1
# Copyright 2010 Canonical Ltd. This software is licensed under the
2
# GNU Affero General Public License version 3 (see the file LICENSE).
4
from identityprovider.models.account import Account
5
from identityprovider.models.const import AccountStatus, EmailStatus
6
from identityprovider.models.emailaddress import EmailAddress
7
from identityprovider.models.oauthtoken import (Consumer,
8
create_oauth_token_for_account)
9
from identityprovider.tests.utils import BasicAccountTestCase
10
from identityprovider.auth import LaunchpadBackend, oauth_authenticate
13
class LaunchpadBackendTestCase(BasicAccountTestCase):
18
self.backend = LaunchpadBackend()
20
def test_authenticate_with_email_status_not_in_expected_one(self):
21
email_address = EmailAddress.objects.get(
22
email__iexact="mark@example.com")
23
email_address.status = EmailStatus.NEW
26
result = self.backend.authenticate('mark@example.com', '')
28
self.assertTrue(result is None)
30
def test_get_user_does_not_exist(self):
31
user = self.backend.get_user(9999)
32
self.assertTrue(user is None)
34
def test_authenticate_with_email_case_insensitive(self):
35
# Make sure authentication works as expected
36
account1 = self.backend.authenticate('mark@example.com', 'test')
37
self.assertTrue(account1 is not None)
39
# Try using different case for email
40
account2 = self.backend.authenticate('Mark@Example.com', 'test')
41
self.assertTrue(account2 is not None)
43
# Make sure both accounts are the same
44
self.assertEqual(account1, account2)
46
def test_authenticate_account_active(self):
47
account = Account.objects.get_by_email('mark@example.com')
48
# make sure account is active
49
self.assertEqual(account.status, AccountStatus.ACTIVE)
50
# make sure authentication succeeds
51
response = self.backend.authenticate('mark@example.com', 'test')
52
self.assertEqual(response, account)
54
def test_authenticate_account_inactive(self):
55
account = Account.objects.get_by_email('mark@example.com')
56
_status = account.status
58
for status, _ in AccountStatus._get_choices():
59
if status == AccountStatus.ACTIVE:
60
# skip as this is tested elsewhere
63
account.status = status
66
# make sure authentication fails
67
response = self.backend.authenticate('mark@example.com', 'test')
68
self.assertEqual(response, None)
70
# leave everything as it was
71
account.status = _status
74
def test_oauth_authenticate_account_active(self):
75
account = Account.objects.get_by_email('mark@example.com')
76
consumer, created = Consumer.objects.get_or_create(account=account)
77
token = create_oauth_token_for_account(account, 'new-token')
78
oauth_token = token.oauth_token()
80
# make sure the account is active
81
self.assertTrue(account.status, AccountStatus.ACTIVE)
83
# make sure authentication succeeds
84
response = oauth_authenticate(consumer, oauth_token, None)
85
self.assertEqual(response, account)
87
def test_oauth_authenticate_account_inactive(self):
88
account = Account.objects.get_by_email('mark@example.com')
89
_status = account.status
91
consumer, created = Consumer.objects.get_or_create(account=account)
92
token = create_oauth_token_for_account(account, 'new-token')
93
oauth_token = token.oauth_token()
95
for status, _ in AccountStatus._get_choices():
96
if status == AccountStatus.ACTIVE:
97
# skip as this is tested elsewhere
100
account.status = status
103
# make sure authentication fails
104
response = oauth_authenticate(consumer, oauth_token, None)
105
self.assertEqual(response, None)
107
# leave everything as it was
108
account.status = _status