~ricardokirkner/django-openid-auth/django-1.11-compatibility
» Revision
119
: django_openid_auth/tests/test_auth.py
« back to all changes in this revision
Viewing changes to django_openid_auth/tests/test_auth.py
- browse files at revision 119
- compare with another revision
- download diff
- download tarball
- view history from revision 119
- Committer: Tarmac
- Author(s): Fabián Ezequiel Gallina
- Date: 2016-08-17 15:50:44 UTC
- mfrom: (118.1.2 auth-tests-refactor)
- Revision ID: tarmac-20160817155044-fv10a6d48sald7c6
[r=ricardokirkner,psivaa] Better response factories for auth module tests
Current response factories are tightly bound to particular extensions
and do not allow to easily extend responses to combine one or more
extensions in our tests (e.g. sreg+pape). This commit changes the way
responses are constructed by allowing to compose extensions into a
single response.
Current response factories are tightly bound to particular extensions
and do not allow to easily extend responses to combine one or more
extensions in our tests (e.g. sreg+pape). This commit changes the way
responses are constructed by allowing to compose extensions into a
single response.
- files modified:
- django_openid_auth/tests/test_auth.py
added
removed
django_openid_auth/tests/test_auth.py
29
29
from __future__ import unicode_literals
30
30
31
31
import re
32
from urlparse import urljoin
32
33
33
34
from django.contrib.auth.models import Group, Permission, User
34
35
from django.test import TestCase
60
61
61
62
SREG_NS = "http://openid.net/sreg/1.0"
62
63
AX_NS = "http://openid.net/srv/ax/1.0"
63
64
65
@override_session_serializer
66
@override_settings(
67
OPENID_USE_EMAIL_FOR_USERNAME=False,
68
OPENID_LAUNCHPAD_TEAMS_REQUIRED=[],
69
OPENID_LAUNCHPAD_TEAMS_MAPPING_AUTO=False,
70
OPENID_EMAIL_WHITELIST_REGEXP_LIST=[])
71
class OpenIDBackendTests(TestCase):
72
73
def setUp(self):
74
super(OpenIDBackendTests, self).setUp()
75
self.backend = OpenIDBackend()
76
77
def make_openid_response(self, sreg_args=None, teams_args=None):
78
endpoint = OpenIDServiceEndpoint()
79
endpoint.claimed_id = 'some-id'
80
endpoint.server_url = 'http://example.com/'
81
82
message = Message(OPENID2_NS)
83
if sreg_args is not None:
84
for key, value in sreg_args.items():
85
message.setArg(SREG_NS, key, value)
86
if teams_args is not None:
87
for key, value in teams_args.items():
88
message.setArg(TEAMS_NS, key, value)
89
response = SuccessResponse(
90
endpoint, message, signed_fields=message.toPostArgs().keys())
91
return response
92
93
def make_response_ax(
94
self, schema="http://axschema.org/",
95
fullname="Some User", nickname="someuser", email="foo@example.com",
96
first=None, last=None, verified=False):
97
endpoint = OpenIDServiceEndpoint()
98
endpoint.claimed_id = 'some-id'
99
endpoint.server_url = 'http://example.com/'
100
101
message = Message(OPENID2_NS)
64
SERVER_URL = 'http://example.com'
65
66
67
def make_claimed_id(id_):
68
return urljoin(SERVER_URL, id_)
69
70
71
class TestMessage(Message):
72
"""Convenience class to construct test OpenID messages and responses."""
