Merge lp:~fgallina/django-openid-auth/auth-tests-refactor into lp:django-openid-auth
- auth-tests-refactor
- Merge into trunk
Proposed by
Fabián Ezequiel Gallina
| Status: | Merged |
|---|---|
| Approved by: | Fabián Ezequiel Gallina |
| Approved revision: | 120 |
| Merge reported by: | Ubuntu One Auto Pilot |
| Merged at revision: | not available |
| Proposed branch: | lp:~fgallina/django-openid-auth/auth-tests-refactor |
| Merge into: | lp:django-openid-auth |
| Diff against target: |
713 lines (+191/-198) 1 file modified
django_openid_auth/tests/test_auth.py (+191/-198) |
| To merge this branch: | bzr merge lp:~fgallina/django-openid-auth/auth-tests-refactor |
| Related bugs: |
| Reviewer | Review Type | Date Requested | Status |
|---|---|---|---|
| Ricardo Kirkner (community) | Approve | ||
| Para Siva (community) | Approve | ||
|
Review via email:
|
|||
Commit message
Better response factories for auth module tests
Current response factories are tightly bound to particular extensions
and do not allow to easily extend responses to combine one or more
extensions in our tests (e.g. sreg+pape). This commit changes the way
responses are constructed by allowing to compose extensions into a
single response.
Description of the change
To post a comment you must log in.
- 120. By Fabián Ezequiel Gallina
-
Provide more flexible server URL and claimed_id setup for auth test responses
Revision history for this message
| Ricardo Kirkner (ricardokirkner) wrote : | # |
LGTM, nice refactoring.
review:
Approve
Preview Diff
[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
| 1 | === modified file 'django_openid_auth/tests/test_auth.py' |
| 2 | --- django_openid_auth/tests/test_auth.py 2016-08-12 12:03:47 +0000 |
| 3 | +++ django_openid_auth/tests/test_auth.py 2016-08-17 14:55:56 +0000 |
| 4 | @@ -29,6 +29,7 @@ |
| 5 | from __future__ import unicode_literals |
| 6 | |
| 7 | import re |
| 8 | +from urlparse import urljoin |
| 9 | |
| 10 | from django.contrib.auth.models import Group, Permission, User |
| 11 | from django.test import TestCase |
| 12 | @@ -60,45 +61,33 @@ |
| 13 | |
| 14 | SREG_NS = "http://openid.net/sreg/1.0" |
| 15 | AX_NS = "http://openid.net/srv/ax/1.0" |
| 16 | - |
| 17 | - |
| 18 | -@override_session_serializer |
| 19 | -@override_settings( |
| 20 | - OPENID_USE_EMAIL_FOR_USERNAME=False, |
| 21 | - OPENID_LAUNCHPAD_TEAMS_REQUIRED=[], |
| 22 | - OPENID_LAUNCHPAD_TEAMS_MAPPING_AUTO=False, |
| 23 | - OPENID_EMAIL_WHITELIST_REGEXP_LIST=[]) |
| 24 | -class OpenIDBackendTests(TestCase): |
| 25 | - |
| 26 | - def setUp(self): |
| 27 | - super(OpenIDBackendTests, self).setUp() |
| 28 | - self.backend = OpenIDBackend() |
| 29 | - |
| 30 | - def make_openid_response(self, sreg_args=None, teams_args=None): |
| 31 | - endpoint = OpenIDServiceEndpoint() |
| 32 | - endpoint.claimed_id = 'some-id' |
| 33 | - endpoint.server_url = 'http://example.com/' |
| 34 | - |
| 35 | - message = Message(OPENID2_NS) |
| 36 | - if sreg_args is not None: |
| 37 | - for key, value in sreg_args.items(): |
| 38 | - message.setArg(SREG_NS, key, value) |
| 39 | - if teams_args is not None: |
| 40 | - for key, value in teams_args.items(): |
| 41 | - message.setArg(TEAMS_NS, key, value) |
| 42 | - response = SuccessResponse( |
| 43 | - endpoint, message, signed_fields=message.toPostArgs().keys()) |
| 44 | - return response |
| 45 | - |
| 46 | - def make_response_ax( |
| 47 | - self, schema="http://axschema.org/", |
| 48 | - fullname="Some User", nickname="someuser", email="foo@example.com", |
| 49 | - first=None, last=None, verified=False): |
| 50 | - endpoint = OpenIDServiceEndpoint() |
| 51 | - endpoint.claimed_id = 'some-id' |
| 52 | - endpoint.server_url = 'http://example.com/' |
| 53 | - |
| 54 | - message = Message(OPENID2_NS) |
| 55 | +SERVER_URL = 'http://example.com' |
| 56 | + |
| 57 | + |
| 58 | +def make_claimed_id(id_): |
| 59 | + return urljoin(SERVER_URL, id_) |
| 60 | + |
| 61 | + |
| 62 | +class TestMessage(Message): |
| 63 | + """Convenience class to construct test OpenID messages and responses.""" |
| 64 | + |
| 65 | + def __init__(self, openid_namespace=OPENID2_NS): |
