Changeset View
Changeset View
Standalone View
Standalone View
swh/auth/tests/django/test_middlewares.py
- This file was added.
| # Copyright (C) 2020-2021 The Software Heritage developers | |||||
| # See the AUTHORS file at the top-level directory of this distribution | |||||
| # License: GNU Affero General Public License version 3, or any later version | |||||
| # See top-level LICENSE file for more information | |||||
| from django.core.cache import cache | |||||
| from django.test import modify_settings, override_settings | |||||
| import pytest | |||||
| from swh.auth.django.utils import oidc_profile_cache_key, reverse | |||||
| @pytest.mark.django_db | |||||
| @override_settings(SWH_AUTH_SESSION_EXPIRED_REDIRECT_VIEW=None) | |||||
| def test_oidc_session_expired_middleware_missing_setting(client, keycloak_oidc): | |||||
| client.login(code="", code_verifier="", redirect_uri="") | |||||
| keycloak_oidc.authorization_code.assert_called() | |||||
| url = reverse("root") | |||||
| with pytest.raises(ValueError, match="setting is mandatory"): | |||||
| client.get(url) | |||||
| @pytest.mark.django_db | |||||
| @modify_settings( | |||||
| MIDDLEWARE={"remove": ["swh.auth.django.middlewares.OIDCSessionExpiredMiddleware"]} | |||||
| ) | |||||
| def test_oidc_session_expired_middleware_disabled(client, keycloak_oidc): | |||||
| # authenticate user | |||||
| client.login(code="", code_verifier="", redirect_uri="") | |||||
| keycloak_oidc.authorization_code.assert_called() | |||||
| url = reverse("root") | |||||
| # visit url first to get user from response | |||||
| response = client.get(url) | |||||
| assert response.status_code == 200 | |||||
| # simulate OIDC session expiration | |||||
| cache.delete(oidc_profile_cache_key(keycloak_oidc, response.wsgi_request.user.id)) | |||||
| # no redirection when session has expired | |||||
| response = client.get(url) | |||||
| assert response.status_code == 200 | |||||
| @pytest.mark.django_db | |||||
| def test_oidc_session_expired_middleware_enabled(client, keycloak_oidc): | |||||
| # authenticate user | |||||
| client.login(code="", code_verifier="", redirect_uri="") | |||||
| keycloak_oidc.authorization_code.assert_called() | |||||
| url = reverse("root") | |||||
| # visit url first to get user from response | |||||
| response = client.get(url) | |||||
| assert response.status_code == 200 | |||||
| # simulate OIDC session expiration | |||||
| cache.delete(oidc_profile_cache_key(keycloak_oidc, response.wsgi_request.user.id)) | |||||
| # should redirect to logout page | |||||
| response = client.get(url) | |||||
| assert response.status_code == 302 | |||||
| silent_refresh_url = reverse( | |||||
| "logout", query_params={"next_path": url, "remote_user": 1} | |||||
| ) | |||||
| assert response["location"] == silent_refresh_url | |||||