def test_get_or_create_user_trigger_change_first_name(
settings: SettingsWrapper):
"""Test get_or_create_user function to verify if it correctly triggers the CREATE_USER function
and the trigger updates the user's first name.
Args:
settings (SettingsWrapper): Fixture for django settings
"""
settings.SAML2_AUTH = {
"TRIGGER": {
"CREATE_USER":
"******",
}
}
created, user = get_or_create_user({
"username": "******",
"first_name": "John",
"last_name": "Doe"
})
assert created
assert user.username == "*****@*****.**"
assert user.first_name == "CHANGED_FIRSTNAME"
assert user.is_active == True
assert user.has_usable_password() == False
def test_get_or_create_user_success(settings: SettingsWrapper):
"""Test get_or_create_user function to verify if it creates a new user and joins it to the
correct group based on the given SAML group and its mapping with internal groups.
Args:
settings (SettingsWrapper): Fixture for django settings
"""
settings.SAML2_AUTH = {
"ATTRIBUTES_MAP": {
"groups": "groups",
},
"GROUPS_MAP": {
"consumers": "users"
}
}
Group.objects.create(name="users")
created, user = get_or_create_user({
"username": "******",
"first_name": "John",
"last_name": "Doe",
"user_identity": {
"user.username": "******",
"user.first_name": "John",
"user.last_name": "Doe",
"groups": ["consumers"]
}
})
assert created
assert user.username == "*****@*****.**"
assert user.is_active == True
assert user.has_usable_password() == False
assert user.groups.get(name="users") == Group.objects.get(name="users")
def test_get_or_create_user_trigger_error(settings: SettingsWrapper):
"""Test get_or_create_user function to verify if it raises an exception in case the CREATE_USER
trigger function is nonexistent.
Args:
settings (SettingsWrapper): Fixture for django settings
"""
settings.SAML2_AUTH = {
"TRIGGER": {
"CREATE_USER":
"******",
}
}
with pytest.raises(SAMLAuthError) as exc_info:
get_or_create_user({
"username": "******",
"first_name": "John",
"last_name": "Doe"
})
assert str(exc_info.value) == (
"module 'django_saml2_auth.tests.test_user' has no attribute 'nonexistent_trigger'"
)
assert isinstance(exc_info.value.extra["exc"], AttributeError)
def test_create_jwt_token_no_secret_no_algorithm(settings: SettingsWrapper):
"""Test create_jwt_token function by trying to create a JWT token with no secret and algorithm
set.
Args:
settings (SettingsWrapper): Fixture for django settings
"""
settings.SAML2_AUTH = {"JWT_SECRET": None, "JWT_ALGORITHM": None}
with pytest.raises(SAMLAuthError) as exc_info:
create_jwt_token("*****@*****.**")
assert str(exc_info.value
) == "Cannot create JWT token. Specify secret and algorithm."
def test_create_new_user_no_group_error(settings: SettingsWrapper):
"""Test create_new_user function to verify if it creates the user, but fails to join the user
to the respective group.
Args:
settings (SettingsWrapper): Fixture for django settings
"""
settings.SAML2_AUTH = {
"NEW_USER_PROFILE": {
"USER_GROUPS": ["users"],
}
}
with pytest.raises(SAMLAuthError) as exc_info:
create_new_user("*****@*****.**", "John", "Doe")
assert str(
exc_info.value) == "There was an error joining the user to the group."
assert exc_info.value.extra["exc_type"] == Group.DoesNotExist
def test_create_new_user_success(settings: SettingsWrapper):
"""Test create_new_user function to verify if it works and correctly joins the user to the
respective group.
Args:
settings (SettingsWrapper): Fixture for django settings
"""
settings.SAML2_AUTH = {
"NEW_USER_PROFILE": {
"USER_GROUPS": ["users"],
}
}
# Create a group for the users to join
Group.objects.create(name="users")
user = create_new_user("*****@*****.**", "John", "Doe")
# It can also be email depending on USERNAME_FIELD setting
assert user.username == "*****@*****.**"
assert user.is_active == True
assert user.has_usable_password() == False
assert user.groups.get(name="users") == Group.objects.get(name="users")
def test_get_or_create_user_should_not_create_user(settings: SettingsWrapper):
"""Test get_or_create_user function to verify if it raise an exception while creating a new user
is prohibited by settings.
Args:
settings (SettingsWrapper): Fixture for django settings
"""
settings.SAML2_AUTH = {
"CREATE_USER": False,
}
with pytest.raises(SAMLAuthError) as exc_info:
get_or_create_user({
"username": "******",
"first_name": "John",
"last_name": "Doe"
})
assert str(exc_info.value) == "Cannot create user."
assert exc_info.value.extra["reason"] == (
"Due to current config, a new user should not be created.")