def test_utilities(models_fixture):
"""Test utilities."""
app = models_fixture
datastore = app.extensions['invenio-accounts'].datastore
assert obj_or_import_string('invenio_oauthclient.errors')
# User
existing_email = '*****@*****.**'
user = datastore.find_user(email=existing_email)
# Authenticate
assert not _get_external_id({})
assert not oauth_authenticate('dev', user, require_existing_link=True)
_security.confirmable = True
_security.login_without_confirmation = False
user.confirmed_at = None
assert not oauth_authenticate('dev', user)
# Tokens
t = RemoteToken.create(user.id, 'dev', 'mytoken', 'mysecret')
assert \
RemoteToken.get(user.id, 'dev', access_token='mytoken') == \
RemoteToken.get_by_token('dev', 'mytoken')
assert oauth_get_user('dev', access_token=t.access_token) == user
assert \
oauth_get_user('dev', account_info={
'user': {
'email': existing_email
}
}) == user
# Link user to external id
external_id = {'id': '123', 'method': 'test_method'}
oauth_link_external_id(user, external_id)
with pytest.raises(AlreadyLinkedError):
oauth_link_external_id(user, external_id)
assert oauth_get_user('dev',
account_info={
'external_id': external_id['id'],
'external_method': external_id['method']
}) == user
# Cleanup
oauth_unlink_external_id(external_id)
acc = RemoteAccount.get(user.id, 'dev')
acc.delete()
def test_utilities(models_fixture):
"""Test utilities."""
app = models_fixture
datastore = app.extensions['invenio-accounts'].datastore
assert obj_or_import_string('invenio_oauthclient.errors')
# User
existing_email = '*****@*****.**'
user = datastore.find_user(email=existing_email)
# Authenticate
assert not _get_external_id({})
assert not oauth_authenticate('dev', user, require_existing_link=True)
_security.confirmable = True
_security.login_without_confirmation = False
user.confirmed_at = None
assert not oauth_authenticate('dev', user)
# Tokens
t = RemoteToken.create(user.id, 'dev', 'mytoken', 'mysecret')
assert \
RemoteToken.get(user.id, 'dev', access_token='mytoken') == \
RemoteToken.get_by_token('dev', 'mytoken')
assert oauth_get_user('dev', access_token=t.access_token) == user
assert \
oauth_get_user('dev', account_info={'user': {'email': existing_email}}) == user
# Link user to external id
external_id = {'id': '123', 'method': 'test_method'}
oauth_link_external_id(user, external_id)
with pytest.raises(AlreadyLinkedError):
oauth_link_external_id(user, external_id)
assert oauth_get_user('dev',
account_info={
'external_id': external_id['id'],
'external_method': external_id['method']
}) == user
# Cleanup
oauth_unlink_external_id(external_id)
acc = RemoteAccount.get(user.id, 'dev')
acc.delete()
def test_utilities(models_fixture):
"""Test utilities."""
app = models_fixture
datastore = app.extensions["invenio-accounts"].datastore
assert obj_or_import_string("invenio_oauthclient.errors")
# User
existing_email = "*****@*****.**"
user = datastore.find_user(email=existing_email)
# Authenticate
assert not _get_external_id({})
assert not oauth_authenticate("dev", user, require_existing_link=True)
_security.confirmable = True
_security.login_without_confirmation = False
user.confirmed_at = None
assert not oauth_authenticate("dev", user)
# Tokens
t = RemoteToken.create(user.id, "dev", "mytoken", "mysecret")
assert RemoteToken.get(user.id, "dev", access_token="mytoken") == RemoteToken.get_by_token("dev", "mytoken")
assert oauth_get_user("dev", access_token=t.access_token) == user
assert oauth_get_user("dev", account_info={"user": {"email": existing_email}}) == user
# Link user to external id
external_id = {"id": "123", "method": "test_method"}
oauth_link_external_id(user, external_id)
with pytest.raises(AlreadyLinkedError):
oauth_link_external_id(user, external_id)
assert (
oauth_get_user("dev", account_info={"external_id": external_id["id"], "external_method": external_id["method"]})
== user
)
# Cleanup
oauth_unlink_external_id(external_id)
acc = RemoteAccount.get(user.id, "dev")
acc.delete()
def authorized_handler(self, resp, remote, *args, **kwargs):
"""Handle sign-in functionality.
:param remote: The remote application.
:param resp: The response.
:returns: Redirect response.
"""
# Remove any previously stored auto register session key
session.pop(token_session_key(remote.name) + '_autoregister', None)
# Store token in session
# ----------------------
# Set token in session - token object only returned if
# current_user.is_autenticated().
token = response_token_setter(remote, resp)
handlers = current_oauthclient.signup_handlers[remote.name]
# Sign-in user
# ---------------
if not current_user.is_authenticated:
account_info = handlers['info'](resp)
account_info_received.send(remote,
token=token,
response=resp,
account_info=account_info)
user = oauth_get_user(
remote.consumer_key,
account_info=account_info,
access_token=token_getter(remote)[0],
)
# Make sure that external identity either matches
# or is not yet created (gets created on first oidc login)
extid = _get_external_id(account_info)
user_identity: UserIdentity = UserIdentity.query.filter_by(
id=extid['id'], method=extid['method']).first()
if user_identity and user_identity.id != extid['id']:
abort(401)
if user is None:
abort(403)
# Authenticate user
if not oauth_authenticate(
remote.consumer_key, user, require_existing_link=False):
return current_app.login_manager.unauthorized()
# Link account
# ------------
# Need to store token in database instead of only the session when
# called first time.
token = response_token_setter(remote, resp)
# Setup account
# -------------
if not token.remote_account.extra_data:
account_setup = handlers['setup'](token, resp)
account_setup_received.send(remote,
token=token,
response=resp,
account_setup=account_setup)
db.session.commit()
account_setup_committed.send(remote, token=token)
else:
db.session.commit()
# Redirect to next
next_url = get_session_next_url(remote.name)
if next_url:
return redirect(next_url)
return redirect(url_for('invenio_oauthclient_settings.index'))