mirror of https://github.com/zulip/zulip.git
api: Remove unused /get_auth_backends endpoint.
This legacy endpoint was designed for the original native Zulip mobile apps, which were deprecated years ago in favor of the React Native app. It was replaced by /server_settings for active use years ago, so it's safe to remove it now.
This commit is contained in:
parent
7e4f8a42cf
commit
29314f3195
|
@ -6,7 +6,7 @@ from django.test import override_settings
|
||||||
from django_auth_ldap.backend import LDAPSearch, _LDAPUser
|
from django_auth_ldap.backend import LDAPSearch, _LDAPUser
|
||||||
from django.test.client import RequestFactory
|
from django.test.client import RequestFactory
|
||||||
from django.utils.timezone import now as timezone_now
|
from django.utils.timezone import now as timezone_now
|
||||||
from typing import Any, Callable, Dict, List, Optional, Set, Tuple
|
from typing import Any, Callable, Dict, List, Optional, Tuple
|
||||||
from django.core import signing
|
from django.core import signing
|
||||||
from django.urls import reverse
|
from django.urls import reverse
|
||||||
|
|
||||||
|
@ -24,7 +24,6 @@ from zerver.lib.actions import (
|
||||||
do_deactivate_user,
|
do_deactivate_user,
|
||||||
do_reactivate_realm,
|
do_reactivate_realm,
|
||||||
do_reactivate_user,
|
do_reactivate_user,
|
||||||
do_set_realm_authentication_methods,
|
|
||||||
ensure_stream,
|
ensure_stream,
|
||||||
validate_email,
|
validate_email,
|
||||||
)
|
)
|
||||||
|
@ -62,7 +61,6 @@ from zproject.backends import ZulipDummyBackend, EmailAuthBackend, \
|
||||||
|
|
||||||
from zerver.views.auth import (maybe_send_to_registration,
|
from zerver.views.auth import (maybe_send_to_registration,
|
||||||
_subdomain_token_salt)
|
_subdomain_token_salt)
|
||||||
from version import ZULIP_VERSION
|
|
||||||
|
|
||||||
from onelogin.saml2.auth import OneLogin_Saml2_Auth
|
from onelogin.saml2.auth import OneLogin_Saml2_Auth
|
||||||
from onelogin.saml2.response import OneLogin_Saml2_Response
|
from onelogin.saml2.response import OneLogin_Saml2_Response
|
||||||
|
@ -1878,79 +1876,17 @@ class FetchAuthBackends(ZulipTestCase):
|
||||||
('realm_icon', check_string),
|
('realm_icon', check_string),
|
||||||
])
|
])
|
||||||
|
|
||||||
def test_fetch_auth_backend_format(self) -> None:
|
|
||||||
expected_keys = {'msg', 'password', 'zulip_version', 'result'}
|
|
||||||
for backend_name_with_case in AUTH_BACKEND_NAME_MAP:
|
|
||||||
expected_keys.add(backend_name_with_case.lower())
|
|
||||||
|
|
||||||
result = self.client_get("/api/v1/get_auth_backends")
|
|
||||||
self.assert_json_success(result)
|
|
||||||
data = result.json()
|
|
||||||
|
|
||||||
self.assertEqual(set(data.keys()), expected_keys)
|
|
||||||
for backend in set(data.keys()) - {'msg', 'result', 'zulip_version'}:
|
|
||||||
self.assertTrue(isinstance(data[backend], bool))
|
|
||||||
|
|
||||||
def test_fetch_auth_backend(self) -> None:
|
|
||||||
def get_expected_result(expected_backends: Set[str], password_auth_enabled: bool=False) -> Dict[str, Any]:
|
|
||||||
result = {
|
|
||||||
'msg': '',
|
|
||||||
'result': 'success',
|
|
||||||
'password': password_auth_enabled,
|
|
||||||
'zulip_version': ZULIP_VERSION,
|
|
||||||
}
|
|
||||||
for backend_name_raw in AUTH_BACKEND_NAME_MAP:
|
|
||||||
backend_name = backend_name_raw.lower()
|
|
||||||
result[backend_name] = backend_name in expected_backends
|
|
||||||
return result
|
|
||||||
|
|
||||||
backends = [GoogleAuthBackend(), DevAuthBackend()]
|
|
||||||
with mock.patch('django.contrib.auth.get_backends', return_value=backends):
|
|
||||||
result = self.client_get("/api/v1/get_auth_backends")
|
|
||||||
self.assert_json_success(result)
|
|
||||||
data = result.json()
|
|
||||||
# Check that a few keys are present, to guard against
|
|
||||||
# AUTH_BACKEND_NAME_MAP being broken
|
|
||||||
self.assertIn("email", data)
|
|
||||||
self.assertIn("github", data)
|
|
||||||
self.assertIn("google", data)
|
|
||||||
self.assertEqual(data, get_expected_result({"google", "dev"}))
|
|
||||||
|
|
||||||
# Test subdomains cases
|
|
||||||
with self.settings(ROOT_DOMAIN_LANDING_PAGE=False):
|
|
||||||
result = self.client_get("/api/v1/get_auth_backends")
|
|
||||||
self.assert_json_success(result)
|
|
||||||
data = result.json()
|
|
||||||
self.assertEqual(data, get_expected_result({"google", "dev"}))
|
|
||||||
|
|
||||||
# Verify invalid subdomain
|