73
74
def __init__(self, openid_namespace=OPENID2_NS):
75
super(TestMessage, self).__init__(openid_namespace=openid_namespace)
76
endpoint = OpenIDServiceEndpoint()
77
endpoint.claimed_id = make_claimed_id('some-id')
78
endpoint.server_url = SERVER_URL
79
self.endpoint = endpoint
80
81
def set_ax_args(
82
self,
83
email="foo@example.com",
84
first=None,
85
fullname="Some User",
86
last=None,
87
nickname="someuser",
88
schema="http://axschema.org/",
89
verified=False):
90
102
91
attributes = [
103
92
("nickname", schema + "namePerson/friendly", nickname),
104
93
("fullname", schema + "namePerson", fullname),
114
103
attributes.append(
115
104
("last", "http://axschema.org/namePerson/last", last))
116
105
117
message.setArg(AX_NS, "mode", "fetch_response")
106
self.setArg(AX_NS, "mode", "fetch_response")
118
107
for (alias, uri, value) in attributes:
119
message.setArg(AX_NS, "type.%s" % alias, uri)
120
message.setArg(AX_NS, "value.%s" % alias, value)
108
self.setArg(AX_NS, "type.%s" % alias, uri)
109
self.setArg(AX_NS, "value.%s" % alias, value)
110
111
def set_pape_args(self, *auth_policies):
112
self.setArg(pape.ns_uri, 'auth_policies', ' '.join(auth_policies))
113
114
def set_sreg_args(self, **kwargs):
115
for key, value in kwargs.items():
116
self.setArg(SREG_NS, key, value)
117
118
def set_team_args(self, **kwargs):
119
for key, value in kwargs.items():
120
self.setArg(TEAMS_NS, key, value)
121
122
def to_response(self):
121
123
return SuccessResponse(
122
endpoint, message, signed_fields=message.toPostArgs().keys())
123
124
def make_user_openid(self, user=None,
125
claimed_id='http://example.com/existing_identity',
126
display_id='http://example.com/existing_identity'):
124
self.endpoint, self, signed_fields=self.toPostArgs().keys())
125
126
127
@override_session_serializer
128
@override_settings(
129
OPENID_USE_EMAIL_FOR_USERNAME=False,
130
OPENID_LAUNCHPAD_TEAMS_REQUIRED=[],
131
OPENID_LAUNCHPAD_TEAMS_MAPPING_AUTO=False,
132
OPENID_EMAIL_WHITELIST_REGEXP_LIST=[])
133
class OpenIDBackendTests(TestCase):
134
135
def setUp(self):
136
super(OpenIDBackendTests, self).setUp()
137
self.backend = OpenIDBackend()
138
self.message = TestMessage()
139
140
def make_user_openid(
141
self, user=None, claimed_id=make_claimed_id('existing_identity')):
127
142
if user is None:
128
143
user = User.objects.create_user(
129
144
username='someuser', email='someuser@example.com',
130
145
password='12345678')
131
146
132
147
user_openid, created = UserOpenID.objects.get_or_create(
133
user=user, claimed_id=claimed_id, display_id=display_id)
148
user=user, claimed_id=claimed_id, display_id=claimed_id)
134
149
return user_openid
135
150
136
151
def _assert_account_verified(self, user, expected):
170
185
expected['last_name']),
171
186
'email': expected['email'],
172
187
}
173
response = self.make_openid_response(sreg_args=data)
188
self.message.set_sreg_args(**data)
174
189
175
details = self.backend._extract_user_details(response)
190
details = self.backend._extract_user_details(
191
self.message.to_response())
176
192
self.assertEqual(details, expected)
177
193
178
194
def test_extract_user_details_ax(self):
179
response = self.make_response_ax(
180
fullname="Some User", nickname="someuser", email="foo@example.com")
181
182
data = self.backend._extract_user_details(response)
195
self.message.set_ax_args(
196
email="foo@example.com",
197
fullname="Some User",
198
nickname="someuser",
199
)
200
data = self.backend._extract_user_details(self.message.to_response())
183
201
184
202
self.assertEqual(data, {"nickname": "someuser",
185
203
"first_name": "Some",
190
208
def test_extract_user_details_ax_split_name(self):
