def test_ssl_cms_redirection(self): """ Auto signup auth user and ensure they return to the original url they visited after being logged in. """ course = CourseFactory.create(org='MITx', number='999', display_name='Robot Super Course') with self._create_ssl_request('/') as request: external_auth_views.ssl_login(request) user = User.objects.get(email=self.USER_EMAIL) CourseEnrollment.enroll(user, course.id) CourseStaffRole(course.id).add_users(user) course_private_url = reverse('course_handler', args=(text_type(course.id), )) self.assertNotIn(SESSION_KEY, self.client.session) response = self.client.get(course_private_url, follow=True, SSL_CLIENT_S_DN=self.AUTH_DN.format( self.USER_NAME, self.USER_EMAIL), HTTP_ACCEPT='text/html') self.assertEqual((course_private_url, 302), response.redirect_chain[-1]) self.assertIn(SESSION_KEY, self.client.session)
def test_ssl_cms_redirection(self): """ Auto signup auth user and ensure they return to the original url they visited after being logged in. """ course = CourseFactory.create( org='MITx', number='999', display_name='Robot Super Course' ) with self._create_ssl_request('/') as request: external_auth_views.ssl_login(request) user = User.objects.get(email=self.USER_EMAIL) CourseEnrollment.enroll(user, course.id) CourseStaffRole(course.id).add_users(user) course_private_url = reverse('course_handler', args=(unicode(course.id),)) self.assertNotIn(SESSION_KEY, self.client.session) response = self.client.get( course_private_url, follow=True, SSL_CLIENT_S_DN=self.AUTH_DN.format(self.USER_NAME, self.USER_EMAIL), HTTP_ACCEPT='text/html' ) self.assertEqual((course_private_url, 302), response.redirect_chain[-1]) self.assertIn(SESSION_KEY, self.client.session)
def test_ssl_lms_redirection(self): """ Auto signup auth user and ensure they return to the original url they visited after being logged in. """ course = CourseFactory.create(org='MITx', number='999', display_name='Robot Super Course') with self._create_ssl_request('/') as request: external_auth_views.ssl_login(request) user = User.objects.get(email=self.USER_EMAIL) CourseEnrollment.enroll(user, course.id) course_private_url = '/courses/MITx/999/Robot_Super_Course/courseware' self.assertNotIn(SESSION_KEY, self.client.session) response = self.client.get(course_private_url, follow=True, SSL_CLIENT_S_DN=self.AUTH_DN.format( self.USER_NAME, self.USER_EMAIL), HTTP_ACCEPT='text/html') self.assertEqual( ('http://testserver{0}'.format(course_private_url), 302), response.redirect_chain[-1]) self.assertIn(SESSION_KEY, self.client.session)
def test_ssl_lms_redirection(self): """ Auto signup auth user and ensure they return to the original url they visited after being logged in. """ course = CourseFactory.create( org='MITx', number='999', display_name='Robot Super Course' ) with self._create_ssl_request('/') as request: external_auth_views.ssl_login(request) user = User.objects.get(email=self.USER_EMAIL) CourseEnrollment.enroll(user, course.id) course_private_url = '/courses/MITx/999/Robot_Super_Course/courseware' self.assertNotIn(SESSION_KEY, self.client.session) response = self.client.get( course_private_url, follow=True, SSL_CLIENT_S_DN=self.AUTH_DN.format(self.USER_NAME, self.USER_EMAIL), HTTP_ACCEPT='text/html' ) self.assertEqual(('http://testserver{0}'.format(course_private_url), 302), response.redirect_chain[-1]) self.assertIn(SESSION_KEY, self.client.session)
def test_ssl_login_without_signup_lms(self): """ Test IMMEDIATE_SIGNUP feature flag and ensure the user account is automatically created and the user is redirected to slash. """ with self._create_ssl_request('/') as request: external_auth_views.ssl_login(request) # Assert our user exists in both eamap and Users, and that we are logged in try: ExternalAuthMap.objects.get(external_id=self.USER_EMAIL) except ExternalAuthMap.DoesNotExist, ex: self.fail('User did not get properly added to external auth map, exception was {0}'.format(str(ex)))
