-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #68 from onaio/update-username-regex-and-more
Update username regex and more
- Loading branch information
Showing
6 changed files
with
113 additions
and
27 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,6 +1,7 @@ | ||
""" | ||
Tests for the OpenID Client | ||
""" | ||
|
||
from django.contrib.auth import get_user_model | ||
from django.test import TestCase | ||
from django.test.utils import override_settings | ||
|
@@ -44,10 +45,11 @@ | |
"SSO_COOKIE_DATA": "email", | ||
"JWT_ALGORITHM": "HS256", | ||
"JWT_SECRET_KEY": "abc", | ||
"REPLACE_USERNAME_CHARACTERS": "-.", | ||
"FIELD_VALIDATION_REGEX": { | ||
"username": { | ||
"regex": "^[\w\d]*$", | ||
"help_text": "Username should only contain word characters & numbers i.e datatester23", | ||
"regex": r"^(?!\d+$)[a-zA-Z0-9_]{3,}$", | ||
"help_text": "Username should only contain word characters & numbers and should have 3 or more characters", | ||
}, | ||
}, | ||
} | ||
|
@@ -83,6 +85,82 @@ def test_returns_data_entry_template_on_missing_username_claim(self): | |
self.assertEqual(response.status_code, 200) | ||
self.assertEqual(response.template_name, "oidc/oidc_user_data_entry.html") | ||
|
||
@override_settings(OPENID_CONNECT_VIEWSET_CONFIG=OPENID_CONNECT_VIEWSET_CONFIG) | ||
def test_user_created_successfully_when_email_has_a_valid_username(self): | ||
""" | ||
Test that the user is created ok when | ||
username is not present in decoded token but email has a valid username | ||
""" | ||
view = UserModelOpenIDConnectViewset.as_view({"post": "callback"}) | ||
with patch( | ||
"oidc.viewsets.OpenIDClient.verify_and_decode_id_token" | ||
) as mock_func: | ||
mock_func.return_value = { | ||
"family_name": "bob", | ||
"given_name": "just bob", | ||
"username": "[email protected]", | ||
"email": "[email protected]", | ||
} | ||
|
||
data = {"id_token": "sadsdaio3209lkasdlkas0d.sdojdsiad.iosdadia"} | ||
request = self.factory.post("/", data=data) | ||
response = view(request, auth_server="default") | ||
self.assertEqual(response.status_code, 302) | ||
user = User.objects.get(username="boby") | ||
self.assertEqual(user.email, "[email protected]") | ||
|
||
@override_settings(OPENID_CONNECT_VIEWSET_CONFIG=OPENID_CONNECT_VIEWSET_CONFIG) | ||
def test_returns_data_entry_template_on_invalid_username(self): | ||
""" | ||
Test that users are redirected to the data entry | ||
page when username is not present in decoded token and | ||
provided email also does not provide a valid username | ||
""" | ||
view = UserModelOpenIDConnectViewset.as_view({"post": "callback"}) | ||
with patch( | ||
"oidc.viewsets.OpenIDClient.verify_and_decode_id_token" | ||
) as mock_func: | ||
mock_func.return_value = { | ||
"family_name": "bob", | ||
"given_name": "just bob", | ||
"email": "[email protected]", | ||
} | ||
|
||
data = {"id_token": "sadsdaio3209lkasdlkas0d.sdojdsiad.iosdadia"} | ||
request = self.factory.post("/", data=data) | ||
response = view(request, auth_server="default") | ||
self.assertEqual(response.status_code, 200) | ||
self.assertEqual(response.template_name, "oidc/oidc_user_data_entry.html") | ||
|
||
@override_settings(OPENID_CONNECT_VIEWSET_CONFIG=OPENID_CONNECT_VIEWSET_CONFIG) | ||
def test_returns_data_entry_template_on_invalid_username_and_bad_email(self): | ||
""" | ||
Test that users are redirected to the data entry | ||
page when username provided in decoded token is invalid and | ||
provided email also does not provide a valid username | ||
""" | ||
view = UserModelOpenIDConnectViewset.as_view({"post": "callback"}) | ||
with patch( | ||
"oidc.viewsets.OpenIDClient.verify_and_decode_id_token" | ||
) as mock_func: | ||
mock_func.return_value = { | ||
"family_name": "bob", | ||
"given_name": "just bob", | ||
"username": "[email protected]", | ||
"email": "[email protected]", | ||
} | ||
|
||
data = {"id_token": "sadsdaio3209lkasdlkas0d.sdojdsiad.iosdadia"} | ||
request = self.factory.post("/", data=data) | ||
response = view(request, auth_server="default") | ||
self.assertEqual(response.status_code, 400) | ||
self.assertTrue( | ||
response.rendered_content.startswith( | ||
b'{"error":"Username should only contain word characters & numbers and should have 3 or more characters"' | ||
) | ||
) | ||
self.assertEqual(response.template_name, "oidc/oidc_user_data_entry.html") | ||
|
||
def test_unrecoverable_error_on_missing_claim(self): | ||
""" | ||
Test that an error is returned when a required claim field other than the | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,28 +1,30 @@ | ||
[tox] | ||
envlist = | ||
py{38,39}-django{32,40} | ||
py{310,311,312}-django{32,40} | ||
lint | ||
|
||
[testenv:lint] | ||
deps = | ||
pipenv | ||
flake8 | ||
black | ||
basepython = python3.9 | ||
basepython = python3.10 | ||
commands = | ||
pipenv sync --dev | ||
flake8 {toxinidir}/oidc | ||
black -v {toxinidir}/oidc --check -t py38 -t py39 | ||
black -v {toxinidir}/oidc --check -t py310 -t py311 | ||
isort -c -v {toxinidir}/oidc | ||
|
||
[testenv] | ||
deps = | ||
pipenv | ||
basepython = | ||
py38: python3.8 | ||
py39: python3.9 | ||
py310: python3.10 | ||
py311: python3.11 | ||
py312: python3.12 | ||
commands = | ||
django32: pip install Django>=3.2.13,<4 | ||
django40: pip install Django>=4,<5 | ||
pipenv sync --dev | ||
python manage.py test {toxinidir}/tests | ||
|