Skip to content
Snippets Groups Projects
Select Git revision
  • d15fed6fa144042ac738897e88c2cb4485bf56f4
  • master default protected
  • v2 protected
  • v2-test protected
  • piratiuk
  • regionalSuccess
  • v1
7 results

VERSION

Blame
  • test_views.py 3.76 KiB
    import pytest
    from django.urls import reverse
    from unittest.mock import patch
    import urllib.parse
    
    from openlobby.core.auth import parse_access_token
    from openlobby.core.models import User, OpenIdClient, LoginAttempt
    from openlobby.core.openid import register_client
    
    
    pytestmark = pytest.mark.django_db
    
    
    def test_login_redirect__new_user(client, issuer):
        state = "IDDQD"
        sub = "IDKFA"
        openid_uid = "elon.musk@openid"
        first_name = "Elon"
        last_name = "Musk"
        email = "elon.musk@tesla.com"
        app_redirect_uri = "http://doom.is.legend"
    
        oc = register_client(issuer)
        oid_client = OpenIdClient.objects.create(
            name="Test",
            issuer=issuer,
            client_id=oc.client_id,
            client_secret=oc.client_secret,
        )
        LoginAttempt.objects.create(
            openid_client=oid_client,
            state=state,
            app_redirect_uri=app_redirect_uri,
            openid_uid=openid_uid,
        )
    
        # we are not testing real redirect url params, so we mock communication with
        # OpenID Provider
        user_info = {
            "sub": sub,
            "given_name": first_name,
            "family_name": last_name,
            "email": email,
        }
        with patch("openlobby.core.views.get_user_info", return_value=user_info) as mock:
            response = client.get(reverse("login-redirect"), {"state": state})
            m_client, m_query_string = mock.call_args[0]
            assert m_client.client_id == oc.client_id
            assert m_query_string == "state={}".format(state)
    
        assert response.status_code == 302
        url, query_string = response.url.split("?")
        qs = urllib.parse.parse_qs(query_string)
        assert url == app_redirect_uri
        assert sub == parse_access_token(qs["token"][0])
    
        user = User.objects.get()
        assert user.username == sub
        assert user.first_name == first_name
        assert user.last_name == last_name
        assert user.email == email
        assert user.openid_uid == openid_uid
    
    
    def test_login_redirect__existing_user(client, issuer):
        state = "IDDQD"
        sub = "IDKFA"
        openid_uid = "elon.musk@openid"
        first_name = "Elon"
        last_name = "Musk"
        email = "elon.musk@tesla.com"
        app_redirect_uri = "http://doom.is.legend"
    
        oc = register_client(issuer)
        oid_client = OpenIdClient.objects.create(
            name="Test",
            issuer=issuer,
            client_id=oc.client_id,
            client_secret=oc.client_secret,
        )
        LoginAttempt.objects.create(
            openid_client=oid_client,
            state=state,
            app_redirect_uri=app_redirect_uri,
            openid_uid=openid_uid,
        )
        User.objects.create(
            username=sub,
            first_name=first_name,
            last_name=last_name,
            email=email,
            openid_uid=openid_uid,
        )
    
        # we are not testing real redirect url params, so we mock communication with
        # OpenID Provider
        user_info = {
            "sub": sub,
            # return different details
            "given_name": "Elons",
            "family_name": "Mustache",
            "email": "elons.mustache@spacex.com",
        }
        with patch("openlobby.core.views.get_user_info", return_value=user_info) as mock:
            response = client.get(reverse("login-redirect"), {"state": state})
            m_client, m_query_string = mock.call_args[0]
            assert m_client.client_id == oc.client_id
            assert m_query_string == "state={}".format(state)
    
        assert response.status_code == 302
        url, query_string = response.url.split("?")
        qs = urllib.parse.parse_qs(query_string)
        assert url == app_redirect_uri
        assert sub == parse_access_token(qs["token"][0])
    
        # check there is still just one user, who's details are not updated
        user = User.objects.get()
        assert user.username == sub
        assert user.first_name == first_name
        assert user.last_name == last_name
        assert user.email == email
        assert user.openid_uid == openid_uid