191
209
# Include fullname too to show that the split data takes
192
210
# precedence.
193
response = self.make_response_ax(
211
self.message.set_ax_args(
194
212
fullname="Bad Data", first="Some", last="User")
195
196
data = self.backend._extract_user_details(response)
213
data = self.backend._extract_user_details(self.message.to_response())
197
214
198
215
self.assertEqual(data, {"nickname": "someuser",
199
216
"first_name": "Some",
202
219
"account_verified": False})
203
220
204
221
def test_extract_user_details_ax_broken_myopenid(self):
205
response = self.make_response_ax(
222
self.message.set_ax_args(
206
223
schema="http://schema.openid.net/", fullname="Some User",
207
224
nickname="someuser", email="foo@example.com")
208
209
data = self.backend._extract_user_details(response)
225
data = self.backend._extract_user_details(self.message.to_response())
210
226
211
227
self.assertEqual(data, {"nickname": "someuser",
212
228
"first_name": "Some",
215
231
"account_verified": False})
216
232
217
233
def test_update_user_details_long_names(self):
218
response = self.make_response_ax()
234
self.message.set_ax_args()
219
235
user = User.objects.create_user(
220
236
'someuser', 'someuser@example.com', password=None)
221
237
user_openid, created = UserOpenID.objects.get_or_create(
227
243
last_name=u"User56789012345678901234567890123",
228
244
email=u"someotheruser@example.com", account_verified=False)
229
245
230
self.backend.update_user_details(user, data, response)
246
self.backend.update_user_details(
247
user, data, self.message.to_response())
231
248
232
249
self.assertEqual("Some56789012345678901234567890", user.first_name)
233
250
self.assertEqual("User56789012345678901234567890", user.last_name)
247
264
self.assert_account_not_verified(user)
248
265
249
266
# get a response including verification status
250
response = self.make_response_ax()
267
self.message.set_ax_args()
251
268
data = dict(first_name=u"Some56789012345678901234567890123",
252
269
last_name=u"User56789012345678901234567890123",
253
270
email=u"someotheruser@example.com",
254
271
account_verified=verified)
255
self.backend.update_user_details(user, data, response)
272
self.backend.update_user_details(
273
user, data, self.message.to_response())
256
274
257
275
# refresh object from the database
258
276
user = User.objects.get(pk=user.pk)
283
301
initially_verified=False, verified=False)
284
302
285
303
def test_extract_user_details_name_with_trailing_space(self):
286
response = self.make_response_ax(fullname="SomeUser ")
304
self.message.set_ax_args(fullname="SomeUser ")
287
305
288
data = self.backend._extract_user_details(response)
306
data = self.backend._extract_user_details(self.message.to_response())
289
307
290
308
self.assertEqual("", data['first_name'])
291
309
self.assertEqual("SomeUser", data['last_name'])
292
310
293
311
def test_extract_user_details_name_with_thin_space(self):
294
response = self.make_response_ax(fullname=u"Some\u2009User")
312
self.message.set_ax_args(fullname=u"Some\u2009User")
295
313
296
data = self.backend._extract_user_details(response)
314
data = self.backend._extract_user_details(self.message.to_response())
297
315
298
316
self.assertEqual("Some", data['first_name'])
299
317
self.assertEqual("User", data['last_name'])
330
348
def test_authenticate_when_not_member_of_teams_required(self):
331
349
Group.objects.create(name='team')
332
350
333
response = self.make_openid_response(
334
sreg_args=dict(nickname='someuser'),
335
teams_args=dict(is_member='foo'))
336
user = self.backend.authenticate(openid_response=response)
351
self.message.set_sreg_args(nickname='someuser')
352
self.message.set_team_args(is_member='foo')
353
user = self.backend.authenticate(
354
openid_response=self.message.to_response())
337
355
338
356
self.assertIsNone(user)
339
357
343
361
def test_authenticate_when_no_group_mapping_to_required_team(self):
344
362
assert Group.objects.filter(name='team').count() == 0
345
363
346
response = self.make_openid_response(
347
sreg_args=dict(nickname='someuser'),
348
teams_args=dict(is_member='foo'))
349
user = self.backend.authenticate(openid_response=response)
364
self.message.set_sreg_args(nickname='someuser')
365
self.message.set_team_args(is_member='foo')
366
user = self.backend.authenticate(
367
openid_response=self.message.to_response())
350
368
351
369
self.assertIsNone(user)
352
370
356
374
def test_authenticate_when_member_of_teams_required(self):
357
375
Group.objects.create(name='team')
358
376
359
response = self.make_openid_response(
360
sreg_args=dict(nickname='someuser'),
361
teams_args=dict(is_member='foo,team'))
362
user = self.backend.authenticate(openid_response=response)
377
self.message.set_sreg_args(nickname='someuser')
378
self.message.set_team_args(is_member='foo,team')
379
user = self.backend.authenticate(
380
openid_response=self.message.to_response())
363
381
364
382
self.assertIsNotNone(user)
365
383
366
384
@override_settings(OPENID_LAUNCHPAD_TEAMS_REQUIRED=[])
367
385
def test_authenticate_when_no_teams_required(self):
368
response = self.make_openid_response(
369
sreg_args=dict(nickname='someuser'),
370
teams_args=dict(is_member='team'))
371
user = self.backend.authenticate(openid_response=response)
386
self.message.set_sreg_args(nickname='someuser')
387
self.message.set_team_args(is_member='team')
388
user = self.backend.authenticate(
389
openid_response=self.message.to_response())
372
390
373
391
self.assertIsNotNone(user)
374
392
378
396
def test_authenticate_when_member_of_at_least_one_team(self):
379
397
Group.objects.create(name='team1')
380
398
381
response = self.make_openid_response(
382
sreg_args=dict(nickname='someuser'),
383
teams_args=dict(is_member='foo,team1'))
384
user = self.backend.authenticate(openid_response=response)
399
self.message.set_sreg_args(nickname='someuser')
400
self.message.set_team_args(is_member='foo,team1')
401
user = self.backend.authenticate(
402
openid_response=self.message.to_response())
385
403
386
404
self.assertIsNotNone(user)
387
405
393
411
self):
394
412
assert Group.objects.filter(name='team').count() == 0
395
413
396
response = self.make_openid_response(
397
sreg_args=dict(nickname='someuser', email='foo@foo.com'),
398
teams_args=dict(is_member='foo'))
399
user = self.backend.authenticate(openid_response=response)
414
self.message.set_sreg_args(
415
nickname='someuser', email='foo@foo.com')
416
user = self.backend.authenticate(
417
openid_response=self.message.to_response())
400
418
401
419
self.assertIsNotNone(user)
402
420
403
response = self.make_openid_response(
404
sreg_args=dict(nickname='someuser', email='foo+bar@foo.com'),
405
teams_args=dict(is_member='foo'))
406
user = self.backend.authenticate(openid_response=response)
421
self.message.set_sreg_args(
422
nickname='someuser', email='foo+bar@foo.com')
423
user = self.backend.authenticate(
424
openid_response=self.message.to_response())
407
425
408
426
self.assertIsNotNone(user)
409
427
414
432
def test_authenticate_whitelisted_email_multiple_patterns(self):
415
433
assert Group.objects.filter(name='team').count() == 0
416
434
417
response = self.make_openid_response(
418
sreg_args=dict(nickname='someuser', email='bar@foo.com'),
419
teams_args=dict(is_member='foo'))
420
user = self.backend.authenticate(openid_response=response)
435
self.message.set_sreg_args(nickname='someuser', email='bar@foo.com')
436
user = self.backend.authenticate(
437
openid_response=self.message.to_response())
421
438
422
439
self.assertIsNotNone(user)
423
440
428
445
def test_authenticate_whitelisted_email_not_match(self):
429
446
assert Group.objects.filter(name='team').count() == 0
430
447
431
response = self.make_openid_response(
432
sreg_args=dict(nickname='someuser', email='bar@foo.com'),
433
teams_args=dict(is_member='foo'))
434
user = self.backend.authenticate(openid_response=response)
448
self.message.set_sreg_args(nickname='someuser', email='bar@foo.com')
449
self.message.set_team_args(is_member='foo')
450
user = self.backend.authenticate(
451
openid_response=self.message.to_response())
435
452
436
453
self.assertIsNone(user)
437
454
459
476
460
477
@override_settings(OPENID_CREATE_USERS=False)
461
478
def test_auth_no_create_users(self):
462
response = self.make_openid_response(
463
sreg_args=dict(email='bar@foo.com'),
464
teams_args=dict(is_member='foo'))
465
user = self.backend.authenticate(openid_response=response)
479
self.message.set_sreg_args()
480
user = self.backend.authenticate(
481
openid_response=self.message.to_response())
466
482
467
483
self.assertIsNone(user)
468
484
self.assert_no_users_created()
469
485
470
486
@override_settings(OPENID_CREATE_USERS=False)
471
487
def test_auth_no_create_users_existing_user(self):
472
