def test_orcid_login_callback_researcher_flow(patch, patch2, request_ctx):
"""Test login from orcid callback function for researcher and display profile."""
org = Organisation.create(name="THE ORGANISATION",
tuakiri_name="THE ORGANISATION",
confirmed=True,
orcid_client_id="CLIENT ID",
orcid_secret="Client Secret",
city="CITY",
country="COUNTRY",
disambiguated_id="ID",
disambiguation_source="SOURCE",
is_email_sent=True)
u = User.create(email="*****@*****.**",
name="TEST USER",
roles=Role.RESEARCHER,
orcid="123",
confirmed=True,
organisation=org)
UserOrg.create(user=u, org=org, is_admin=False)
token = utils.generate_confirmation_token(email=u.email, org=org.name)
UserInvitation.create(email=u.email,
token=token,
affiliations=Affiliation.EMP)
OrcidToken.create(user=u,
org=org,
scope='/read-limited,/activities/update')
with request_ctx():
request.args = {"invitation_token": token, "state": "xyz"}
session['oauth_state'] = "xyz"
resp = authcontroller.orcid_login_callback(request)
assert resp.status_code == 302
# display profile
assert resp.location.startswith("/profile")
def test_orcid_login(request_ctx):
"""Test login from orcid."""
org = Organisation.create(name="THE ORGANISATION",
tuakiri_name="THE ORGANISATION",
confirmed=False,
orcid_client_id="CLIENT ID",
orcid_secret="Client Secret",
city="CITY",
country="COUNTRY",
disambiguated_id="ID",
disambiguation_source="SOURCE",
is_email_sent=True)
u = User.create(email="*****@*****.**",
name="TEST USER",
roles=Role.TECHNICAL,
orcid="123",
confirmed=True,
organisation=org)
UserOrg.create(user=u, org=org, is_admin=True)
token = utils.generate_confirmation_token(email=u.email, org=org.name)
with request_ctx("/orcid/login/" + token.decode("utf-8")) as ctxx:
rv = ctxx.app.full_dispatch_request()
assert rv.status_code == 200
orcid_authorize = OrcidAuthorizeCall.get(method="GET")
assert "&email=test123%40test.test.net" in orcid_authorize.url
def test_generate_confirmation_token():
"""Test to generate confirmation token."""
token = utils.generate_confirmation_token(["*****@*****.**"],
expiration=0.00001)
data = utils.confirm_token(token)
# Test positive testcase
assert '*****@*****.**' == data[0]
import time
time.sleep(1)
with pytest.raises(Exception) as ex_info:
utils.confirm_token(token)
# Got exception
assert "Signature expired" in ex_info.value.message
_salt = utils.app.config["SALT"]
utils.app.config["SALT"] = None
token = utils.generate_confirmation_token(["*****@*****.**"])
utils.app.config["SALT"] = _salt
data = utils.confirm_token(token)
assert '*****@*****.**' == data[0]
def test_confirmation_token(app):
"""Test generate_confirmation_token and confirm_token."""
app.config['SECRET_KEY'] = "SECRET"
token = utils.generate_confirmation_token("*****@*****.**")
assert utils.confirm_token(token) == "*****@*****.**"
app.config['SECRET_KEY'] = "COMPROMISED SECRET"
with pytest.raises(Exception) as ex_info:
utils.confirm_token(token)
# Got exception
assert "does not match" in ex_info.value.message
def test_orcid_login_callback_admin_flow(patch, patch2, request_ctx):
"""Test login from orcid callback function for Organisation Technical contact."""
