mirror of https://github.com/zulip/zulip.git
auth: Add a test for the legacy /accounts/login/google/ mobile flow.
This is needed to return 100% URL coverage, and should also help
ensure we don't accidentally break the fix from
a43b231f90
.
This commit is contained in:
parent
a43b231f90
commit
e0f8228d6e
|
@ -498,8 +498,12 @@ class SocialAuthBase(ZulipTestCase):
|
||||||
next: str='',
|
next: str='',
|
||||||
multiuse_object_key: str='',
|
multiuse_object_key: str='',
|
||||||
expect_choose_email_screen: bool=False,
|
expect_choose_email_screen: bool=False,
|
||||||
|
alternative_start_url: Optional[str]=None,
|
||||||
**extra_data: Any) -> HttpResponse:
|
**extra_data: Any) -> HttpResponse:
|
||||||
url = self.LOGIN_URL
|
url = self.LOGIN_URL
|
||||||
|
if alternative_start_url is not None:
|
||||||
|
url = alternative_start_url
|
||||||
|
|
||||||
params = {}
|
params = {}
|
||||||
headers = {}
|
headers = {}
|
||||||
if subdomain is not None:
|
if subdomain is not None:
|
||||||
|
@ -1178,6 +1182,42 @@ class GoogleAuthBackendTest(SocialAuthBase):
|
||||||
mock_warning.assert_called_once_with("Social auth (Google) failed "
|
mock_warning.assert_called_once_with("Social auth (Google) failed "
|
||||||
"because user has no verified emails")
|
"because user has no verified emails")
|
||||||
|
|
||||||
|
def test_social_auth_mobile_success_legacy_url(self) -> None:
|
||||||
|
mobile_flow_otp = '1234abcd' * 8
|
||||||
|
account_data_dict = self.get_account_data_dict(email=self.email, name='Full Name')
|
||||||
|
self.assertEqual(len(mail.outbox), 0)
|
||||||
|
self.user_profile.date_joined = timezone_now() - datetime.timedelta(seconds=JUST_CREATED_THRESHOLD + 1)
|
||||||
|
self.user_profile.save()
|
||||||
|
|
||||||
|
with self.settings(SEND_LOGIN_EMAILS=True):
|
||||||
|
# Verify that the right thing happens with an invalid-format OTP
|
||||||
|
result = self.social_auth_test(account_data_dict, subdomain='zulip',
|
||||||
|
alternative_start_url="/accounts/login/google/",
|
||||||
|
mobile_flow_otp="1234")
|
||||||
|
self.assert_json_error(result, "Invalid OTP")
|
||||||
|
result = self.social_auth_test(account_data_dict, subdomain='zulip',
|
||||||
|
alternative_start_url="/accounts/login/google/",
|
||||||
|
mobile_flow_otp="invalido" * 8)
|
||||||
|
self.assert_json_error(result, "Invalid OTP")
|
||||||
|
|
||||||
|
# Now do it correctly
|
||||||
|
result = self.social_auth_test(account_data_dict, subdomain='zulip',
|
||||||
|
expect_choose_email_screen=True,
|
||||||
|
alternative_start_url="/accounts/login/google/",
|
||||||
|
mobile_flow_otp=mobile_flow_otp)
|
||||||
|
self.assertEqual(result.status_code, 302)
|
||||||
|
redirect_url = result['Location']
|
||||||
|
parsed_url = urllib.parse.urlparse(redirect_url)
|
||||||
|
query_params = urllib.parse.parse_qs(parsed_url.query)
|
||||||
|
self.assertEqual(parsed_url.scheme, 'zulip')
|
||||||
|
self.assertEqual(query_params["realm"], ['http://zulip.testserver'])
|
||||||
|
self.assertEqual(query_params["email"], [self.example_email("hamlet")])
|
||||||
|
encrypted_api_key = query_params["otp_encrypted_api_key"][0]
|
||||||
|
hamlet_api_keys = get_all_api_keys(self.example_user('hamlet'))
|
||||||
|
self.assertIn(otp_decrypt_api_key(encrypted_api_key, mobile_flow_otp), hamlet_api_keys)
|
||||||
|
self.assertEqual(len(mail.outbox), 1)
|
||||||
|
self.assertIn('Zulip on Android', mail.outbox[0].body)
|
||||||
|
|
||||||
def test_google_auth_enabled(self) -> None:
|
def test_google_auth_enabled(self) -> None:
|
||||||
with self.settings(AUTHENTICATION_BACKENDS=('zproject.backends.GoogleAuthBackend',)):
|
with self.settings(AUTHENTICATION_BACKENDS=('zproject.backends.GoogleAuthBackend',)):
|
||||||
self.assertTrue(google_auth_enabled())
|
self.assertTrue(google_auth_enabled())
|
||||||
|
|
Loading…
Reference in New Issue