def setUp(self):
super().setUp()
Config.objects.set_config('external_auth_url',
'https://auth.example.com')
Config.objects.set_config('external_auth_admin_group', 'admins')
self.backend = MacaroonAuthorizationBackend()
self.mock_validate = self.patch(maasserver.macaroon_auth,
'validate_user_external_auth')
self.mock_validate.return_value = True
class TestMacaroonAuthorizationBackend(MAASServerTestCase):
def setUp(self):
super().setUp()
Config.objects.set_config('external_auth_url',
'https://auth.example.com')
self.backend = MacaroonAuthorizationBackend()
def get_request(self):
request = factory.make_fake_request('/')
# add external_auth_info to the request
ExternalAuthInfoMiddleware().process_request(request)
return request
def test_authenticate(self):
user = factory.make_User()
identity = SimpleIdentity(user=user.username)
self.assertEqual(
self.backend.authenticate(self.get_request(), identity=identity),
user)
def test_authenticate_create_user(self):
username = factory.make_string()
identity = SimpleIdentity(user=username)
user = self.backend.authenticate(self.get_request(), identity=identity)
self.assertIsNotNone(user.id)
self.assertEqual(user.username, username)
self.assertTrue(user.is_superuser)
self.assertFalse(user.userprofile.is_local)
def test_authenticate_deactived_user_activate(self):
user = factory.make_User()
user.is_active = False
user.save()
identity = SimpleIdentity(user=user.username)
authenticated_user = self.backend.authenticate(self.get_request(),
identity=identity)
self.assertTrue(authenticated_user.is_active)
def test_authenticate_no_identity(self):
self.assertIsNone(
self.backend.authenticate(self.get_request(), identity=None))
def test_authenticate_external_auth_not_enabled(self):
Config.objects.set_config('external_auth_url', '')
username = factory.make_string()
identity = SimpleIdentity(user=username)
self.assertIsNone(
self.backend.authenticate(self.get_request(), identity=identity))
class TestMacaroonAuthorizationBackend(MAASServerTestCase):
def setUp(self):
super().setUp()
Config.objects.set_config('external_auth_url',
'https://auth.example.com')
Config.objects.set_config('external_auth_admin_group', 'admins')
self.backend = MacaroonAuthorizationBackend()
self.mock_validate = self.patch(maasserver.macaroon_auth,
'validate_user_external_auth')
self.mock_validate.return_value = True
def get_request(self):
request = factory.make_fake_request('/')
# add external_auth_info to the request
return ExternalAuthInfoMiddleware(lambda request: request)(request)
def test_authenticate(self):
user = factory.make_User()
identity = SimpleIdentity(user=user.username)
self.assertEqual(
self.backend.authenticate(self.get_request(), identity=identity),
user)
def test_authenticate_create_user(self):
username = factory.make_string()
identity = SimpleIdentity(user=username)
user = self.backend.authenticate(self.get_request(), identity=identity)
self.assertIsNotNone(user.id)
self.assertEqual(user.username, username)
self.assertFalse(user.is_superuser)
self.assertFalse(user.userprofile.is_local)
self.mock_validate.assert_called_with(
user,
ExternalAuthInfo(type='candid',
url='https://auth.example.com',
domain='',
admin_group='admins'),
force_check=True)
def test_authenticate_deactived_user_activate(self):
user = factory.make_User()
user.is_active = False
user.save()
identity = SimpleIdentity(user=user.username)
authenticated_user = self.backend.authenticate(self.get_request(),
identity=identity)
self.assertTrue(authenticated_user.is_active)
def test_authenticate_no_identity(self):
self.assertIsNone(
self.backend.authenticate(self.get_request(), identity=None))
def test_authenticate_external_auth_not_enabled(self):
Config.objects.set_config('external_auth_url', '')
username = factory.make_string()
identity = SimpleIdentity(user=username)
self.assertIsNone(
self.backend.authenticate(self.get_request(), identity=identity))
def test_authenticate_local_user_denied(self):
user = factory.make_User(is_local=True)
identity = SimpleIdentity(user=user.username)
self.assertIsNone(
self.backend.authenticate(self.get_request(), identity=identity))
def test_authenticate_validate_fails(self):
self.mock_validate.return_value = False
user = factory.make_User()
identity = SimpleIdentity(user=user.username)
self.assertIsNone(
self.backend.authenticate(self.get_request(), identity=identity))
self.mock_validate.assert_called_with(
user,
ExternalAuthInfo(type='candid',
url='https://auth.example.com',
domain='',
admin_group='admins'),
force_check=True)
def setUp(self):
super().setUp()
Config.objects.set_config('external_auth_url',
'https://auth.example.com')
self.backend = MacaroonAuthorizationBackend()