auth: Add return_data for RemoteUserBackend.

This is done mainly because this backend has the simplest code path for calling login_or_register_remote_user, more than because we expect this case to come up. It'll make it easier to write unit tests for the `invalid_subdomain` corner case.
2018-04-22 14:20:58 -07:00 · 2018-04-22 14:20:58 -07:00 · 65025e8327
parent 6df821a40f
commit 65025e8327
2 changed files with 7 additions and 4 deletions
--- a/zerver/views/auth.py
+++ b/zerver/views/auth.py
@ -214,11 +214,14 @@ def remote_user_sso(request: HttpRequest,
    realm = get_realm(subdomain)
    # Since RemoteUserBackend will return None if Realm is None, we
    # don't need to check whether `get_realm` returned None.
-    user_profile = authenticate(remote_user=remote_user, realm=realm)
+    return_data = {}
+    user_profile = authenticate(remote_user=remote_user, realm=realm,
+                                return_data=return_data)

    redirect_to = request.GET.get('next', '')

    return login_or_register_remote_user(request, remote_user, user_profile,
+                                         invalid_subdomain = bool(return_data.get("invalid_subdomain")),
                                         mobile_flow_otp=mobile_flow_otp,
                                         redirect_to=redirect_to)

--- a/zproject/backends.py
+++ b/zproject/backends.py
@ -362,8 +362,8 @@ class GoogleMobileOauth2Backend(ZulipAuthMixin):
 class ZulipRemoteUserBackend(RemoteUserBackend):
    create_unknown_user = False

-    def authenticate(self, remote_user: Optional[str],
-                     realm: Optional[Realm]=None) -> Optional[UserProfile]:
+    def authenticate(self, remote_user: Optional[str], realm: Optional[Realm]=None,
+                     return_data: Optional[Dict[str, Any]]=None) -> Optional[UserProfile]:
        assert remote_user is not None
        if realm is None:
            return None
@ -371,7 +371,7 @@ class ZulipRemoteUserBackend(RemoteUserBackend):
            return None

        email = remote_user_to_email(remote_user)
-        return common_get_active_user(email, realm)
+        return common_get_active_user(email, realm, return_data=return_data)

 class ZulipLDAPException(_LDAPUser.AuthenticationFailed):
    pass