def test_pre_social_login_matched_login(self): """ https://bugzil.la/1063830, happy path A user tries to sign in with GitHub, but their GitHub email matches an existing Persona-backed MDN account. They follow the prompt to login with Persona, and the accounts are connected. """ # Set up a GitHub SocialLogin in the session github_account = SocialAccount.objects.get(user__username='******') github_login = SocialLogin(account=github_account, user=github_account.user) request = self.rf.get('/') session = self.client.session session['sociallogin_provider'] = 'github' session['socialaccount_sociallogin'] = github_login.serialize() session.save() request.session = session # Set up an matching Persona SocialLogin for request persona_account = SocialAccount.objects.create( user=github_account.user, provider='persona', uid=github_account.user.email) persona_login = SocialLogin(account=persona_account) # Verify the social_login receiver over-writes the provider # stored in the session self.adapter.pre_social_login(request, persona_login) session = request.session eq_(session['sociallogin_provider'], 'persona')
def test_pre_social_login_error_for_unmatched_login(self): """ When we suspect the signup form is used as a connection form, abort. https://bugzil.la/1063830 """ # Set up a GitHub SocialLogin in the session github_account = SocialAccount.objects.get(user__username='******') github_login = SocialLogin(account=github_account, user=github_account.user) request = self.rf.get('/') session = self.client.session session['socialaccount_sociallogin'] = github_login.serialize() session.save() request.session = session messages = self.get_messages(request) # Set up an un-matching alternate SocialLogin for request other_account = SocialAccount(user=self.user_model(), provider='other', uid='*****@*****.**') other_login = SocialLogin(account=other_account) self.assertRaises(ImmediateHttpResponse, self.adapter.pre_social_login, request, other_login) queued_messages = list(messages) assert len(queued_messages) == 1 assert queued_messages[0].level == django_messages.ERROR
def test_pre_social_login_matched_login(self): """ When we detected a legacy Persona account, advise recovery of account. A user tries to sign in with GitHub, but their GitHub email matches an existing MDN account backed by Persona. They are prompted to recover the existing account. https://bugzil.la/1063830, happy path """ # Set up a session-only GitHub SocialLogin # These are created at the start of the signup process, and saved on # profile completion. github_account = SocialAccount.objects.get(user__username='******') github_login = SocialLogin(account=github_account, user=github_account.user) # Setup existing Persona SocialLogin for the same email SocialAccount.objects.create(user=github_account.user, provider='persona', uid=github_account.user.email) request = self.rf.get('/') session = self.client.session session['sociallogin_provider'] = 'github' session['socialaccount_sociallogin'] = github_login.serialize() session.save() request.session = session # Verify the social_login receiver over-writes the provider # stored in the session self.adapter.pre_social_login(request, github_login) session = request.session eq_(session['sociallogin_provider'], 'github')
def test_pre_social_login_error_for_unmatched_login(self): """ https://bugzil.la/1063830 """ # Set up a GitHub SocialLogin in the session github_account = SocialAccount.objects.get(user__username='******') github_login = SocialLogin(account=github_account) request = RequestFactory().get('/') session = self.client.session session['socialaccount_sociallogin'] = github_login.serialize() session.save() request.session = session # django 1.4 RequestFactory requests can't be used to test views that # call messages.add (https://code.djangoproject.com/ticket/17971) # FIXME: HACK from http://stackoverflow.com/q/11938164/571420 messages = FallbackStorage(request) request._messages = messages # Set up an un-matching Persona SocialLogin for request persona_account = SocialAccount(user=User(), provider='persona', uid='*****@*****.**') persona_login = SocialLogin(account=persona_account) assert_raises(ImmediateHttpResponse, self.adapter.pre_social_login, request, persona_login) for m in messages: eq_(django_messages.ERROR, m.level)