response = self.make_openid_response(
473
sreg_args=dict(email='bar@foo.com'),
474
teams_args=dict(is_member='foo'))
488
self.message.set_sreg_args()
475
489
existing_openid = self.make_user_openid(
476
claimed_id=response.identity_url)
490
claimed_id=self.message.endpoint.claimed_id)
477
491
expected_user_count = User.objects.count()
478
479
user = self.backend.authenticate(openid_response=response)
492
user = self.backend.authenticate(
493
openid_response=self.message.to_response())
480
494
481
495
self.assertIsNotNone(user)
482
496
self.assertEqual(user, existing_openid.user)
485
499
@override_settings(
486
500
OPENID_UPDATE_DETAILS_FROM_SREG=True,
487
501
OPENID_VALID_VERIFICATION_SCHEMES={
488
'http://example.com/': {'token_via_email'}})
502
SERVER_URL: {'token_via_email'}})
489
503
def test_auth_update_details_from_sreg(self):
490
504
first_name = 'a' * 31
491
505
last_name = 'b' * 31
492
506
email = 'new@email.com'
493
response = self.make_response_ax(
507
self.message.set_ax_args(
494
508
fullname=first_name + ' ' + last_name,
495
509
nickname='newnickname',
496
510
email=email,
499
513
verified=True,
500
514
)
501
515
existing_openid = self.make_user_openid(
502
claimed_id=response.identity_url)
516
claimed_id=self.message.endpoint.claimed_id)
503
517
original_username = existing_openid.user.username
504
518
expected_user_count = User.objects.count()
505
519
506
520
self.assert_account_not_verified(existing_openid.user)
507
521
508
user = self.backend.authenticate(openid_response=response)
522
user = self.backend.authenticate(
523
openid_response=self.message.to_response())
509
524
510
525
self.assertEqual(user, existing_openid.user)
511
526
self.assertEqual(
520
535
@override_settings(
521
536
OPENID_UPDATE_DETAILS_FROM_SREG=True,
522
537
OPENID_VALID_VERIFICATION_SCHEMES={
523
'http://example.com/': {'token_via_email'}})
538
SERVER_URL: {'token_via_email'}})
524
539
def test_auth_update_details_from_sreg_unverifies_account(self):
525
540
first_name = 'a' * 31
526
541
last_name = 'b' * 31
533
548
last=last_name,
534
549
verified=True,
535
550
)
536
verified_response = self.make_response_ax(**kwargs)
551
self.message.set_ax_args(**kwargs)
537
552
verified_user = self.backend.authenticate(
538
openid_response=verified_response)
553
openid_response=self.message.to_response())
539
554
540
555
self.assert_account_verified(verified_user)
541
556
expected_user_count = User.objects.count()
542
557
543
558
kwargs['verified'] = False
544
unverified_response = self.make_response_ax(**kwargs)
559
self.message.set_ax_args(**kwargs)
545
560
unverified_user = self.backend.authenticate(
546
openid_response=unverified_response)
561
openid_response=self.message.to_response())
547
562
548
563
self.assertEqual(verified_user, unverified_user)
549
564
self.assert_account_not_verified(unverified_user)
551
566
552
567
@override_settings(OPENID_PHYSICAL_MULTIFACTOR_REQUIRED=True)
553
568
def test_physical_multifactor_required_not_given(self):
554
response = self.make_openid_response()
569
response = self.message.to_response()
555
570
556
571
with self.assertRaises(MissingPhysicalMultiFactor):
557
572
self.backend.authenticate(openid_response=response)
558
573
559
574
self.assertTrue(
560
UserOpenID.objects.filter(claimed_id='some-id').exists(),
575
UserOpenID.objects.filter(
576
claimed_id=self.message.endpoint.claimed_id).exists(),
561
577
'User must be created anyways.')
562
578
563
579
@override_settings(OPENID_PHYSICAL_MULTIFACTOR_REQUIRED=True)
564
580
def test_physical_multifactor_required_invalid_auth_policy(self):
565
response = self.make_openid_response()
566
message = response.message
567
message.setArg(
568
pape.ns_uri, 'auth_policies',
569
pape.AUTH_MULTI_FACTOR + ' ' + pape.AUTH_PHISHING_RESISTANT)
570
response = SuccessResponse(
571
response.endpoint, message,
572
signed_fields=message.toPostArgs().keys())
581
self.message.set_pape_args(
582
pape.AUTH_MULTI_FACTOR, pape.AUTH_PHISHING_RESISTANT)
573
583
574
584
with self.assertRaises(MissingPhysicalMultiFactor):
575
self.backend.authenticate(openid_response=response)
585
self.backend.authenticate(
586
openid_response=self.message.to_response())
576
587
577
588
self.assertTrue(
578
UserOpenID.objects.filter(claimed_id='some-id').exists(),
589
UserOpenID.objects.filter(
590
claimed_id=self.message.endpoint.claimed_id).exists(),
579
591
'User must be created anyways.')
