0001-tomerge.patch

Benjamin Dauvergne, 29 mars 2017 19:29

Voir les différences: en ligne côte à côte

Subject: [PATCH] tomerge

 tests/test_fc_auth.py             | 90 +++++++++++++++++++++++++++++++++------
 wcs/qommon/ident/franceconnect.py | 13 ++----
 2 files changed, 80 insertions(+), 23 deletions(-)

         # setup an hobo profile
         CmdCheckHobos().update_profile(PROFILE, pub)
         pub.cfg['users']['field_name'] = ['_prenoms', '_nom']
         pub.cfg['debug'] = {'logger': True}
         pub.user_class.wipe()
         pub.write_cfg()
-...
         pub.write_cfg()
     def test_fc_login_page():
     def get_session(app):
         session_id = app.cookies.values()[0].strip('"')
         return get_session_manager().session_class.get(session_id)
     def test_fc_login_page(caplog):
         setup_user_profile(pub)
         setup_fc_environment(pub)
         app = get_app(pub)
-...
         assert user.name == 'John Doe'
         # Verify we are logged in
         session_id = app.cookies.values()[0].strip('"')
         session = get_session_manager().session_class.get(session_id)
         session = get_session(app)
         assert session.user == user.id
         assert session.extra_variables['fc_user_given_name'] == 'John'
         assert session.extra_variables['fc_user_family_name'] == 'Doe'
         assert session.extra_variables['fc_user_email'] == 'john.doe@example.com'
         assert session.extra_variables['fc_user_sub'] == 'ymca'
         assert session.display_message() == ''
         # Login existing user
         resp = app.get('/logout')
         # Test error handling path
         resp = app.get('/ident/fc/callback?%s' % urllib.urlencode({
             'state': state,
             'error': 'access_denied',
         }))
         assert 'user did not authorize login' in caplog.records[-1].message
         resp = app.get('/ident/fc/callback?%s' % urllib.urlencode({
             'state': state,
             'error': 'whatever',
         }))
         assert 'whatever' in caplog.records[-1].message
         # Login existing user
         resp = app.get('/login/')
         assert resp.status_int == 302
         assert resp.location.startswith('https://fcp.integ01.dev-franceconnect.fr/api/v1/authorize')
-...
             resp = app.get('/ident/fc/callback?%s' % urllib.urlencode({
                 'code': '1234', 'state': state,
             }))
         new_session_id = app.cookies.values()[0].strip('"')
         assert session_id != new_session_id, 'no new session created'
         session = get_session_manager().session_class.get(new_session_id)
         new_session = get_session(app)
         assert session.id != new_session.id, 'no new session created'
         assert pub.user_class.count() == 1, 'existing user has not been used'
         session_id = app.cookies.values()[0].strip('"')
         session = get_session_manager().session_class.get(session_id)
         assert session.user == user.id
         assert session.display_message() == ''
         assert new_session.user == user.id
         # User with missing attributes
         resp = app.get('/logout')
-...
                 'code': '1234', 'state': state,
             }))
         assert pub.user_class.count() == 1, 'an invalid user (no email) has been created'
         session_id = app.cookies.values()[0].strip('"')
         session = get_session_manager().session_class.get(session_id)
         session = get_session(app)
         assert session.user is None
         assert 'FranceConnect authentication failed: missing name or email' in str(session.display_message())
-...
         resp = resp.forms[0].submit('submit').follow()
         assert pub.cfg['fc'] == FC_CONFIG
     def test_fc_settings_no_user_profile():
         FC_CONFIG = {
             'client_id': '123',
             'client_secret': 'xyz',
             'platform': 'dev-particulier',
             'scopes': 'identite_pivot',
             'user_field_mappings': [
+                {
                     'field_varname': '__name',
                     'value': '[given_name ""] [family_name ""]',
                     'verified': 'always',
                 },
+                {
                     'field_varname': '__email',
                     'value': '[email ""]',
                     'verified': 'always',
                 },
+            ]
+        }
         pub.cfg = {}
         pub.user_class.wipe()
         pub.write_cfg()
         app = get_app(pub)
         resp = app.get('/backoffice/settings/identification/')
         resp.forms[0]['methods$elementfc'].checked = True
         resp = resp.forms[0].submit().follow()
         assert 'FranceConnect' in resp.body
         resp = resp.click('FranceConnect')
         resp = resp.forms[0].submit('user_field_mappings$add_element')
         resp = resp.forms[0].submit('user_field_mappings$add_element')
         resp.forms[0]['client_id'].value = '123'
         resp.forms[0]['client_secret'].value = 'xyz'
         resp.forms[0]['platform'].value = 'Development citizens'
         resp.forms[0]['scopes'].value = 'identite_pivot'
         resp.forms[0]['user_field_mappings$element0$field_varname'] = '__name'
         resp.forms[0]['user_field_mappings$element0$value'] = '[given_name ""] [family_name ""]'
         resp.forms[0]['user_field_mappings$element0$verified'] = 'Always'
         resp.forms[0]['user_field_mappings$element2$field_varname'] = '__email'
         resp.forms[0]['user_field_mappings$element2$value'] = '[email ""]'
         resp.forms[0]['user_field_mappings$element2$verified'] = 'Always'
         resp = resp.forms[0].submit('submit').follow()
         assert pub.cfg['fc'] == FC_CONFIG

                 user.set_attributes_from_formdata(user.form_data)
         AUTHORIZATION_REQUEST_ERRORS = {
             'access_denied': N_('You refused the connection'),
             'access_denied': N_('user did not authorize login'),
+        }
         def callback(self):
-...
                 # if no error parameter, we stay silent
                 if error:
                     # we log only errors whose user is not responsible
                     msg = _(self.AUTHORIZATION_REQUEST_ERRORS.get(error))
                     if not msg:
                         msg = _('FranceConnect authentication failed')
                         logger.error('FranceConnect authentication failed with an unknown error: %s',
                                      error)
                     session.message = ('error', msg)
                     msg = self.AUTHORIZATION_REQUEST_ERRORS.get(error)
                     logger.error(_('FranceConnect authentication failed : %s'), _(msg) if msg else error)
                 return redirect(next_url)
             access_token = self.get_access_token(request.form['code'])
             if not access_token:
-...
             if not (user.name and user.email):
                 # we didn't get useful attributes, forget it.
                 logger.error('failed to get name and/or email attribute from FranceConnect')
                 session.message = ('error',
                                    _('FranceConnect authentication failed: missing name or email'))
                 return redirect(next_url)
             user.store()
             session.set_user(user.id)
             session.id = None
             return redirect(next_url)
+    -

Projet

Général

Profil

Produits Entr'ouvert » w.c.s.

0001-tomerge.patch