Canonical SSO provider

Merge lp:~jaboing/canonical-identity-provider/sso into lp:canonical-identity-provider/release

  1. sso
  2. Merge into trunk
Proposed by Julien Funk
Status: Merged
Approved by: Ricardo Kirkner
Approved revision: no longer in the source branch.
Merged at revision: 392
Proposed branch: lp:~jaboing/canonical-identity-provider/sso
Merge into: lp:canonical-identity-provider/release
Diff against target: 250 lines (+72/-33)
8 files modified
identityprovider/tests/acceptance/devices/add_device.py (+1/-4)
identityprovider/tests/acceptance/devices/add_device_google.py (+8/-5)
identityprovider/tests/acceptance/devices/add_device_yubikey.py (+7/-5)
identityprovider/tests/acceptance/devices/add_two_devices.py (+10/-5)
identityprovider/tests/acceptance/devices/delete_device.py (+2/-6)
identityprovider/tests/acceptance/devices/rename_device.py (+9/-7)
identityprovider/tests/acceptance/shared/devices.py (+11/-1)
identityprovider/tests/acceptance/shared/helpers.py (+24/-0)
To merge this branch: bzr merge lp:~jaboing/canonical-identity-provider/sso
Reviewer Review Type Date Requested Status
Ricardo Kirkner (community) Approve
Review via email: mp+100224@code.launchpad.net

Commit message

Removed TWOFACTOR flags and updated scripts to work for Dev/Production/Staging - added function 'delete_device' to devices.py and function 'login_to_isdqa_account' to helpers.py. All are tested pass and should now run as part of the default acceptance suite.

Description of the change

Removed TWOFACTOR flags and updated scripts to work for Dev/Production/Staging - added function 'delete_device' to devices.py and function 'login_to_isdqa_account' to helpers.py. All are tested pass and should now run as part of the default acceptance suite.

To post a comment you must log in.
Revision history for this message
Ricardo Kirkner (ricardokirkner) wrote :

A few comments and questions

- why not refactor the if statement into the register_account helper? (the register_account helper would then be 'smart' enough to created the account if needed or log in with the sanctified account if not); this also reduces the changes required

- l.141-142: the double call to delete_device is intentional?

- removing the TWOFACTOR flag will make this run everywhere (dev, staging, prod), so are we sure these tests pass against staging/prod?

- in login_to_isdqa_account you create the account if it's missing; but I don't see how this new account gets the necessary twofactor bits enabled (unless register_account does this by default). Why can't we always call login_to_isdqa_account, both on staging/prod and dev, and get rid of the if statement alltogether?

Revision history for this message
Julien Funk (jaboing) wrote :

- I added a new helper login_or_register_account() which is smart enough to create the account or log in with the sanctified account

- the double call is indeed intentional, I clarified this in the comment

- I ahventested all the tests against production/staging/dev already and they all pass happily

- I think you misunderstood the login_to_isdqa_account function, it does not create a new account at all, it simply logs into the existing isdqa account. The reason we cannot call this on dev is because the isdqa account does not exist by default on the developer machines and instead a new account must be created in the local database. On staging and production however the isdqa account exists already.

Will merge shortly.

Revision history for this message
Ricardo Kirkner (ricardokirkner) wrote :

This looks much better, thanks. However a few more small issues:

l. 205-206: this seems oddly indented. is this correct? (looks like this was supposed to be indented one extra level maybe? (inside the delete_device function?)

l. 247: login_to_isdqa_account is calling register_account when on staging when the password doesn't match. Why do we register an account on staging but not on production? Shouldn't both environments be consistent?

review: Needs Fixing
Revision history for this message
Ricardo Kirkner (ricardokirkner) wrote :

LGTM. Thanks!

