def test_pre_social_login_matched_login(self):
"""
https://bugzil.la/1063830, happy path
A user tries to sign in with GitHub, but their GitHub email matches
an existing Persona-backed MDN account. They follow the prompt to login
with Persona, and the accounts are connected.
"""
# Set up a GitHub SocialLogin in the session
github_account = SocialAccount.objects.get(user__username='******')
github_login = SocialLogin(account=github_account,
user=github_account.user)
request = self.rf.get('/')
session = self.client.session
session['sociallogin_provider'] = 'github'
session['socialaccount_sociallogin'] = github_login.serialize()
session.save()
request.session = session
# Set up an matching Persona SocialLogin for request
persona_account = SocialAccount.objects.create(
user=github_account.user,
provider='persona',
uid=github_account.user.email)
persona_login = SocialLogin(account=persona_account)
# Verify the social_login receiver over-writes the provider
# stored in the session
self.adapter.pre_social_login(request, persona_login)
session = request.session
eq_(session['sociallogin_provider'], 'persona')
def test_pre_social_login_error_for_unmatched_login(self):
"""
When we suspect the signup form is used as a connection form, abort.
https://bugzil.la/1063830
"""
# Set up a GitHub SocialLogin in the session
github_account = SocialAccount.objects.get(user__username='******')
github_login = SocialLogin(account=github_account,
user=github_account.user)
request = self.rf.get('/')
session = self.client.session
session['socialaccount_sociallogin'] = github_login.serialize()
session.save()
request.session = session
messages = self.get_messages(request)
# Set up an un-matching alternate SocialLogin for request
other_account = SocialAccount(user=self.user_model(),
provider='other',
uid='*****@*****.**')
other_login = SocialLogin(account=other_account)
self.assertRaises(ImmediateHttpResponse,
self.adapter.pre_social_login, request, other_login)
queued_messages = list(messages)
assert len(queued_messages) == 1
assert queued_messages[0].level == django_messages.ERROR
def test_pre_social_login_matched_login(self):
"""
When we detected a legacy Persona account, advise recovery of account.
A user tries to sign in with GitHub, but their GitHub email matches
an existing MDN account backed by Persona. They are prompted to
recover the existing account.
https://bugzil.la/1063830, happy path
"""
# Set up a session-only GitHub SocialLogin
# These are created at the start of the signup process, and saved on
# profile completion.
github_account = SocialAccount.objects.get(user__username='******')
github_login = SocialLogin(account=github_account,
user=github_account.user)
# Setup existing Persona SocialLogin for the same email
SocialAccount.objects.create(user=github_account.user,
provider='persona',
uid=github_account.user.email)
request = self.rf.get('/')
session = self.client.session
session['sociallogin_provider'] = 'github'
session['socialaccount_sociallogin'] = github_login.serialize()
session.save()
request.session = session
# Verify the social_login receiver over-writes the provider
# stored in the session
self.adapter.pre_social_login(request, github_login)
session = request.session
eq_(session['sociallogin_provider'], 'github')
def test_pre_social_login_error_for_unmatched_login(self):
""" https://bugzil.la/1063830 """
# Set up a GitHub SocialLogin in the session
github_account = SocialAccount.objects.get(user__username='******')
github_login = SocialLogin(account=github_account)
request = RequestFactory().get('/')
session = self.client.session
session['socialaccount_sociallogin'] = github_login.serialize()
session.save()
request.session = session
# django 1.4 RequestFactory requests can't be used to test views that
# call messages.add (https://code.djangoproject.com/ticket/17971)
# FIXME: HACK from http://stackoverflow.com/q/11938164/571420
messages = FallbackStorage(request)
request._messages = messages
# Set up an un-matching Persona SocialLogin for request
persona_account = SocialAccount(user=User(),
provider='persona',
uid='*****@*****.**')
persona_login = SocialLogin(account=persona_account)
assert_raises(ImmediateHttpResponse, self.adapter.pre_social_login,
request, persona_login)
for m in messages:
eq_(django_messages.ERROR, m.level)
def test_pre_social_login_banned_user(self):
"""A banned user is not allowed to login."""
