def process_request(self, req): if req.path_info == "/auth_server_login": self._redirects_for_login(req) if req.path_info == "/auth_server_process": self._do_process(req) else: LoginModule.process_request(self, req)
def authenticate(self, req): """Return the name of the remote user, or `None` if the identity of the user is unknown.""" # check for an authenticated user login_module = LoginModule(self.env) remote_user = login_module.authenticate(req) if remote_user: return remote_user # authenticate via a CAPTCHA if 'captchaauth' in req.args and 'captchaid' in req.args: # ensure CAPTCHA identification captcha = self.captcha(req) if captcha != req.args['captchaauth']: return # ensure sane identity name, email = self.identify(req) if name is None: return if AccountManager and name in AccountManager(self.env).get_users(): return # delete used CAPTCHA on success try: execute_non_query(self.env, "DELETE FROM captcha WHERE id=%s", req.args['captchaid']) except: pass # log the user in req.environ['REMOTE_USER'] = name login_module._do_login(req)
def process_request(self, req): if req.path_info.startswith("/login"): self._do_oauth2_login(req) elif req.path_info.startswith("/oauth2callback"): self._do_callback(req) else: LoginModule.process_request(self, req) req.redirect(self.env.abs_href())
def process_request(self, req): req.perm.require('CHANGESET_DELETE') rm = RepositoryManager(self.env) repos = rm.get_repository(req.args['reponame'], True) if not repos: raise TracError(_('Repository "%(name)s" does not exist.', name=req.args['reponame'])) if not (repos.owner == req.authname or 'REPOSITORY_ADMIN' in req.perm): message = _('You (%(user)s) are not the owner of "%(name)s"', user=req.authname, name=repos.reponame) raise PermissionError(message) if req.args.get('confirm'): display_rev = repos.display_rev(req.args['rev']) rm.delete_changeset(repos, req.args['rev'], req.args.get('ban')) add_notice(req, _('The changeset "%(rev)s" has been removed.', rev=display_rev)) req.redirect(req.href.log(repos.reponame)) elif req.args.get('cancel'): LoginModule(self.env)._redirect_back(req) data = {'repository': repos, 'rev': req.args['rev'], 'cannot_ban': not rm.can_ban_changesets(repos.type)} add_stylesheet(req, 'common/css/admin.css') return 'changeset_delete.html', data, None
def _do_callback(self, req): trac_base_url = self.config.get('project', 'url', TRAC_BASE_URL) api_base_url = self.config.get('rackandpin', 'api_base_url', API_BASE_URL) client_id = self.config.get('rackandpin', 'client_id', '') client_secret = self.config.get('rackandpin', 'client_secret', '') token_url = api_base_url + "/o/token/" redirect_uri = trac_base_url + '/oauth2callback' session = OAuth2Session(client_id, redirect_uri=redirect_uri, state=req.session['OAUTH_STATE']) try: code = urlparse.parse_qs(req.query_string)["code"][0] except Exception: raise Exception("Received invalid query parameters.") # add_notice(req, "code:%s", code) self.env.log.debug("*** Hey, code is %r ***", code) self.env.log.debug("*** Hey, token_url is %r ***", token_url) token = session.fetch_token(token_url=token_url, client_secret=client_secret, code=code, verify=False) req.environ["oauth_token"] = token # add_notice(req, "token: %s", token) member_authorization_url = "%s/api/username" % api_base_url try: r = session.get(member_authorization_url) authname = r.content except Exception: self.env.log.debug("*** Hey, this user not authorized ***") add_warning(req, """Authorization failed for this user. Contact your production manager""") raise Exception("Authorization failed") req.environ["REMOTE_USER"] = authname # req.environ["REMOTE_USER"] = "******" LoginModule._do_login(self, req)
