def run(userData):
"""
Handle user data sent by the L{ServiceProvider} when credentials
are successfully verified.
"""
uid = userData['id']
user = TwitterUserAPI().get(uid)
if user is None:
newUser = True
username = userData['screen_name'].lower()
fullname = userData['name']
UserAPI().create([(username, None, fullname, None)])
TwitterUserAPI().create(username, uid)
user = TwitterUserAPI().get(uid)
else:
newUser = False
# FIXME The calls to encrypt the tokens below aren't tested very
# well.
consumer = getUser(consumerUsername)
accessToken = OAuthConsumerAPI().getAccessToken(consumer, user)
renewalToken = OAuthConsumerAPI().getRenewalToken(consumer, user)
return {'username': user.username,
'new-user': newUser,
'missing-password': (user.passwordHash == '!'),
'access-token': accessToken.encrypt(),
'renewal-token': renewalToken.encrypt(),
'uid': uid,
'data': userData}
def testGetUserWithNoPassword(self):
"""
If a L{User} returned by L{Delegator.getUser} doesn't have a password,
a C{missing-password} value is added to the result.
"""
UserAPI().create([
(u'consumer', 'secret', u'Consumer', u'*****@*****.**'),
(u'user', None, u'User', u'*****@*****.**')])
TwitterUserAPI().create(u'user', 1984245)
consumer = getUser(u'consumer')
OAuthConsumerAPI().register(consumer)
self.store.commit()
self.agent._connect = self._connect
authentication = 'OAuth oauth_consumer_key="...", ...'
provider = ServiceProvider(self.agent, 'https://example.com/verify')
delegator = Delegator(self.transact)
deferred = delegator.getUser(u'consumer', provider, authentication)
[(request, responseDeferred)] = self.protocol.requests
response = FakeResponse(ResponseDone(), dumps({'id': 1984245}))
responseDeferred.callback(response)
result = yield deferred
self.assertTrue(result['access-token'])
self.assertTrue(result['renewal-token'])
del result['access-token']
del result['renewal-token']
self.assertEqual({'username': u'user',
'new-user': False,
'missing-password': True,
'uid': 1984245,
'data': {u'id': 1984245}},
result)
def testGetUserWithNewUserAndMixedCaseTwitterScreenName(self):
"""
A new L{User} is created if L{Delegator.getUser} verifies the
L{TwitterUser} but can't find a user matching the Twitter screen name.
The Twitter user's screen name should be lowercased to make the
new Fluidinfo username.
"""
UserAPI().create([
(u'consumer', 'secret', u'Consumer', u'*****@*****.**')])
consumer = getUser(u'consumer')
OAuthConsumerAPI().register(consumer)
self.store.commit()
self.agent._connect = self._connect
authentication = 'OAuth oauth_consumer_key="...", ...'
provider = ServiceProvider(self.agent, 'https://example.com/verify')
delegator = Delegator(self.transact)
deferred = delegator.getUser(u'consumer', provider, authentication)
[(request, responseDeferred)] = self.protocol.requests
response = FakeResponse(ResponseDone(),
dumps({'id': 1984245,
'screen_name': u'MixedCaseName',
'name': u'John Doe'}))
responseDeferred.callback(response)
result = yield deferred
self.assertTrue(result['new-user'])
user = TwitterUserAPI().get(1984245)
self.assertEqual(u'mixedcasename', user.username)
def testGetUser(self):
"""
L{Delegator.getUser} returns a C{(User, data)} 2-tuple when the
service provider successfully verifies credentials and a mapping
between a Fluidinfo L{User} and the L{TwitterUser} being verified
exists.
"""
UserAPI().create([
(u'consumer', 'secret', u'Consumer', u'*****@*****.**'),
(u'user', 'secret', u'User', u'*****@*****.**')])
TwitterUserAPI().create(u'user', 1984245)
consumer = getUser(u'consumer')
OAuthConsumerAPI().register(consumer)
self.store.commit()
self.agent._connect = self._connect
authentication = 'OAuth oauth_consumer_key="...", ...'
provider = ServiceProvider(self.agent, 'https://example.com/verify')
delegator = Delegator(self.transact)
deferred = delegator.getUser(u'consumer', provider, authentication)
[(request, responseDeferred)] = self.protocol.requests
response = FakeResponse(ResponseDone(), dumps({'id': 1984245}))
responseDeferred.callback(response)
result = yield deferred
self.assertTrue(result['access-token'])
self.assertTrue(result['renewal-token'])
del result['access-token']
del result['renewal-token']
self.assertEqual({'username': u'user',
'new-user': False,
'missing-password': False,
'uid': 1984245,
'data': {u'id': 1984245}},
result)
def testGet(self):
"""
L{TwitterUserAPI.get} returns the L{User} matching a specified Twitter
UID, if one exists.
