mirror of https://github.com/zulip/zulip.git
tests: Flush session before a simulated cross-domain POST in saml tests.
This is important, because lack of this meant that the POST request in our tests still had the old session, with various params stored in it. This mechanism doesn't work in reality in SAML, so the backend uses redis to store and recover the params from redis. Without flushing the session, these tests would fail to catch some breakages in the redis-based mechanism.
This commit is contained in:
parent
2af4ef6c6d
commit
f2d052bff8
|
@ -1437,6 +1437,10 @@ class SAMLAuthBackendTest(SocialAuthBase):
|
|||
# a perfectly valid SAMLResponse for the purpose of these tests would be too complex,
|
||||
# and we simply use one loaded from a fixture file.
|
||||
with mock.patch.object(OneLogin_Saml2_Response, 'is_valid', return_value=True):
|
||||
# We are simulating a cross-domain POST request here. Session is a Lax cookie, meaning
|
||||
# it won't be sent by the browser in this request. To simulate that effect with the django
|
||||
# test client, we flush the session before the request.
|
||||
self.client.session.flush()
|
||||
result = self.client_post(self.AUTH_FINISH_URL, post_params, **headers)
|
||||
|
||||
return result
|
||||
|
|
Loading…
Reference in New Issue