def process_request(self, request):
if (request.method != 'POST' and not request.is_ajax()
and request.user.is_active
and request.path not in self.exception_paths):
cache_key = 'renew_id_token:{}'.format(request.user.id)
if cache.get(cache_key):
# still valid, we checked recently
return
# oh, no we need to check the id_token (and renew it)
profile = get_profile_safely(request.user)
if profile and profile.id_token:
id_token = auth0.renew_id_token(profile.id_token)
if id_token:
assert isinstance(id_token, basestring)
profile.id_token = id_token
profile.save()
cache.set(cache_key, True,
settings.RENEW_ID_TOKEN_EXPIRY_SECONDS)
else:
# If that failed, your previous id_token is not valid
# and you need to be signed out so you can get a new
# one.
logout(request)
# XXX message?
return redirect('authentication:signin')
def test_renew_id_token_not_json_response(self, rpost):
def mocked_post(url, json):
return Response('The world is broken!',
status_code=500,
require_valid_json=True)
rpost.side_effect = mocked_post
result = auth0.renew_id_token('1234')
eq_(result, None)
def test_renew_id_token_unauthorized(self, rpost):
def mocked_post(url, json):
return Response({
'error_message': 'Not valid!',
}, status_code=401)
rpost.side_effect = mocked_post
result = auth0.renew_id_token('1234')
eq_(result, None)
def test_renew_id_token_unauthorized(self, rpost):
def mocked_post(url, json, **kwargs):
return Response({
'error_message': 'Not valid!',
}, status_code=401)
rpost.side_effect = mocked_post
result = auth0.renew_id_token('1234')
eq_(result, None)
def test_renew_id_token(self, rpost):
def mocked_post(url, json):
return Response({
'id_token': 'xzy.123.456',
'expires': int(time.time()) + 1000,
})
rpost.side_effect = mocked_post
result = auth0.renew_id_token('1234')
eq_(result, 'xzy.123.456')
def id_token_check(request):
user_id = request.GET.get('id')
if not user_id:
return http.HttpResponseBadRequest('missing id')
user = get_object_or_404(User, id=user_id)
id_token = auth0.renew_id_token(user.profile.id_token)
if id_token:
user.profile.id_token = id_token
user.profile.save()
return {'valid': True}
else:
return {'valid': False}
def id_token_check(request):
user_id = request.GET.get('id')
if not user_id:
return http.HttpResponseBadRequest('missing id')
user = get_object_or_404(User, id=user_id)
id_token = auth0.renew_id_token(user.profile.id_token)
if id_token:
user.profile.id_token = id_token
user.profile.save()
return {'valid': True}
else:
return {'valid': False}
def test_renew_id_token_not_json_response(self, rpost):
def mocked_post(url, json, **kwargs):
return Response(
'The world is broken!',
status_code=500,
require_valid_json=True
)
rpost.side_effect = mocked_post
result = auth0.renew_id_token('1234')
eq_(result, None)
def test_renew_id_token(self, rpost):
def mocked_post(url, json, **kwargs):
eq_(kwargs['timeout'], settings.AUTH0_PATIENCE_TIMEOUT)
return Response({
'id_token': 'xzy.123.456',
'expires': int(time.time()) + 1000,
})
rpost.side_effect = mocked_post
result = auth0.renew_id_token('1234')
eq_(result, 'xzy.123.456')
def process_request(self, request):
if (
request.method != 'POST' and
not request.is_ajax() and
request.user.is_active and
request.path not in self.exception_paths
):
cache_key = 'renew_id_token:{}'.format(request.user.id)
if cache.get(cache_key):
# still valid, we checked recently
return
# oh, no we need to check the id_token (and renew it)
profile = get_profile_safely(request.user)
if profile and profile.id_token:
try:
id_token = auth0.renew_id_token(profile.id_token)
except (ConnectTimeout, ReadTimeout):
messages.error(
request,
'Unable to validate your authentication with Auth0. '
'This can happen when there is temporary network '
'problem. Please sign in again.'
)
# If we don't do this, the user will be redirected
# to the sign-in page, which runs this middleware
# and you'd get caught in an infinite redirect loop.
logout(request)
return redirect('authentication:signin')
if id_token:
assert isinstance(id_token, basestring)
profile.id_token = id_token
profile.save()
cache.set(
cache_key,
True,
settings.RENEW_ID_TOKEN_EXPIRY_SECONDS
)
else:
# If that failed, your previous id_token is not valid
# and you need to be signed out so you can get a new
# one.
logout(request)
messages.error(
request,
'Unable to validate your authentication with Auth0. '
'This is most likely due to an expired authentication '
'session. You have to sign in again.'
)
return redirect('authentication:signin')