def _process_remove_request(self, req, data): """Remove an existing repository.""" repo = self._get_checked_repository(req, req.args.get('reponame')) open_ticket = None with self.env.db_transaction as db: tickets = db("""SELECT ticket FROM ( SELECT src.ticket, src.value as srcrepo, dst.value as dstrepo FROM ticket_custom AS src JOIN ticket_custom AS dst ON (src.ticket = dst.ticket) WHERE src.name = 'pr_srcrepo' AND dst.name = 'pr_dstrepo') WHERE srcrepo = %d OR dstrepo = %d """ % (repo.id, repo.id)) for values in tickets: (id,) = values ticket = Ticket(self.env, id) if ticket['status'] != 'closed': open_ticket = id break if open_ticket: link = tag.a(_("pull request"), href=req.href.ticket(open_ticket)) add_warning(req, tag_('The repository "%(name)s can not be ' 'removed as it is referenced by an open ' '%(link)s.', name=repo.reponame, link=link)) LoginModule(self.env)._redirect_back(req) if req.args.get('confirm'): RepositoryManager(self.env).remove(repo, req.args.get('delete')) add_notice(req, _('The repository "%(name)s" has been removed.', name=repo.reponame)) req.redirect(req.href.repository()) elif req.args.get('cancel'): LoginModule(self.env)._redirect_back(req) data.update({'title': _("Remove Repository"), 'repository': repo})
class LoginModuleTestCase(unittest.TestCase): def setUp(self): self.env = EnvironmentStub() self.module = LoginModule(self.env) def tearDown(self): self.env.reset_db() def test_anonymous_access(self): req = MockRequest(self.env, remote_user=None) self.assertIsNone(self.module.authenticate(req)) def test_unknown_cookie_access(self): incookie = Cookie() incookie['trac_auth'] = '123' req = MockRequest(self.env, remote_user=None) self.assertIsNone(self.module.authenticate(req)) def test_known_cookie_access(self): self.env.db_transaction(""" INSERT INTO auth_cookie (cookie, name, ipnr) VALUES ('123', 'john', '127.0.0.1')""") req = MockRequest(self.env, remote_user=None) req.incookie['trac_auth'] = '123' self.assertEqual('john', self.module.authenticate(req)) self.assertNotIn('auth_cookie', req.outcookie) def test_known_cookie_ip_check_enabled(self): self.env.config.set('trac', 'check_auth_ip', 'yes') self.env.db_transaction(""" INSERT INTO auth_cookie (cookie, name, ipnr) VALUES ('123', 'john', '127.0.0.1')""") req = MockRequest(self.env, remote_addr='192.168.0.100', remote_user=None) req.incookie['trac_auth'] = '123' self.assertIsNone(self.module.authenticate(req)) self.assertIn('trac_auth', req.outcookie) def test_known_cookie_ip_check_disabled(self): self.env.config.set('trac', 'check_auth_ip', 'no') self.env.db_transaction(""" INSERT INTO auth_cookie (cookie, name, ipnr) VALUES ('123', 'john', '127.0.0.1')""") req = MockRequest(self.env, remote_addr='192.168.0.100', remote_user=None) req.incookie['trac_auth'] = '123' self.assertEqual('john', self.module.authenticate(req)) self.assertNotIn('auth_cookie', req.outcookie) def test_login(self): # remote_user must be upper case to test that by default, case is # preserved. req = MockRequest(self.env, authname='john') self.module._do_login(req) self.assertIn('trac_auth', req.outcookie, '"trac_auth" Cookie not set') auth_cookie = req.outcookie['trac_auth'].value self.assertEqual([('john', '127.0.0.1')], self.env.db_query( "SELECT name, ipnr FROM auth_cookie WHERE cookie=%s", (auth_cookie,))) def test_login_ignore_case(self): """ Test that login is succesful when the usernames differ in case, but case is ignored. """ self.env.config.set('trac', 'ignore_auth_case', 'yes') req = MockRequest(self.env, remote_user='******') self.module._do_login(req) self.assertIn('trac_auth', req.outcookie, '"trac_auth" Cookie not set') auth_cookie = req.outcookie['trac_auth'].value self.assertEqual([('john', '127.0.0.1')], self.env.db_query( "SELECT name, ipnr FROM auth_cookie WHERE cookie=%s", (auth_cookie,))) def test_login_no_username(self): req = MockRequest(self.env, remote_user=None) self.assertRaises(TracError, self.module._do_login, req) def test_already_logged_in_same_user(self): self.env.db_transaction(""" INSERT INTO auth_cookie (cookie, name, ipnr) VALUES ('123', 