def index(request): """ Redirects to main page -- info page if user authenticated, or marketing if not """ # This is to redirect Microsites when a homepage is not necessarily needed. if not request.user.is_authenticated(): if configuration_helpers.get_value( 'ALWAYS_REDIRECT_HOMEPAGE_TO_LOGIN_FOR_UNAUTHENTICATED_USER', settings.FEATURES.get( 'ALWAYS_REDIRECT_HOMEPAGE_TO_LOGIN_FOR_UNAUTHENTICATED_USER', True)): return redirect(reverse('signin_user')) if request.user.is_authenticated: # Only redirect to dashboard if user has # courses in his/her dashboard. Otherwise UX is a bit cryptic. # In this case, we want to have the user stay on a course catalog # page to make it easier to browse for courses (and register) if configuration_helpers.get_value( 'ALWAYS_REDIRECT_HOMEPAGE_TO_DASHBOARD_FOR_AUTHENTICATED_USER', settings.FEATURES.get( 'ALWAYS_REDIRECT_HOMEPAGE_TO_DASHBOARD_FOR_AUTHENTICATED_USER', True)): return redirect(reverse('dashboard')) if settings.FEATURES.get('AUTH_USE_CERTIFICATES'): from openedx.core.djangoapps.external_auth.views import ssl_login # Set next URL to dashboard if it isn't set to avoid # caching a redirect to / that causes a redirect loop on logout if not request.GET.get('next'): req_new = request.GET.copy() req_new['next'] = reverse('dashboard') request.GET = req_new return ssl_login(request) enable_mktg_site = configuration_helpers.get_value( 'ENABLE_MKTG_SITE', settings.FEATURES.get('ENABLE_MKTG_SITE', False)) if enable_mktg_site: marketing_urls = configuration_helpers.get_value( 'MKTG_URLS', settings.MKTG_URLS) return redirect(marketing_urls.get('ROOT')) domain = request.META.get('HTTP_HOST') # keep specialized logic for Edge until we can migrate over Edge to fully use # configuration. if domain and 'edge.edx.org' in domain: return redirect(reverse("signin_user")) # we do not expect this case to be reached in cases where # marketing and edge are enabled return student.views.index(request, user=request.user)
def test_ssl_bad_eamap(self): """ This tests the response when a user exists but their eamap password doesn't match their internal password. The internal password use for certificates has been removed and this should not fail. """ # Create account, break internal password, and activate account with self._create_ssl_request('/') as request: external_auth_views.ssl_login(request) user = User.objects.get(email=self.USER_EMAIL) user.set_password('not autogenerated') user.is_active = True user.save() # Make sure we can still login self.client.get( reverse('signin_user'), follow=True, SSL_CLIENT_S_DN=self.AUTH_DN.format(self.USER_NAME, self.USER_EMAIL)) self.assertIn(SESSION_KEY, self.client.session)
def test_ssl_login_with_signup_lms(self): """ Validate that an SSL login creates an eamap user and redirects them to the signup page. """ with self._create_ssl_request('/') as request: response = external_auth_views.ssl_login(request) # Response should contain template for signup form, eamap should have user, and internal # auth should not have a user self.assertIn('<form role="form" id="register-form" method="post"', response.content) try: ExternalAuthMap.objects.get(external_id=self.USER_EMAIL) except ExternalAuthMap.DoesNotExist, ex: self.fail('User did not get properly added to external auth map, exception was {0}'.format(str(ex)))
def index(request): ''' Redirects to main page -- info page if user authenticated, or marketing if not ''' if request.user.is_authenticated(): # Only redirect to dashboard if user has # courses in his/her dashboard. Otherwise UX is a bit cryptic. # In this case, we want to have the user stay on a course catalog # page to make it easier to browse for courses (and register) if configuration_helpers.get_value( 'ALWAYS_REDIRECT_HOMEPAGE_TO_DASHBOARD_FOR_AUTHENTICATED_USER', settings.FEATURES.get('ALWAYS_REDIRECT_HOMEPAGE_TO_DASHBOARD_FOR_AUTHENTICATED_USER', True)): return redirect(reverse('dashboard')) if settings.FEATURES.get('AUTH_USE_CERTIFICATES'): from openedx.core.djangoapps.external_auth.views import ssl_login # Set next URL to dashboard if it isn't set to avoid # caching a redirect to / that causes a redirect loop on logout if not request.GET.get('next'): req_new = request.GET.copy() req_new['next'] = reverse('dashboard') request.GET = req_new return ssl_login(request) enable_mktg_site = configuration_helpers.get_value( 'ENABLE_MKTG_SITE', settings.FEATURES.get('ENABLE_MKTG_SITE', False) ) if enable_mktg_site: marketing_urls = configuration_helpers.get_value( 'MKTG_URLS', settings.MKTG_URLS ) return redirect(marketing_urls.get('ROOT')) domain = request.META.get('HTTP_HOST') # keep specialized logic for Edge until we can migrate over Edge to fully use # configuration. if domain and 'edge.edx.org' in domain: return redirect(reverse("signin_user")) # we do not expect this case to be reached in cases where # marketing and edge are enabled return student.views.index(request, user=request.user)