"""
user = createUser(u'user', u'secret', u'User', u'*****@*****.**')
createTwitterUser(user, 1928745)
self.assertIdentical(user, TwitterUserAPI().get(1928745))
def testCreateWithoutMatchingUser(self):
"""
L{TwitterUserAPI.create} raises L{UnknownUserError} if the specified
L{User.username} doesn't match an existing L{User}.
"""
error = self.assertRaises(UnknownUserError,
TwitterUserAPI().create, u'unknown', 1239586)
self.assertEqual([u'unknown'], error.usernames)
def testCreate(self):
"""
L{TwitterUserAPI.create} creates a new L{TwitterUser} to map a Twitter
UID to an existing L{User}.
"""
user = createUser(u'user', u'secret', u'User', u'*****@*****.**')
TwitterUserAPI().create(u'user', 19385982)
sameUser, twitterUser = getTwitterUsers([19385982]).one()
self.assertNotIdentical(None, twitterUser)
self.assertIdentical(user, sameUser)
def testRenderWithSuccessfulVerification(self):
"""
An C{OK} HTTP status code is returned if the authorization is
successfully verified by the service provider. The results of the
call to the service provider to verify credentials are returned to the
user.
"""
UserAPI().create([(u'john', 'secret', u'John', u'*****@*****.**')])
TwitterUserAPI().create(u'john', 1984245)
self.store.commit()
self.agent._connect = self._connect
headers = {
'X-Verify-Credentials-Authorization': ['OAuth ...'],
'X-Auth-Service-Provider': [TWITTER_URL]
}
request = FakeRequest(headers=Headers(headers))
with login(u'anon', self.anonymous.objectID, self.transact) as session:
resource = OAuthEchoResource(session, self.agent)
self.assertEqual(NOT_DONE_YET, resource.render_GET(request))
[(_, responseDeferred)] = self.protocol.requests
data = {'id': 1984245, 'screen_name': u'john', 'name': u'John'}
response = FakeResponse(ResponseDone(), dumps(data))
responseDeferred.callback(response)
result = yield resource.deferred
self.assertTrue(result['access-token'])
self.assertTrue(result['renewal-token'])
del result['access-token']
del result['renewal-token']
self.assertEqual(
{
'username': u'john',
'new-user': False,
'missing-password': False,
'data': data,
'uid': 1984245
}, result)
self.assertEqual(OK, request.code)
self.assertEqual(data, loads(request.written.getvalue()))
def testRenderWithFailingServiceProviderCall(self):
"""
A C{SERVICE_UNAVAILABLE} HTTP status code is returned if an error
occurs while communicating with the L{ServiceProvider}.
"""
UserAPI().create([(u'user', 'secret', u'User', u'*****@*****.**')])
TwitterUserAPI().create(u'user', 1984245)
self.store.commit()
self.agent._connect = self._connect
headers = {
'X-Verify-Credentials-Authorization': ['OAuth ...'],
'X-Auth-Service-Provider': [TWITTER_URL]
}
request = FakeRequest(headers=Headers(headers))
with login(u'anon', self.anonymous.objectID, self.transact) as session:
resource = OAuthEchoResource(session, self.agent)
self.assertEqual(NOT_DONE_YET, resource.render_GET(request))
[(_, responseDeferred)] = self.protocol.requests
response = FakeResponse(RuntimeError(), None)
responseDeferred.callback(response)
yield resource.deferred
self.assertEqual(SERVICE_UNAVAILABLE, request.code)
def testGetWithoutMatch(self):
"""
L{TwitterUserAPI.get} returns C{None} if the L{User} matching the
specified Twitter UID is not available.
"""
self.assertIdentical(None, TwitterUserAPI().get(1928745))