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
=== modified file 'identityprovider/tests/acceptance/devices/add_device.py'
--- identityprovider/tests/acceptance/devices/add_device.py 2012-03-02 10:22:00 +0000
+++ identityprovider/tests/acceptance/devices/add_device.py 2012-04-09 20:00:32 +0000
@@ -10,11 +10,8 @@
1010
1111
12config.set_base_url_from_env()12config.set_base_url_from_env()
13# TODO: remove once staging / production have two-factor authentication
14check_flags('TWOFACTOR')
1513
16# Create account and login14helpers.login_or_register_account()
17helpers.register_account()
1815
19# Go to the authentication devices page16# Go to the authentication devices page
20click_link('devices-link')17click_link('devices-link')
2118
=== modified file 'identityprovider/tests/acceptance/devices/add_device_google.py'
--- identityprovider/tests/acceptance/devices/add_device_google.py 2012-02-22 20:32:44 +0000
+++ identityprovider/tests/acceptance/devices/add_device_google.py 2012-04-09 20:00:32 +0000
@@ -4,19 +4,19 @@
4from canonical.isd.tests.sst import config4from canonical.isd.tests.sst import config
5from oath import hotp5from oath import hotp
6from sst.actions import *6from sst.actions import *
7from django.conf import settings
78
8import helpers9import helpers
9from devices import (10from devices import (
10 click_add_device_button, click_add_new_device_link11 click_add_device_button,
12 click_add_new_device_link,
13 delete_device,
11)14)
1215
1316
14config.set_base_url_from_env()17config.set_base_url_from_env()
15# TODO: remove once staging / production have two-factor authentication
16check_flags('TWOFACTOR')
1718
18# Create account and login19email = helpers.login_or_register_account()
19email = helpers.register_account()
2020
21# Go to the authentication devices page21# Go to the authentication devices page
22click_link('devices-link')22click_link('devices-link')
@@ -60,3 +60,6 @@
60assert_table_has_rows('device-list', 1)60assert_table_has_rows('device-list', 1)
61assert_table_row_contains_text('device-list', 0,61assert_table_row_contains_text('device-list', 0,
62 ['My Google Device', 'Delete'], regex=True)62 ['My Google Device', 'Delete'], regex=True)
63
64# clean up afterward, delete device
65delete_device()
6366
=== modified file 'identityprovider/tests/acceptance/devices/add_device_yubikey.py'
--- identityprovider/tests/acceptance/devices/add_device_yubikey.py 2012-02-22 20:32:44 +0000
+++ identityprovider/tests/acceptance/devices/add_device_yubikey.py 2012-04-09 20:00:32 +0000
@@ -3,18 +3,18 @@
3from oath import hotp3from oath import hotp
4from sst.actions import *4from sst.actions import *
55
6from django.conf import settings
6import helpers7import helpers
7from devices import (8from devices import (
8 click_add_device_button, click_add_new_device_link9 click_add_device_button,
10 click_add_new_device_link,
11 delete_device,
9)12)
1013
1114
12config.set_base_url_from_env()15config.set_base_url_from_env()
13# TODO: remove once staging / production have two-factor authentication
14check_flags('TWOFACTOR')
1516
16# Create account and login17email = helpers.login_or_register_account()
17email = helpers.register_account()
1818
19# Go to the authentication devices page19# Go to the authentication devices page
20click_link('devices-link')20click_link('devices-link')
@@ -43,3 +43,5 @@
43assert_table_row_contains_text('device-list', 0,43assert_table_row_contains_text('device-list', 0,
44 ['My YubiKey', 'Delete'], regex=True)44 ['My YubiKey', 'Delete'], regex=True)
4545
46# clean up afterward, delete device
47delete_device()
4648
=== modified file 'identityprovider/tests/acceptance/devices/add_two_devices.py'
--- identityprovider/tests/acceptance/devices/add_two_devices.py 2012-03-02 10:22:00 +0000
+++ identityprovider/tests/acceptance/devices/add_two_devices.py 2012-04-09 20:00:32 +0000
@@ -5,16 +5,16 @@
55
6import helpers6import helpers
7from devices import (7from devices import (
8 add_device, click_add_device_button, click_add_new_device_link8 add_device,
9 click_add_device_button,
10 click_add_new_device_link,
11 delete_device,
9)12)
1013
1114
12config.set_base_url_from_env()15config.set_base_url_from_env()
13# TODO: remove once staging / production have two-factor authentication
14check_flags('TWOFACTOR')
1516
16# Create account and login17helpers.login_or_register_account()
17helpers.register_account()
1818
19# Add an authentication device19# Add an authentication device
20aes_key = add_device('This device')20aes_key = add_device('This device')
@@ -50,3 +50,8 @@
50assert_table_has_rows('device-list', 2)50assert_table_has_rows('device-list', 2)
51assert_table_row_contains_text('device-list', 1,51assert_table_row_contains_text('device-list', 1,
52 ['This device (1)', 'Rename Delete'])52 ['This device (1)', 'Rename Delete'])
53
54# clean up afterward, delete 2 devices
55delete_device()
56delete_device()
57
5358
=== modified file 'identityprovider/tests/acceptance/devices/delete_device.py'
--- identityprovider/tests/acceptance/devices/delete_device.py 2012-02-22 20:32:44 +0000
+++ identityprovider/tests/acceptance/devices/delete_device.py 2012-04-09 20:00:32 +0000
@@ -9,12 +9,8 @@
99
1010
11config.set_base_url_from_env()11config.set_base_url_from_env()
12# TODO: remove once staging / production have two-factor authentication12
13check_flags('TWOFACTOR')13helpers.login_or_register_account()
14
15
16# Create account and login
17helpers.register_account()
1814
19# Add an authentication device15# Add an authentication device
20aes_key = add_device('This device')16aes_key = add_device('This device')
2117
=== modified file 'identityprovider/tests/acceptance/devices/rename_device.py'
--- identityprovider/tests/acceptance/devices/rename_device.py 2012-02-13 16:12:21 +0000
+++ identityprovider/tests/acceptance/devices/rename_device.py 2012-04-09 20:00:32 +0000
@@ -7,19 +7,17 @@
7 assert_device,7 assert_device,
8 assert_no_device,8 assert_no_device,
9 rename_device,9 rename_device,
10 delete_device,
10)11)
1112
12config.set_base_url_from_env()13config.set_base_url_from_env()
13# TODO: remove once staging / production have two-factor authentication
14check_flags('TWOFACTOR')
15
1614
17# happy path15# happy path
1816
19# create an account and log in17helpers.login_or_register_account()
20helpers.register_account(password='Password1')18
21# add a new device19# add a new device with unicode character and white space
22name = 'device'20name = 'device name'
23add_device(name)21add_device(name)
24# make sure device exists22# make sure device exists
25assert_device(name)23assert_device(name)
@@ -56,3 +54,7 @@
56 'The name must contain at least one non-whitespace character.')54 'The name must contain at least one non-whitespace character.')
57# cancel and go back55# cancel and go back
58click_link(get_element(tag='a', text='cancel'))56click_link(get_element(tag='a', text='cancel'))
57
58# clean up afterward, delete device
59delete_device()
60
5961
=== modified file 'identityprovider/tests/acceptance/shared/devices.py'
--- identityprovider/tests/acceptance/shared/devices.py 2012-02-22 20:32:44 +0000
+++ identityprovider/tests/acceptance/shared/devices.py 2012-04-09 20:00:32 +0000
@@ -15,8 +15,9 @@
1515
1616
17def click_delete_button():17def click_delete_button():
18 # Clicks the first Delete button it finds
18 # this button is actually a link19 # this button is actually a link
19 click_link(get_element(tag='a', text_regex='Delete'))20 click_link(get_elements(tag='a', text_regex='Delete')[0])
2021
2122
22def assert_device(name):23def assert_device(name):
@@ -47,6 +48,15 @@
47 click_add_device_button()48 click_add_device_button()
48 return aes_key49 return aes_key
4950
51def delete_device():
52 # Click on the delete button
53 click_delete_button()
54 # Click on ok
55 click_button(get_element(tag='button', text='Delete this device'))
56 # Check we are back on the device-list page
57 assert_url('/device-list')
58 # Check that our device has been deleted
59 fails(get_element, 'device-list')
5060
51def rename_device(name, new_name):61def rename_device(name, new_name):
52 click_link(get_element(tag='a', text_regex='Rename'))62 click_link(get_element(tag='a', text_regex='Rename'))
5363
=== modified file 'identityprovider/tests/acceptance/shared/helpers.py'
--- identityprovider/tests/acceptance/shared/helpers.py 2012-03-30 16:01:27 +0000
+++ identityprovider/tests/acceptance/shared/helpers.py 2012-04-09 20:00:32 +0000
@@ -105,6 +105,15 @@
105 assert_title('Complete email address validation')105 assert_title('Complete email address validation')
106 click_button(get_element(name='continue'))106 click_button(get_element(name='continue'))
107107
108def login_or_register_account():
109 # if developer instance, create an account and log in
110 if get_base_url() == 'http://localhost:8000/':
111 email = register_account()
112 # else use the sanctified QA Account
113 else:
114 login_to_isdqa_account()
115 email = settings.QA_ACCOUNT_EMAIL
116 return email
108117
109def login(email, password):118def login(email, password):
110 go_to('/')119 go_to('/')
@@ -198,6 +207,21 @@
198 register_account(settings.TEST_ACCOUNT_EMAIL, "Test Account",207 register_account(settings.TEST_ACCOUNT_EMAIL, "Test Account",
199 settings.TEST_ACCOUNT_PASSWORD)208 settings.TEST_ACCOUNT_PASSWORD)
200209
210def login_to_isdqa_account():
211 from sst import actions
212
213 global _LAST_EMAIL, _LAST_PASSWORD
214
215 login(settings.QA_ACCOUNT_EMAIL, settings.QA_ACCOUNT_PASSWORD)
216 # Wait for the reload
217 wait_for(exists_element, id='ubuntu-header')
218
219 if exists_element(tag='span', css_class='error', text="Password didn't match."):
220 actions._raise("This test requires a test account to be present")
221
222 _LAST_EMAIL = settings.QA_ACCOUNT_EMAIL
223 _LAST_PASSWORD = settings.QA_ACCOUNT_PASSWORD
224
201225
202def login_from_redirect(email=settings.QA_ACCOUNT_EMAIL,226def login_from_redirect(email=settings.QA_ACCOUNT_EMAIL,
203 password=settings.QA_ACCOUNT_PASSWORD):227 password=settings.QA_ACCOUNT_PASSWORD):