'john', '127.0.0.1')""") req = MockRequest(self.env, authname='john') self.module._do_login(req) # this shouldn't raise an error def test_already_logged_in_different_user(self): self.env.db_transaction(""" INSERT INTO auth_cookie (cookie, name, ipnr) VALUES ('123', 'john', '127.0.0.1')""") req = MockRequest(self.env, authname='john', remote_user='******') self.assertRaises(TracError, self.module._do_login, req) def test_logout(self): self.env.db_transaction(""" INSERT INTO auth_cookie (cookie, name, ipnr) VALUES ('123', 'john', '127.0.0.1')""") req = MockRequest(self.env, authname='john', method='POST') self.module._do_logout(req) self.assertIn('trac_auth', req.outcookie) self.assertFalse(self.env.db_query( "SELECT name, ipnr FROM auth_cookie WHERE name='john'")) def test_logout_not_logged_in(self): req = MockRequest(self.env, method='POST') self.module._do_logout(req) # this shouldn't raise an error def test_logout_protect(self): self.env.db_transaction(""" INSERT INTO auth_cookie (cookie, name, ipnr) VALUES ('123', 'john', '127.0.0.1')""") req = MockRequest(self.env, authname='john') self.module._do_logout(req) self.assertNotIn('trac_auth', req.outcookie) self.assertEqual( [('john', '127.0.0.1')], self.env.db_query("SELECT name, ipnr FROM auth_cookie " "WHERE cookie='123'"))
def setUp(self): self.env = EnvironmentStub() self.module = LoginModule(self.env)
class LoginModuleTestCase(unittest.TestCase): def setUp(self): self.env = EnvironmentStub() self.module = LoginModule(self.env) def tearDown(self): self.env.reset_db() def test_anonymous_access(self): req = Mock(incookie=Cookie(), href=Href('/trac.cgi'), remote_addr='127.0.0.1', remote_user=None, base_path='/trac.cgi') self.assertEqual(None, self.module.authenticate(req)) def test_unknown_cookie_access(self): incookie = Cookie() incookie['trac_auth'] = '123' req = Mock(cgi_location='/trac', href=Href('/trac.cgi'), incookie=incookie, outcookie=Cookie(), remote_addr='127.0.0.1', remote_user=None, base_path='/trac.cgi') self.assertEqual(None, self.module.authenticate(req)) def test_known_cookie_access(self): self.env.db_transaction(""" INSERT INTO auth_cookie (cookie, name, ipnr) VALUES ('123', 'john', '127.0.0.1')""") incookie = Cookie() incookie['trac_auth'] = '123' outcookie = Cookie() req = Mock(incookie=incookie, outcookie=outcookie, href=Href('/trac.cgi'), base_path='/trac.cgi', remote_addr='127.0.0.1', remote_user=None) self.assertEqual('john', self.module.authenticate(req)) self.failIf('auth_cookie' in req.outcookie) def test_known_cookie_ip_check_enabled(self): self.env.config.set('trac', 'check_auth_ip', 'yes') self.env.db_transaction(""" INSERT INTO auth_cookie (cookie, name, ipnr) VALUES ('123', 'john', '127.0.0.1')""") incookie = Cookie() incookie['trac_auth'] = '123' outcookie = Cookie() req = Mock(cgi_location='/trac', href=Href('/trac.cgi'), incookie=incookie, outcookie=outcookie, remote_addr='192.168.0.100', remote_user=None, base_path='/trac.cgi') self.assertEqual(None, self.module.authenticate(req)) self.failIf('trac_auth' not in req.outcookie) def test_known_cookie_ip_check_disabled(self): self.env.config.set('trac', 'check_auth_ip', 'no') self.env.db_transaction(""" INSERT INTO auth_cookie (cookie, name, ipnr) VALUES ('123', 'john', '127.0.0.1')""") incookie = Cookie() incookie['trac_auth'] = '123' outcookie = Cookie() req = Mock(incookie=incookie, outcookie=outcookie, href=Href('/trac.cgi'), base_path='/trac.cgi', remote_addr='192.168.0.100', remote_user=None) self.assertEqual('john', self.module.authenticate(req)) self.failIf('auth_cookie' in req.outcookie) def test_login(self): outcookie = Cookie() # remote_user must be upper case to test that by default, case is # preserved. req = Mock(cgi_location='/trac', href=Href('/trac.cgi'), incookie=Cookie(), outcookie=outcookie, remote_addr='127.0.0.1', remote_user='******', authname='john', base_path='/trac.cgi') self.module._do_login(req) assert