Skip to content

D
django-openid-auth
Commit 7c2abdbd by Michael Nelson
Options

RED: Required fields should be required in SRegRequest.

parent 1bbcbd7b
Showing with 37 additions and 12 deletions
django_openid_auth/tests/test_views.py
...@@ -326,7 +326,7 @@ class RelyingPartyTests(TestCase): ...@@ -326,7 +326,7 @@ class RelyingPartyTests(TestCase):
self.assertEquals(user.first_name, 'Openid') self.assertEquals(user.first_name, 'Openid')
self.assertEquals(user.last_name, 'User') self.assertEquals(user.last_name, 'User')
self.assertEquals(user.email, 'foo@example.com') self.assertEquals(user.email, 'foo@example.com')
def test_login_follow_rename(self): def test_login_follow_rename(self):
settings.OPENID_FOLLOW_RENAMES = True settings.OPENID_FOLLOW_RENAMES = True
settings.OPENID_UPDATE_DETAILS_FROM_SREG = True settings.OPENID_UPDATE_DETAILS_FROM_SREG = True
...@@ -344,7 +344,7 @@ class RelyingPartyTests(TestCase): ...@@ -344,7 +344,7 @@ class RelyingPartyTests(TestCase):
self._do_user_login(openid_req, openid_resp) self._do_user_login(openid_req, openid_resp)
response = self.client.get('/getuser/') response = self.client.get('/getuser/')
# If OPENID_FOLLOW_RENAMES, they are logged in as # If OPENID_FOLLOW_RENAMES, they are logged in as
# someuser (the passed in nickname has changed the username) # someuser (the passed in nickname has changed the username)
self.assertEquals(response.content, 'someuser') self.assertEquals(response.content, 'someuser')
...@@ -353,7 +353,7 @@ class RelyingPartyTests(TestCase): ...@@ -353,7 +353,7 @@ class RelyingPartyTests(TestCase):
self.assertEquals(user.first_name, 'Some') self.assertEquals(user.first_name, 'Some')
self.assertEquals(user.last_name, 'User') self.assertEquals(user.last_name, 'User')
self.assertEquals(user.email, 'foo@example.com') self.assertEquals(user.email, 'foo@example.com')
def test_login_follow_rename_conflict(self): def test_login_follow_rename_conflict(self):
settings.OPENID_FOLLOW_RENAMES = True settings.OPENID_FOLLOW_RENAMES = True
settings.OPENID_UPDATE_DETAILS_FROM_SREG = True settings.OPENID_UPDATE_DETAILS_FROM_SREG = True
...@@ -390,7 +390,7 @@ class RelyingPartyTests(TestCase): ...@@ -390,7 +390,7 @@ class RelyingPartyTests(TestCase):
self.assertEquals(user.first_name, 'Rename') self.assertEquals(user.first_name, 'Rename')
self.assertEquals(user.last_name, 'User') self.assertEquals(user.last_name, 'User')
self.assertEquals(user.email, 'rename@example.com') self.assertEquals(user.email, 'rename@example.com')
def test_login_follow_rename_false_onlyonce(self): def test_login_follow_rename_false_onlyonce(self):
settings.OPENID_FOLLOW_RENAMES = True settings.OPENID_FOLLOW_RENAMES = True
settings.OPENID_UPDATE_DETAILS_FROM_SREG = True settings.OPENID_UPDATE_DETAILS_FROM_SREG = True
...@@ -420,8 +420,8 @@ class RelyingPartyTests(TestCase): ...@@ -420,8 +420,8 @@ class RelyingPartyTests(TestCase):
# If OPENID_FOLLOW_RENAMES, attempt to change username to 'testuser' # If OPENID_FOLLOW_RENAMES, attempt to change username to 'testuser'
# but since that username is already taken by someone else, we go through # but since that username is already taken by someone else, we go through
# the process of adding +i to it. Even though it looks like the username # the process of adding +i to it. Even though it looks like the username
# follows the nickname+i scheme, it has non-numbers in the suffix, so # follows the nickname+i scheme, it has non-numbers in the suffix, so
# it's not an auto-generated one. The regular process of renaming to # it's not an auto-generated one. The regular process of renaming to
# 'testuser' has a conflict, so we get +2 at the end. # 'testuser' has a conflict, so we get +2 at the end.
self.assertEquals(response.content, 'testuser2') self.assertEquals(response.content, 'testuser2')
...@@ -430,7 +430,7 @@ class RelyingPartyTests(TestCase): ...@@ -430,7 +430,7 @@ class RelyingPartyTests(TestCase):
self.assertEquals(user.first_name, 'Rename') self.assertEquals(user.first_name, 'Rename')
self.assertEquals(user.last_name, 'User') self.assertEquals(user.last_name, 'User')
self.assertEquals(user.email, 'rename@example.com') self.assertEquals(user.email, 'rename@example.com')
def test_login_follow_rename_conflict_onlyonce(self): def test_login_follow_rename_conflict_onlyonce(self):
settings.OPENID_FOLLOW_RENAMES = True settings.OPENID_FOLLOW_RENAMES = True
settings.OPENID_UPDATE_DETAILS_FROM_SREG = True settings.OPENID_UPDATE_DETAILS_FROM_SREG = True
...@@ -468,7 +468,7 @@ class RelyingPartyTests(TestCase): ...@@ -468,7 +468,7 @@ class RelyingPartyTests(TestCase):
self.assertEquals(user.first_name, 'Rename') self.assertEquals(user.first_name, 'Rename')
self.assertEquals(user.last_name, 'User') self.assertEquals(user.last_name, 'User')
self.assertEquals(user.email, 'rename@example.com') self.assertEquals(user.email, 'rename@example.com')
def test_login_follow_rename_false_conflict(self): def test_login_follow_rename_false_conflict(self):
settings.OPENID_FOLLOW_RENAMES = True settings.OPENID_FOLLOW_RENAMES = True
settings.OPENID_UPDATE_DETAILS_FROM_SREG = True settings.OPENID_UPDATE_DETAILS_FROM_SREG = True
...@@ -498,7 +498,7 @@ class RelyingPartyTests(TestCase): ...@@ -498,7 +498,7 @@ class RelyingPartyTests(TestCase):
self.assertEquals(user.first_name, 'Same') self.assertEquals(user.first_name, 'Same')
self.assertEquals(user.last_name, 'User') self.assertEquals(user.last_name, 'User')
self.assertEquals(user.email, 'same@example.com') self.assertEquals(user.email, 'same@example.com')
def test_strict_username_no_nickname(self): def test_strict_username_no_nickname(self):
settings.OPENID_CREATE_USERS = True settings.OPENID_CREATE_USERS = True
settings.OPENID_STRICT_USERNAMES = True settings.OPENID_STRICT_USERNAMES = True
...@@ -520,7 +520,7 @@ class RelyingPartyTests(TestCase): ...@@ -520,7 +520,7 @@ class RelyingPartyTests(TestCase):
'email': 'foo@example.com'}) 'email': 'foo@example.com'})
openid_response.addExtension(sreg_response) openid_response.addExtension(sreg_response)
response = self.complete(openid_response) response = self.complete(openid_response)
# Status code should be 403: Forbidden # Status code should be 403: Forbidden
self.assertEquals(403, response.status_code) self.assertEquals(403, response.status_code)
...@@ -551,7 +551,7 @@ class RelyingPartyTests(TestCase): ...@@ -551,7 +551,7 @@ class RelyingPartyTests(TestCase):
'email': 'foo@example.com'}) 'email': 'foo@example.com'})
openid_response.addExtension(sreg_response) openid_response.addExtension(sreg_response)
response = self.complete(openid_response) response = self.complete(openid_response)
# Status code should be 403: Forbidden # Status code should be 403: Forbidden
self.assertEquals(403, response.status_code) self.assertEquals(403, response.status_code)
...@@ -599,6 +599,27 @@ class RelyingPartyTests(TestCase): ...@@ -599,6 +599,27 @@ class RelyingPartyTests(TestCase):
for field in ('email', 'fullname', 'nickname', 'language'): for field in ('email', 'fullname', 'nickname', 'language'):
self.assertTrue(field in sreg_request) self.assertTrue(field in sreg_request)
def test_login_uses_sreg_required_fields(self):
# The configurable sreg attributes are used in the request.
settings.OPENID_SREG_REQUIRED_FIELDS = ('email', 'language')
user = User.objects.create_user('testuser', 'someone@example.com')
useropenid = UserOpenID(
user=user,
claimed_id='http://example.com/identity',
display_id='http://example.com/identity')
useropenid.save()
# Posting in an identity URL begins the authentication request:
response = self.client.post('/openid/login/',
{'openid_identifier': 'http://example.com/identity',
'next': '/getuser/'})
openid_request = self.provider.parseFormPost(response.content)
sreg_request = sreg.SRegRequest.fromOpenIDRequest(openid_request)
self.assertEqual(['email', 'language'], sreg_request.required)
self.assertEqual(['fullname', 'nickname'], sreg_request.optional)
def test_login_attribute_exchange(self): def test_login_attribute_exchange(self):
settings.OPENID_UPDATE_DETAILS_FROM_SREG = True settings.OPENID_UPDATE_DETAILS_FROM_SREG = True
user = User.objects.create_user('testuser', 'someone@example.com') user = User.objects.create_user('testuser', 'someone@example.com')
......
django_openid_auth/views.py
...@@ -196,11 +196,15 @@ def login_begin(request, template_name='openid/login.html', ...@@ -196,11 +196,15 @@ def login_begin(request, template_name='openid/login.html',
fetch_request.add(ax.AttrInfo(attr, alias=alias, required=True)) fetch_request.add(ax.AttrInfo(attr, alias=alias, required=True))
openid_request.addExtension(fetch_request) openid_request.addExtension(fetch_request)
else: else:
sreg_required_fields = []
sreg_required_fields.extend(
getattr(settings, 'OPENID_SREG_REQUIRED_FIELDS', []))
sreg_optional_fields = ['email', 'fullname', 'nickname'] sreg_optional_fields = ['email', 'fullname', 'nickname']
extra_fields = getattr(settings, 'OPENID_SREG_EXTRA_FIELDS', []) extra_fields = getattr(settings, 'OPENID_SREG_EXTRA_FIELDS', [])
sreg_optional_fields.extend(extra_fields) sreg_optional_fields.extend(extra_fields)
openid_request.addExtension( openid_request.addExtension(
sreg.SRegRequest(optional=sreg_optional_fields)) sreg.SRegRequest(optional=sreg_optional_fields,
required=sreg_required_fields))
# Request team info # Request team info
teams_mapping_auto = getattr(settings, 'OPENID_LAUNCHPAD_TEAMS_MAPPING_AUTO', False) teams_mapping_auto = getattr(settings, 'OPENID_LAUNCHPAD_TEAMS_MAPPING_AUTO', False)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment