(response.status_code, 200) self.assertEqual( response.data, self.get_context(params, current_provider, current_backend, add_user_details))
def test_get_idp_logout_url_from_running_pipeline(self, idp_type, backend_name): """ Test idp logout url setting for running pipeline """ self.enable_saml() idp_slug = "test" idp_config = {"logout_url": "http://example.com/logout"} getattr(self, 'configure_{idp_type}_provider'.format(idp_type=idp_type))( enabled=True, name="Test Provider", slug=idp_slug, backend_name=backend_name, other_settings=json.dumps(idp_config)) request = mock.MagicMock() kwargs = {"response": {"idp_name": idp_slug}} with simulate_running_pipeline("third_party_auth.pipeline", backend_name, **kwargs): logout_url = pipeline.get_idp_logout_url_from_running_pipeline( request) self.assertEqual(idp_config['logout_url'], logout_url)
def test_third_party_auth(self, url_name, current_backend, current_provider, expected_enterprise_customer_mock_attrs, add_user_details, enterprise_customer_mock_1, enterprise_customer_mock_2): params = [ ('course_id', 'course-v1:Org+Course+Run'), ('enrollment_action', 'enroll'), ('course_mode', CourseMode.DEFAULT_MODE_SLUG), ('email_opt_in', 'true'), ('next', '/custom/final/destination'), ] if expected_enterprise_customer_mock_attrs: expected_ec = { 'name': expected_enterprise_customer_mock_attrs['name'], 'branding_configuration': { 'logo': 'https://host.com/logo.jpg', 'welcome_message': expected_enterprise_customer_mock_attrs['welcome_msg'] } } else: expected_ec = None email = None if add_user_details: email = '*****@*****.**' enterprise_customer_mock_1.return_value = expected_ec enterprise_customer_mock_2.return_value = expected_ec # Simulate a running pipeline if current_backend is not None: pipeline_target = "openedx.core.djangoapps.user_authn.views.login_form.third_party_auth.pipeline" with simulate_running_pipeline(pipeline_target, current_backend, email=email): response = self.client.get(reverse(url_name), params, HTTP_ACCEPT="text/html") # Do NOT simulate a running pipeline else: response = self.client.get(reverse(url_name), params, HTTP_ACCEPT="text/html") # This relies on the THIRD_PARTY_AUTH configuration in the test settings expected_providers = [ { "id": "oa2-dummy", "name": "Dummy", "iconClass": None, "iconImage": settings.MEDIA_URL + "icon.svg", "loginUrl": self._third_party_login_url("dummy", "login", params), "registerUrl": self._third_party_login_url("dummy", "register", params) }, { "id": "oa2-facebook", "name": "Facebook", "iconClass": "fa-facebook", "iconImage": None, "loginUrl": self._third_party_login_url("facebook", "login", params), "registerUrl": self._third_party_login_url("facebook", "register", params) }, { "id": "oa2-google-oauth2", "name": "Google", "iconClass": "fa-google-plus", "iconImage": None, "loginUrl": self._third_party_login_url("google-oauth2", "login", params), "registerUrl": self._third_party_login_url("google-oauth2", "register", params) }, ] self._assert_third_party_auth_data(response, current_backend, current_provider, expected_providers, expected_ec, add_user_details)
def test_third_party_auth( self, url_name, current_backend, current_provider, expected_enterprise_customer_mock_attrs, add_user_details, enterprise_customer_mock_1, enterprise_customer_mock_2 ): params = [ ('course_id', 'course-v1:Org+Course+Run'), ('enrollment_action', 'enroll'), ('course_mode', CourseMode.DEFAULT_MODE_SLUG), ('email_opt_in', 'true'), ('next', '/custom/final/destination'), ] if expected_enterprise_customer_mock_attrs: expected_ec = { 'name': expected_enterprise_customer_mock_attrs['name'], 'branding_configuration': { 'logo': 'https://host.com/logo.jpg', 'welcome_message': expected_enterprise_customer_mock_attrs['welcome_msg'] } } else: expected_ec = None email = None if add_user_details: email = '*****@*****.**' enterprise_customer_mock_1.return_value = expected_ec enterprise_customer_mock_2.return_value = expected_ec # Simulate a running pipeline if current_backend is not None: pipeline_target = "openedx.core.djangoapps.user_authn.views.login_form.third_party_auth.pipeline" with simulate_running_pipeline(pipeline_target, current_backend, email=email): response = self.client.get(reverse(url_name), params, HTTP_ACCEPT="text/html") # Do NOT simulate a running pipeline else: response = self.client.get(reverse(url_name), params, HTTP_ACCEPT="text/html") # This relies on the THIRD_PARTY_AUTH configuration in the test settings expected_providers = [ { "id": "oa2-dummy", "name": "Dummy", "iconClass": None, "iconImage": settings.MEDIA_URL + "icon.svg", "loginUrl": self._third_party_login_url("dummy", "login", params), "registerUrl": self._third_party_login_url("dummy", "register", params) }, { "id": "oa2-facebook", "name": "Facebook", "iconClass": "fa-facebook", "iconImage": None, "loginUrl": self._third_party_login_url("facebook", "login", params), "registerUrl": self._third_party_login_url("facebook", "register", params) }, { "id": "oa2-google-oauth2", "name": "Google", "iconClass": "fa-google-plus", "iconImage": None, "loginUrl": self._third_party_login_url("google-oauth2", "login", params), "registerUrl": self._third_party_login_url("google-oauth2", "register", params) }, ] self._assert_third_party_auth_data( response, current_backend, current_provider, expected_providers, expected_ec, add_user_details )
