Commit eb1eef78 by James Tait

Add the account_verified property to the UserOpenID model and update it upon login.

parent 5e92a310
......@@ -78,6 +78,8 @@ class OpenIDBackend:
except UserOpenID.DoesNotExist:
if getattr(settings, 'OPENID_CREATE_USERS', False):
user = self.create_user_from_openid(openid_response)
user_openid = UserOpenID.objects.get(
claimed_id__exact=openid_response.identity_url)
else:
user = user_openid.user
......@@ -87,6 +89,7 @@ class OpenIDBackend:
if getattr(settings, 'OPENID_UPDATE_DETAILS_FROM_SREG', False):
details = self._extract_user_details(openid_response)
self.update_user_details(user, details, openid_response)
self.update_user_openid(user_openid, details)
if getattr(settings, 'OPENID_PHYSICAL_MULTIFACTOR_REQUIRED', False):
pape_response = pape.Response.fromSuccessResponse(openid_response)
......@@ -276,6 +279,14 @@ class OpenIDBackend:
return user_openid
def update_user_openid(self, user_openid, details):
updated = False
if details['account_verified'] is not None:
user_openid.account_verified = details['account_verified']
updated = True
if updated:
user_openid.save()
def update_user_details(self, user, details, openid_response):
updated = False
if details['first_name']:
......
......@@ -56,3 +56,4 @@ class UserOpenID(models.Model):
user = models.ForeignKey(User)
claimed_id = models.TextField(max_length=2047, unique=True)
display_id = models.TextField(max_length=2047)
account_verified = models.BooleanField(default=False)
......@@ -33,6 +33,7 @@ from django.contrib.auth.models import User
from django.test import TestCase
from django_openid_auth.auth import OpenIDBackend
from django_openid_auth.models import UserOpenID
from openid.consumer.consumer import SuccessResponse
from openid.consumer.discover import OpenIDServiceEndpoint
from openid.message import Message, OPENID2_NS
......@@ -71,7 +72,7 @@ class OpenIDBackendTests(TestCase):
def make_response_ax(self, schema="http://axschema.org/",
fullname="Some User", nickname="someuser", email="foo@example.com",
first=None, last=None, verified=True):
first=None, last=None, verified=False):
endpoint = OpenIDServiceEndpoint()
message = Message(OPENID2_NS)
attributes = [
......@@ -106,7 +107,7 @@ class OpenIDBackendTests(TestCase):
"first_name": "Some",
"last_name": "User",
"email": "foo@example.com",
"account_verified": True})
"account_verified": False})
def test_extract_user_details_ax_split_name(self):
# Include fullname too to show that the split data takes
......@@ -120,7 +121,7 @@ class OpenIDBackendTests(TestCase):
"first_name": "Some",
"last_name": "User",
"email": "foo@example.com",
"account_verified": True})
"account_verified": False})
def test_extract_user_details_ax_broken_myopenid(self):
response = self.make_response_ax(
......@@ -133,7 +134,7 @@ class OpenIDBackendTests(TestCase):
"first_name": "Some",
"last_name": "User",
"email": "foo@example.com",
"account_verified": True})
"account_verified": False})
def test_update_user_details_long_names(self):
response = self.make_response_ax()
......@@ -141,13 +142,45 @@ class OpenIDBackendTests(TestCase):
password=None)
data = dict(first_name=u"Some56789012345678901234567890123",
last_name=u"User56789012345678901234567890123",
email=u"someotheruser@example.com")
email=u"someotheruser@example.com", account_verified=False)
self.backend.update_user_details(user, data, response)
self.assertEqual("Some56789012345678901234567890", user.first_name)
self.assertEqual("User56789012345678901234567890", user.last_name)
def test_update_user_openid_unverified(self):
user = User.objects.create_user('someuser', 'someuser@example.com',
password=None)
user_openid = UserOpenID.objects.get_or_create(
user=user,
claimed_id='http://example.com/existing_identity',
display_id='http://example.com/existing_identity',
account_verified=False)
data = dict(first_name=u"Some56789012345678901234567890123",
last_name=u"User56789012345678901234567890123",
email=u"someotheruser@example.com", account_verified=False)
user_openid = UserOpenID.objects.get(user=user)
self.backend.update_user_openid(user_openid, data)
self.assertFalse(user_openid.account_verified)
def test_update_user_openid_verified(self):
user = User.objects.create_user('someuser', 'someuser@example.com',
password=None)
user_openid = UserOpenID.objects.get_or_create(
user=user,
claimed_id='http://example.com/existing_identity',
display_id='http://example.com/existing_identity',
account_verified=False)
data = dict(first_name=u"Some56789012345678901234567890123",
last_name=u"User56789012345678901234567890123",
email=u"someotheruser@example.com", account_verified=True)
user_openid = UserOpenID.objects.get(user=user)
self.backend.update_user_openid(user_openid, data)
self.assertTrue(user_openid.account_verified)
def test_extract_user_details_name_with_trailing_space(self):
response = self.make_response_ax(fullname="SomeUser ")
......
......@@ -361,9 +361,11 @@ class RelyingPartyTests(TestCase):
self.assertEquals(user.last_name, 'User')
self.assertEquals(user.email, 'foo@example.com')
def _do_user_login(self, req_data, resp_data, use_sreg=True, use_pape=None):
def _do_user_login(self, req_data, resp_data, use_sreg=True,
use_pape=None):
openid_request = self._get_login_request(req_data)
openid_response = self._get_login_response(openid_request, resp_data, use_sreg, use_pape)
openid_response = self._get_login_response(
openid_request, resp_data, use_sreg, use_pape)
response = self.complete(openid_response)
self.assertRedirects(response, 'http://testserver/getuser/')
return response
......@@ -378,7 +380,8 @@ class RelyingPartyTests(TestCase):
openid_request = self.provider.parseFormPost(response.content)
return openid_request
def _get_login_response(self, openid_request, resp_data, use_sreg, use_pape):
def _get_login_response(self, openid_request, resp_data, use_sreg,
use_pape):
openid_response = openid_request.answer(True)
if use_sreg:
......@@ -1195,6 +1198,9 @@ class RelyingPartyTests(TestCase):
self.assertEquals(user.first_name, 'Firstname')
self.assertEquals(user.last_name, 'Lastname')
self.assertEquals(user.email, 'foo@example.com')
# And the verified status of their UserOpenID
user_openid = UserOpenID.objects.get(user=user)
self.assertTrue(user_openid.account_verified)
def test_login_teams(self):
settings.OPENID_LAUNCHPAD_TEAMS_MAPPING_AUTO = False
......
......@@ -56,7 +56,6 @@ from django_openid_auth.models import UserOpenID
from django_openid_auth.signals import openid_login_complete
from django_openid_auth.store import DjangoOpenIDStore
from django_openid_auth.exceptions import (
RequiredAttributeNotReturned,
DjangoOpenIDException,
)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment