def test_sso_auth_not_verified(m_datetime, admin, app, engine, access_token):
m_utcnow = mock.MagicMock()
m_utcnow.utctimetuple.return_value = datetime.datetime. \
fromtimestamp(1505564918).timetuple()
m_datetime.utcnow.return_value = m_utcnow
# corrupt access_token
access_token = access_token + 'lol'
sso_headers = mock.Mock
sso_headers.headers = {'Authorization': 'Bearer %s' % access_token}
nb_users = len(admin.get('/api/v1/users').data['users'])
with app.app_context():
flask.g.db_conn = engine.connect()
mech = authm.OpenIDCAuth(sso_headers)
with pytest.raises(dci_exc.DCIException):
mech.authenticate()
assert mech.identity is None
nb_users_after_sso = len(admin.get('/api/v1/users').data['users'])
assert nb_users == nb_users_after_sso
def test_sso_auth_verified(m_datetime, admin, app, engine, access_token):
m_utcnow = mock.MagicMock()
m_utcnow.utctimetuple.return_value = datetime.datetime. \
fromtimestamp(1505564918).timetuple()
m_datetime.utcnow.return_value = m_utcnow
sso_headers = mock.Mock
sso_headers.headers = {'Authorization': 'Bearer %s' % access_token}
nb_users = len(admin.get('/api/v1/users').data['users'])
with app.app_context():
flask.g.db_conn = engine.connect()
mech = authm.OpenIDCAuth(sso_headers)
mech.authenticate()
assert mech.identity['team_id'] is None
assert mech.identity['name'] == 'dci'
assert mech.identity['sso_username'] == 'dci'
assert mech.identity['email'] == '*****@*****.**'
nb_users_after_sso = len(admin.get('/api/v1/users').data['users'])
assert (nb_users + 1) == nb_users_after_sso
def test_sso_auth_verified_rh_employee(
m_datetime,
admin,
app,
engine,
access_token_rh_employee, # noqa
team_admin_id,
team_redhat_id,
team_epm_id): # noqa
m_utcnow = mock.MagicMock()
m_utcnow.utctimetuple.return_value = datetime.datetime. \
fromtimestamp(1518653629).timetuple()
m_datetime.utcnow.return_value = m_utcnow
sso_headers = mock.Mock
sso_headers.headers = {
'Authorization': 'Bearer %s' % access_token_rh_employee
}
nb_users = len(admin.get('/api/v1/users').data['users'])
with app.app_context():
flask.g.team_admin_id = team_admin_id
flask.g.team_redhat_id = team_redhat_id
flask.g.team_epm_id = team_epm_id
flask.g.db_conn = engine.connect()
mech = authm.OpenIDCAuth(sso_headers)
assert mech.authenticate()
assert mech.identity.name == 'dci-rh'
assert mech.identity.sso_username == 'dci-rh'
assert mech.identity.email == '*****@*****.**'
nb_users_after_sso = len(admin.get('/api/v1/users').data['users'])
assert (nb_users + 1) == nb_users_after_sso
# users from redhat team
redhat_users = admin.get('/api/v1/teams/%s/users' %
team_redhat_id).data['users'] # noqa
ro_user_found = False
print('t1 %s' % team_redhat_id)
for iu in redhat_users:
if iu['name'] == 'dci-rh' and iu['email'] == '*****@*****.**':
ro_user_found = True
assert ro_user_found