outcookie.has_key('trac_auth'), '"trac_auth" Cookie not set' auth_cookie = outcookie['trac_auth'].value self.assertEquals([('john', '127.0.0.1')], self.env.db_query( "SELECT name, ipnr FROM auth_cookie WHERE cookie=%s", (auth_cookie,))) def test_login_ignore_case(self): """ Test that login is succesful when the usernames differ in case, but case is ignored. """ self.env.config.set('trac', 'ignore_auth_case', 'yes') outcookie = Cookie() req = Mock(cgi_location='/trac', href=Href('/trac.cgi'), incookie=Cookie(), outcookie=outcookie, remote_addr='127.0.0.1', remote_user='******', authname='anonymous', base_path='/trac.cgi') self.module._do_login(req) assert outcookie.has_key('trac_auth'), '"trac_auth" Cookie not set' auth_cookie = outcookie['trac_auth'].value self.assertEquals([('john', '127.0.0.1')], self.env.db_query( "SELECT name, ipnr FROM auth_cookie WHERE cookie=%s", (auth_cookie,))) def test_login_no_username(self): req = Mock(incookie=Cookie(), href=Href('/trac.cgi'), remote_addr='127.0.0.1', remote_user=None, base_path='/trac.cgi') self.assertRaises(TracError, self.module._do_login, req) def test_already_logged_in_same_user(self): self.env.db_transaction(""" INSERT INTO auth_cookie (cookie, name, ipnr) VALUES ('123', 'john', '127.0.0.1')""") incookie = Cookie() incookie['trac_auth'] = '123' req = Mock(incookie=incookie, outcookie=Cookie(), href=Href('/trac.cgi'), base_path='/trac.cgi', remote_addr='127.0.0.1', remote_user='******', authname='john') self.module._do_login(req) # this shouldn't raise an error def test_already_logged_in_different_user(self): self.env.db_transaction(""" INSERT INTO auth_cookie (cookie, name, ipnr) VALUES ('123', 'john', '127.0.0.1')""") incookie = Cookie() incookie['trac_auth'] = '123' req = Mock(incookie=incookie, authname='john', href=Href('/trac.cgi'), base_path='/trac.cgi', remote_addr='127.0.0.1', remote_user='******') self.assertRaises(AssertionError, self.module._do_login, req) def test_logout(self): self.env.db_transaction(""" INSERT INTO auth_cookie (cookie, name, ipnr) VALUES ('123', 'john', '127.0.0.1')""") incookie = Cookie() incookie['trac_auth'] = '123' outcookie = Cookie() req = Mock(cgi_location='/trac', href=Href('/trac.cgi'), incookie=incookie, outcookie=outcookie, remote_addr='127.0.0.1', remote_user=None, authname='john', base_path='/trac.cgi') self.module._do_logout(req) self.failIf('trac_auth' not in outcookie) self.failIf(self.env.db_query( "SELECT name, ipnr FROM auth_cookie WHERE name='john'")) def test_logout_not_logged_in(self): req = Mock(cgi_location='/trac', href=Href('/trac.cgi'), incookie=Cookie(), outcookie=Cookie(), remote_addr='127.0.0.1', remote_user=None, authname='anonymous', base_path='/trac.cgi') self.module._do_logout(req) # this shouldn't raise an error
def pre_process_request(self, req, handler): """Called after initial handler selection, and can be used to change the selected handler or redirect request. Always returns the request handler, even if unchanged. """ if req.method == 'GET': if req.path_info.strip('/') in ['register', 'login' ] and req.authname != 'anonymous': login_module = LoginModule(self.env) login_module._do_logout(req) req.redirect(req.href(req.path_info)) if req.method == 'POST': realm = self.realm(req) # set the session data for name and email if CAPTCHA-authenticated if 'captchaauth' in req.args: name, email = self.identify(req) for field in 'name', 'email': value = locals()[field] if value: req.session[field] = value req.session.save() if req.authname != 'anonymous' and realm == 'newticket': req.args['author'] = name if email: req.args['author'] += ' <%s>' % email # redirect anonymous user posts that are not CAPTCHA-identified if req.authname == 'anonymous' and realm in self.realms: if 'captchaauth' in req.args and 'captchaid' in req.args: # add warnings from CAPTCHA authentication captcha = self.captcha(req) if req.args['captchaauth'] != captcha: add_warning( req, "You typed the wrong word. Please try again.") try: # delete used CAPTCHA execute_non_query( self.env, "DELETE FROM captcha WHERE id=%s", req.args['captchaid']) except: pass name, email = self.identify(req) if not name: add_warning(req, 'Please provide your name') if AccountManager and name in AccountManager( self.env).get_users(): add_warning( req, '%s is already taken as by a registered user. Please login or use a different name' % name) # redirect to previous location location = req.get_header('referer') if location: location, query = urllib.splitquery(location) if realm == 'newticket': args = [(key.split('field_', 1)[-1], value) for key, value in req.args.items() if key.startswith('field_')] location += '?%s' % urllib.urlencode(args) else: location = req.href() req.redirect(location) return handler
def setUp(self): self.env = EnvironmentStub() self.db = self.env.get_db_cnx() self.module = LoginModule(self.env)
def _do_process(self, req): """Process grant returned by user. """ code = req.args.get('code') next = req.args.get('state') or req.base_path or "/" if not code: raise HTTPBadRequest('"code" parameter is missing.') try: access_token = oauth2.process_code(code) except ValueError, err: raise HTTPBadRequest('Bad request. %s' % err) except AssertionError, err: raise HTTPUnauthorized("You are not authorized. %s" % err) try: info = oauth2.get_authorizations(access_token) except ValueError, err: raise HTTPInternalError(str(err)) print "info:", info # TODO: 403 if not good authorizations # We cannot directly write into req.remote_user, so write in environ # and let LoginModule set cookie stuff as needed... req.environ['REMOTE_USER'] = info.get('userid') LoginModule._do_login(self, req) req.redirect(next)
def pre_process_request(self, req, handler): """Called after initial handler selection, and can be used to change the selected handler or redirect request. Always returns the request handler, even if unchanged. """ if req.method == 'GET': if req.path_info.strip('/') in ['register', 'login'] and req.authname != 'anonymous': login_module = LoginModule(self.env) login_module._do_logout(req) req.redirect(req.href(req.path_info)) if req.method == 'POST': realm = self.realm(req) # set the session data for name and email if CAPTCHA-authenticated if 'captchaauth' in req.args: name, email = self.identify(req) for field in 'name', 'email': value = locals()[field] if value: req.session[field] = value req.session.save() if req.authname != 'anonymous' and realm == 'newticket': req.args['author'] = name if email: req.args['author'] += ' <%s>' % email # redirect anonymous user posts that are not CAPTCHA-identified if req.authname == 'anonymous' and realm in self.realms: if 'captchaauth' in req.args and 'captchaid' in req.args: # add warnings from CAPTCHA authentication captcha = self.captcha(req) if req.args['captchaauth'] != captcha: add_warning(req, "You typed the wrong word. Please try again.") try: # delete used CAPTCHA execute_non_query(self.env, "DELETE FROM captcha WHERE id=%s", req.args['captchaid']) except: pass name, email = self.identify(req) if not name: add_warning(req, 'Please provide your name') if AccountManager and name in AccountManager(self.env).get_users(): add_warning(req, '%s is already taken as by a registered user. Please login or use a different name' % name) # redirect to previous location location = req.get_header('referer') if location: location, query = urllib.splitquery(location) if realm == 'newticket': args = [(key.split('field_',1)[-1], value) for key, value in req.args.items() if key.startswith('field_')] location += '?%s' % urllib.urlencode(args) else: location = req.href() req.redirect(location) return handler
