def test_migrate_to_external_account(self):
assert_equal(ExternalAccount.find().count(), 0)
user_settings_document = self.unlinked_user_settings[0]
external_account, user, new = migration.migrate_to_external_account(
user_settings_document)
assert_true(new)
assert_equal(ExternalAccount.find().count(), 1)
assert_is_not_none(external_account)
assert_equal(user_settings_document['owner'], user._id)
assert_equal(external_account.provider, 's3')
assert_equal(external_account.provider_name, 'Amazon S3')
assert_equal(external_account.oauth_key,
user_settings_document['access_key'])
assert_is_not_none(external_account.display_name)
def test_migrate_to_external_account(self):
assert_equal(ExternalAccount.find().count(), 0)
user_settings_document = self.unlinked_user_settings[0]
external_account, user, new = migration.migrate_to_external_account(user_settings_document)
assert_true(new)
assert_equal(ExternalAccount.find().count(), 1)
assert_is_not_none(external_account)
assert_equal(user_settings_document['owner'], user._id)
assert_equal(external_account.provider, 's3')
assert_equal(external_account.provider_name, 'Amazon S3')
assert_equal(
external_account.oauth_key,
user_settings_document['access_key']
)
assert_is_not_none(external_account.display_name)
def get_targets(delta, addon_short_name):
# NOTE: expires_at is the access_token's expiration date,
# NOT the refresh token's
return ExternalAccount.find(
Q('expires_at', 'lt', datetime.datetime.utcnow() - delta) &
Q('provider', 'eq', addon_short_name)
)
def get_targets(delta, addon_short_name):
# NOTE: expires_at is the access_token's expiration date,
# NOT the refresh token's
return ExternalAccount.find(
Q('date_last_refreshed', 'lt',
datetime.datetime.utcnow() - delta)
& Q('provider', 'eq', addon_short_name))
def get_targets(delta):
# NOTE: expires_at is the access_token's expiration date,
# NOT the refresh token's
return ExternalAccount.find(
Q('expires_at', 'lt', datetime.datetime.utcnow() - delta) &
Q('provider', 'eq', 'box')
)
def migrate_to_external_account(user_settings_document):
if not user_settings_document.get('access_token'):
return (None, None, None)
new = False
user = User.load(user_settings_document['owner'])
try:
external_account = ExternalAccount.find(
Q('provider_id', 'eq', user_settings_document['dropbox_id']))[0]
logger.info(
'Duplicate account use found: User {0} with dropbox_id {1}'.format(
user.username, user_settings_document['dropbox_id']))
except IndexError:
new = True
external_account = ExternalAccount(
provider=PROVIDER,
provider_name=PROVIDER_NAME,
provider_id=user_settings_document['dropbox_id'],
oauth_key=user_settings_document['access_token'],
display_name=user_settings_document['dropbox_info'].get(
'display_name', None) if user_settings_document.get(
'dropbox_info', None) else None,
)
external_account.save() # generate pk for external accountc
user.external_accounts.append(external_account)
user.save()
return external_account, user, new
def test_multiple_users_associated(self):
# Create only one ExternalAccount for multiple OSF users
#
# For some providers (ex: GitHub), the act of completing the OAuth flow
# revokes previously generated credentials. In addition, there is often no
# way to know the user's id on the external service until after the flow
# has completed.
#
# Having only one ExternalAccount instance per account on the external
# service means that connecting subsequent OSF users to the same external
# account will not invalidate the credentials used by the OSF for users
# already associated.
user_a = UserFactory()
external_account = ExternalAccountFactory(
provider='mock2',
provider_id='mock_provider_id',
provider_name='Mock Provider',
)
user_a.external_accounts.append(external_account)
user_a.save()
user_b = UserFactory()
# Mock the exchange of the code for an access token
_prepare_mock_oauth2_handshake_response()
# Fake a request context for the callback
with self.app.app.test_request_context(
path="/oauth/callback/mock2/",
query_string="code=mock_code&state=mock_state"
) as ctx:
# make sure the user is logged in
authenticate(user=user_b, access_token=None, response=None)
session = get_session()
session.data['oauth_states'] = {
self.provider.short_name: {
'state': 'mock_state',
},
}
session.save()
# do the key exchange
self.provider.auth_callback(user=user_b)
user_a.reload()
user_b.reload()
external_account.reload()
assert_equal(
user_a.external_accounts,
user_b.external_accounts,
)
assert_equal(
ExternalAccount.find().count(),
1
)
def test_multiple_users_associated(self):
