def test_authenticated_user_link_a_different_google_account_from_already_linked_one_ok( tenant: Tenant, session: Session, application: Application): assert session.query(User).count() == 1 assert not session.query(SocialAccount).count() application.authenticate_google( session, "oneaccess_token", "oneid_token", "one_email", "onefname", "onelname", UserRole.TENANT, tenant, ) assert session.query(SocialAccount).count() saccount = session.query(SocialAccount).all()[0] assert saccount.user == tenant assert saccount.account_email == "one_email" assert saccount.access_token == "oneaccess_token" assert saccount.id_token == "oneid_token" application.authenticate_google( session, "diff token", "diff id_token", "diff email", "diff fname", "diff lname", UserRole.LANDLORD, tenant, ) saccount = session.query(SocialAccount).all()[0] assert saccount.user == tenant assert saccount.account_email == "diff email" assert saccount.access_token == "diff token" assert saccount.id_token == "diff id_token"
def test_authenticated_user_link_google_account_already_linked_to_another_user_fail( tenant: Tenant, landlord: Landlord, session: Session, application: Application): assert session.query(User).count() == 2 assert not session.query(SocialAccount).count() email = "someemail" access_token = "someacctoken" id_token = "someidtoken" fname = "fname" lname = "lname" application.authenticate_google(session, access_token, id_token, email, fname, lname, UserRole.TENANT, tenant) assert session.query(SocialAccount).count() assert session.query(SocialAccount).all()[0].user == tenant with pytest.raises(ApplicationError): application.authenticate_google( session, "diff token", "diff id_token", email, "diff fname", "diff lname", UserRole.LANDLORD, landlord, )
def test_non_authenticated_user_sign_up_with_google_when_user_with_email_already_exists_fail( tenant: Tenant, session: Session, application: Application): assert session.query(User).count() == 1 assert not session.query(SocialAccount).count() with pytest.raises(ApplicationError): application.authenticate_google( session, "accesstoken", "idtoken", tenant.email, "fname", "lname", UserRole.LANDLORD, )
async def get_token_from_google_auth( request: Request, session: Session, app: Application, role: UserRole, authenticated_user: User, ) -> bytes: token = await oauth.google.authorize_access_token(request) access_token = token["access_token"] id_token = token["id_token"] user = await oauth.google.parse_id_token(request, token) name: str = user["name"] first_name, last_name = name.split(" ", maxsplit=1) email = user["email"] # email_verified = user["email_verified"] TODO should unverified emails be allowed? access_token = app.authenticate_google( session, access_token, id_token, email, first_name, last_name, role, authenticated_user, ) return access_token
def test_non_authenticated_user_authenticate_google_non_existing_user_ok( session: Session, application: Application): assert not session.query(User).count() assert not session.query(SocialAccount).count() access_token = "mock_access_token" id_token = "mock_id_token" email = "*****@*****.**" first_name = "mockfname" last_name = "mocklname" role = UserRole.TENANT result = application.authenticate_google(session, access_token, id_token, email, first_name, last_name, role) assert isinstance(result, bytes) assert session.query(User).count() assert session.query(SocialAccount).count() user = session.query(User).all()[0] account = session.query(SocialAccount).all()[0] assert account in user.social_accounts assert account.access_token == access_token assert account.id_token == id_token assert account.user == user assert account.account_email == email assert not account.account_id assert user.email == email assert user.first_name == first_name assert user.last_name == last_name assert not user.hashed_password assert user.role == UserRole.TENANT assert account.account_type == SocialAccountType.GOOGLE