def test_third_party_auth( self, url_name, current_backend, current_provider, expected_enterprise_customer_mock_attrs, enterprise_customer_mock ): params = [ ('course_id', 'course-v1:Org+Course+Run'), ('enrollment_action', 'enroll'), ('course_mode', CourseMode.DEFAULT_MODE_SLUG), ('email_opt_in', 'true'), ('next', '/custom/final/destination'), ] if expected_enterprise_customer_mock_attrs: expected_ec = mock.MagicMock( branding_configuration=mock.MagicMock( logo=mock.MagicMock( url=expected_enterprise_customer_mock_attrs['logo'] ), welcome_message=expected_enterprise_customer_mock_attrs['welcome_msg'] ) ) expected_ec.name = expected_enterprise_customer_mock_attrs['name'] else: expected_ec = None enterprise_customer_mock.return_value = expected_ec # Simulate a running pipeline if current_backend is not None: pipeline_target = "student_account.views.third_party_auth.pipeline" with simulate_running_pipeline(pipeline_target, current_backend): response = self.client.get(reverse(url_name), params, HTTP_ACCEPT="text/html") # Do NOT simulate a running pipeline else: response = self.client.get(reverse(url_name), params, HTTP_ACCEPT="text/html") # This relies on the THIRD_PARTY_AUTH configuration in the test settings expected_providers = [ { "id": "oa2-dummy", "name": "Dummy", "iconClass": None, "iconImage": settings.MEDIA_URL + "icon.svg", "loginUrl": self._third_party_login_url("dummy", "login", params), "registerUrl": self._third_party_login_url("dummy", "register", params) }, { "id": "oa2-facebook", "name": "Facebook", "iconClass": "fa-facebook", "iconImage": None, "loginUrl": self._third_party_login_url("facebook", "login", params), "registerUrl": self._third_party_login_url("facebook", "register", params) }, { "id": "oa2-google-oauth2", "name": "Google", "iconClass": "fa-google-plus", "iconImage": None, "loginUrl": self._third_party_login_url("google-oauth2", "login", params), "registerUrl": self._third_party_login_url("google-oauth2", "register", params) }, ] self._assert_third_party_auth_data( response, current_backend, current_provider, expected_providers, expected_ec )
def test_saml_auth_with_error( self, url_name, current_backend, current_provider, expected_enterprise_customer_mock_attrs, enterprise_customer_mock, ): params = [] request = RequestFactory().get(reverse(url_name), params, HTTP_ACCEPT='text/html') SessionMiddleware().process_request(request) request.user = AnonymousUser() self.enable_saml() dummy_idp = 'testshib' self._configure_testshib_provider(current_provider, dummy_idp) expected_ec = mock.MagicMock(branding_configuration=mock.MagicMock( logo=mock.MagicMock( url=expected_enterprise_customer_mock_attrs['logo']), welcome_message=expected_enterprise_customer_mock_attrs[ 'welcome_msg'])) expected_ec.name = expected_enterprise_customer_mock_attrs['name'] enterprise_customer_data = { 'uuid': '72416e52-8c77-4860-9584-15e5b06220fb', 'name': 'Dummy Enterprise', 'identity_provider': dummy_idp, } enterprise_customer_mock.return_value = enterprise_customer_data dummy_error_message = 'Authentication failed: SAML login failed ' \ '["invalid_response"] [SAML Response must contain 1 assertion]' # Add error message for error in auth pipeline MessageMiddleware().process_request(request) messages.error(request, dummy_error_message, extra_tags='social-auth') # Simulate a running pipeline pipeline_response = {'response': {'idp_name': dummy_idp}} pipeline_target = 'student_account.views.third_party_auth.pipeline' with simulate_running_pipeline(pipeline_target, current_backend, **pipeline_response): with mock.patch('edxmako.request_context.get_current_request', return_value=request): response = login_and_registration_form(request) expected_error_message = Text( _(u'We are sorry, you are not authorized to access {platform_name} via this channel. ' u'Please contact your {enterprise} administrator in order to access {platform_name} ' u'or contact {edx_support_link}.{line_break}' u'{line_break}' u'Error Details:{line_break}{error_message}') ).format( platform_name=settings.PLATFORM_NAME, enterprise=enterprise_customer_data['name'], error_message=dummy_error_message, edx_support_link=HTML( '<a href="{edx_support_url}">{support_url_name}</a>').format( edx_support_url=settings.SUPPORT_SITE_LINK, support_url_name=_('edX Support'), ), line_break=HTML('<br/>')) self._assert_saml_auth_data_with_error(response, current_backend, current_provider, expected_error_message)