# Set up a GitHub SocialLogin in the session
github_account = SocialAccount.objects.get(user__username='******')
github_login = SocialLogin(account=github_account,
user=github_account.user)
request = self.rf.get('/')
session = self.client.session
session['sociallogin_provider'] = 'github'
session['socialaccount_sociallogin'] = github_login.serialize()
session.save()
request.session = session
request.user = AnonymousUser()
request.LANGUAGE_CODE = 'en-US'
# Ban the user
banned_by = User.objects.get(username='******')
UserBan.objects.create(user=github_account.user,
by=banned_by,
reason='Banned by unit test.')
with pytest.raises(ImmediateHttpResponse) as e_info:
self.adapter.pre_social_login(request, github_login)
resp = e_info.value.response
assert 'Banned by unit test.' in resp.content
assert not resp.has_header('Vary')
never_cache = 'no-cache, no-store, must-revalidate, max-age=0'
assert resp['Cache-Control'] == never_cache
def test_pre_social_login_error_for_unmatched_login(self):
"""
When we suspect the signup form is used as a connection form, abort.
https://bugzil.la/1063830
"""
# Set up a GitHub SocialLogin in the session
github_account = SocialAccount.objects.get(user__username='******')
github_login = SocialLogin(account=github_account,
user=github_account.user)
request = self.rf.get('/')
session = self.client.session
session['socialaccount_sociallogin'] = github_login.serialize()
session.save()
request.session = session
messages = self.get_messages(request)
# Set up an un-matching alternate SocialLogin for request
other_account = SocialAccount(user=self.user_model(),
provider='other',
uid='*****@*****.**')
other_login = SocialLogin(account=other_account)
self.assertRaises(ImmediateHttpResponse, self.adapter.pre_social_login,
request, other_login)
queued_messages = list(messages)
eq_(len(queued_messages), 1)
eq_(django_messages.ERROR, queued_messages[0].level)
def test_pre_social_login_matched_login(self):
"""
https://bugzil.la/1063830, happy path
A user tries to sign in with GitHub, but their GitHub email matches
an existing Persona-backed MDN account. They follow the prompt to login
with Persona, and the accounts are connected.
"""
# Set up a GitHub SocialLogin in the session
github_account = SocialAccount.objects.get(user__username='******')
github_login = SocialLogin(account=github_account,
user=github_account.user)
request = self.rf.get('/')
session = self.client.session
session['sociallogin_provider'] = 'github'
session['socialaccount_sociallogin'] = github_login.serialize()
session.save()
request.session = session
# Set up an matching Persona SocialLogin for request
persona_account = SocialAccount.objects.create(
user=github_account.user,
provider='persona',
uid=github_account.user.email)
persona_login = SocialLogin(account=persona_account)
# Verify the social_login receiver over-writes the provider
# stored in the session
self.adapter.pre_social_login(request, persona_login)
session = request.session
eq_(session['sociallogin_provider'], 'persona')
def test_pre_social_login_same_provider(self):
"""
pre_social_login passes if existing provider is the same.
I'm not sure what the real-world counterpart of this is. Logging
in with a different GitHub account? Needed for branch coverage.
"""
# Set up a GitHub SocialLogin in the session
github_account = SocialAccount.objects.get(user__username='******')
github_login = SocialLogin(account=github_account,
user=github_account.user)
request = self.rf.get('/')
session = self.client.session
session['sociallogin_provider'] = 'github'
session['socialaccount_sociallogin'] = github_login.serialize()
session.save()
request.session = session
# Set up an un-matching GitHub SocialLogin for request
github2_account = SocialAccount(user=self.user_model(),
provider='github',
uid=github_account.uid + '2')
github2_login = SocialLogin(account=github2_account)
self.adapter.pre_social_login(request, github2_login)
eq_(request.session['sociallogin_provider'], 'github')
def test_pre_social_login_same_provider(self):
"""
pre_social_login passes if existing provider is the same.
I'm not sure what the real-world counterpart of this is. Logging
in with a different GitHub account? Needed for branch coverage.
