• Search by Module
• Search by Words
• Search Projects

• Java
• Python
• JavaScript
• TypeScript
• C++
• Scala
• Blog

• django-rest-social-auth-master
  • requirements_test.txt
  • Makefile
  • rest_social_auth
    • urls_jwt.py
    • urls_jwt_pair.py
    • urls_jwt_sliding.py
    • serializers.py
    • urls_session.py
    • views.py
    • urls_token.py
    • __init__.py
    • strategy.py
    • urls_knox.py
  • LICENSE
  • requirements_optional.txt
  • setup.py
  • setup.cfg
  • .travis.yml
  • README.md
  • tests
    • test_token.py
    • test_knox.py
    • test_simple_jwt.py
    • test_jwt.py
    • test_session.py
    • __init__.py
    • base.py
  • pytest.ini
  • scripts
    • entrypoint.sh
  • requirements.txt
  • RELEASE_NOTES.md
  • Dockerfile
  • .gitignore
  • MANIFEST.in
  • tox.ini
  • example_project
    • templates
      • home_knox.html
      • home_token.html
      • home_jwt_old.html
      • base.html
      • home_session.html
      • home_jwt.html
    • manage.py
    • config
      • wsgi.py
      • urls.py
      • __init__.py
      • settings.py
      • settings_test.py
    • users
      • social_pipeline.py
      • models.py
      • views.py
      • __init__.py
      • migrations
        • 0002_auto_20180415_0235.py
        • 0001_initial.py
        • __init__.py
        • 0003_auto_20190305_0001.py
      • context_processors.py
    • static

try:
    from urlparse import parse_qsl, urlparse
except ImportError:
    # python 3
    from urllib.parse import parse_qsl, urlparse

from mock import patch
from django.urls import reverse
from django.contrib.auth import get_user_model
from django.test import modify_settings
from django.test.utils import override_settings
from rest_framework.test import APITestCase
from rest_framework.permissions import DjangoModelPermissionsOrAnonReadOnly
from httpretty import HTTPretty
from social_core.utils import parse_qs

from .base import BaseFacebookAPITestCase, BaseTwitterApiTestCase


session_modify_settings = dict(
    INSTALLED_APPS={
        'remove': [
            'rest_framework.authtoken',
            'knox',
        ]
    },
)


class TestSocialAuth1(APITestCase, BaseTwitterApiTestCase):

    @modify_settings(**session_modify_settings)
    def test_login_social_oauth1_session(self):
        resp = self.client.post(
            reverse('login_social_session'), data={'provider': 'twitter'})
        self.assertEqual(resp.status_code, 200)
        self.assertEqual(resp.data, parse_qs(self.request_token_body))
        resp = self.client.post(reverse('login_social_session'), data={
            'provider': 'twitter',
            'oauth_token': 'foobar',
            'oauth_verifier': 'overifier'
        })
        self.assertEqual(resp.status_code, 200)


class TestSocialAuth2(APITestCase, BaseFacebookAPITestCase):

    @modify_settings(**session_modify_settings)
    def _check_login_social_session(self, url, data):
        resp = self.client.post(url, data)
        self.assertEqual(resp.status_code, 200)
        self.assertEqual(resp.data['email'], self.email)
        # check cookies are set
        self.assertTrue('sessionid' in resp.cookies)
        # check user is created
        self.assertTrue(
            get_user_model().objects.filter(email=self.email).exists())

    def test_login_social_session(self):
        self._check_login_social_session(
            reverse('login_social_session'),
            {'provider': 'facebook', 'code': '3D52VoM1uiw94a1ETnGvYlCw'})

    def test_login_social_session_provider_in_url(self):
        self._check_login_social_session(
            reverse('login_social_session', kwargs={'provider': 'facebook'}),
            {'code': '3D52VoM1uiw94a1ETnGvYlCw'})

    def test_no_provider_session(self):
        resp = self.client.post(
            reverse('login_social_session'),
            {'code': '3D52VoM1uiw94a1ETnGvYlCw'})
        self.assertEqual(resp.status_code, 400)

    def test_unknown_provider_session(self):
        resp = self.client.post(
            reverse('login_social_session', kwargs={'provider': 'unknown'}),
            {'code': '3D52VoM1uiw94a1ETnGvYlCw'})
        self.assertEqual(resp.status_code, 404)

    def test_login_social_http_origin(self):
        resp = self.client.post(
            reverse('login_social_session'),
            data={'provider': 'facebook', 'code': '3D52VoM1uiw94a1ETnGvYlCw'},
            HTTP_ORIGIN="http://frontend.com")
        self.assertEqual(resp.status_code, 200)
        url_params = dict(parse_qsl(urlparse(HTTPretty.latest_requests[0].path).query))
        self.assertEqual(url_params['redirect_uri'], "http://frontend.com/")

    @override_settings(REST_SOCIAL_OAUTH_ABSOLUTE_REDIRECT_URI='http://myproject.com/')
    def test_login_absolute_redirect(self):
        resp = self.client.post(
            reverse('login_social_session'),
            data={'provider': 'facebook', 'code': '3D52VoM1uiw94a1ETnGvYlCw'})
        self.assertEqual(resp.status_code, 200)
        url_params = dict(parse_qsl(urlparse(HTTPretty.latest_requests[0].path).query))
        self.assertEqual('http://myproject.com/', url_params['redirect_uri'])

    @override_settings(REST_SOCIAL_OAUTH_ABSOLUTE_REDIRECT_URI='http://myproject.com/')
    def test_login_manual_redirect(self):
        resp = self.client.post(
            reverse('login_social_session'),
            data={'provider': 'facebook', 'code': '3D52VoM1uiw94a1ETnGvYlCw',
                  'redirect_uri': 'http://manualdomain.com/'})
        self.assertEqual(resp.status_code, 200)
        url_params = dict(parse_qsl(urlparse(HTTPretty.latest_requests[0].path).query))
        self.assertEqual('http://manualdomain.com/', url_params['redirect_uri'])

    @patch('rest_framework.views.APIView.permission_classes')
    def test_login_social_session_model_permission(self, m_permission_classes):
        setattr(
            m_permission_classes,
            '__get__',
            lambda *args, **kwargs: (DjangoModelPermissionsOrAnonReadOnly,),
        )
        self._check_login_social_session(
            reverse('login_social_session'),
            {'provider': 'facebook', 'code': '3D52VoM1uiw94a1ETnGvYlCw'})


class TestSocialAuth2Error(APITestCase, BaseFacebookAPITestCase):
    access_token_status = 400

    def test_login_oauth_provider_error(self):
        resp = self.client.post(
            reverse('login_social_session'),
            data={'provider': 'facebook', 'code': '3D52VoM1uiw94a1ETnGvYlCw'})
        self.assertEqual(resp.status_code, 400)


class TestSocialAuth2HTTPError(APITestCase, BaseFacebookAPITestCase):
    access_token_status = 401

    def test_login_oauth_provider_http_error(self):
        resp = self.client.post(
            reverse('login_social_session'),
            data={'provider': 'facebook', 'code': '3D52VoM1uiw94a1ETnGvYlCw'})
        self.assertEqual(resp.status_code, 400)