← Back to branch summary

~michael.nelson/canonical-identity-provider/add-convoy-combo

« back to all changes in this revision

Viewing changes to identityprovider/tests/test_auth.py

  • Committer: Tarmac
  • Author(s): Natalia B. Bidart
  • Date: 2013-04-01 18:23:16 UTC
  • mfrom: (753.4.12 the-hand-is-quicker-2)
  • Revision ID: tarmac-20130401182316-ioglnxyjdmsu0xqf
[r=matiasb] - Cleanup of testing views: replaced logic from urls.py with the new decorator require_testing_enabled (moved from webui project).
- Removed dummy and dummy hooks testing views.
- Removed fixtures from leftover tests from identity provider.

Show diffs side-by-side

added added

removed removed

Lines of Context:
identityprovider/tests/test_auth.py
26
26
 
27
27
class LaunchpadBackendTestCase(SSOBaseTestCase):
28
28
 
29
 
    fixtures = ["test"]
 
29
    email = 'mark@example.com'
30
30
 
31
31
    def setUp(self):
32
32
        super(LaunchpadBackendTestCase, self).setUp()
 
33
        self.account = self.factory.make_account(
 
34
            email=self.email, password=DEFAULT_USER_PASSWORD)
33
35
        self.backend = LaunchpadBackend()
34
36
 
35
37
    def test_authenticate_with_email_status_not_in_expected_one(self):
36
38
        email_address = EmailAddress.objects.get(
37
 
            email__iexact="mark@example.com")
 
39
            email__iexact=self.email)
38
40
        email_address.status = 9999
39
41
        email_address.save()
40
42
 
41
 
        result = self.backend.authenticate('mark@example.com',
 
43
        result = self.backend.authenticate(self.email,
42
44
                                           DEFAULT_USER_PASSWORD)
43
45
 
44
46
        self.assertTrue(result is None)
49
51
 
50
52
    def test_authenticate_with_email_case_insensitive(self):
51
53
        # Make sure authentication works as expected
52
 
        account1 = self.backend.authenticate('mark@example.com',
 
54
        account1 = self.backend.authenticate(self.email,
53
55
                                             DEFAULT_USER_PASSWORD)
54
56
        self.assertTrue(account1 is not None)
55
57
 
62
64
        self.assertEqual(account1, account2)
63
65
 
64
66
    def test_authenticate_account_active(self):
65
 
        account = Account.objects.get_by_email('mark@example.com')
 
67
        account = Account.objects.get_by_email(self.email)
66
68
        # make sure account is active
67
69
        self.assertEqual(account.status, AccountStatus.ACTIVE)
68
70
        # make sure authentication succeeds
69
 
        response = self.backend.authenticate('mark@example.com',
 
71
        response = self.backend.authenticate(self.email,
70
72
                                             DEFAULT_USER_PASSWORD)
71
73
        self.assertEqual(response, account)
72
74
 
79
81
        self.assertIsNone(self.backend.authenticate(token=token))
80
82
 
81
83
    def test_authenticate_account_inactive(self):
82
 
        account = Account.objects.get_by_email('mark@example.com')
 
84
        account = Account.objects.get_by_email(self.email)
83
85
        _status = account.status
84
86
 
85
87
        for status, _ in AccountStatus._get_choices():
91
93
            account.save()
92
94
 
93
95
            # make sure authentication fails
94
 
            response = self.backend.authenticate('mark@example.com',
 
96
            response = self.backend.authenticate(self.email,
95
97
                                                 DEFAULT_USER_PASSWORD)
96
98
            self.assertEqual(response, None)
97
99
 
100
102
        account.save()
101
103
 
102
104
    def test_authenticate_account_no_password(self):
103
 
        account = Account.objects.get_by_email('mark@example.com')
 
105
        account = Account.objects.get_by_email(self.email)
104
106
        account.accountpassword.delete()
105
107
 
106
 
        response = self.backend.authenticate('mark@example.com',
 
108
        response = self.backend.authenticate(self.email,
107
109
                                             DEFAULT_USER_PASSWORD)
108
110
 
109
111
        self.assertTrue(response is None)
110
 
        account = Account.objects.get_by_email('mark@example.com')
 
112
        account = Account.objects.get_by_email(self.email)
111
113
        self.assertTrue(account is not None)
112
114
 
113
115
    def test_oauth_authenticate_account_active(self):
114
 
        account = Account.objects.get_by_email('mark@example.com')
 
116
        account = Account.objects.get_by_email(self.email)
115
117
        user, _ = User.objects.get_or_create(
116
118
            username=account.openid_identifier)
117
119
        consumer, created = Consumer.objects.get_or_create(user=user)
126
128
        self.assertEqual(response, account)
127
129
 
128
130
    def test_oauth_authenticate_account_inactive(self):
129
 
        account = Account.objects.get_by_email('mark@example.com')
 
131
        account = Account.objects.get_by_email(self.email)
130
132
        _status = account.status
131
133
        user, _ = User.objects.get_or_create(
132
134
            username=account.openid_identifier)
155
157
            consumer.delete()
156
158
 
157
159
    def test_oauth_authenticate_stolen_token(self):
158
 
        victim_account = Account.objects.get_by_email('mark@example.com')
 
160
        victim_account = Account.objects.get_by_email(self.email)
159
161
        token = victim_account.create_oauth_token('new-token')
160
162
        oauth_token = token.oauth_token()
161
163
 
162
 
        malicious_account = Account.objects.get_by_email('test@canonical.com')
 
164
        malicious_account = self.factory.make_account()
163
165
        malicious_user, _ = User.objects.get_or_create(
164
166
            username=malicious_account.openid_identifier)
165
167
        consumer, created = Consumer.objects.get_or_create(user=malicious_user)