def test_gakunin_login_by_email(self):
TOKEN_ID = 1
NEW_TENANT_ID = '6'
NEW_TENANT_NAME = 'FAKENAME'
key = {}
key['wsgi.url_scheme'] = 'https'
key['email'] = '*****@*****.**'
aToken = self.mox.CreateMock(api.Token)
aToken.id = TOKEN_ID
aToken.user = { 'roles': [{'name': 'fake'}]}
aToken.serviceCatalog = {}
self.mox.StubOutWithMock(api, 'token_create_by_email')
api.token_create_by_email(IsA(http.HttpRequest), '*****@*****.**').AndReturn(aToken)
aTenant = self.mox.CreateMock(api.Token)
aTenant.id = NEW_TENANT_ID
aTenant.name = NEW_TENANT_NAME
self.mox.StubOutWithMock(api, 'tenant_list_for_token')
api.tenant_list_for_token(IsA(http.HttpRequest), aToken.id).\
AndReturn([aTenant])
self.mox.ReplayAll()
res = self.client.get(reverse('gakunin_login'), **key )
self.assertEqual(res._headers['location'], ('Location', 'https://testserver:80/auth/login/'))
#self.assertRedirectsNoFollow(res, reverse('auth_login'))
self.mox.VerifyAll()
self.mox.UnsetStubs()
def _login_with_gakunin(request,
from_email,
from_eppn,
region,
show_error=False):
try:
token = None
# first , try by eppn
if from_eppn:
try:
token = api.token_create_by_eppn(request, from_eppn, region)
except Exception, e:
LOG.exception('error in token_create_by_eppn')
pass
# second, try by email
if not token and from_email:
try:
token = api.token_create_by_email(request, from_email, region)
if token:
api.user_update_eppn(request, token.user['id'], from_eppn,
region)
except Exception, e:
LOG.exception('error in token_create_by_email')
pass
def login(request):
if request.user and request.user.is_authenticated():
return shortcuts.redirect('dash_containers', request.user.tenant_id)
# check ssl
if not request.is_secure():
messages.error(request, "Gakunin Support needs to be accessed through TLS")
return shortcuts.redirect('auth_login')
from_email = request.META.get('email', None)
from_eppn = request.META.get('eppn', None)
token = None
# first , try by eppn
if from_eppn:
token = api.token_create_by_eppn(request, from_eppn)
# second, try by email
if not token and from_email:
token = api.token_create_by_email(request, from_email)
def get_first_tenant_for_user():
tenants = api.tenant_list_for_token(request, token.id)
return tenants[0] if len(tenants) else None
if not token:
messages.error(request, "Can't retrieve information from Gakunin")
return shortcuts.redirect('auth_login')
tenant = get_first_tenant_for_user()
if not tenant:
messages.error(request, 'No tenants present for user')
return shortcuts.redirect('auth_login')
request.session['unscoped_token'] = token.id
def is_admin(token):
for role in token.user['roles']:
if role['name'].lower() == 'admin':
return True
return False
request.session['admin'] = is_admin(token)
if not token.user or not token.user.has_key('name'):
return shortcuts.redirect('auth_login')
request.session['serviceCatalog'] = token.serviceCatalog
request.session['tenant_id'] = tenant.id
request.session['tenant'] = tenant.name
request.session['token'] = token.id
request.session['user'] = token.user['name']
return shortcuts.redirect('dash_containers', tenant.id)
def _login_with_gakunin(request, from_email, from_eppn, region, show_error=False):
try:
token = None
# first , try by eppn
if from_eppn:
try:
token = api.token_create_by_eppn(request, from_eppn, region)
except Exception, e:
LOG.exception('error in token_create_by_eppn')
pass
# second, try by email
if not token and from_email:
try:
token = api.token_create_by_email(request, from_email, region)
if token:
api.user_update_eppn(request, token.user['id'], from_eppn, region)
except Exception, e:
LOG.exception('error in token_create_by_email')
pass