| 66 | + super(TestMessage, self).__init__(openid_namespace=openid_namespace) |
| 67 | + endpoint = OpenIDServiceEndpoint() |
| 68 | + endpoint.claimed_id = make_claimed_id('some-id') |
| 69 | + endpoint.server_url = SERVER_URL |
| 70 | + self.endpoint = endpoint |
| 71 | + |
| 72 | + def set_ax_args( |
| 73 | + self, |
| 74 | + email="foo@example.com", |
| 75 | + first=None, |
| 76 | + fullname="Some User", |
| 77 | + last=None, |
| 78 | + nickname="someuser", |
| 79 | + schema="http://axschema.org/", |
| 80 | + verified=False): |
| 81 | + |
| 82 | attributes = [ |
| 83 | ("nickname", schema + "namePerson/friendly", nickname), |
| 84 | ("fullname", schema + "namePerson", fullname), |
| 85 | @@ -114,23 +103,49 @@ |
| 86 | attributes.append( |
| 87 | ("last", "http://axschema.org/namePerson/last", last)) |
| 88 | |
| 89 | - message.setArg(AX_NS, "mode", "fetch_response") |
| 90 | + self.setArg(AX_NS, "mode", "fetch_response") |
| 91 | for (alias, uri, value) in attributes: |
| 92 | - message.setArg(AX_NS, "type.%s" % alias, uri) |
| 93 | - message.setArg(AX_NS, "value.%s" % alias, value) |
| 94 | + self.setArg(AX_NS, "type.%s" % alias, uri) |
| 95 | + self.setArg(AX_NS, "value.%s" % alias, value) |
| 96 | + |
| 97 | + def set_pape_args(self, *auth_policies): |
| 98 | + self.setArg(pape.ns_uri, 'auth_policies', ' '.join(auth_policies)) |
| 99 | + |
| 100 | + def set_sreg_args(self, **kwargs): |
| 101 | + for key, value in kwargs.items(): |
| 102 | + self.setArg(SREG_NS, key, value) |
| 103 | + |
| 104 | + def set_team_args(self, **kwargs): |
| 105 | + for key, value in kwargs.items(): |
| 106 | + self.setArg(TEAMS_NS, key, value) |
| 107 | + |
| 108 | + def to_response(self): |
| 109 | return SuccessResponse( |
| 110 | - endpoint, message, signed_fields=message.toPostArgs().keys()) |
| 111 | - |
| 112 | - def make_user_openid(self, user=None, |
| 113 | - claimed_id='http://example.com/existing_identity', |
| 114 | - display_id='http://example.com/existing_identity'): |
| 115 | + self.endpoint, self, signed_fields=self.toPostArgs().keys()) |
| 116 | + |
| 117 | + |
| 118 | +@override_session_serializer |
| 119 | +@override_settings( |
| 120 | + OPENID_USE_EMAIL_FOR_USERNAME=False, |
| 121 | + OPENID_LAUNCHPAD_TEAMS_REQUIRED=[], |
| 122 | + OPENID_LAUNCHPAD_TEAMS_MAPPING_AUTO=False, |
| 123 | + OPENID_EMAIL_WHITELIST_REGEXP_LIST=[]) |
| 124 | +class OpenIDBackendTests(TestCase): |
| 125 | + |
| 126 | + def setUp(self): |
| 127 | + super(OpenIDBackendTests, self).setUp() |
| 128 | + self.backend = OpenIDBackend() |
| 129 | + self.message = TestMessage() |
| 130 | + |
| 131 | + def make_user_openid( |
| 132 | + self, user=None, claimed_id=make_claimed_id('existing_identity')): |
| 133 | if user is None: |
| 134 | user = User.objects.create_user( |
| 135 | username='someuser', email='someuser@example.com', |
| 136 | password='12345678') |
| 137 | |
| 138 | user_openid, created = UserOpenID.objects.get_or_create( |
| 139 | - user=user, claimed_id=claimed_id, display_id=display_id) |
| 140 | + user=user, claimed_id=claimed_id, display_id=claimed_id) |
| 141 | return user_openid |
| 142 | |
| 143 | def _assert_account_verified(self, user, expected): |
| 144 | @@ -170,16 +185,19 @@ |
| 145 | expected['last_name']), |
| 146 | 'email': expected['email'], |
| 147 | } |
| 148 | - response = self.make_openid_response(sreg_args=data) |
| 149 | + self.message.set_sreg_args(**data) |
| 150 | |
| 151 | - details = self.backend._extract_user_details(response) |
| 152 | + details = self.backend._extract_user_details( |
| 153 | + self.message.to_response()) |
| 154 | self.assertEqual(details, expected) |
| 155 | |
| 156 | def test_extract_user_details_ax(self): |
| 157 | - response = self.make_response_ax( |
| 158 | - fullname="Some User", nickname="someuser", email="foo@example.com") |
| 159 | - |
| 160 | - data = self.backend._extract_user_details(response) |
| 161 | + self.message.set_ax_args( |
| 162 | + email="foo@example.com", |
| 163 | + fullname="Some User", |
| 164 | + nickname="someuser", |
| 165 | + ) |
