def forwards(apps, schema_editor):
SocialToken = apps.get_model("socialaccount", "SocialToken")
for token in SocialToken.objects.all():
token.token = fernet_encrypt(token.token)
token.token_secret = fernet_encrypt(token.token_secret)
token.save()
class SocialTokenFactory(factory.django.DjangoModelFactory):
class Meta:
model = SocialToken
token = fernet_encrypt("0123456789abcdef")
token_secret = fernet_encrypt("secret.0123456789abcdef")
app = factory.SubFactory(SocialAppFactory)
def parse_token(self, data):
"""Wrap OAuth2Base.parse_token to encrypt tokens for storage.
Called from OAuth2CallbackView"""
data["access_token"] = fernet_encrypt(data["access_token"])
data["refresh_token"] = fernet_encrypt(data["refresh_token"])
return super().parse_token(data)
def test_complete_login(self, mocker, rf):
# This is a mess of terrible mocking and I do not like it.
# This is really just to exercise the mixin, and confirm that it
# assigns instance_url
get = mocker.patch("requests.get")
userinfo_mock = mock.MagicMock()
userinfo_mock.json.return_value = {
"organization_id": "00D000000000001EAA",
"urls": mock.MagicMock(),
}
get.side_effect = [userinfo_mock, mock.MagicMock(), mock.MagicMock()]
adapter = SalesforceOAuth2Mixin()
adapter.userinfo_url = None
adapter.get_provider = mock.MagicMock()
slfr = mock.MagicMock()
slfr.account.extra_data = {}
prov_ret = mock.MagicMock()
prov_ret.sociallogin_from_response.return_value = slfr
adapter.get_provider.return_value = prov_ret
request = rf.get("/")
request.session = {"socialaccount_state": (None, "some-verifier")}
token = mock.MagicMock()
token.token = fernet_encrypt("token")
ret = adapter.complete_login(
request,
None,
token,
response={"instance_url": "https://example.com"})
assert ret.account.extra_data["instance_url"] == "https://example.com"
def test_complete_login_fail(self, rf, mocker):
# This is a mess of terrible mocking and I do not like it.
bad_response = mock.MagicMock()
bad_response.raise_for_status.side_effect = requests.HTTPError
get = mocker.patch("requests.get")
insufficient_perms_mock = mock.MagicMock()
insufficient_perms_mock.json.return_value = {
"userSettings": {
"canModifyAllData": False
}
}
get.side_effect = [mock.MagicMock(), insufficient_perms_mock]
adapter = SalesforceOAuth2Mixin()
adapter.userinfo_url = None
adapter.get_provider = mock.MagicMock()
slfr = mock.MagicMock()
slfr.account.extra_data = {}
prov_ret = mock.MagicMock()
prov_ret.sociallogin_from_response.return_value = slfr
adapter.get_provider.return_value = prov_ret
request = rf.get("/")
request.session = {"socialaccount_state": (None, "some-verifier")}
token = mock.MagicMock()
token.token = fernet_encrypt("token")
with pytest.raises(SalesforcePermissionsError):
adapter.complete_login(request, None, token, response={})
def test_complete_login__api_disabled_for_org(self, rf, mocker):
get = mocker.patch("requests.get")
userinfo_mock = mock.MagicMock()
userinfo_mock.json.return_value = {
"organization_id": "00D000000000001EAA",
"user_id": "003000000000001",
"preferred_username": "******",
"language": "en_US",
"urls": mock.MagicMock(),
}
api_disabled_mock = mock.MagicMock(status_code=403)
api_disabled_mock.json.return_value = [{
"message":
"The REST API is not enabled for this Organization.",
"errorCode":
"API_DISABLED_FOR_ORG",
}]
get.side_effect = [userinfo_mock, mock.MagicMock(), api_disabled_mock]
request = rf.post("/")
request.session = {"socialaccount_state": (None, "some-verifier")}
adapter = SalesforceOAuth2Adapter(request)
adapter.get_provider = mock.MagicMock()
slfr = mock.MagicMock()
slfr.account.extra_data = {}
prov_ret = mock.MagicMock()
prov_ret.sociallogin_from_response.return_value = slfr
adapter.get_provider.return_value = prov_ret
token = mock.MagicMock()
token.token = fernet_encrypt("token")
with pytest.raises(SalesforcePermissionsError):
adapter.complete_login(request, None, token, response={})
def test_complete_login__no_modify_all_data_perm(self, rf, mocker):
bad_response = mock.MagicMock()
bad_response.raise_for_status.side_effect = requests.HTTPError