def _process_modify_request(self, req, data): """Modify an existing repository.""" repo = self._get_checked_repository(req, req.args.get('reponame')) restrict_modifications = False if self.restrict_forks and not 'REPOSITORY_ADMIN' in req.perm: restrict_modifications = repo.is_fork rm = RepositoryManager(self.env) base_directory = rm.get_base_directory(repo.type) prefix_length = len(base_directory) if prefix_length > 0: prefix_length += 1 req.args['name'] = req.args.get('name', repo.reponame) req.args['type'] = repo.type req.args['dir'] = req.args.get('dir', repo.directory[prefix_length:]) req.args['owner'] = req.args.get('owner', repo.owner) if repo.is_fork: req.args['inherit_readers'] = req.args.get('inherit_readers', repo.inherit_readers) new = self._get_repository_data_from_request(req) if req.args.get('modify'): if self._check_and_update_repository(req, new, repo): rm.modify(repo, new) link = tag.a(repo.reponame, href=req.href.browser(new['name'])) add_notice(req, tag_('The repository "%(link)s" has been ' 'modified.', link=link)) req.redirect(req.href.repository('modify', new['name'])) elif self._process_role_adding(req, repo): req.redirect(req.href(req.path_info)) elif req.args.get('revoke'): selection = req.args.get('selection') if selection: if not isinstance(selection, list): selection = [selection] roles = [role.split(':') for role in selection] decode = unicode_from_base64 roles = [(decode(role[0]), decode(role[1])) for role in roles] rm.revoke_roles(repo, roles) rm.update_auth_files() req.redirect(req.href(req.path_info)) elif req.args.get('cancel'): LoginModule(self.env)._redirect_back(req) if repo.is_fork: if new['inherit_readers'] != repo.inherit_readers: new['dir'] = repo.directory rm.modify(repo, new) req.redirect(req.href(req.path_info)) repo_link = tag.a(repo.reponame, href=req.href.browser(repo.reponame)) possible_maintainers = self._get_possible_maintainers(req) data.update({'title': tag_("Modify Repository %(link)s", link=repo_link), 'repository': repo, 'new': new, 'users': self._get_users(), 'groups': self._get_groups(), 'possible_maintainers': possible_maintainers, 'restrict_modifications': restrict_modifications})
def match_request(self, req): return req.path_info in ['/auth_server_login', '/auth_server_process'] or \ LoginModule.match_request(self, req)
class LoginModuleTestCase(unittest.TestCase): def setUp(self): self.env = EnvironmentStub() self.module = LoginModule(self.env) def tearDown(self): self.env.reset_db() def test_anonymous_access(self): req = Mock(incookie=Cookie(), href=Href('/trac.cgi'), remote_addr='127.0.0.1', remote_user=None, base_path='/trac.cgi') self.assertEqual(None, self.module.authenticate(req)) def test_unknown_cookie_access(self): incookie = Cookie() incookie['trac_auth'] = '123' req = Mock(cgi_location='/trac', href=Href('/trac.cgi'), incookie=incookie, outcookie=Cookie(), remote_addr='127.0.0.1', remote_user=None, base_path='/trac.cgi') self.assertEqual(None, self.module.authenticate(req)) def test_known_cookie_access(self): self.env.db_transaction(""" INSERT INTO auth_cookie (cookie, name, ipnr) VALUES ('123', 'john', '127.0.0.1')""") incookie = Cookie() incookie['trac_auth'] = '123' outcookie = Cookie() req = Mock(incookie=incookie, outcookie=outcookie, href=Href('/trac.cgi'), base_path='/trac.cgi', remote_addr='127.0.0.1', remote_user=None) self.assertEqual('john', self.module.authenticate(req)) self.failIf('auth_cookie' in req.outcookie) def test_known_cookie_ip_check_enabled(self): self.env.config.set('trac', 'check_auth_ip', 'yes') self.env.db_transaction(""" INSERT INTO auth_cookie (cookie, name, ipnr) VALUES ('123', 'john', '127.0.0.1')""") incookie = Cookie() incookie['trac_auth'] = '123' outcookie = Cookie() req = Mock(cgi_location='/trac', href=Href('/trac.cgi'), incookie=incookie, outcookie=outcookie, remote_addr='192.168.0.100', remote_user=None, base_path='/trac.cgi') self.assertEqual(None, self.module.authenticate(req)) self.failIf('trac_auth' not in req.outcookie) def