org = Organisation.create(name="THE ORGANISATION",
tuakiri_name="THE ORGANISATION",
confirmed=False,
orcid_client_id="CLIENT ID",
orcid_secret="Client Secret",
city="CITY",
country="COUNTRY",
disambiguated_id="ID",
disambiguation_source="SOURCE",
is_email_sent=True)
u = User.create(email="*****@*****.**",
roles=Role.TECHNICAL,
orcid="123",
confirmed=False,
organisation=org)
UserOrg.create(user=u, org=org, is_admin=True)
token = utils.generate_confirmation_token(email=u.email, org=org.name)
with request_ctx() as resp:
request.args = {"invitation_token": token, "state": "xyz"}
session['oauth_state'] = "xyz"
resp = authcontroller.orcid_login_callback(request)
assert resp.status_code == 302
assert resp.location.startswith("/")
with request_ctx() as respx:
request.args = {"invitation_token": token, "state": "xyzabc"}
session['oauth_state'] = "xyz"
respx = authcontroller.orcid_login_callback(request)
assert respx.status_code == 302
assert respx.location.startswith("/")
with request_ctx() as resp:
request.args = {
"invitation_token": token,
"state": "xyz",
"error": "access_denied"
}
session['oauth_state'] = "xyz"
resp = authcontroller.orcid_login_callback(request)
assert resp.status_code == 302
assert resp.location.startswith("/")
with request_ctx() as ct:
token = utils.generate_confirmation_token(email=u.email, org=None)
request.args = {"invitation_token": token, "state": "xyz"}
session['oauth_state'] = "xyz"
ctxx = authcontroller.orcid_login_callback(request)
assert ctxx.status_code == 302
assert ctxx.location.startswith("/")
with request_ctx() as ctxxx:
request.args = {"invitation_token": token, "state": "xyzabc"}
session['oauth_state'] = "xyz"
ctxxx = authcontroller.orcid_login_callback(request)
assert ctxxx.status_code == 302
assert ctxxx.location.startswith("/")
with request_ctx() as cttxx:
request.args = {
"invitation_token": token,
"state": "xyz",
"error": "access_denied"
}
session['oauth_state'] = "xyz"
cttxx = authcontroller.orcid_login_callback(request)
assert cttxx.status_code == 302
assert cttxx.location.startswith("/")
with request_ctx() as ct:
token = utils.generate_confirmation_token(email=u.email, org=None)
request.args = {"invitation_token": token, "state": "xyz"}
session['oauth_state'] = "xyz"
ct = authcontroller.orcid_login_callback(request)
assert ct.status_code == 302
assert ct.location.startswith("/")
with request_ctx():
request.args = {"invitation_token": None, "state": "xyz"}
session['oauth_state'] = "xyz"
ct = authcontroller.orcid_login_callback(request)
assert ct.status_code == 302
assert ct.location.startswith("/")
with request_ctx():
# Test case for catching general exception: invitation token here is integer, so an exception will be thrown.
request.args = {"invitation_token": 123, "state": "xyz"}
session['oauth_state'] = "xyz"
ct = authcontroller.orcid_login_callback(request)
assert ct.status_code == 302
assert ct.location.startswith("/")
with request_ctx():
# User login via orcid, where organisation is not confirmed.
u.orcid = "12121"
u.save()
request.args = {"invitation_token": None, "state": "xyz"}
session['oauth_state'] = "xyz"
resp = authcontroller.orcid_login_callback(request)
assert resp.status_code == 302
assert resp.location.startswith("/about")
with request_ctx():
# User login via orcid, where organisation is confirmed, so showing viewmembers page.
org.tech_contact = u
org.confirmed = True
org.save()
request.args = {"invitation_token": None, "state": "xyz"}
session['oauth_state'] = "xyz"
resp = authcontroller.orcid_login_callback(request)
assert resp.status_code == 302
assert resp.location.startswith("/admin/viewmembers/")
with request_ctx():
# User login via orcid, where organisation is not confirmed and user is tech, so showing confirm org page.
org.confirmed = False
org.save()
request.args = {"invitation_token": None, "state": "xyz"}
session['oauth_state'] = "xyz"
resp = authcontroller.orcid_login_callback(request)
assert resp.status_code == 302
assert resp.location.startswith("/confirm/organisation")