Add the account_verified property to the UserOpenID model and update it upon login.

eb1eef78 · James Tait · 5e92a310 · eb1eef78 · eb1eef78 · eb1eef78
Commit eb1eef78 authored Apr 18, 2013 by James Tait
Showing with 59 additions and 9 deletions

django_openid_auth/auth.py
+11 -0

django_openid_auth/models.py
+1 -0

django_openid_auth/tests/test_auth.py
+38 -5

django_openid_auth/tests/test_views.py
+9 -3

django_openid_auth/views.py
+0 -1

No files found.
--- a/django_openid_auth/auth.py
+++ b/django_openid_auth/auth.py
@@ -78,6 +78,8 @@ class OpenIDBackend:
        except UserOpenID.DoesNotExist:
            if getattr(settings, 'OPENID_CREATE_USERS', False):
                user = self.create_user_from_openid(openid_response)
+                user_openid = UserOpenID.objects.get(
+                    claimed_id__exact=openid_response.identity_url)
        else:
            user = user_openid.user
@@ -87,6 +89,7 @@ class OpenIDBackend:
        if getattr(settings, 'OPENID_UPDATE_DETAILS_FROM_SREG', False):
            details = self._extract_user_details(openid_response)
            self.update_user_details(user, details, openid_response)
+            self.update_user_openid(user_openid, details)
        if getattr(settings, 'OPENID_PHYSICAL_MULTIFACTOR_REQUIRED', False):
            pape_response = pape.Response.fromSuccessResponse(openid_response)
@@ -276,6 +279,14 @@ class OpenIDBackend:
        return user_openid
+    def update_user_openid(self, user_openid, details):
+        updated = False
+        if details['account_verified'] is not None:
+            user_openid.account_verified = details['account_verified']
+            updated = True
+        if updated:
+            user_openid.save()
    def update_user_details(self, user, details, openid_response):
        updated = False
        if details['first_name']:

--- a/django_openid_auth/models.py
+++ b/django_openid_auth/models.py
@@ -56,3 +56,4 @@ class UserOpenID(models.Model):
    user = models.ForeignKey(User)
    claimed_id = models.TextField(max_length=2047, unique=True)
    display_id = models.TextField(max_length=2047)
+    account_verified = models.BooleanField(default=False)
--- a/django_openid_auth/tests/test_auth.py
+++ b/django_openid_auth/tests/test_auth.py
@@ -33,6 +33,7 @@ from django.contrib.auth.models import User
 from django.test import TestCase
 from django_openid_auth.auth import OpenIDBackend
+from django_openid_auth.models import UserOpenID
 from openid.consumer.consumer import SuccessResponse
 from openid.consumer.discover import OpenIDServiceEndpoint
 from openid.message import Message, OPENID2_NS
@@ -71,7 +72,7 @@ class OpenIDBackendTests(TestCase):
    def make_response_ax(self, schema="http://axschema.org/",
            fullname="Some User", nickname="someuser", email="foo@example.com",
-            first=None, last=None, verified=True):
+            first=None, last=None, verified=False):
        endpoint = OpenIDServiceEndpoint()
        message = Message(OPENID2_NS)
        attributes = [
@@ -106,7 +107,7 @@ class OpenIDBackendTests(TestCase):
                                "first_name": "Some",
                                "last_name": "User",
                                "email": "foo@example.com",
-                                "account_verified": True})
+                                "account_verified": False})
    def test_extract_user_details_ax_split_name(self):
        # Include fullname too to show that the split data takes
@@ -120,7 +121,7 @@ class OpenIDBackendTests(TestCase):
                                "first_name": "Some",
                                "last_name": "User",
                                "email": "foo@example.com",
-                                "account_verified": True})
+                                "account_verified": False})
    def test_extract_user_details_ax_broken_myopenid(self):
        response = self.make_response_ax(
@@ -133,7 +134,7 @@ class OpenIDBackendTests(TestCase):
                                "first_name": "Some",
                                "last_name": "User",
                                "email": "foo@example.com",
-                                "account_verified": True})
+                                "account_verified": False})
    def test_update_user_details_long_names(self):
        response = self.make_response_ax()
@@ -141,13 +142,45 @@ class OpenIDBackendTests(TestCase):
            password=None)
        data = dict(first_name=u"Some56789012345678901234567890123",
            last_name=u"User56789012345678901234567890123",
-            email=u"someotheruser@example.com")
+            email=u"someotheruser@example.com", account_verified=False)
        self.backend.update_user_details(user, data, response)
        self.assertEqual("Some56789012345678901234567890",  user.first_name)
        self.assertEqual("User56789012345678901234567890",  user.last_name)
+    def test_update_user_openid_unverified(self):
+        user = User.objects.create_user('someuser', 'someuser@example.com',
+            password=None)
+        user_openid = UserOpenID.objects.get_or_create(
+            user=user,
+            claimed_id='http://example.com/existing_identity',
+            display_id='http://example.com/existing_identity',
+            account_verified=False)
+        data = dict(first_name=u"Some56789012345678901234567890123",
+            last_name=u"User56789012345678901234567890123",
+            email=u"someotheruser@example.com", account_verified=False)
+        user_openid = UserOpenID.objects.get(user=user)
+        self.backend.update_user_openid(user_openid, data)
+        self.assertFalse(user_openid.account_verified)
+    def test_update_user_openid_verified(self):
+        user = User.objects.create_user('someuser', 'someuser@example.com',
+            password=None)
+        user_openid = UserOpenID.objects.get_or_create(
+            user=user,
+            claimed_id='http://example.com/existing_identity',
+            display_id='http://example.com/existing_identity',
+            account_verified=False)
+        data = dict(first_name=u"Some56789012345678901234567890123",
+            last_name=u"User56789012345678901234567890123",
+            email=u"someotheruser@example.com", account_verified=True)
+        user_openid = UserOpenID.objects.get(user=user)
+        self.backend.update_user_openid(user_openid, data)
+        self.assertTrue(user_openid.account_verified)
    def test_extract_user_details_name_with_trailing_space(self):
        response = self.make_response_ax(fullname="SomeUser ")

--- a/django_openid_auth/tests/test_views.py
+++ b/django_openid_auth/tests/test_views.py
@@ -361,9 +361,11 @@ class RelyingPartyTests(TestCase):
        self.assertEquals(user.last_name, 'User')
        self.assertEquals(user.email, 'foo@example.com')
-    def _do_user_login(self, req_data, resp_data, use_sreg=True, use_pape=None):
+    def _do_user_login(self, req_data, resp_data, use_sreg=True,
+                       use_pape=None):
        openid_request = self._get_login_request(req_data)
-        openid_response = self._get_login_response(openid_request, resp_data, use_sreg, use_pape)
+        openid_response = self._get_login_response(
+            openid_request, resp_data, use_sreg, use_pape)
        response = self.complete(openid_response)
        self.assertRedirects(response, 'http://testserver/getuser/')
        return response
@@ -378,7 +380,8 @@ class RelyingPartyTests(TestCase):
        openid_request = self.provider.parseFormPost(response.content)
        return openid_request
-    def _get_login_response(self, openid_request, resp_data, use_sreg, use_pape):
+    def _get_login_response(self, openid_request, resp_data, use_sreg,
+                            use_pape):
        openid_response = openid_request.answer(True)
        if use_sreg:
@@ -1195,6 +1198,9 @@ class RelyingPartyTests(TestCase):
        self.assertEquals(user.first_name, 'Firstname')
        self.assertEquals(user.last_name, 'Lastname')
        self.assertEquals(user.email, 'foo@example.com')
+        # And the verified status of their UserOpenID
+        user_openid = UserOpenID.objects.get(user=user)
+        self.assertTrue(user_openid.account_verified)
    def test_login_teams(self):
        settings.OPENID_LAUNCHPAD_TEAMS_MAPPING_AUTO = False

--- a/django_openid_auth/views.py
+++ b/django_openid_auth/views.py
@@ -56,7 +56,6 @@ from django_openid_auth.models import UserOpenID
 from django_openid_auth.signals import openid_login_complete
 from django_openid_auth.store import DjangoOpenIDStore
 from django_openid_auth.exceptions import (
-    RequiredAttributeNotReturned,
    DjangoOpenIDException,
 )