"""
# Set up a GitHub SocialLogin in the session
github_account = SocialAccount.objects.get(user__username='******')
github_login = SocialLogin(account=github_account,
user=github_account.user)
request = self.rf.get('/')
session = self.client.session
session['sociallogin_provider'] = 'github'
session['socialaccount_sociallogin'] = github_login.serialize()
session.save()
request.session = session
# Set up an un-matching GitHub SocialLogin for request
github2_account = SocialAccount(user=self.user_model(),
provider='github',
uid=github_account.uid + '2')
github2_login = SocialLogin(account=github2_account)
self.adapter.pre_social_login(request, github2_login)
eq_(request.session['sociallogin_provider'], 'github')
def test_pre_social_login_error_for_unmatched_login(self):
""" https://bugzil.la/1063830 """
# Set up a GitHub SocialLogin in the session
github_account = SocialAccount.objects.get(user__username='******')
github_login = SocialLogin(account=github_account,
user=github_account.user)
request = self.rf.get('/')
session = self.client.session
session['socialaccount_sociallogin'] = github_login.serialize()
session.save()
request.session = session
messages = self.get_messages(request)
# Set up an un-matching Persona SocialLogin for request
persona_account = SocialAccount(user=self.user_model(),
provider='persona',
uid='*****@*****.**')
persona_login = SocialLogin(account=persona_account)
self.assertRaises(ImmediateHttpResponse,
self.adapter.pre_social_login, request, persona_login)
queued_messages = list(messages)
eq_(len(queued_messages), 1)
eq_(django_messages.ERROR, queued_messages[0].level)
def test_pre_social_login_error_for_unmatched_login(self):
""" https://bugzil.la/1063830 """
# Set up a GitHub SocialLogin in the session
github_account = SocialAccount.objects.get(user__username='******')
github_login = SocialLogin(account=github_account)
request = RequestFactory().get('/')
session = self.client.session
session['socialaccount_sociallogin'] = github_login.serialize()
session.save()
request.session = session
# django 1.4 RequestFactory requests can't be used to test views that
# call messages.add (https://code.djangoproject.com/ticket/17971)
# FIXME: HACK from http://stackoverflow.com/q/11938164/571420
messages = FallbackStorage(request)
request._messages = messages
# Set up an un-matching Persona SocialLogin for request
persona_account = SocialAccount(user=User(), provider='persona',
uid='*****@*****.**')
persona_login = SocialLogin(account=persona_account)
assert_raises(ImmediateHttpResponse,
self.adapter.pre_social_login, request, persona_login)
for m in messages:
eq_(django_messages.ERROR, m.level)
def test_pre_social_login_error_for_unmatched_login(self):
""" https://bugzil.la/1063830 """
# Set up a GitHub SocialLogin in the session
github_account = SocialAccount.objects.get(user__username='******')
github_login = SocialLogin(account=github_account)
request = self.rf.get('/')
session = self.client.session
session['socialaccount_sociallogin'] = github_login.serialize()
session.save()
request.session = session
messages = self.get_messages(request)
# Set up an un-matching Persona SocialLogin for request
persona_account = SocialAccount(user=User(),
provider='persona',
uid='*****@*****.**')
persona_login = SocialLogin(account=persona_account)
self.assertRaises(ImmediateHttpResponse, self.adapter.pre_social_login,
request, persona_login)
queued_messages = list(messages)
eq_(len(queued_messages), 1)
eq_(django_messages.ERROR, queued_messages[0].level)
def test_pre_social_login_banned_user(self):
"""A banned user is not allowed to login."""
# Set up a GitHub SocialLogin in the session
github_account = SocialAccount.objects.get(user__username="******")
github_login = SocialLogin(account=github_account,
user=github_account.user)
request = self.rf.get("/")
session = self.client.session
session["sociallogin_provider"] = "github"
session["socialaccount_sociallogin"] = github_login.serialize()
session.save()
request.session = session
request.user = AnonymousUser()
request.LANGUAGE_CODE = "en-US"
# Ban the user
banned_by = User.objects.get(username="******")
UserBan.objects.create(user=github_account.user,
by=banned_by,
reason="Banned by unit test.")
with pytest.raises(ImmediateHttpResponse) as e_info:
self.adapter.pre_social_login(request, github_login)
resp = e_info.value.response
assert b"Banned by unit test." in resp.content
assert not resp.has_header("Vary")
never_cache = ["no-cache", "no-store", "must-revalidate", "max-age=0"]
assert set(resp["Cache-Control"].split(", ")) == set(never_cache)
def test_pre_social_login_matched_google_login(self):
"""
When we detected a legacy Persona account, advise recovery of account.