get = mocker.patch("requests.get")
insufficient_perms_mock = mock.MagicMock()
insufficient_perms_mock.json.return_value = {
"userSettings": {
"canModifyAllData": False
}
}
get.side_effect = [mock.MagicMock(), insufficient_perms_mock]
request = rf.post("/")
request.session = {"socialaccount_state": (None, "some-verifier")}
adapter = SalesforceOAuth2Adapter(request)
adapter.get_provider = mock.MagicMock()
slfr = mock.MagicMock()
slfr.account.extra_data = {}
prov_ret = mock.MagicMock()
prov_ret.sociallogin_from_response.return_value = slfr
adapter.get_provider.return_value = prov_ret
token = mock.MagicMock()
token.token = fernet_encrypt("token")
with pytest.raises(SalesforcePermissionsError):
adapter.complete_login(request, None, token, response={})
def test_complete_login(self, mocker, rf):
get = mocker.patch("requests.get")
userinfo_mock = mock.MagicMock()
userinfo_mock.json.return_value = {
"organization_id": "00D000000000001EAA",
"user_id": "003000000000001",
"preferred_username": "******",
"language": "en_US",
"urls": mock.MagicMock(),
}
get.side_effect = [userinfo_mock, mock.MagicMock(), mock.MagicMock()]
request = rf.post("/")
request.session = {"socialaccount_state": (None, "some-verifier")}
adapter = SalesforceOAuth2Adapter(request)
adapter.get_provider = mock.MagicMock()
slfr = mock.MagicMock()
slfr.account.extra_data = {}
prov_ret = mock.MagicMock()
prov_ret.sociallogin_from_response.return_value = slfr
adapter.get_provider.return_value = prov_ret
token = mock.MagicMock(app=SocialApp(provider="salesforce"))
token.token = fernet_encrypt("token")
ret = adapter.complete_login(
request,
None,
token,
response={"instance_url": "https://example.com"})
assert ret.account.extra_data["instance_url"] == "https://example.com"
def test_complete_login__org_info_not_required(self, rf, mocker):
bad_response = mock.MagicMock()
bad_response.raise_for_status.side_effect = requests.HTTPError
get = mocker.patch("requests.get")
insufficient_perms_mock = mock.MagicMock()
insufficient_perms_mock.json.return_value = {
"userSettings": {
"canModifyAllData": False
}
}
get.side_effect = [mock.MagicMock(), insufficient_perms_mock]
request = rf.post("/")
request.session = {"socialaccount_state": (None, "some-verifier")}
adapter = SalesforceOAuth2Adapter(request)
adapter.get_provider = mock.MagicMock()
slfr = mock.MagicMock()
slfr.account.extra_data = {}
prov_ret = mock.MagicMock()
prov_ret.sociallogin_from_response.return_value = slfr
adapter.get_provider.return_value = prov_ret
token = mock.MagicMock()
token.token = fernet_encrypt("token")
mocker.patch(
"sfdo_template_helpers.oauth2.salesforce.views.settings",
SOCIALACCOUNT_SALESFORCE_REQUIRE_ORG_DETAILS=False,
)
ret = adapter.complete_login(request, None, token, response={})
assert ret.account.extra_data["organization_details"] is None
def test_complete_login_fail(self, rf, mocker):
# This is a mess of terrible mocking and I do not like it.
# This is really just to exercise the mixin, and confirm that it
# assigns organization_details to None if there's an error.
bad_response = mock.MagicMock()
bad_response.raise_for_status.side_effect = requests.HTTPError
get = mocker.patch("requests.get")
insufficient_perms_mock = mock.MagicMock()
insufficient_perms_mock.json.return_value = {
"userSettings": {
"canModifyAllData": False
}
}
get.side_effect = [mock.MagicMock(), insufficient_perms_mock]
adapter = SalesforceOAuth2Mixin()
adapter.userinfo_url = None
adapter.get_provider = mock.MagicMock()
slfr = mock.MagicMock()
slfr.account.extra_data = {}
prov_ret = mock.MagicMock()
prov_ret.sociallogin_from_response.return_value = slfr
adapter.get_provider.return_value = prov_ret
request = rf.get("/")
request.session = {"socialaccount_state": (None, "some-verifier")}
token = mock.MagicMock()
token.token = fernet_encrypt("token")
ret = adapter.complete_login(request, None, token, response={})
assert ret.account.extra_data["organization_details"] is None
def test_roundtrip():
s = "I am a test string."
assert fernet_encrypt(s) != s
assert fernet_decrypt(fernet_encrypt(s)) == s
