Rishi Gupta
3797fa657e
Change bot domains to string_id.EXTERNAL_HOST.
...
Change applies to both subdomains and non-subdomains case, though we use
just the EXTERNAL_HOST in the non-subdomains case if there is only 1 realm.
Fixes #3903 .
2017-03-08 16:26:13 -08:00
Tim Abbott
fe237118b0
Rename zerver/lib/session_user.py to sessions.py.
2017-03-08 02:43:35 -08:00
Umair Khan
1f60baba6b
Handle social auth exception in auth_complete.
...
In case of an exception, we log it and return None which results in a
redirect to the login page.
2017-03-07 19:46:40 -08:00
Tim Abbott
6c12a49d04
test_auth_backends: Remove now-unnecessary compatibility code.
...
This code was added as part of the Django 1.10 migration to make our
tests work with both Django 1.8 and 1.10. Now that we're on 1.10,
it's no longer required.
2017-03-04 23:38:46 -08:00
Raghav Jajodia
a3a03bd6a5
mypy: Added Dict, List and Set imports.
...
Fixed mypy errors associated with the upgrade.
2017-03-04 14:33:44 -08:00
K.Kanakhin
d9b10727fa
server-version: Add server version to api endpoints.
...
- Add server version to `fetch_initial_state_data`.
- Add server version to register event queue api endpoint.
- Add server version to `get_auth_backends` api endpoint.
- Change source for server version in `home` endpoint.
- Fix tests.
Fixes #3663
2017-02-28 14:22:01 -08:00
Umair Khan
802de53ede
backend: Handle GitHub authentication failure.
...
In case of AuthFailed exception return None.
2017-02-28 09:55:37 -08:00
Tim Abbott
84b18f865a
users: Verify full names explicitly in account registration.
...
I believe this completes the project of ensuring that our recent work
on limiting what characters can appears in users' full names covers
the entire codebase.
2017-02-07 20:20:32 -08:00
Harshit Bansal
8c428dc130
Fix `ZulipLDAPAuthBackend` not to rely on user's email domain.
...
In case realms have subdomains and the user hasn't been populated
yet in the Django User model, `ZulipLDAPAuthBackend` should not
rely on user's email domain to determine in which realm it should
be created in.
Fixes : #2227 .
2017-01-25 15:24:49 -08:00
Tim Abbott
4e171ce787
lint: Clean up E126 PEP-8 rule.
2017-01-23 22:06:13 -08:00
sinwar
b0efa58eb4
requirements: Upgrade python-social-auth to latest version
...
Fixes #3403
2017-01-21 21:22:59 +05:30
Rishi Gupta
494c1a2b55
Remove unnecessary uses of Realm.domain in zerver/tests.
2017-01-09 11:26:08 -08:00
Tim Abbott
f3b5683e77
views: Rename __init__.py to zerver.views.registration.
...
This completes the cleanup process of eliminating functions in the
root zerver/views/__init__.py module.
2017-01-08 16:21:15 -08:00
Rishi Gupta
2b0a7fd0ba
Rename models.get_realm_by_string_id to get_realm.
...
Finishes the refactoring started in c1bbd8d
. The goal of the refactoring is
to change the argument to get_realm from a Realm.domain to a
Realm.string_id. The steps were
* Add a new function, get_realm_by_string_id.
* Change all calls to get_realm to use get_realm_by_string_id instead.
* Remove get_realm.
* (This commit) Rename get_realm_by_string_id to get_realm.
Part of a larger migration to remove the Realm.domain field entirely.
2017-01-04 17:12:23 -08:00
Umair Khan
b6cb6a4f0c
ldap: Inherit FakeLdap exceptions from ldap.
2016-12-30 16:55:06 -08:00
Rishi Gupta
d6e7014f06
Refactor views.create_homepage_form into its callers.
...
The indirection is no longer that useful, and obscures Django's conventional
style for calling a form.
2016-12-26 17:50:23 -08:00
Tim Abbott
66bce06a5a
lint: Fix E127 vilations due to recent assertEquals migration.
2016-12-15 20:51:27 -08:00
Tim Abbott
bf80873d4f
tests: s/assertRaisesRegexp/assertRaisesRegex/ due to deprecation.
2016-12-15 17:11:42 -08:00
Tim Abbott
a116c86f62
tests: s/assertEquals/assertEqual/ due to deprecation.
...
Fixes #2730 .
2016-12-15 17:02:03 -08:00
Igor Tokarev
f154a3b742
tests: Improve test coverage of templates.
...
Addresses part of #1677 .
2016-12-14 13:08:33 -08:00
Umair Khan
8e30530cc5
subdomains: Make GitHub login work with subdomains.
...
Fixes #2501 .
2016-12-14 11:09:39 -08:00
bulat22101
9f68efa47b
mypy: Convert zerver/tests/ to use typing.Text.
2016-12-04 14:47:21 -08:00
nikolay
abc2ff4a06
pep8: Fix many rule E128 violations.
...
[Tweaked by tabbott to adjust some approaches used in wrapping]
2016-12-03 13:33:31 -08:00
Sidhant Bhavnani
8c0c12c1d9
pep8: Fix E303 violations.
2016-12-02 15:34:11 -08:00
AZtheAsian
1ba150fa85
pep8: Fix E203 violations
2016-12-01 20:37:57 -08:00
Rafid Aslam
c5316b4002
lint: Fix E127 pep8 violations.
...
Fix pep8: E127 continuation line over-indented for visual indent
style issue.
2016-12-01 10:23:55 -08:00
Rafid Aslam
41bd88d5ed
pep8: Fix E301 pep8 violations.