A user tries to sign in with Google, but their Google email matches
an existing MDN account backed by Persona. They are prompted to
recover the existing account.
Same as above, but with Google instead of GitHub
"""
# Set up a session-only Google SocialLogin
# These are created at the start of the signup process, and saved on
# profile completion.
google_account = SocialAccount.objects.get(user__username="******")
google_login = SocialLogin(account=google_account,
user=google_account.user)
# Setup existing Persona SocialLogin for the same email
SocialAccount.objects.create(user=google_account.user,
provider="persona",
uid=google_account.user.email)
request = self.rf.get("/")
session = self.client.session
session["sociallogin_provider"] = "google"
session["socialaccount_sociallogin"] = google_login.serialize()
session.save()
request.session = session
# Verify the social_login receiver over-writes the provider
# stored in the session
self.adapter.pre_social_login(request, google_login)
session = request.session
assert "google" == session["sociallogin_provider"]
def test_pre_social_login_matched_login(self):
"""
When we detected a legacy Persona account, advise recovery of account.
A user tries to sign in with GitHub, but their GitHub email matches
an existing MDN account backed by Persona. They are prompted to
recover the existing account.
https://bugzil.la/1063830, happy path
"""
# Set up a session-only GitHub SocialLogin
# These are created at the start of the signup process, and saved on
# profile completion.
github_account = SocialAccount.objects.get(user__username='******')
github_login = SocialLogin(account=github_account,
user=github_account.user)
# Setup existing Persona SocialLogin for the same email
SocialAccount.objects.create(
user=github_account.user,
provider='persona',
uid=github_account.user.email)
request = self.rf.get('/')
session = self.client.session
session['sociallogin_provider'] = 'github'
session['socialaccount_sociallogin'] = github_login.serialize()
session.save()
request.session = session
# Verify the social_login receiver over-writes the provider
# stored in the session
self.adapter.pre_social_login(request, github_login)
session = request.session
eq_(session['sociallogin_provider'], 'github')
def test_pre_social_login_banned_user(self):
"""A banned user is not allowed to login."""
# Set up a GitHub SocialLogin in the session
github_account = SocialAccount.objects.get(user__username='******')
github_login = SocialLogin(account=github_account,
user=github_account.user)
request = self.rf.get('/')
session = self.client.session
session['sociallogin_provider'] = 'github'
session['socialaccount_sociallogin'] = github_login.serialize()
session.save()
request.session = session
request.user = AnonymousUser()
request.LANGUAGE_CODE = 'en-US'
# Ban the user
banned_by = User.objects.get(username='******')
UserBan.objects.create(user=github_account.user, by=banned_by,
reason='Banned by unit test.')
with pytest.raises(ImmediateHttpResponse) as e_info:
self.adapter.pre_social_login(request, github_login)
resp = e_info.value.response
assert 'Banned by unit test.' in resp.content
assert not resp.has_header('Vary')
never_cache = 'no-cache, no-store, must-revalidate, max-age=0'
assert resp['Cache-Control'] == never_cache
def sociallogin(client, user_model):
account = SocialAccount(provider="google")
sociallogin = SocialLogin(
account=account,
user=user_model(),
)
session = client.session
session["socialaccount_sociallogin"] = sociallogin.serialize()
session.save()
return sociallogin
def test_social_account_taken_at_signup(self):
session = self.client.session
TUser = get_user_model()
sociallogin = SocialLogin(
user=TUser(email=os.environ.get('VK_LOGIN')),
account=SocialAccount(
provider='vk'
),
)
session['socialaccount_sociallogin'] = sociallogin.serialize()
session.save()
resp = self.client.get(reverse('socialaccount_signup'))
form = resp.context['form']
self.assertEqual(form['email'].value(), os.environ.get('VK_LOGIN'))
resp = self.client.post(
reverse('socialaccount_signup'),
data={'username': os.environ.get('VK_UID'),
'email': os.environ.get('VK_LOGIN')}, follow=True)
self.assertRedirects(resp, '/', status_code=302,
target_status_code=200,
fetch_redirect_response=True)
self.assertEqual(User.objects.count(), 1)
self.assertEqual(SocialAccount.objects.count(), 1)