def test_pre_social_login_banned_user(self): """A banned user is not allowed to login.""" # Set up a GitHub SocialLogin in the session github_account = SocialAccount.objects.get(user__username='******') github_login = SocialLogin(account=github_account, user=github_account.user) request = self.rf.get('/') session = self.client.session session['sociallogin_provider'] = 'github' session['socialaccount_sociallogin'] = github_login.serialize() session.save() request.session = session request.user = AnonymousUser() request.LANGUAGE_CODE = 'en-US' # Ban the user banned_by = User.objects.get(username='******') UserBan.objects.create(user=github_account.user, by=banned_by, reason='Banned by unit test.') with pytest.raises(ImmediateHttpResponse) as e_info: self.adapter.pre_social_login(request, github_login) resp = e_info.value.response assert 'Banned by unit test.' in resp.content assert not resp.has_header('Vary') never_cache = 'no-cache, no-store, must-revalidate, max-age=0' assert resp['Cache-Control'] == never_cache
def test_pre_social_login_error_for_unmatched_login(self): """ When we suspect the signup form is used as a connection form, abort. https://bugzil.la/1063830 """ # Set up a GitHub SocialLogin in the session github_account = SocialAccount.objects.get(user__username='******') github_login = SocialLogin(account=github_account, user=github_account.user) request = self.rf.get('/') session = self.client.session session['socialaccount_sociallogin'] = github_login.serialize() session.save() request.session = session messages = self.get_messages(request) # Set up an un-matching alternate SocialLogin for request other_account = SocialAccount(user=self.user_model(), provider='other', uid='*****@*****.**') other_login = SocialLogin(account=other_account) self.assertRaises(ImmediateHttpResponse, self.adapter.pre_social_login, request, other_login) queued_messages = list(messages) eq_(len(queued_messages), 1) eq_(django_messages.ERROR, queued_messages[0].level)
def test_pre_social_login_matched_login(self): """ https://bugzil.la/1063830, happy path A user tries to sign in with GitHub, but their GitHub email matches an existing Persona-backed MDN account. They follow the prompt to login with Persona, and the accounts are connected. """ # Set up a GitHub SocialLogin in the session github_account = SocialAccount.objects.get(user__username='******') github_login = SocialLogin(account=github_account, user=github_account.user) request = self.rf.get('/') session = self.client.session session['sociallogin_provider'] = 'github' session['socialaccount_sociallogin'] = github_login.serialize() session.save() request.session = session # Set up an matching Persona SocialLogin for request persona_account = SocialAccount.objects.create( user=github_account.user, provider='persona', uid=github_account.user.email) persona_login = SocialLogin(account=persona_account) # Verify the social_login receiver over-writes the provider # stored in the session self.adapter.pre_social_login(request, persona_login) session = request.session eq_(session['sociallogin_provider'], 'persona')
def test_pre_social_login_same_provider(self): """ pre_social_login passes if existing provider is the same. I'm not sure what the real-world counterpart of this is. Logging in with a different GitHub account? Needed for branch coverage. """ # Set up a GitHub SocialLogin in the session github_account = SocialAccount.objects.get(user__username='******') github_login = SocialLogin(account=github_account, user=github_account.user) request = self.rf.get('/') session = self.client.session session['sociallogin_provider'] = 'github' session['socialaccount_sociallogin'] = github_login.serialize() session.save() request.session = session # Set up an un-matching GitHub SocialLogin for request github2_account = SocialAccount(user=self.user_model(), provider='github', uid=github_account.uid + '2') github2_login = SocialLogin(account=github2_account) self.adapter.pre_social_login(request, github2_login) eq_(request.session['sociallogin_provider'], 'github')
def test_pre_social_login_same_provider(self): """ pre_social_login passes if existing provider is the same. I'm not sure what the real-world counterpart of this is. Logging in with a different GitHub account? Needed for branch coverage. """ # Set up a GitHub SocialLogin in the session github_account = SocialAccount.objects.get(user__username='******') github_login = SocialLogin(account=github_account, user=github_account.user) request = self.rf.get('/') session = self.client.session session['sociallogin_provider'] = 'github' session['socialaccount_sociallogin'] = github_login.serialize() session.save() request.session = session # Set up an un-matching GitHub SocialLogin for request github2_account = SocialAccount(user=self.user_model(), provider='github', uid=github_account.uid + '2') github2_login = SocialLogin(account=github2_account) self.adapter.pre_social_login(request, github2_login) eq_(request.session['sociallogin_provider'], 'github')
def test_pre_social_login_error_for_unmatched_login(self): """ https://bugzil.la/1063830 """ # Set up a GitHub SocialLogin in the session github_account = SocialAccount.objects.get(user__username='******') github_login = SocialLogin(account=github_account, user=github_account.user) request = self.rf.get('/') session = self.client.session session['socialaccount_sociallogin'] = github_login.serialize() session.save() request.session = session messages = self.get_messages(request) # Set up an un-matching Persona SocialLogin for request persona_account = SocialAccount(user=self.user_model(), provider='persona', uid='*****@*****.**') persona_login = SocialLogin(account=persona_account) self.assertRaises(ImmediateHttpResponse, self.adapter.pre_social_login, request, persona_login) queued_messages = list(messages) eq_(len(queued_messages), 1) eq_(django_messages.ERROR, queued_messages[0].level)
def test_pre_social_login_error_for_unmatched_login(self): """ https://bugzil.la/1063830 """ # Set up a GitHub SocialLogin in the session github_account = SocialAccount.objects.get(user__username='******') github_login = SocialLogin(account=github_account) request = RequestFactory().get('/') session = self.client.session session['socialaccount_sociallogin'] = github_login.serialize() session.save() request.session = session # django 1.4 RequestFactory requests can't be used to test views that # call messages.add (https://code.djangoproject.com/ticket/17971) # FIXME: HACK from http://stackoverflow.com/q/11938164/571420 messages = FallbackStorage(request) request._messages = messages # Set up an un-matching Persona SocialLogin for request persona_account = SocialAccount(user=User(), provider='persona', uid='*****@*****.**') persona_login = SocialLogin(account=persona_account) assert_raises(ImmediateHttpResponse, self.adapter.pre_social_login, request, persona_login) for m in messages: eq_(django_messages.ERROR, m.level)
def test_pre_social_login_error_for_unmatched_login(self): """ https://bugzil.la/1063830 """ # Set up a GitHub SocialLogin in the session github_account = SocialAccount.objects.get(user__username='******') github_login = SocialLogin(account=github_account) request = self.rf.get('/') session = self.client.session session['socialaccount_sociallogin'] = github_login.serialize() session.save() request.session = session messages = self.get_messages(request) # Set up an un-matching Persona SocialLogin for request persona_account = SocialAccount(user=User(), provider='persona', uid='*****@*****.**') persona_login = SocialLogin(account=persona_account) self.assertRaises(ImmediateHttpResponse, self.adapter.pre_social_login, request, persona_login) queued_messages = list(messages) eq_(len(queued_messages), 1) eq_(django_messages.ERROR, queued_messages[0].level)
def test_pre_social_login_banned_user(self): """A banned user is not allowed to login.""" # Set up a GitHub SocialLogin in the session github_account = SocialAccount.objects.get(user__username="******") github_login = SocialLogin(account=github_account, user=github_account.user) request = self.rf.get("/") session = self.client.session session["sociallogin_provider"] = "github" session["socialaccount_sociallogin"] = github_login.serialize() session.save() request.session = session request.user = AnonymousUser() request.LANGUAGE_CODE = "en-US" # Ban the user banned_by = User.objects.get(username="******") UserBan.objects.create(user=github_account.user, by=banned_by, reason="Banned by unit test.") with pytest.raises(ImmediateHttpResponse) as e_info: self.adapter.pre_social_login(request, github_login) resp = e_info.value.response assert b"Banned by unit test." in resp.content assert not resp.has_header("Vary") never_cache = ["no-cache", "no-store", "must-revalidate", "max-age=0"] assert set(resp["Cache-Control"].split(", ")) == set(never_cache)