# Verify invalid subdomain
|
||||||
result = self.client_get("/api/v1/get_auth_backends",
|
result = self.client_get("/api/v1/server_settings",
|
||||||
subdomain="invalid")
|
subdomain="invalid")
|
||||||
self.assert_json_error_contains(result, "Invalid subdomain", 400)
|
self.assert_json_error_contains(result, "Invalid subdomain", 400)
|
||||||
|
|
||||||
# Verify correct behavior with a valid subdomain with
|
|
||||||
# some backends disabled for the realm
|
|
||||||
realm = get_realm("zulip")
|
|
||||||
do_set_realm_authentication_methods(realm, dict(Google=False, Email=False, Dev=True))
|
|
||||||
result = self.client_get("/api/v1/get_auth_backends",
|
|
||||||
subdomain="zulip")
|
|
||||||
self.assert_json_success(result)
|
|
||||||
data = result.json()
|
|
||||||
self.assertEqual(data, get_expected_result({"dev"}))
|
|
||||||
|
|
||||||
with self.settings(ROOT_DOMAIN_LANDING_PAGE=True):
|
with self.settings(ROOT_DOMAIN_LANDING_PAGE=True):
|
||||||
# With ROOT_DOMAIN_LANDING_PAGE, homepage fails
|
# With ROOT_DOMAIN_LANDING_PAGE, homepage fails
|
||||||
result = self.client_get("/api/v1/get_auth_backends",
|
result = self.client_get("/api/v1/server_settings",
|
||||||
subdomain="")
|
subdomain="")
|
||||||
self.assert_json_error_contains(result, "Subdomain required", 400)
|
self.assert_json_error_contains(result, "Subdomain required", 400)
|
||||||
|
|
||||||
# With ROOT_DOMAIN_LANDING_PAGE, subdomain pages succeed
|
|
||||||
result = self.client_get("/api/v1/get_auth_backends",
|
|
||||||
subdomain="zulip")
|
|
||||||
self.assert_json_success(result)
|
|
||||||
data = result.json()
|
|
||||||
self.assertEqual(data, get_expected_result({"dev"}))
|
|
||||||
|
|
||||||
class TestTwoFactor(ZulipTestCase):
|
class TestTwoFactor(ZulipTestCase):
|
||||||
def test_direct_dev_login_with_2fa(self) -> None:
|
def test_direct_dev_login_with_2fa(self) -> None:
|
||||||
email = self.example_email('hamlet')
|
email = self.example_email('hamlet')
|
||||||
|
|
|
@ -182,7 +182,6 @@ class OpenAPIArgumentsTest(ZulipTestCase):
|
||||||
'/dev_list_users',
|
'/dev_list_users',
|
||||||
'/fetch_api_key',
|
'/fetch_api_key',
|
||||||
'/fetch_google_client_id',
|
'/fetch_google_client_id',
|
||||||
'/get_auth_backends',
|
|
||||||
'/settings',
|
'/settings',
|
||||||
'/submessage',
|
'/submessage',
|
||||||
'/attachments',
|
'/attachments',
|
||||||
|
|
|
@ -808,13 +808,6 @@ def get_auth_backends_data(request: HttpRequest) -> Dict[str, Any]:
|
||||||
result[key] = auth_enabled_helper([auth_backend_name], realm)
|
result[key] = auth_enabled_helper([auth_backend_name], realm)
|
||||||
return result
|
return result
|
||||||
|
|
||||||
@csrf_exempt
|
|
||||||
def api_get_auth_backends(request: HttpRequest) -> HttpResponse:
|
|
||||||
"""Deprecated route; this is to be replaced by api_get_server_settings"""
|
|
||||||
auth_backends = get_auth_backends_data(request)
|
|
||||||
auth_backends['zulip_version'] = ZULIP_VERSION
|
|
||||||
return json_success(auth_backends)
|
|
||||||
|
|
||||||
def check_server_incompatibility(request: HttpRequest) -> bool:
|
def check_server_incompatibility(request: HttpRequest) -> bool:
|
||||||
user_agent = parse_user_agent(request.META.get("HTTP_USER_AGENT", "Missing User-Agent"))
|
user_agent = parse_user_agent(request.META.get("HTTP_USER_AGENT", "Missing User-Agent"))
|
||||||
return user_agent['name'] == "ZulipInvalid"
|
return user_agent['name'] == "ZulipInvalid"
|
||||||
|
|
|
@ -669,9 +669,6 @@ v1_api_mobile_patterns = [
|
||||||
# like the requested subdomains'd realm icon (if known) and
|
# like the requested subdomains'd realm icon (if known) and
|
||||||
# server-specific compatibility.
|
# server-specific compatibility.
|
||||||
url(r'^server_settings$', zerver.views.auth.api_get_server_settings),
|
url(r'^server_settings$', zerver.views.auth.api_get_server_settings),
|
||||||
# This is a deprecated old version of api/v1/server_settings that only returns auth backends.
|
|
||||||
url(r'^get_auth_backends$', zerver.views.auth.api_get_auth_backends,
|
|
||||||
name='zerver.views.auth.api_get_auth_backends'),
|
|
||||||
|
|
||||||
# This json format view used by the mobile apps accepts a username
|
# This json format view used by the mobile apps accepts a username
|
||||||
# password/pair and returns an API key.
|
# password/pair and returns an API key.
|
||||||
|
|
Loading…
Reference in New Issue