def test_log_out_the_user_if_the_id_token_is_not_valid(self, rf): request = rf.get('/oidc/cb/', { 'state': 'state', 'code': 'authcode', }) SessionMiddleware().process_request(request) request.session.save() backend = OIDCAuthBackend() user = backend.authenticate('nonce', request) request.session['oidc_auth_id_token_exp_timestamp'] = \ (tz.now() - dt.timedelta(minutes=1)).timestamp() request.session['oidc_auth_refresh_token'] = 'this_is_a_refresh_token' auth.login(request, user) request.user = user httpretty.register_uri(httpretty.POST, oidc_rp_settings.PROVIDER_TOKEN_ENDPOINT, body=json.dumps({ 'id_token': 'badidtoken', 'access_token': 'accesstoken', 'refresh_token': 'refreshtoken', }), content_type='text/json') middleware = OIDCRefreshIDTokenMiddleware(lambda r: 'OK') middleware(request) assert not request.user.is_authenticated
def test_can_properly_handle_the_case_where_a_user_was_authenticated_using_the_model_backend( self, rf): request = rf.get('/') SessionMiddleware().process_request(request) request.session.save() user = get_user_model().objects.create_user('test', '*****@*****.**', 'insecure') request.user = user auth.authenticate(username='******', password='******') auth.login(request, user) middleware = OIDCRefreshIDTokenMiddleware(lambda r: 'OK') middleware(request) assert request.user == user assert request.user.is_authenticated
def test_do_nothing_if_the_access_token_is_still_valid(self, rf): request = rf.get('/oidc/cb/', {'state': 'state', 'code': 'authcode', }) SessionMiddleware().process_request(request) request.session.save() backend = OIDCAuthBackend() user = backend.authenticate(request, 'nonce') request.session['oidc_auth_id_token_exp_timestamp'] = \ (tz.now() + dt.timedelta(minutes=1)).timestamp() request.session['oidc_auth_refresh_token'] = 'this_is_a_refresh_token' auth.login(request, user) request.user = user middleware = OIDCRefreshIDTokenMiddleware(lambda r: 'OK') middleware(request) assert request.session['oidc_auth_refresh_token'] == 'this_is_a_refresh_token'