Skip to content

test_sso_authentication#

make_sso_auth_request#

Source code in tests/unit/apps/users/authentication/test_sso_authentication.py 
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
@pytest.fixture
def make_sso_auth_request(enable_sso):
    def f(sso_session, use_wrong_key=False) -> Tuple[Optional[MetaxUser], Optional[str]]:
        factory = APIRequestFactory()
        request = factory.get("/")
        if sso_session:
            key = "this_key_is_wrong" if use_wrong_key else django_settings.SSO_SECRET_KEY
            sso_token = jwt.encode(sso_session, key=key)
            request.COOKIES[django_settings.SSO_SESSION_COOKIE] = sso_token
        try:
            authentication = SSOAuthentication()
            auths = authentication.authenticate(request=request)
            if auths is None:
                return None, None
            return auths[0], None
        except exceptions.AuthenticationFailed as e:
            return None, e.get_codes()

    return f

test_sso_authentication_ok#

Source code in tests/unit/apps/users/authentication/test_sso_authentication.py 
40
41
42
43
44
def test_sso_authentication_ok(make_sso_auth_request, sso_session_teppo):
    user, error = make_sso_auth_request(sso_session_teppo)
    assert user.username == "fd_teppo3"
    assert user.csc_projects == ["fd_teppo3_project"]
    assert error == None

test_sso_authentication_sync#

Source code in tests/unit/apps/users/authentication/test_sso_authentication.py 
47
48
49
50
51
52
53
54
55
56
57
def test_sso_authentication_sync(make_sso_auth_request, sso_session_teppo, sso_format_datetime):
    user, error = make_sso_auth_request(sso_session_teppo)
    sso_session_teppo["services"]["IDA"]["projects"] = ["fd_teppo3_project", "new_project"]
    sso_session_teppo["initiated"] = sso_format_datetime(
        parse(sso_session_teppo["initiated"]) + timedelta(hours=1)
    )

    # session is newer than previous sync, should sync user details
    user, error = make_sso_auth_request(sso_session_teppo)
    assert user.csc_projects == ["fd_teppo3_project", "new_project"]
    assert error == None

test_sso_authentication_dont_sync_old#

Source code in tests/unit/apps/users/authentication/test_sso_authentication.py 
60
61
62
63
64
65
66
67
def test_sso_authentication_dont_sync_old(make_sso_auth_request, sso_session_teppo):
    make_sso_auth_request(sso_session_teppo)
    sso_session_teppo["services"]["IDA"]["projects"] = ["fd_teppo3_project", "new_project"]

    # session is not newer than previous sync, should not sync user details
    user, error = make_sso_auth_request(sso_session_teppo)
    assert user.csc_projects == ["fd_teppo3_project"]
    assert error == None

test_sso_authentication_unauthenticated#

Source code in tests/unit/apps/users/authentication/test_sso_authentication.py 
70
71
72
73
def test_sso_authentication_unauthenticated(make_sso_auth_request):
    user, error = make_sso_auth_request(None)
    assert user == None
    assert error == None

test_sso_authentication_disabled#

Source code in tests/unit/apps/users/authentication/test_sso_authentication.py 
79
80
81
82
83
def test_sso_authentication_disabled(make_sso_auth_request, sso_session_teppo, settings):
    settings.ENABLE_SSO_AUTH = False
    user, error = make_sso_auth_request(sso_session_teppo)
    assert user == None
    assert error == None

test_sso_authentication_missing_secret#

Source code in tests/unit/apps/users/authentication/test_sso_authentication.py 
86
87
88
89
def test_sso_authentication_missing_secret(make_sso_auth_request, sso_session_teppo, settings):
    settings.SSO_SECRET_KEY = ""
    user, error = make_sso_auth_request(sso_session_teppo)
    assert error == "invalid_sso_configuration"
Source code in tests/unit/apps/users/authentication/test_sso_authentication.py 
92
93
94
95
96
97
def test_sso_authentication_missing_cookie_setting(
    make_sso_auth_request, sso_session_teppo, settings
):
    settings.SSO_SESSION_COOKIE = ""
    user, error = make_sso_auth_request(sso_session_teppo)
    assert error == "invalid_sso_configuration"

test_sso_authentication_wrong_secret#

Source code in tests/unit/apps/users/authentication/test_sso_authentication.py 
100
101
102
def test_sso_authentication_wrong_secret(make_sso_auth_request, sso_session_teppo):
    user, error = make_sso_auth_request(sso_session_teppo, use_wrong_key=True)
    assert error == "authentication_failed"

test_sso_authentication_missing_fairdata_user_id#

Source code in tests/unit/apps/users/authentication/test_sso_authentication.py 
108
109
110
111
112
def test_sso_authentication_missing_fairdata_user_id(make_sso_auth_request, sso_session_teppo):
    sso_session_teppo["fairdata_user"]["id"] = None
    user, error = make_sso_auth_request(sso_session_teppo)
    assert user == None
    assert error == "missing_fairdata_user_id"

test_sso_authentication_missing_organization_user_id#

Source code in tests/unit/apps/users/authentication/test_sso_authentication.py 
115
116
117
118
119
def test_sso_authentication_missing_organization_user_id(make_sso_auth_request, sso_session_teppo):
    sso_session_teppo["authenticated_user"]["organization"]["id"] = None
    user, error = make_sso_auth_request(sso_session_teppo)
    assert user == None
    assert error == "missing_organization_id"

test_sso_authentication_locked_user#

Source code in tests/unit/apps/users/authentication/test_sso_authentication.py 
122
123
124
125
126
def test_sso_authentication_locked_user(make_sso_auth_request, sso_session_teppo):
    sso_session_teppo["fairdata_user"]["locked"] = True
    user, error = make_sso_auth_request(sso_session_teppo)
    assert user == None
    assert error == "fairdata_user_locked"