1
Copyright 2010 Canonical Ltd. This software is licensed under the
2
GNU Affero General Public License version 3 (see the file LICENSE).
4
= Switching Users Twice =
6
If a user is already logged in when authenticating via OpenID, they
7
have the option to sign in as someone else. This logs them out and
8
takes them to the login form.
10
By using the back button in their browser, it is possible for the user
11
to perform this action twice. The result should be the same: the user
12
is taken to the login form.
14
To test this, we will first sign the user in. First we'll set up the
17
>>> from openid.consumer.consumer import Consumer
18
>>> from openid.fetchers import setDefaultFetcher
19
>>> from openid.store.memstore import MemoryStore
20
>>> from canonical.signon.testing.openidhelpers import (
21
... make_identifier_select_endpoint, PublisherFetcher)
22
>>> setDefaultFetcher(PublisherFetcher())
24
>>> openid_store = MemoryStore()
25
>>> consumer = Consumer(session={}, store=openid_store)
27
Then log in as Sample Person:
29
>>> request = consumer.beginWithoutDiscovery(
30
... make_identifier_select_endpoint(PROTOCOL_URI))
31
>>> browser.open(request.redirectURL(
32
... 'http://launchpad.dev/', 'http://launchpad.dev/+openid-consumer'))
34
>>> print browser.title
36
>>> browser.getControl(name='email').value = 'test@canonical.com'
37
>>> browser.getControl(name='password').value = 'test'
38
>>> browser.getControl(name='continue').click()
39
>>> browser.getControl(name='yes').click()
41
http://launchpad.dev/+openid-consumer?...
43
Now lets start a second authentication request, which should take us
44
to the authentication page asking if we want to sign in as someone
47
>>> request = consumer.beginWithoutDiscovery(
48
... make_identifier_select_endpoint(PROTOCOL_URI))
49
>>> browser.open(request.redirectURL(
50
... 'http://launchpad.dev/', 'http://launchpad.dev/+openid-consumer'))
51
>>> print browser.title
52
Authenticate to http://launchpad.dev/
54
Now log out, by saying that we are someone else:
56
>>> browser.getLink(id='logout-link').click()
57
>>> print browser.title
60
Going back and repeating the action should succeed without error:
63
>>> print browser.title
69
>>> setDefaultFetcher(None)