auth: Add a test for the legacy /accounts/login/google/ mobile flow.

This is needed to return 100% URL coverage, and should also help
ensure we don't accidentally break the fix from
a43b231f90.
This commit is contained in:
Tim Abbott 2019-08-26 20:51:04 -07:00
parent a43b231f90
commit e0f8228d6e
1 changed files with 40 additions and 0 deletions

View File

@ -498,8 +498,12 @@ class SocialAuthBase(ZulipTestCase):
next: str='', next: str='',
multiuse_object_key: str='', multiuse_object_key: str='',
expect_choose_email_screen: bool=False, expect_choose_email_screen: bool=False,
alternative_start_url: Optional[str]=None,
**extra_data: Any) -> HttpResponse: **extra_data: Any) -> HttpResponse:
url = self.LOGIN_URL url = self.LOGIN_URL
if alternative_start_url is not None:
url = alternative_start_url
params = {} params = {}
headers = {} headers = {}
if subdomain is not None: if subdomain is not None:
@ -1178,6 +1182,42 @@ class GoogleAuthBackendTest(SocialAuthBase):
mock_warning.assert_called_once_with("Social auth (Google) failed " mock_warning.assert_called_once_with("Social auth (Google) failed "
"because user has no verified emails") "because user has no verified emails")
def test_social_auth_mobile_success_legacy_url(self) -> None:
mobile_flow_otp = '1234abcd' * 8
account_data_dict = self.get_account_data_dict(email=self.email, name='Full Name')
self.assertEqual(len(mail.outbox), 0)
self.user_profile.date_joined = timezone_now() - datetime.timedelta(seconds=JUST_CREATED_THRESHOLD + 1)
self.user_profile.save()
with self.settings(SEND_LOGIN_EMAILS=True):
# Verify that the right thing happens with an invalid-format OTP
result = self.social_auth_test(account_data_dict, subdomain='zulip',
alternative_start_url="/accounts/login/google/",
mobile_flow_otp="1234")
self.assert_json_error(result, "Invalid OTP")
result = self.social_auth_test(account_data_dict, subdomain='zulip',
alternative_start_url="/accounts/login/google/",
mobile_flow_otp="invalido" * 8)
self.assert_json_error(result, "Invalid OTP")
# Now do it correctly
result = self.social_auth_test(account_data_dict, subdomain='zulip',
expect_choose_email_screen=True,
alternative_start_url="/accounts/login/google/",
mobile_flow_otp=mobile_flow_otp)
self.assertEqual(result.status_code, 302)
redirect_url = result['Location']
parsed_url = urllib.parse.urlparse(redirect_url)
query_params = urllib.parse.parse_qs(parsed_url.query)
self.assertEqual(parsed_url.scheme, 'zulip')
self.assertEqual(query_params["realm"], ['http://zulip.testserver'])
self.assertEqual(query_params["email"], [self.example_email("hamlet")])
encrypted_api_key = query_params["otp_encrypted_api_key"][0]
hamlet_api_keys = get_all_api_keys(self.example_user('hamlet'))
self.assertIn(otp_decrypt_api_key(encrypted_api_key, mobile_flow_otp), hamlet_api_keys)
self.assertEqual(len(mail.outbox), 1)
self.assertIn('Zulip on Android', mail.outbox[0].body)
def test_google_auth_enabled(self) -> None: def test_google_auth_enabled(self) -> None:
with self.settings(AUTHENTICATION_BACKENDS=('zproject.backends.GoogleAuthBackend',)): with self.settings(AUTHENTICATION_BACKENDS=('zproject.backends.GoogleAuthBackend',)):
self.assertTrue(google_auth_enabled()) self.assertTrue(google_auth_enabled())