580
592
581
593
@override_settings(OPENID_PHYSICAL_MULTIFACTOR_REQUIRED=True)
582
594
def test_physical_multifactor_required_valid_auth_policy(self):
583
response = self.make_openid_response()
584
message = response.message
585
message.setArg(
586
pape.ns_uri, 'auth_policies',
587
pape.AUTH_MULTI_FACTOR_PHYSICAL)
588
response = SuccessResponse(
589
response.endpoint, message,
590
signed_fields=message.toPostArgs().keys())
591
592
user = self.backend.authenticate(openid_response=response)
595
self.message.set_pape_args(
596
pape.AUTH_MULTI_FACTOR, pape.AUTH_MULTI_FACTOR_PHYSICAL,
597
pape.AUTH_PHISHING_RESISTANT)
598
user = self.backend.authenticate(
599
openid_response=self.message.to_response())
593
600
594
601
self.assertIsNotNone(user)
595
602
596
603
@override_settings(OPENID_STRICT_USERNAMES=True)
597
604
def test_auth_strict_usernames(self):
598
605
username = 'nickname'
599
response = self.make_openid_response(
600
sreg_args=dict(nickname=username, email='bar@foo.com'),
601
teams_args=dict(is_member='foo'))
602
user = self.backend.authenticate(openid_response=response)
606
self.message.set_sreg_args(nickname=username)
607
user = self.backend.authenticate(
608
openid_response=self.message.to_response())
603
609
604
610
self.assertIsNotNone(user, 'User must be created')
605
611
self.assertEqual(user.username, username)
606
612
607
613
@override_settings(OPENID_STRICT_USERNAMES=True)
608
614
def test_auth_strict_usernames_no_nickname(self):
609
response = self.make_openid_response(
610
sreg_args=dict(nickname='', email='bar@foo.com'),
611
teams_args=dict(is_member='foo'))
615
self.message.set_sreg_args(nickname='')
612
616
613
617
msg = re.escape(
614
618
"An attribute required for logging in was not returned (nickname)")
615
619
616
620
with self.assertRaisesRegexp(RequiredAttributeNotReturned, msg):
617
self.backend.authenticate(openid_response=response)
621
self.backend.authenticate(
622
openid_response=self.message.to_response())
618
623
619
624
self.assert_no_users_created()
620
625
624
629
def test_auth_strict_usernames_conflict(self):
625
630
existing_openid = self.make_user_openid()
626
631
expected_user_count = User.objects.count()
627
628
response = self.make_openid_response(
629
sreg_args=dict(
630
nickname=existing_openid.user.username, email='bar@foo.com'),
631
teams_args=dict(is_member='foo'))
632
self.message.set_sreg_args(
633
nickname=existing_openid.user.username)
632
634
633
635
with self.assertRaises(DuplicateUsernameViolation):
634
self.backend.authenticate(openid_response=response)
636
self.backend.authenticate(
637
openid_response=self.message.to_response())
635
638
636
639
self.assert_no_users_created(expected_count=expected_user_count)
637
640
641
644
OPENID_UPDATE_DETAILS_FROM_SREG=True)
642
645
def test_auth_follow_renames(self):
643
646
new_username = 'new'
644
original_response = self.make_openid_response(
645
sreg_args=dict(nickname='username', email='bar@foo.com'),
646
teams_args=dict(is_member='foo'))
647
rename_response = self.make_openid_response(
648
sreg_args=dict(nickname=new_username, email='bar@foo.com'),
649
teams_args=dict(is_member='foo'))
650
user = self.backend.authenticate(openid_response=original_response)
647
self.message.set_sreg_args(nickname='username')
648
user = self.backend.authenticate(
649
openid_response=self.message.to_response())
651
650
expected_user_count = User.objects.count()
652
651
653
652
self.assertIsNotNone(user, 'User must be created')
654
653
654
self.message.set_sreg_args(nickname=new_username)
655
655
renamed_user = self.backend.authenticate(
656
openid_response=rename_response)
656
openid_response=self.message.to_response())
657
657
658
658
self.assertEqual(user.pk, renamed_user.pk)
659
659
self.assertEqual(renamed_user.username, new_username)
664
664
OPENID_STRICT_USERNAMES=True,
665
665
OPENID_UPDATE_DETAILS_FROM_SREG=True)
666
666
def test_auth_follow_renames_strict_usernames_no_nickname(self):
667
response = self.make_openid_response(
668
sreg_args=dict(nickname='nickame', email='bar@foo.com'),
669
teams_args=dict(is_member='foo'))
670
user = self.backend.authenticate(openid_response=response)
667
self.message.set_sreg_args(nickname='nickame')
668
user = self.backend.authenticate(
669
openid_response=self.message.to_response())
671
670
expected_user_count = User.objects.count()
672
671
673
672
self.assertIsNotNone(user, 'User must be created')
674
673
675
response = self.make_openid_response(
676
sreg_args=dict(nickname='', email='bar@foo.com'),
677
teams_args=dict(is_member='foo'))
674
self.message.set_sreg_args(nickname='')
678
675
679
676
# XXX: Check possibilities to normalize this error into a
680
677
# `RequiredAttributeNotReturned`.
681
678
with self.assertRaises(MissingUsernameViolation):
682
self.backend.authenticate(openid_response=response)
679
self.backend.authenticate(
680
openid_response=self.message.to_response())
683
681
684
682
self.assert_no_users_created(expected_count=expected_user_count)
685
683
690
688
def test_auth_follow_renames_strict_usernames_rename_conflict(self):
691
689
existing_openid = self.make_user_openid()
692
690
original_username = 'nickame'
693
good_response = self.make_openid_response(
694
sreg_args=dict(nickname=original_username, email='bar@foo.com'),
695
teams_args=dict(is_member='foo'))
696
conflict_response = self.make_openid_response(
697
sreg_args=dict(
698
nickname=existing_openid.user.username, email='bar@foo.com'),
699
teams_args=dict(is_member='foo'))
700
user = self.backend.authenticate(openid_response=good_response)
691
self.message.set_sreg_args(nickname=original_username)
692
user = self.backend.authenticate(
693
openid_response=self.message.to_response())
701
694
expected_user_count = User.objects.count()
702
695
703
696
self.assertIsNotNone(user, 'First request should succeed')
704
697
698
self.message.set_sreg_args(
699
nickname=existing_openid.user.username)
700
705
701
with self.assertRaises(DuplicateUsernameViolation):
706
self.backend.authenticate(openid_response=conflict_response)
702
self.backend.authenticate(
703
openid_response=self.message.to_response())
707
704
708
705
db_user = User.objects.get(pk=user.pk)
709
706
self.assertEqual(db_user.username, original_username)
726
723
duplicate_username_handler, sender=User, weak=False,
727
724
dispatch_uid='testing')
728
725
729
response = self.make_openid_response(
730
sreg_args=dict(
731
nickname=existing_openid.user.username, email='bar@foo.com'),
732
teams_args=dict(is_member='foo'))
726
self.message.set_sreg_args(
727
nickname=existing_openid.user.username)
733
728
734
729
with self.assertRaises(DuplicateUsernameViolation):
735
self.backend.authenticate(openid_response=response)
730
self.backend.authenticate(
731
openid_response=self.message.to_response())
736
732
737
733
self.assertIn('username', signal_kwargs)
738
734
self.assertEqual(
756
752
duplicate_username_handler, sender=User, weak=False,
757
753
dispatch_uid='testing')
758
754
759
response = self.make_openid_response(
760
sreg_args=dict(
761
nickname=existing_openid.user.username, email='bar@foo.com'),
762
teams_args=dict(is_member='foo'))
763
user = self.backend.authenticate(openid_response=response)
755
self.message.set_sreg_args(
756
nickname=existing_openid.user.username)
757
user = self.backend.authenticate(
758
openid_response=self.message.to_response())
764
759
765
760
self.assertIsNotNone(user)
766
761
self.assertNotEqual(user, existing_openid.user)
778
773
duplicate_username_handler, sender=User, weak=False,
779
774
dispatch_uid='testing')
780
775
781
response = self.make_openid_response(
782
sreg_args=dict(nickname='nickname', email='bar@foo.com'),
783
teams_args=dict(is_member='foo'))
784
self.backend.authenticate(openid_response=response)
776
self.message.set_sreg_args(nickname='nickname')
777
self.backend.authenticate(openid_response=self.message.to_response())
Loggerhead is a web-based interface for Breezy
Version: 2.0.1