1087 |
1087 |
|
1088 |
1088 |
old_apps = migration.before(migrate_from)
|
1089 |
1089 |
OIDCProvider = old_apps.get_model(app, 'OIDCProvider')
|
|
1090 |
OIDCClaimMapping = old_apps.get_model(app, 'OIDCClaimMapping')
|
|
1091 |
OIDCAccount = old_apps.get_model(app, 'OIDCAccount')
|
1090 |
1092 |
OrganizationalUnit = old_apps.get_model('a2_rbac', 'OrganizationalUnit')
|
|
1093 |
User = old_apps.get_model('custom_user', 'User')
|
1091 |
1094 |
ou1 = OrganizationalUnit.objects.create(name='OU1', slug='ou1')
|
1092 |
1095 |
issuer = 'https://baz.example.com'
|
1093 |
|
OIDCProvider.objects.create(
|
|
1096 |
first_provider = OIDCProvider.objects.create(
|
1094 |
1097 |
name='Baz',
|
1095 |
1098 |
slug='baz',
|
1096 |
1099 |
ou=ou1,
|
... | ... | |
1102 |
1105 |
userinfo_endpoint='%s/user_info' % issuer,
|
1103 |
1106 |
token_revocation_endpoint='%s/revoke' % issuer,
|
1104 |
1107 |
)
|
|
1108 |
second_provider = OIDCProvider.objects.create(name='Second', slug='second', ou=ou1)
|
|
1109 |
second_provider_claim_mapping = OIDCClaimMapping.objects.create(
|
|
1110 |
provider=second_provider, claim='second_provider', attribute='username'
|
|
1111 |
)
|
|
1112 |
user1 = User.objects.create()
|
|
1113 |
second_provider_account = OIDCAccount.objects.create(
|
|
1114 |
user=user1, provider=second_provider, sub='second_provider'
|
|
1115 |
)
|
|
1116 |
first_provider_claim_mapping = OIDCClaimMapping.objects.create(
|
|
1117 |
provider=first_provider, claim='first_provider', attribute='username'
|
|
1118 |
)
|
1105 |
1119 |
|
1106 |
1120 |
new_apps = migration.apply(migrate_to)
|
1107 |
1121 |
OIDCProvider = new_apps.get_model(app, 'OIDCProvider')
|
1108 |
1122 |
BaseAuthenticator = new_apps.get_model('authenticators', 'BaseAuthenticator')
|
1109 |
1123 |
|
1110 |
|
authenticator = OIDCProvider.objects.get()
|
|
1124 |
authenticator = OIDCProvider.objects.get(slug='baz')
|
1111 |
1125 |
assert authenticator.name == 'Baz'
|
1112 |
|
assert authenticator.slug == 'baz'
|
1113 |
1126 |
assert authenticator.ou.pk == ou1.pk
|
1114 |
1127 |
assert authenticator.enabled is True
|
1115 |
1128 |
assert authenticator.order == auth_frontend_kwargs['oidc'].get('priority', 2)
|
1116 |
1129 |
assert authenticator.show_condition == '"backoffice" not in login_hint'
|
1117 |
1130 |
assert authenticator.authorization_endpoint == '%s/authorize' % issuer
|
|
1131 |
assert authenticator.claim_mappings.count() == 1
|
|
1132 |
assert authenticator.claim_mappings.get().pk == first_provider_claim_mapping.pk
|
|
1133 |
assert not authenticator.accounts.exists()
|
1118 |
1134 |
|
1119 |
|
base_authenticator = BaseAuthenticator.objects.get()
|
|
1135 |
base_authenticator = BaseAuthenticator.objects.get(slug='baz')
|
1120 |
1136 |
assert authenticator.uuid == base_authenticator.uuid
|
|
1137 |
|
|
1138 |
second_authenticator = OIDCProvider.objects.get(slug='second')
|
|
1139 |
assert second_authenticator.name == 'Second'
|
|
1140 |
assert second_authenticator.claim_mappings.count() == 1
|
|
1141 |
assert second_authenticator.claim_mappings.get().pk == second_provider_claim_mapping.pk
|
|
1142 |
assert second_authenticator.accounts.count() == 1
|
|
1143 |
assert second_authenticator.accounts.get().pk == second_provider_account.pk
|
1121 |
|
-
|