0001-api-add-franceconnect-information-to-user-s-API-when.patch

Benjamin Dauvergne, 19 février 2018 13:43

Voir les différences: en ligne côte à côte

Subject: [PATCH] api: add franceconnect information to user's API when ?full
 is used (fixes #21962)

The following field is added to user's attributes if FC plugin is
enabled and the "full" parameter is given to the user's API:

   "franceconnect": {
      "linked": true,
      "link_url": "https://idp/accounts/fc/callback/",
      "unlink_url": "https://idp/accounts/fc/unlink/"
   }

 src/authentic2_auth_fc/__init__.py | 24 ++++++++++++++++++++++++
 tests/test_api.py                  | 23 +++++++++++++++++++++++
 2 files changed, 47 insertions(+)

             from authentic2.api_views import UsersAPI
             UsersAPI.fc_unlink = fc_unlink
         def a2_hook_api_modify_serializer(self, view, serializer):
             from rest_framework import serializers
             from authentic2.utils import make_url
             from . import app_settings
             if not app_settings.enable:
                 return
             request = view.request
             if 'full' not in request.GET:
                 return
             if view.__class__.__name__ == 'UsersAPI':
                 def get_franceconnect(user):
                     linked = user.fc_accounts.exists()
                     return {
                         'linked': linked,
                         'link_url': make_url('fc-login-or-link', request=request, absolute=True),
                         'unlink_url': make_url('fc-unlink', request=request, absolute=True),
+                    }
                 serializer.get_franceconnect = get_franceconnect
                 serializer.fields['franceconnect'] = serializers.SerializerMethodField()
     default_app_config = '%s.%s' % (__name__, 'AppConfig')

         # test success
         app.delete(url, status=204)
         assert FcAccount.objects.filter(user=user_cartman).exists() is False
     def test_api_user_franceconnect(settings, app, admin, user_cartman):
         settings.A2_FC_ENABLE = True
         url = '/api/users/%s/' % user_cartman.uuid
         # test unauthorized method
         app.authorization = ('Basic', (admin.username, admin.username))
         response = app.get(url + '?full')
         assert 'franceconnect' in response.json, 'missing franceconnect field in user API'
         content = response.json['franceconnect']
         assert isinstance(content, dict), 'franceconnect field is not a dict'
         assert content.get('linked') is True
         assert content.get('link_url').startswith('http://')
         assert content.get('link_url').endswith('/callback/')
         assert content.get('unlink_url').startswith('http://')
         assert content.get('unlink_url').endswith('/unlink/')
         unlink_url = '/api/users/%s/fc-unlink/' % user_cartman.uuid
         app.delete(unlink_url, status=204)
         response = app.get(url + '?full')
         assert response.json['franceconnect']['linked'] is False
+    -

Projet

Général

Profil

Produits Entr'ouvert » Authentic 2 » Plugin FS FranceConnect

0001-api-add-franceconnect-information-to-user-s-API-when.patch