Changeset View
Changeset View
Standalone View
Standalone View
swh/auth/tests/django/test_views.py
Show First 20 Lines • Show All 112 Lines • ▼ Show 20 Lines | def test_oidc_logout_view_success(client, keycloak_oidc): | ||||
""" | """ | ||||
Simulate a successful logout operation with OpenID Connect. | Simulate a successful logout operation with OpenID Connect. | ||||
""" | """ | ||||
# login our test user | # login our test user | ||||
client.login(code="", code_verifier="", redirect_uri="") | client.login(code="", code_verifier="", redirect_uri="") | ||||
keycloak_oidc.authorization_code.assert_called() | keycloak_oidc.authorization_code.assert_called() | ||||
# user initiates logout | # user initiates logout | ||||
next_path = reverse("root") | next = reverse("root") | ||||
oidc_logout_url = reverse("oidc-logout", query_params={"next_path": next_path}) | oidc_logout_url = reverse("oidc-logout", query_params={"next": next}) | ||||
# should redirect to logout page | # should redirect to logout page | ||||
response = client.get(oidc_logout_url) | response = client.get(oidc_logout_url) | ||||
assert response.status_code == 302 | assert response.status_code == 302 | ||||
request = response.wsgi_request | request = response.wsgi_request | ||||
assert response["location"] == next_path | assert response["location"] == next | ||||
# should have been logged out in Keycloak | # should have been logged out in Keycloak | ||||
oidc_profile = keycloak_oidc.login() | oidc_profile = keycloak_oidc.login() | ||||
keycloak_oidc.logout.assert_called_with(oidc_profile["refresh_token"]) | keycloak_oidc.logout.assert_called_with(oidc_profile["refresh_token"]) | ||||
# check effective logout in Django | # check effective logout in Django | ||||
assert isinstance(request.user, AnonymousUser) | assert isinstance(request.user, AnonymousUser) | ||||
Show All 33 Lines | |||||
def test_oidc_login_complete_view_missing_parameters(client): | def test_oidc_login_complete_view_missing_parameters(client): | ||||
# simulate login process has been initialized | # simulate login process has been initialized | ||||
session = client.session | session = client.session | ||||
session["login_data"] = { | session["login_data"] = { | ||||
"code_verifier": "", | "code_verifier": "", | ||||
"state": str(uuid.uuid4()), | "state": str(uuid.uuid4()), | ||||
"redirect_uri": "", | "redirect_uri": "", | ||||
"next_path": "", | "next": "", | ||||
} | } | ||||
session.save() | session.save() | ||||
# user initiates login process | # user initiates login process | ||||
login_url = reverse("oidc-login-complete") | login_url = reverse("oidc-login-complete") | ||||
# should return with error | # should return with error | ||||
response = client.get(login_url) | response = client.get(login_url) | ||||
Show All 9 Lines | |||||
def test_oidc_login_complete_wrong_csrf_token(client, keycloak_oidc): | def test_oidc_login_complete_wrong_csrf_token(client, keycloak_oidc): | ||||
# simulate login process has been initialized | # simulate login process has been initialized | ||||
session = client.session | session = client.session | ||||
session["login_data"] = { | session["login_data"] = { | ||||
"code_verifier": "", | "code_verifier": "", | ||||
"state": str(uuid.uuid4()), | "state": str(uuid.uuid4()), | ||||
"redirect_uri": "", | "redirect_uri": "", | ||||
"next_path": "", | "next": "", | ||||
} | } | ||||
session.save() | session.save() | ||||
# user initiates login process | # user initiates login process | ||||
login_url = reverse( | login_url = reverse( | ||||
"oidc-login-complete", query_params={"code": "some-code", "state": "some-state"} | "oidc-login-complete", query_params={"code": "some-code", "state": "some-state"} | ||||
) | ) | ||||
Show All 14 Lines | def test_oidc_login_complete_wrong_code_verifier(client, keycloak_oidc): | ||||
keycloak_oidc.set_auth_success(False) | keycloak_oidc.set_auth_success(False) | ||||
# simulate login process has been initialized | # simulate login process has been initialized | ||||
session = client.session | session = client.session | ||||
session["login_data"] = { | session["login_data"] = { | ||||
"code_verifier": "", | "code_verifier": "", | ||||
"state": str(uuid.uuid4()), | "state": str(uuid.uuid4()), | ||||
"redirect_uri": "", | "redirect_uri": "", | ||||
"next_path": "", | "next": "", | ||||
} | } | ||||
session.save() | session.save() | ||||
# check authentication error is reported | # check authentication error is reported | ||||
login_url = reverse( | login_url = reverse( | ||||
"oidc-login-complete", | "oidc-login-complete", | ||||
query_params={"code": "some-code", "state": session["login_data"]["state"]}, | query_params={"code": "some-code", "state": session["login_data"]["state"]}, | ||||
) | ) | ||||
Show All 37 Lines |