| 166 | + data = self.backend._extract_user_details(self.message.to_response()) |
| 167 | |
| 168 | self.assertEqual(data, {"nickname": "someuser", |
| 169 | "first_name": "Some", |
| 170 | @@ -190,10 +208,9 @@ |
| 171 | def test_extract_user_details_ax_split_name(self): |
| 172 | # Include fullname too to show that the split data takes |
| 173 | # precedence. |
| 174 | - response = self.make_response_ax( |
| 175 | + self.message.set_ax_args( |
| 176 | fullname="Bad Data", first="Some", last="User") |
| 177 | - |
| 178 | - data = self.backend._extract_user_details(response) |
| 179 | + data = self.backend._extract_user_details(self.message.to_response()) |
| 180 | |
| 181 | self.assertEqual(data, {"nickname": "someuser", |
| 182 | "first_name": "Some", |
| 183 | @@ -202,11 +219,10 @@ |
| 184 | "account_verified": False}) |
| 185 | |
| 186 | def test_extract_user_details_ax_broken_myopenid(self): |
| 187 | - response = self.make_response_ax( |
| 188 | + self.message.set_ax_args( |
| 189 | schema="http://schema.openid.net/", fullname="Some User", |
| 190 | nickname="someuser", email="foo@example.com") |
| 191 | - |
| 192 | - data = self.backend._extract_user_details(response) |
| 193 | + data = self.backend._extract_user_details(self.message.to_response()) |
| 194 | |
| 195 | self.assertEqual(data, {"nickname": "someuser", |
| 196 | "first_name": "Some", |
| 197 | @@ -215,7 +231,7 @@ |
| 198 | "account_verified": False}) |
| 199 | |
| 200 | def test_update_user_details_long_names(self): |
| 201 | - response = self.make_response_ax() |
| 202 | + self.message.set_ax_args() |
| 203 | user = User.objects.create_user( |
| 204 | 'someuser', 'someuser@example.com', password=None) |
| 205 | user_openid, created = UserOpenID.objects.get_or_create( |
| 206 | @@ -227,7 +243,8 @@ |
| 207 | last_name=u"User56789012345678901234567890123", |
| 208 | email=u"someotheruser@example.com", account_verified=False) |
| 209 | |
| 210 | - self.backend.update_user_details(user, data, response) |
| 211 | + self.backend.update_user_details( |
| 212 | + user, data, self.message.to_response()) |
| 213 | |
| 214 | self.assertEqual("Some56789012345678901234567890", user.first_name) |
| 215 | self.assertEqual("User56789012345678901234567890", user.last_name) |
| 216 | @@ -247,12 +264,13 @@ |
| 217 | self.assert_account_not_verified(user) |
| 218 | |
| 219 | # get a response including verification status |
| 220 | - response = self.make_response_ax() |
| 221 | + self.message.set_ax_args() |
| 222 | data = dict(first_name=u"Some56789012345678901234567890123", |
| 223 | last_name=u"User56789012345678901234567890123", |
| 224 | email=u"someotheruser@example.com", |
| 225 | account_verified=verified) |
| 226 | - self.backend.update_user_details(user, data, response) |
| 227 | + self.backend.update_user_details( |
| 228 | + user, data, self.message.to_response()) |
| 229 | |
| 230 | # refresh object from the database |
| 231 | user = User.objects.get(pk=user.pk) |
| 232 | @@ -283,17 +301,17 @@ |
| 233 | initially_verified=False, verified=False) |
| 234 | |
| 235 | def test_extract_user_details_name_with_trailing_space(self): |
| 236 | - response = self.make_response_ax(fullname="SomeUser ") |
| 237 | + self.message.set_ax_args(fullname="SomeUser ") |
| 238 | |
| 239 | - data = self.backend._extract_user_details(response) |
| 240 | + data = self.backend._extract_user_details(self.message.to_response()) |
| 241 | |
| 242 | self.assertEqual("", data['first_name']) |
| 243 | self.assertEqual("SomeUser", data['last_name']) |
| 244 | |
| 245 | def test_extract_user_details_name_with_thin_space(self): |
| 246 | - response = self.make_response_ax(fullname=u"Some\u2009User") |
| 247 | + self.message.set_ax_args(fullname=u"Some\u2009User") |
| 248 | |
| 249 | - data = self.backend._extract_user_details(response) |
| 250 | + data = self.backend._extract_user_details(self.message.to_response()) |
| 251 | |
| 252 | self.assertEqual("Some", data['first_name']) |
| 253 | self.assertEqual("User", data['last_name']) |
| 254 | @@ -330,10 +348,10 @@ |
| 255 | def test_authenticate_when_not_member_of_teams_required(self): |
