Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
E
edx-platform
Overview
Overview
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
edx
edx-platform
Commits
c79be5bb
Commit
c79be5bb
authored
Aug 31, 2017
by
Brittney Exline
Committed by
GitHub
Aug 31, 2017
Browse files
Options
Browse Files
Download
Plain Diff
Merge pull request #15929 from edx/bexline/clean_saml_usernames
ENT-619 Clean usernames coming from identity providers
parents
c9ad66df
716a608f
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
20 additions
and
9 deletions
+20
-9
common/djangoapps/third_party_auth/models.py
+7
-1
openedx/core/djangoapps/user_api/tests/test_views.py
+13
-8
No files found.
common/djangoapps/third_party_auth/models.py
View file @
c79be5bb
...
@@ -7,6 +7,7 @@ from __future__ import absolute_import
...
@@ -7,6 +7,7 @@ from __future__ import absolute_import
import
json
import
json
import
logging
import
logging
import
re
from
config_models.models
import
ConfigurationModel
,
cache
from
config_models.models
import
ConfigurationModel
,
cache
from
django.conf
import
settings
from
django.conf
import
settings
...
@@ -65,6 +66,11 @@ def clean_json(value, of_type):
...
@@ -65,6 +66,11 @@ def clean_json(value, of_type):
return
json
.
dumps
(
value_python
,
indent
=
4
)
return
json
.
dumps
(
value_python
,
indent
=
4
)
def
clean_username
(
username
=
''
):
""" Simple helper method to ensure a username is compatible with our system requirements. """
return
re
.
sub
(
r'[^-\w]+'
,
'_'
,
username
)[:
30
]
class
AuthNotConfigured
(
SocialAuthBaseException
):
class
AuthNotConfigured
(
SocialAuthBaseException
):
""" Exception when SAMLProviderData or other required info is missing """
""" Exception when SAMLProviderData or other required info is missing """
def
__init__
(
self
,
provider_name
):
def
__init__
(
self
,
provider_name
):
...
@@ -259,7 +265,7 @@ class ProviderConfig(ConfigurationModel):
...
@@ -259,7 +265,7 @@ class ProviderConfig(ConfigurationModel):
# technically a data race between the creation of this value and the
# technically a data race between the creation of this value and the
# creation of the user object, so it is still possible for users to get
# creation of the user object, so it is still possible for users to get
# an error on submit.
# an error on submit.
registration_form_data
[
'username'
]
=
pipeline_kwargs
.
get
(
'username
'
)
registration_form_data
[
'username'
]
=
clean_username
(
pipeline_kwargs
.
get
(
'username'
)
or
'
'
)
# Any other values that are present in the details dict should be copied
# Any other values that are present in the details dict should be copied
# into the registration form details. This may include details that do
# into the registration form details. This may include details that do
...
...
openedx/core/djangoapps/user_api/tests/test_views.py
View file @
c79be5bb
...
@@ -1117,14 +1117,19 @@ class RegistrationViewTest(ThirdPartyAuthTestMixin, UserAPITestCase):
...
@@ -1117,14 +1117,19 @@ class RegistrationViewTest(ThirdPartyAuthTestMixin, UserAPITestCase):
)
)
@ddt.data
(
@ddt.data
(
(
'pk'
,
'PK'
),
(
'pk'
,
'PK'
,
'Bob123'
,
'Bob123'
),
(
'Pk'
,
'PK'
),
(
'Pk'
,
'PK'
,
None
,
''
),
(
'pK'
,
'PK'
),
(
'pK'
,
'PK'
,
'Bob123@edx.org'
,
'Bob123_edx_org'
),
(
'PK'
,
'PK'
),
(
'PK'
,
'PK'
,
'Bob123123123123123123123123123123123123'
,
'Bob123123123123123123123123123'
),
(
'us'
,
'US'
),
(
'us'
,
'US'
,
'Bob-1231231&23123+1231(2312312312@3123123123'
,
'Bob-1231231_23123_1231_2312312'
),
)
)
@ddt.unpack
@ddt.unpack
def
test_register_form_third_party_auth_running_google
(
self
,
input_country_code
,
expected_country_code
):
def
test_register_form_third_party_auth_running_google
(
self
,
input_country_code
,
expected_country_code
,
input_username
,
expected_username
):
no_extra_fields_setting
=
{}
no_extra_fields_setting
=
{}
country_options
=
(
country_options
=
(
[
[
...
@@ -1148,7 +1153,7 @@ class RegistrationViewTest(ThirdPartyAuthTestMixin, UserAPITestCase):
...
@@ -1148,7 +1153,7 @@ class RegistrationViewTest(ThirdPartyAuthTestMixin, UserAPITestCase):
"openedx.core.djangoapps.user_api.api.third_party_auth.pipeline"
,
"google-oauth2"
,
"openedx.core.djangoapps.user_api.api.third_party_auth.pipeline"
,
"google-oauth2"
,
email
=
"bob@example.com"
,
email
=
"bob@example.com"
,
fullname
=
"Bob"
,
fullname
=
"Bob"
,
username
=
"Bob123"
,
username
=
input_username
,
country
=
input_country_code
country
=
input_country_code
):
):
self
.
_assert_password_field_hidden
(
no_extra_fields_setting
)
self
.
_assert_password_field_hidden
(
no_extra_fields_setting
)
...
@@ -1194,7 +1199,7 @@ class RegistrationViewTest(ThirdPartyAuthTestMixin, UserAPITestCase):
...
@@ -1194,7 +1199,7 @@ class RegistrationViewTest(ThirdPartyAuthTestMixin, UserAPITestCase):
no_extra_fields_setting
,
no_extra_fields_setting
,
{
{
u"name"
:
u"username"
,
u"name"
:
u"username"
,
u"defaultValue"
:
u"Bob123"
,
u"defaultValue"
:
expected_username
,
u"type"
:
u"text"
,
u"type"
:
u"text"
,
u"required"
:
True
,
u"required"
:
True
,
u"label"
:
u"Public Username"
,
u"label"
:
u"Public Username"
,
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment