got it working! woohoo!

c48a5037 · john.lenton@canonical.com · d0b3d856 · c48a5037 · c48a5037 · c48a5037
Commit c48a5037 authored Nov 21, 2008 by john.lenton@canonical.com
Hide whitespace changes
Inline Side-by-side

Showing with 96 additions and 2 deletions

django_openid_auth/auth.py
+28 -1

django_openid_auth/tests/test_views.py
+60 -1

django_openid_auth/views.py
+8 -0

No files found.
--- a/django_openid_auth/auth.py
+++ b/django_openid_auth/auth.py
@@ -3,9 +3,13 @@
 __metaclass__ = type
 from django.conf import settings
-from django.contrib.auth.models import User
+from django.contrib.auth.models import User, Group
 from openid.consumer.consumer import SUCCESS
 from openid.extensions import sreg
+try:
+    from openid.extensions import teams
+except ImportError:
+    import _openid_extensions_teams as teams
 from django_openid_auth.models import UserOpenID
@@ -55,6 +59,13 @@ class OpenIDBackend:
                openid_response)
            if sreg_response:
                self.update_user_details_from_sreg(user, sreg_response)
+        if getattr(settings, 'OPENID_UPDATE_GROUPS_FROM_TEAMS', False):
+            teams_response = teams.TeamsResponse.fromSuccessResponse(
+                openid_response)
+            if teams_response:
+                self.update_groups_from_teams(user, teams_response)
        return user
    def create_user_from_openid(self, openid_response):
@@ -121,3 +132,19 @@ class OpenIDBackend:
        if email:
            user.email = email
        user.save()
+    def update_groups_from_teams(self, user, teams_response):
+        teams_mapping = settings.OPENID_LAUNCHPAD_TEAMS_MAPPING
+        resp_groups = set(Group.objects.get(name=teams_mapping[i])
+                          for i in teams_response.is_member)
+        user_groups = set(
+            i for i in user.groups.filter(name__in=teams_mapping.values()))
+        # the groups the user is in that aren't reported by openid
+        # should be removed
+        for group in user_groups - resp_groups:
+            user.groups.remove(group)
+        # and viceversa
+        for group in resp_groups - user_groups:
+            user.groups.add(group)
+        user.save()
--- a/django_openid_auth/tests/test_views.py
+++ b/django_openid_auth/tests/test_views.py
@@ -4,9 +4,13 @@ import time
 import unittest
 from django.conf import settings
-from django.contrib.auth.models import User
+from django.contrib.auth.models import User, Group
 from django.test import TestCase
 from openid.extensions.sreg import SRegRequest, SRegResponse
+try:
+    from openid.extensions.teams import TeamsRequest, TeamsResponse
+except ImportError:
+    from _openid_extensions_teams import TeamsRequest, TeamsResponse
 from openid.fetchers import (
    HTTPFetcher, HTTPFetchingError, HTTPResponse, setDefaultFetcher)
 from openid.oidutil import importElementTree
@@ -99,14 +103,21 @@ class RelyingPartyTests(TestCase):
        self.old_create_users = getattr(settings, 'OPENID_CREATE_USERS', False)
        self.old_update_details = getattr(settings, 'OPENID_UPDATE_DETAILS_FROM_SREG', False)
        self.old_sso_server_url = getattr(settings, 'OPENID_SSO_SERVER_URL')
+        self.old_update_groups = getattr(settings, 'OPENID_UPDATE_GROUPS_FROM_TEAMS', False)
+        self.old_teams_map = getattr(settings, 'OPENID_LAUNCHPAD_TEAMS_MAPPING', {})
        settings.OPENID_CREATE_USERS = False
        settings.OPENID_UPDATE_DETAILS_FROM_SREG = False
        settings.OPENID_SSO_SERVER_URL = None
+        settings.OPENID_UPDATE_GROUPS_FROM_TEAMS = False
+        settings.OPENID_LAUNCHPAD_TEAMS_MAPPING = {}
    def tearDown(self):
        settings.OPENID_CREATE_USERS = self.old_create_users
        settings.OPENID_UPDATE_DETAILS_FROM_SREG = self.old_update_details
        settings.OPENID_SSO_SERVER_URL = self.old_sso_server_url
+        settings.OPENID_UPDATE_GROUPS_FROM_TEAMS = self.old_update_groups
+        settings.OPENID_LAUNCHPAD_TEAMS_MAPPING = self.old_teams_map
        setDefaultFetcher(None)
        super(RelyingPartyTests, self).tearDown()
@@ -254,6 +265,54 @@ class RelyingPartyTests(TestCase):
        self.assertEquals(user.last_name, 'User')
        self.assertEquals(user.email, 'foo@example.com')
+    def test_login_teams(self):
+        settings.OPENID_UPDATE_GROUPS_FROM_TEAMS = True
+        settings.OPENID_LAUNCHPAD_TEAMS_MAPPING = {'teamname': 'groupname',
+                                                   'otherteam': 'othergroup'}
+        user = User.objects.create_user('testuser', 'someone@example.com')
+        group = Group(name='groupname')
+        group.save()
+        ogroup = Group(name='othergroup')
+        ogroup.save()
+        user.groups.add(ogroup)
+        user.save()
+        useropenid = UserOpenID(
+            user=user,
+            claimed_id='http://example.com/identity',
+            display_id='http://example.com/identity')
+        useropenid.save()
+        # Posting in an identity URL begins the authentication request:
+        response = self.client.post('/openid/login',
+            {'openid_identifier': 'http://example.com/identity',
+             'next': '/getuser'})
+        self.assertContains(response, 'OpenID transaction in progress')
+        # Complete the request
+        openid_request = self.provider.parseFormPost(response.content)
+        teams_request = TeamsRequest.fromOpenIDRequest(openid_request)
+        openid_response = openid_request.answer(True)
+        teams_response = TeamsResponse.extractResponse(teams_request,
+                                                       'teamname')
+        openid_response.addExtension(teams_response)
+        response = self.complete(openid_response)
+        try:
+            self.assertRedirects(response, 'http://testserver/getuser')
+        except:
+            print '***', response.content
+            raise
+        # And they are now logged in as testuser
+        response = self.client.get('/getuser')
+        self.assertEquals(response.content, 'testuser')
+        # The user's groups have been updated.
+        user = User.objects.get(username='testuser')
+        self.assertTrue(group in user.groups.all())
+        self.assertTrue(ogroup not in user.groups.all())
 def suite():
    return unittest.TestLoader().loadTestsFromName(__name__)
--- a/django_openid_auth/views.py
+++ b/django_openid_auth/views.py
@@ -14,6 +14,10 @@ from openid.consumer.consumer import (
    Consumer, SUCCESS, CANCEL, FAILURE)
 from openid.consumer.discover import DiscoveryFailure
 from openid.extensions import sreg
+try:
+    from openid.extensions import teams
+except ImportError:
+    import _openid_extensions_teams as teams
 from django_openid_auth.forms import OpenIDLoginForm
@@ -110,6 +114,10 @@ def login_begin(request, template_name='openid/login.html',
    openid_request.addExtension(
        sreg.SRegRequest(optional=['email', 'fullname', 'nickname']))
+    # Request team info
+    launchpad_teams = getattr(settings, 'OPENID_LAUNCHPAD_TEAMS_MAPPING', {})
+    openid_request.addExtension(teams.TeamsRequest(launchpad_teams.keys()))
    # Construct the request completion URL, including the page we
    # should redirect to.
    return_to = request.build_absolute_uri(reverse(login_complete))