| 256 | Group.objects.create(name='team') |
| 257 | |
| 258 | - response = self.make_openid_response( |
| 259 | - sreg_args=dict(nickname='someuser'), |
| 260 | - teams_args=dict(is_member='foo')) |
| 261 | - user = self.backend.authenticate(openid_response=response) |
| 262 | + self.message.set_sreg_args(nickname='someuser') |
| 263 | + self.message.set_team_args(is_member='foo') |
| 264 | + user = self.backend.authenticate( |
| 265 | + openid_response=self.message.to_response()) |
| 266 | |
| 267 | self.assertIsNone(user) |
| 268 | |
| 269 | @@ -343,10 +361,10 @@ |
| 270 | def test_authenticate_when_no_group_mapping_to_required_team(self): |
| 271 | assert Group.objects.filter(name='team').count() == 0 |
| 272 | |
| 273 | - response = self.make_openid_response( |
| 274 | - sreg_args=dict(nickname='someuser'), |
| 275 | - teams_args=dict(is_member='foo')) |
| 276 | - user = self.backend.authenticate(openid_response=response) |
| 277 | + self.message.set_sreg_args(nickname='someuser') |
| 278 | + self.message.set_team_args(is_member='foo') |
| 279 | + user = self.backend.authenticate( |
| 280 | + openid_response=self.message.to_response()) |
| 281 | |
| 282 | self.assertIsNone(user) |
| 283 | |
| 284 | @@ -356,19 +374,19 @@ |
| 285 | def test_authenticate_when_member_of_teams_required(self): |
| 286 | Group.objects.create(name='team') |
| 287 | |
| 288 | - response = self.make_openid_response( |
| 289 | - sreg_args=dict(nickname='someuser'), |
| 290 | - teams_args=dict(is_member='foo,team')) |
| 291 | - user = self.backend.authenticate(openid_response=response) |
| 292 | + self.message.set_sreg_args(nickname='someuser') |
| 293 | + self.message.set_team_args(is_member='foo,team') |
| 294 | + user = self.backend.authenticate( |
| 295 | + openid_response=self.message.to_response()) |
| 296 | |
| 297 | self.assertIsNotNone(user) |
| 298 | |
| 299 | @override_settings(OPENID_LAUNCHPAD_TEAMS_REQUIRED=[]) |
| 300 | def test_authenticate_when_no_teams_required(self): |
| 301 | - response = self.make_openid_response( |
| 302 | - sreg_args=dict(nickname='someuser'), |
| 303 | - teams_args=dict(is_member='team')) |
| 304 | - user = self.backend.authenticate(openid_response=response) |
| 305 | + self.message.set_sreg_args(nickname='someuser') |
| 306 | + self.message.set_team_args(is_member='team') |
| 307 | + user = self.backend.authenticate( |
| 308 | + openid_response=self.message.to_response()) |
| 309 | |
| 310 | self.assertIsNotNone(user) |
| 311 | |
| 312 | @@ -378,10 +396,10 @@ |
| 313 | def test_authenticate_when_member_of_at_least_one_team(self): |
| 314 | Group.objects.create(name='team1') |
| 315 | |
| 316 | - response = self.make_openid_response( |
| 317 | - sreg_args=dict(nickname='someuser'), |
| 318 | - teams_args=dict(is_member='foo,team1')) |
| 319 | - user = self.backend.authenticate(openid_response=response) |
| 320 | + self.message.set_sreg_args(nickname='someuser') |
| 321 | + self.message.set_team_args(is_member='foo,team1') |
| 322 | + user = self.backend.authenticate( |
| 323 | + openid_response=self.message.to_response()) |
| 324 | |
| 325 | self.assertIsNotNone(user) |
| 326 | |
| 327 | @@ -393,17 +411,17 @@ |
| 328 | self): |
| 329 | assert Group.objects.filter(name='team').count() == 0 |
| 330 | |
| 331 | - response = self.make_openid_response( |
| 332 | - sreg_args=dict(nickname='someuser', email='foo@foo.com'), |
| 333 | - teams_args=dict(is_member='foo')) |
| 334 | - user = self.backend.authenticate(openid_response=response) |
| 335 | + self.message.set_sreg_args( |
| 336 | + nickname='someuser', email='foo@foo.com') |
| 337 | + user = self.backend.authenticate( |
| 338 | + openid_response=self.message.to_response()) |
| 339 | |
| 340 | self.assertIsNotNone(user) |
| 341 | |
| 342 | - response = self.make_openid_response( |
| 343 | - sreg_args=dict(nickname='someuser', email='foo+bar@foo.com'), |
| 344 | - teams_args=dict(is_member='foo')) |
| 345 | - user = self.backend.authenticate(openid_response=response) |
| 346 | + self.message.set_sreg_args( |
| 347 | + nickname='someuser', email='foo+bar@foo.com') |
| 348 | + user = self.backend.authenticate( |
| 349 | + openid_response=self.message.to_response()) |
| 350 | |
| 351 | self.assertIsNotNone(user) |
| 352 | |
| 353 | @@ -414,10 +432,9 @@ |
| 354 | def test_authenticate_whitelisted_email_multiple_patterns(self): |
| 355 | assert Group.objects.filter(name='team').count() == 0 |
| 356 | |
| 357 | - response = self.make_openid_response( |
| 358 | - sreg_args=dict(nickname='someuser', email='bar@foo.com'), |
| 359 | - teams_args=dict(is_member='foo')) |
| 360 | - user = self.backend.authenticate(openid_response=response) |
| 361 | + self.message.set_sreg_args(nickname='someuser', email='bar@foo.com') |
| 362 | + user = self.backend.authenticate( |
| 363 | + openid_response=self.message.to_response()) |
| 364 | |
| 365 | self.assertIsNotNone(user) |
| 366 | |
| 367 | @@ -428,10 +445,10 @@ |
| 368 | def test_authenticate_whitelisted_email_not_match(self): |
| 369 | assert Group.objects.filter(name='team').count() == 0 |
| 370 | |
| 371 | - response = self.make_openid_response( |
| 372 | - sreg_args=dict(nickname='someuser', email='bar@foo.com'), |
| 373 | - teams_args=dict(is_member='foo')) |
| 374 | - user = self.backend.authenticate(openid_response=response) |
| 375 | + self.message.set_sreg_args(nickname='someuser', email='bar@foo.com') |
| 376 | + self.message.set_team_args(is_member='foo') |
| 377 | + user = self.backend.authenticate( |
| 378 | + openid_response=self.message.to_response()) |
| 379 | |
| 380 | self.assertIsNone(user) |
| 381 | |
| 382 | @@ -459,24 +476,21 @@ |
| 383 | |
| 384 | @override_settings(OPENID_CREATE_USERS=False) |
| 385 | def test_auth_no_create_users(self): |
| 386 | - response = self.make_openid_response( |
| 387 | - sreg_args=dict(email='bar@foo.com'), |
| 388 | - teams_args=dict(is_member='foo')) |
| 389 | - user = self.backend.authenticate(openid_response=response) |
| 390 | + self.message.set_sreg_args() |
| 391 | + user = self.backend.authenticate( |
| 392 | + openid_response=self.message.to_response()) |
| 393 | |
| 394 | self.assertIsNone(user) |
| 395 | self.assert_no_users_created() |
| 396 | |
| 397 | @override_settings(OPENID_CREATE_USERS=False) |
| 398 | def test_auth_no_create_users_existing_user(self): |
| 399 | - response = self.make_openid_response( |
| 400 | - sreg_args=dict(email='bar@foo.com'), |
| 401 | - teams_args=dict(is_member='foo')) |
| 402 | + self.message.set_sreg_args() |
| 403 | existing_openid = self.make_user_openid( |
| 404 | - claimed_id=response.identity_url) |
| 405 | + claimed_id=self.message.endpoint.claimed_id) |
| 406 | expected_user_count = User.objects.count() |
| 407 | - |
| 408 | - user = self.backend.authenticate(openid_response=response) |
| 409 | + user = self.backend.authenticate( |
| 410 | + openid_response=self.message.to_response()) |
| 411 | |
| 412 | self.assertIsNotNone(user) |
| 413 | self.assertEqual(user, existing_openid.user) |
| 414 | @@ -485,12 +499,12 @@ |
| 415 | @override_settings( |
| 416 | OPENID_UPDATE_DETAILS_FROM_SREG=True, |
| 417 | OPENID_VALID_VERIFICATION_SCHEMES={ |
| 418 | - 'http://example.com/': {'token_via_email'}}) |
| 419 | + SERVER_URL: {'token_via_email'}}) |
| 420 | def test_auth_update_details_from_sreg(self): |
| 421 | first_name = 'a' * 31 |
| 422 | last_name = 'b' * 31 |
| 423 | email = 'new@email.com' |
| 424 | - response = self.make_response_ax( |
| 425 | + self.message.set_ax_args( |
| 426 | fullname=first_name + ' ' + last_name, |
| 427 | nickname='newnickname', |
| 428 | email=email, |
| 429 | @@ -499,13 +513,14 @@ |
| 430 | verified=True, |
| 431 | ) |
| 432 | existing_openid = self.make_user_openid( |
| 433 | - claimed_id=response.identity_url) |
| 434 | + claimed_id=self.message.endpoint.claimed_id) |
| 435 | original_username = existing_openid.user.username |
| 436 | expected_user_count = User.objects.count() |
| 437 | |
| 438 | self.assert_account_not_verified(existing_openid.user) |
| 439 | |
| 440 | - user = self.backend.authenticate(openid_response=response) |
| 441 | + user = self.backend.authenticate( |
| 442 | + openid_response=self.message.to_response()) |
| 443 | |
| 444 | self.assertEqual(user, existing_openid.user) |
| 445 | self.assertEqual( |
| 446 | @@ -520,7 +535,7 @@ |
| 447 | @override_settings( |
| 448 | OPENID_UPDATE_DETAILS_FROM_SREG=True, |
| 449 | OPENID_VALID_VERIFICATION_SCHEMES={ |
| 450 | - 'http://example.com/': {'token_via_email'}}) |
| 451 | + SERVER_URL: {'token_via_email'}}) |
| 452 | def test_auth_update_details_from_sreg_unverifies_account(self): |
| 453 | first_name = 'a' * 31 |
| 454 | last_name = 'b' * 31 |
| 455 | @@ -533,17 +548,17 @@ |
| 456 | last=last_name, |
| 457 | verified=True, |
| 458 | ) |
| 459 | - verified_response = self.make_response_ax(**kwargs) |
| 460 | + self.message.set_ax_args(**kwargs) |
| 461 | verified_user = self.backend.authenticate( |
| 462 | - openid_response=verified_response) |
| 463 | + openid_response=self.message.to_response()) |
| 464 | |
| 465 | self.assert_account_verified(verified_user) |
| 466 | expected_user_count = User.objects.count() |
| 467 | |
| 468 | kwargs['verified'] = False |
| 469 | - unverified_response = self.make_response_ax(**kwargs) |
| 470 | + self.message.set_ax_args(**kwargs) |
| 471 | unverified_user = self.backend.authenticate( |
| 472 | - openid_response=unverified_response) |
| 473 | + openid_response=self.message.to_response()) |
| 474 | |
| 475 | self.assertEqual(verified_user, unverified_user) |
| 476 | self.assert_account_not_verified(unverified_user) |
| 477 | @@ -551,70 +566,60 @@ |
| 478 | |
| 479 | @override_settings(OPENID_PHYSICAL_MULTIFACTOR_REQUIRED=True) |
| 480 | def test_physical_multifactor_required_not_given(self): |
| 481 | - response = self.make_openid_response() |
| 482 | + response = self.message.to_response() |
| 483 | |
| 484 | with self.assertRaises(MissingPhysicalMultiFactor): |
| 485 | self.backend.authenticate(openid_response=response) |
| 486 | |
| 487 | self.assertTrue( |
| 488 | - UserOpenID.objects.filter(claimed_id='some-id').exists(), |
| 489 | + UserOpenID.objects.filter( |
| 490 | + claimed_id=self.message.endpoint.claimed_id).exists(), |
| 491 | 'User must be created anyways.') |
| 492 | |
| 493 | @override_settings(OPENID_PHYSICAL_MULTIFACTOR_REQUIRED=True) |
| 494 | def test_physical_multifactor_required_invalid_auth_policy(self): |
| 495 | - response = self.make_openid_response() |
| 496 | - message = response.message |
| 497 | - message.setArg( |
| 498 | - pape.ns_uri, 'auth_policies', |
| 499 | - pape.AUTH_MULTI_FACTOR + ' ' + pape.AUTH_PHISHING_RESISTANT) |
| 500 | - response = SuccessResponse( |
| 501 | - response.endpoint, message, |
| 502 | - signed_fields=message.toPostArgs().keys()) |
| 503 | + self.message.set_pape_args( |
| 504 | + pape.AUTH_MULTI_FACTOR, pape.AUTH_PHISHING_RESISTANT) |
| 505 | |
| 506 | with self.assertRaises(MissingPhysicalMultiFactor): |
| 507 | - self.backend.authenticate(openid_response=response) |
| 508 | + self.backend.authenticate( |
| 509 | + openid_response=self.message.to_response()) |
| 510 | |
| 511 | self.assertTrue( |
| 512 | - UserOpenID.objects.filter(claimed_id='some-id').exists(), |
| 513 | + UserOpenID.objects.filter( |
| 514 | + claimed_id=self.message.endpoint.claimed_id).exists(), |
| 515 | 'User must be created anyways.') |
| 516 | |
| 517 | @override_settings(OPENID_PHYSICAL_MULTIFACTOR_REQUIRED=True) |
| 518 | def test_physical_multifactor_required_valid_auth_policy(self): |
| 519 | - response = self.make_openid_response() |
| 520 | - message = response.message |
| 521 | - message.setArg( |
| 522 | - pape.ns_uri, 'auth_policies', |
| 523 | - pape.AUTH_MULTI_FACTOR_PHYSICAL) |
| 524 | - response = SuccessResponse( |
| 525 | - response.endpoint, message, |
| 526 | - signed_fields=message.toPostArgs().keys()) |
| 527 | - |
| 528 | - user = self.backend.authenticate(openid_response=response) |
| 529 | + self.message.set_pape_args( |
| 530 | + pape.AUTH_MULTI_FACTOR, pape.AUTH_MULTI_FACTOR_PHYSICAL, |
| 531 | + pape.AUTH_PHISHING_RESISTANT) |
| 532 | + user = self.backend.authenticate( |
| 533 | + openid_response=self.message.to_response()) |
| 534 | |
| 535 | self.assertIsNotNone(user) |
| 536 | |
| 537 | @override_settings(OPENID_STRICT_USERNAMES=True) |
| 538 | def test_auth_strict_usernames(self): |
| 539 | username = 'nickname' |
| 540 | - response = self.make_openid_response( |
| 541 | - sreg_args=dict(nickname=username, email='bar@foo.com'), |
| 542 | - teams_args=dict(is_member='foo')) |
| 543 | - user = self.backend.authenticate(openid_response=response) |
| 544 | + self.message.set_sreg_args(nickname=username) |
| 545 | + user = self.backend.authenticate( |
| 546 | + openid_response=self.message.to_response()) |
| 547 | |
| 548 | self.assertIsNotNone(user, 'User must be created') |
| 549 | self.assertEqual(user.username, username) |
| 550 | |
| 551 | @override_settings(OPENID_STRICT_USERNAMES=True) |
| 552 | def test_auth_strict_usernames_no_nickname(self): |
| 553 | - response = self.make_openid_response( |
| 554 | - sreg_args=dict(nickname='', email='bar@foo.com'), |
| 555 | - teams_args=dict(is_member='foo')) |
| 556 | + self.message.set_sreg_args(nickname='') |
| 557 | |
| 558 | msg = re.escape( |
| 559 | "An attribute required for logging in was not returned (nickname)") |
| 560 | |
| 561 | with self.assertRaisesRegexp(RequiredAttributeNotReturned, msg): |
| 562 | - self.backend.authenticate(openid_response=response) |
| 563 | + self.backend.authenticate( |
| 564 | + openid_response=self.message.to_response()) |
| 565 | |
| 566 | self.assert_no_users_created() |
| 567 | |
| 568 | @@ -624,14 +629,12 @@ |
| 569 | def test_auth_strict_usernames_conflict(self): |
| 570 | existing_openid = self.make_user_openid() |
| 571 | expected_user_count = User.objects.count() |
| 572 | - |
| 573 | - response = self.make_openid_response( |
| 574 | - sreg_args=dict( |
| 575 | - nickname=existing_openid.user.username, email='bar@foo.com'), |
| 576 | - teams_args=dict(is_member='foo')) |
| 577 | + self.message.set_sreg_args( |
| 578 | + nickname=existing_openid.user.username) |
| 579 | |
| 580 | with self.assertRaises(DuplicateUsernameViolation): |
| 581 | - self.backend.authenticate(openid_response=response) |
| 582 | + self.backend.authenticate( |
| 583 | + openid_response=self.message.to_response()) |
| 584 | |
| 585 | self.assert_no_users_created(expected_count=expected_user_count) |
| 586 | |
| 587 | @@ -641,19 +644,16 @@ |
| 588 | OPENID_UPDATE_DETAILS_FROM_SREG=True) |
| 589 | def test_auth_follow_renames(self): |
| 590 | new_username = 'new' |
| 591 | - original_response = self.make_openid_response( |
| 592 | - sreg_args=dict(nickname='username', email='bar@foo.com'), |
| 593 | - teams_args=dict(is_member='foo')) |
| 594 | - rename_response = self.make_openid_response( |
| 595 | - sreg_args=dict(nickname=new_username, email='bar@foo.com'), |
| 596 | - teams_args=dict(is_member='foo')) |
| 597 | - user = self.backend.authenticate(openid_response=original_response) |
| 598 | + self.message.set_sreg_args(nickname='username') |
| 599 | + user = self.backend.authenticate( |
| 600 | + openid_response=self.message.to_response()) |
| 601 | expected_user_count = User.objects.count() |
| 602 | |
| 603 | self.assertIsNotNone(user, 'User must be created') |
| 604 | |
| 605 | + self.message.set_sreg_args(nickname=new_username) |
| 606 | renamed_user = self.backend.authenticate( |
| 607 | - openid_response=rename_response) |
| 608 | + openid_response=self.message.to_response()) |
| 609 | |
| 610 | self.assertEqual(user.pk, renamed_user.pk) |
| 611 | self.assertEqual(renamed_user.username, new_username) |
| 612 | @@ -664,22 +664,20 @@ |
| 613 | OPENID_STRICT_USERNAMES=True, |
| 614 | OPENID_UPDATE_DETAILS_FROM_SREG=True) |
| 615 | def test_auth_follow_renames_strict_usernames_no_nickname(self): |
| 616 | - response = self.make_openid_response( |
| 617 | - sreg_args=dict(nickname='nickame', email='bar@foo.com'), |
| 618 | - teams_args=dict(is_member='foo')) |
| 619 | - user = self.backend.authenticate(openid_response=response) |
| 620 | + self.message.set_sreg_args(nickname='nickame') |
| 621 | + user = self.backend.authenticate( |
| 622 | + openid_response=self.message.to_response()) |
| 623 | expected_user_count = User.objects.count() |
| 624 | |
| 625 | self.assertIsNotNone(user, 'User must be created') |
| 626 | |