# Create only one ExternalAccount for multiple OSF users
#
# For some providers (ex: GitHub), the act of completing the OAuth flow
# revokes previously generated credentials. In addition, there is often no
# way to know the user's id on the external service until after the flow
# has completed.
#
# Having only one ExternalAccount instance per account on the external
# service means that connecting subsequent OSF users to the same external
# account will not invalidate the credentials used by the OSF for users
# already associated.
user_a = UserFactory()
external_account = ExternalAccountFactory(
provider='mock2',
provider_id='mock_provider_id',
provider_name='Mock Provider',
)
user_a.external_accounts.append(external_account)
user_a.save()
user_b = UserFactory()
# Mock the exchange of the code for an access token
_prepare_mock_oauth2_handshake_response()
# Fake a request context for the callback
with self.app.app.test_request_context(
path="/oauth/callback/mock2/",
query_string="code=mock_code&state=mock_state"
) as ctx:
# make sure the user is logged in
authenticate(user=user_b, access_token=None, response=None)
session.data['oauth_states'] = {
self.provider.short_name: {
'state': 'mock_state',
},
}
session.save()
# do the key exchange
self.provider.auth_callback(user=user_b)
user_a.reload()
user_b.reload()
external_account.reload()
assert_equal(
user_a.external_accounts,
user_b.external_accounts,
)
assert_equal(
ExternalAccount.find().count(),
1
)
def test_disconnect(self):
# Disconnect an external account from a user
external_account = ExternalAccountFactory(
provider='mock2',
provider_id='mock_provider_id',
provider_name='Mock Provider',
)
self.user.external_accounts.append(external_account)
self.user.save()
# If the external account isn't attached, this test has no meaning
assert_equal(ExternalAccount.find().count(), 1)
assert_in(
external_account,
self.user.external_accounts,
)
response = self.app.delete(
api_url_for('oauth_disconnect',
external_account_id=external_account._id),
auth=self.user.auth
)
# Request succeeded
assert_equal(
response.status_code,
http.OK,
)
self.user.reload()
# external_account.reload()
# External account has been disassociated with the user
assert_not_in(
external_account,
self.user.external_accounts,
)
# External account is still in the database
assert_equal(ExternalAccount.find().count(), 1)
def test_disconnect(self):
# Disconnect an external account from a user
external_account = ExternalAccountFactory(
provider='mock2',
provider_id='mock_provider_id',
provider_name='Mock Provider',
)
self.user.external_accounts.append(external_account)
self.user.save()
# If the external account isn't attached, this test has no meaning
assert_equal(ExternalAccount.find().count(), 1)
assert_in(
external_account,
self.user.external_accounts,
)
response = self.app.delete(
api_url_for('oauth_disconnect',
external_account_id=external_account._id),
auth=self.user.auth
)
# Request succeeded
assert_equal(
response.status_code,
http.OK,
)
self.user.reload()
# external_account.reload()
# External account has been disassociated with the user
assert_not_in(
external_account,
self.user.external_accounts,
)
# External account is still in the database
assert_equal(ExternalAccount.find().count(), 1)
def test_disconnect_with_multiple_connected(self):
# Disconnect an account connected to multiple users from one user
external_account = ExternalAccountFactory(
provider='mock2',
provider_id='mock_provider_id',
provider_name='Mock Provider',
)
self.user.external_accounts.append(external_account)
self.user.save()
other_user = UserFactory()
other_user.external_accounts.append(external_account)
other_user.save()
response = self.app.delete(
api_url_for('oauth_disconnect',
external_account_id=external_account._id),
auth=self.user.auth
)
# Request succeeded
assert_equal(
response.status_code,
http.OK,
)
self.user.reload()
# External account has been disassociated with the user
assert_not_in(
external_account,
self.user.external_accounts,
)
# External account is still in the database
assert_equal(ExternalAccount.find().count(), 1)
other_user.reload()
# External account is still associated with the other user
assert_in(
external_account,
other_user.external_accounts,
)
def migrate_to_external_account(user_settings_document,
oauth_settings_document):
if not oauth_settings_document.get('oauth_access_token'):
return (None, None, None)
try:
user_info = GitHubClient(
access_token=oauth_settings_document['oauth_access_token']).user()
except (GitHubError, ApiError):
user_id = oauth_settings_document['github_user_id']
profile_url = None
display_name = oauth_settings_document['github_user_name']
else:
user_id = user_info.id
profile_url = user_info.html_url
display_name = user_info.login
new = False
user = User.load(user_settings_document['owner'])
try:
external_account = ExternalAccount.find(Q('provider_id', 'eq',
user_id))[0]
logger.info(
'Duplicate account use found: User {0} with github_user_id {1}'.