test_known_cookie_ip_check_disabled(self): self.env.config.set('trac', 'check_auth_ip', 'no') self.env.db_transaction(""" INSERT INTO auth_cookie (cookie, name, ipnr) VALUES ('123', 'john', '127.0.0.1')""") incookie = Cookie() incookie['trac_auth'] = '123' outcookie = Cookie() req = Mock(incookie=incookie, outcookie=outcookie, href=Href('/trac.cgi'), base_path='/trac.cgi', remote_addr='192.168.0.100', remote_user=None) self.assertEqual('john', self.module.authenticate(req)) self.failIf('auth_cookie' in req.outcookie) def test_login(self): outcookie = Cookie() # remote_user must be upper case to test that by default, case is # preserved. req = Mock(cgi_location='/trac', href=Href('/trac.cgi'), incookie=Cookie(), outcookie=outcookie, remote_addr='127.0.0.1', remote_user='******', authname='john', base_path='/trac.cgi') self.module._do_login(req) assert outcookie.has_key('trac_auth'), '"trac_auth" Cookie not set' auth_cookie = outcookie['trac_auth'].value self.assertEquals( [('john', '127.0.0.1')], self.env.db_query( "SELECT name, ipnr FROM auth_cookie WHERE cookie=%s", (auth_cookie, ))) def test_login_ignore_case(self): """ Test that login is succesful when the usernames differ in case, but case is ignored. """ self.env.config.set('trac', 'ignore_auth_case', 'yes') outcookie = Cookie() req = Mock(cgi_location='/trac', href=Href('/trac.cgi'), incookie=Cookie(), outcookie=outcookie, remote_addr='127.0.0.1', remote_user='******', authname='anonymous', base_path='/trac.cgi') self.module._do_login(req) assert outcookie.has_key('trac_auth'), '"trac_auth" Cookie not set' auth_cookie = outcookie['trac_auth'].value self.assertEquals( [('john', '127.0.0.1')], self.env.db_query( "SELECT name, ipnr FROM auth_cookie WHERE cookie=%s", (auth_cookie, ))) def test_login_no_username(self): req = Mock(incookie=Cookie(), href=Href('/trac.cgi'), remote_addr='127.0.0.1', remote_user=None, base_path='/trac.cgi') self.assertRaises(TracError, self.module._do_login, req) def test_already_logged_in_same_user(self): self.env.db_transaction(""" INSERT INTO auth_cookie (cookie, name, ipnr) VALUES ('123', 'john', '127.0.0.1')""") incookie = Cookie() incookie['trac_auth'] = '123' req = Mock(incookie=incookie, outcookie=Cookie(), href=Href('/trac.cgi'), base_path='/trac.cgi', remote_addr='127.0.0.1', remote_user='******', authname='john') self.module._do_login(req) # this shouldn't raise an error def test_already_logged_in_different_user(self): self.env.db_transaction(""" INSERT INTO auth_cookie (cookie, name, ipnr) VALUES ('123', 'john', '127.0.0.1')""") incookie = Cookie() incookie['trac_auth'] = '123' req = Mock(incookie=incookie, authname='john', href=Href('/trac.cgi'), base_path='/trac.cgi', remote_addr='127.0.0.1', remote_user='******') self.assertRaises(AssertionError, self.module._do_login, req) def test_logout(self): self.env.db_transaction(""" INSERT INTO auth_cookie (cookie, name, ipnr) VALUES ('123', 'john', '127.0.0.1')""") incookie = Cookie() incookie['trac_auth'] = '123' outcookie = Cookie() req = Mock(cgi_location='/trac', href=Href('/trac.cgi'), incookie=incookie, outcookie=outcookie, remote_addr='127.0.0.1', remote_user=None, authname='john', base_path='/trac.cgi') self.module._do_logout(req) self.failIf('trac_auth' not in outcookie) self.failIf( self.env.db_query( "SELECT name, ipnr FROM auth_cookie WHERE name='john'")) def test_logout_not_logged_in(self): req = Mock(cgi_location='/trac', href=Href('/trac.cgi'), incookie=Cookie(), outcookie=Cookie(), remote_addr='127.0.0.1', remote_user=None, authname='anonymous', base_path='/trac.cgi') self.module._do_logout(req) # this shouldn't raise an error
def _get_name_for_cookie(self, req, cookie): return LoginModule(self.master_env)._get_name_for_cookie(req, cookie)
def match_request(self, req): return re.match("/oauth2callback\??.*", req.path_info) or \ LoginModule.match_request(self, req)