| 627 | - response = self.make_openid_response( |
| 628 | - sreg_args=dict(nickname='', email='bar@foo.com'), |
| 629 | - teams_args=dict(is_member='foo')) |
| 630 | + self.message.set_sreg_args(nickname='') |
| 631 | |
| 632 | # XXX: Check possibilities to normalize this error into a |
| 633 | # `RequiredAttributeNotReturned`. |
| 634 | with self.assertRaises(MissingUsernameViolation): |
| 635 | - self.backend.authenticate(openid_response=response) |
| 636 | + self.backend.authenticate( |
| 637 | + openid_response=self.message.to_response()) |
| 638 | |
| 639 | self.assert_no_users_created(expected_count=expected_user_count) |
| 640 | |
| 641 | @@ -690,20 +688,19 @@ |
| 642 | def test_auth_follow_renames_strict_usernames_rename_conflict(self): |
| 643 | existing_openid = self.make_user_openid() |
| 644 | original_username = 'nickame' |
| 645 | - good_response = self.make_openid_response( |
| 646 | - sreg_args=dict(nickname=original_username, email='bar@foo.com'), |
| 647 | - teams_args=dict(is_member='foo')) |
| 648 | - conflict_response = self.make_openid_response( |
| 649 | - sreg_args=dict( |
| 650 | - nickname=existing_openid.user.username, email='bar@foo.com'), |
| 651 | - teams_args=dict(is_member='foo')) |
| 652 | - user = self.backend.authenticate(openid_response=good_response) |
| 653 | + self.message.set_sreg_args(nickname=original_username) |
| 654 | + user = self.backend.authenticate( |
| 655 | + openid_response=self.message.to_response()) |
| 656 | expected_user_count = User.objects.count() |
| 657 | |
| 658 | self.assertIsNotNone(user, 'First request should succeed') |
| 659 | |
| 660 | + self.message.set_sreg_args( |
| 661 | + nickname=existing_openid.user.username) |
| 662 | + |
| 663 | with self.assertRaises(DuplicateUsernameViolation): |
| 664 | - self.backend.authenticate(openid_response=conflict_response) |
| 665 | + self.backend.authenticate( |
| 666 | + openid_response=self.message.to_response()) |
| 667 | |
| 668 | db_user = User.objects.get(pk=user.pk) |
| 669 | self.assertEqual(db_user.username, original_username) |
| 670 | @@ -726,13 +723,12 @@ |
| 671 | duplicate_username_handler, sender=User, weak=False, |
| 672 | dispatch_uid='testing') |
| 673 | |
| 674 | - response = self.make_openid_response( |
| 675 | - sreg_args=dict( |
| 676 | - nickname=existing_openid.user.username, email='bar@foo.com'), |
| 677 | - teams_args=dict(is_member='foo')) |
| 678 | + self.message.set_sreg_args( |
| 679 | + nickname=existing_openid.user.username) |
| 680 | |
| 681 | with self.assertRaises(DuplicateUsernameViolation): |
| 682 | - self.backend.authenticate(openid_response=response) |
| 683 | + self.backend.authenticate( |
| 684 | + openid_response=self.message.to_response()) |
| 685 | |
| 686 | self.assertIn('username', signal_kwargs) |
| 687 | self.assertEqual( |
| 688 | @@ -756,11 +752,10 @@ |
| 689 | duplicate_username_handler, sender=User, weak=False, |
| 690 | dispatch_uid='testing') |
| 691 | |
| 692 | - response = self.make_openid_response( |
| 693 | - sreg_args=dict( |
| 694 | - nickname=existing_openid.user.username, email='bar@foo.com'), |
| 695 | - teams_args=dict(is_member='foo')) |
| 696 | - user = self.backend.authenticate(openid_response=response) |
| 697 | + self.message.set_sreg_args( |
| 698 | + nickname=existing_openid.user.username) |
| 699 | + user = self.backend.authenticate( |
| 700 | + openid_response=self.message.to_response()) |
| 701 | |
| 702 | self.assertIsNotNone(user) |
| 703 | self.assertNotEqual(user, existing_openid.user) |
| 704 | @@ -778,7 +773,5 @@ |
| 705 | duplicate_username_handler, sender=User, weak=False, |
| 706 | dispatch_uid='testing') |
| 707 | |
| 708 | - response = self.make_openid_response( |
| 709 | - sreg_args=dict(nickname='nickname', email='bar@foo.com'), |
| 710 | - teams_args=dict(is_member='foo')) |
| 711 | - self.backend.authenticate(openid_response=response) |
| 712 | + self.message.set_sreg_args(nickname='nickname') |
| 713 | + self.backend.authenticate(openid_response=self.message.to_response()) |
This looks to be a very neat refactor to me. Individual tests become less verbose and clear. +1