format(user.username, user_id))
except IndexError:
new = True
external_account = ExternalAccount(
provider=PROVIDER,
provider_name=PROVIDER_NAME,
provider_id=user_id,
profile_url=profile_url,
oauth_key=oauth_settings_document['oauth_access_token'],
display_name=display_name,
)
external_account.save()
if not profile_url:
invalid_oauth_creds[external_account._id] = (
user_settings_document['_id'], oauth_settings_document['_id'])
logger.info(
"Created ExternalAccount<_id:{0}> with invalid oauth credentials."
.format(external_account._id))
user.external_accounts.append(external_account)
user.save()
return external_account, user, new
def test_disconnect_with_multiple_connected(self):
# Disconnect an account connected to multiple users from one user
external_account = ExternalAccountFactory(
provider='mock2',
provider_id='mock_provider_id',
provider_name='Mock Provider',
)
self.user.external_accounts.append(external_account)
self.user.save()
other_user = UserFactory()
other_user.external_accounts.append(external_account)
other_user.save()
response = self.app.delete(
api_url_for('oauth_disconnect',
external_account_id=external_account._id),
auth=self.user.auth
)
# Request succeeded
assert_equal(
response.status_code,
http.OK,
)
self.user.reload()
# External account has been disassociated with the user
assert_not_in(
external_account,
self.user.external_accounts,
)
# External account is still in the database
assert_equal(ExternalAccount.find().count(), 1)
other_user.reload()
# External account is still associated with the other user
assert_in(
external_account,
other_user.external_accounts,
)
def migrate_to_external_account(user_settings_document):
if not user_settings_document.get('access_token'):
return (None, None, None)
new = False
user = User.load(user_settings_document['owner'])
try:
external_account = ExternalAccount.find(Q('provider_id', 'eq', user_settings_document['dropbox_id']))[0]
logger.info('Duplicate account use found: User {0} with dropbox_id {1}'.format(user.username, user_settings_document['dropbox_id']))
except IndexError:
new = True
external_account = ExternalAccount(
provider=PROVIDER,
provider_name=PROVIDER_NAME,
provider_id=user_settings_document['dropbox_id'],
oauth_key=user_settings_document['access_token'],
display_name=user_settings_document['dropbox_info'].get('display_name', None) if user_settings_document.get('dropbox_info', None) else None,
)
external_account.save() # generate pk for external accountc
user.external_accounts.append(external_account)
user.save()
return external_account, user, new
def migrate_to_external_account(user_settings_document, oauth_settings_document):
if not oauth_settings_document.get('oauth_access_token'):
return (None, None, None)
try:
user_info = GitHubClient(access_token=oauth_settings_document['oauth_access_token']).user()
except (GitHubError, ApiError):
user_id = oauth_settings_document['github_user_id']
profile_url = None
display_name = oauth_settings_document['github_user_name']
else:
user_id = user_info.id
profile_url = user_info.html_url
display_name = user_info.login
new = False
user = User.load(user_settings_document['owner'])
try:
external_account = ExternalAccount.find(Q('provider_id', 'eq', user_id))[0]
logger.info('Duplicate account use found: User {0} with github_user_id {1}'.format(user.username, user_id))
except IndexError:
new = True
external_account = ExternalAccount(
provider=PROVIDER,
provider_name=PROVIDER_NAME,
provider_id=user_id,
profile_url=profile_url,
oauth_key=oauth_settings_document['oauth_access_token'],
display_name=display_name,
)
external_account.save()
if not profile_url:
invalid_oauth_creds[external_account._id] = (user_settings_document['_id'], oauth_settings_document['_id'])
logger.info("Created ExternalAccount<_id:{0}> with invalid oauth credentials.".format(
external_account._id
))
user.external_accounts.append(external_account)
user.save()
return external_account, user, new
def get_targets():
return ExternalAccount.find(
Q("provider", "eq", "dataverse") & (Q("display_name", "eq", OLD_HOST) | Q("oauth_key", "eq", OLD_HOST))
)
def get_targets():
return ExternalAccount.find(
Q('provider', 'eq', 'dataverse')
& (Q('display_name', 'eq', OLD_HOST) | Q('oauth_key', 'eq', OLD_HOST)))