def test_pre_social_login_matched_google_login(self): """ When we detected a legacy Persona account, advise recovery of account. A user tries to sign in with Google, but their Google email matches an existing MDN account backed by Persona. They are prompted to recover the existing account. Same as above, but with Google instead of GitHub """ # Set up a session-only Google SocialLogin # These are created at the start of the signup process, and saved on # profile completion. google_account = SocialAccount.objects.get(user__username="******") google_login = SocialLogin(account=google_account, user=google_account.user) # Setup existing Persona SocialLogin for the same email SocialAccount.objects.create(user=google_account.user, provider="persona", uid=google_account.user.email) request = self.rf.get("/") session = self.client.session session["sociallogin_provider"] = "google" session["socialaccount_sociallogin"] = google_login.serialize() session.save() request.session = session # Verify the social_login receiver over-writes the provider # stored in the session self.adapter.pre_social_login(request, google_login) session = request.session assert "google" == session["sociallogin_provider"]
def test_pre_social_login_matched_login(self): """ When we detected a legacy Persona account, advise recovery of account. A user tries to sign in with GitHub, but their GitHub email matches an existing MDN account backed by Persona. They are prompted to recover the existing account. https://bugzil.la/1063830, happy path """ # Set up a session-only GitHub SocialLogin # These are created at the start of the signup process, and saved on # profile completion. github_account = SocialAccount.objects.get(user__username='******') github_login = SocialLogin(account=github_account, user=github_account.user) # Setup existing Persona SocialLogin for the same email SocialAccount.objects.create( user=github_account.user, provider='persona', uid=github_account.user.email) request = self.rf.get('/') session = self.client.session session['sociallogin_provider'] = 'github' session['socialaccount_sociallogin'] = github_login.serialize() session.save() request.session = session # Verify the social_login receiver over-writes the provider # stored in the session self.adapter.pre_social_login(request, github_login) session = request.session eq_(session['sociallogin_provider'], 'github')
def test_pre_social_login_banned_user(self): """A banned user is not allowed to login.""" # Set up a GitHub SocialLogin in the session github_account = SocialAccount.objects.get(user__username='******') github_login = SocialLogin(account=github_account, user=github_account.user) request = self.rf.get('/') session = self.client.session session['sociallogin_provider'] = 'github' session['socialaccount_sociallogin'] = github_login.serialize() session.save() request.session = session request.user = AnonymousUser() request.LANGUAGE_CODE = 'en-US' # Ban the user banned_by = User.objects.get(username='******') UserBan.objects.create(user=github_account.user, by=banned_by, reason='Banned by unit test.') with pytest.raises(ImmediateHttpResponse) as e_info: self.adapter.pre_social_login(request, github_login) resp = e_info.value.response assert 'Banned by unit test.' in resp.content assert not resp.has_header('Vary') never_cache = 'no-cache, no-store, must-revalidate, max-age=0' assert resp['Cache-Control'] == never_cache
def sociallogin(client, user_model): account = SocialAccount(provider="google") sociallogin = SocialLogin( account=account, user=user_model(), ) session = client.session session["socialaccount_sociallogin"] = sociallogin.serialize() session.save() return sociallogin
def test_social_account_taken_at_signup(self): session = self.client.session TUser = get_user_model() sociallogin = SocialLogin( user=TUser(email=os.environ.get('VK_LOGIN')), account=SocialAccount( provider='vk' ), ) session['socialaccount_sociallogin'] = sociallogin.serialize() session.save() resp = self.client.get(reverse('socialaccount_signup')) form = resp.context['form'] self.assertEqual(form['email'].value(), os.environ.get('VK_LOGIN')) resp = self.client.post( reverse('socialaccount_signup'), data={'username': os.environ.get('VK_UID'), 'email': os.environ.get('VK_LOGIN')}, follow=True) self.assertRedirects(resp, '/', status_code=302, target_status_code=200, fetch_redirect_response=True) self.assertEqual(User.objects.count(), 1) self.assertEqual(SocialAccount.objects.count(), 1)