...
Fix "E301: expected (1 or 2) blank line" pep8 violations.
2016-11-29 08:51:44 -08:00
Rafid Aslam
7a2282986a
pep8: Fix E225 pep8 violations.
2016-11-28 15:21:15 -08:00
reyha
9f8630fed8
tests: Access realms by string_id.
...
Replaces get_realm() function by get_realm_by_string_id() function
in zerver/tests.
Fixes #2226 .
2016-11-15 13:32:20 -08:00
sinwar
4582a98c09
tests: Split out ZulipTestCase and WebhookTestCase to a separate file.
...
Fixes #1671 .
2016-11-10 19:29:43 -08:00
Umair Khan
ee3ec96f38
Django 1.10: Suppress logs.
2016-11-10 16:20:03 +05:00
Umair Khan
1e91b946d9
Django 1.10: Sign google oauth requests using csrf token.
...
In Django 1.10, the get_token function returns a salted version of
csrf token which changes whenever get_token is called. This gives
us wrong result when we compare the state after returning from
Google authentication servers. The solution is to unsalt the token
and use that token to find the HMAC so that we get the same value
as long as t he token is same.
2016-11-10 16:20:03 +05:00
Rishi Gupta
1e6ae537bd
Remove special flow for open realm sign-up when realms have subdomains.
...
Redirects /register/<domain> to /accounts/register when
REALMS_HAVE_SUBDOMAINS.
2016-11-09 16:31:48 -08:00
Rishi Gupta
ff2fe0cf92
forms.HomepageForm: Improve error messages.
...
No change to behavior.
2016-11-09 16:31:48 -08:00
Rishi Gupta
01526677c4
forms.HomepageForm: Use string_id to determine intended signup realm.
...
If the user comes in to HomepageForm with a set subdomain, use that to
determine the signup realm instead of the email address.
In the non-REALMS_HAVE_SUBDOMAINS case, still allow using the email address
if no subdomain is passed.
2016-11-09 16:31:48 -08:00
Umair Khan
f78752466c
Django 1.10: URLs in response contain just the path.
...
The response object of the Django test client only contains the
path of the url.
2016-11-09 15:26:07 -08:00
umkay
ab2fd4ef3a
TestAdminSetBackends: Supply dev_auth_enabled() with realm argument.
...
This fixes the fact that these tests were not correctly running
against the actual realm.
2016-11-07 17:07:05 -08:00
Tim Abbott
11518d9fb3
Remove test_ldap_auth_email_auth_disabled_failure for now.
...
This test was having order-dependent failures when run after
`test_signup`.
2016-11-06 18:34:22 -08:00
Tim Abbott
bb17e575c8
auth: Add SocialAuthMixinTest.
2016-11-06 18:07:52 -08:00
Tim Abbott
c856e56afc
test_auth_backend: Add missing LDAP tests in FetchAPIKeyTest.
2016-11-06 18:07:52 -08:00
Tim Abbott
c94fe5bdef
test_ldap: Fix spelling of tearDown method.
2016-11-06 16:33:20 -08:00
umkay
f4c621ffe3
admin: Enable admins to toggle supported auth methods via UI.
...
Add a table to the administration page that will allow realm admins to
activate and deactivate the supported authentication methods for that
realm.
2016-11-06 16:29:35 -08:00
umkay
21c024fc29
auth: Make supported authentication backends a bitfield on realm.
...
This makes it possible to configure only certain authentication
methods to be enabled on a per-realm basis.
Note that the authentication_methods_dict function (which checks what
backends are supported on the realm) requires an in function import
due to a circular dependency.
2016-11-06 16:16:24 -08:00
Tim Abbott
b41c15fa05
auth: Reject authentication if auth backends are disabled.
2016-11-06 16:16:22 -08:00
Tim Abbott
3a3cee411d
auth: Remove old password_auth_enabled hack.
...
This was used by an old configuration for zulip.com, which is no
longer in production use.
2016-11-06 14:50:15 -08:00
Umair Khan
4502872e8e
subdomain: Test user registration through Google OAuth.
2016-11-03 10:09:24 -07:00
Rishi Gupta
64bcd71d6e
models.Realm: Rename subdomain to string_id.
...
Does a database migration to rename Realm.subdomain to
Realm.string_id, and makes Realm.subdomain a property. Eventually,
Realm.string_id will replace Realm.domain as the handle by which we
retrieve Realm objects.
2016-11-02 22:46:34 -07:00
umkay
0e0a11bb5e
Refactor GitHub authentication backend tests.
2016-11-02 21:06:17 -07:00
Umair Khan
2dabfc562c
subdomains: Add tests for single domain OAuth2.
2016-10-28 11:04:08 -07:00
Umair Khan
26646abe8c
Authenticate subdomains using single Google OAuth entry.
...
Previously, we used to create one Google OAuth callback url entry
per subdomain. This commit allows us to authenticate subdomain users
against a single Google OAuth callback url entry.
2016-10-28 11:04:08 -07:00
Umair Khan
d139c9cb71
Add tests for maybe_send_to_registration function.
2016-10-28 09:27:56 -07:00
Umair Khan
8064ed1c0b
Add test for ZulipRemoteUserBackend.
2016-10-28 09:27:56 -07:00
Umair Khan
839cab3434
Add tests for GitHubAuthBackend.
2016-10-28 09:27:56 -07:00
Umair Khan
b6046bc77e
Add tests for password_auth_enabled function.
2016-10-28 09:27:56 -07:00
Umair Khan
d9e1975d2c
Add ZulipAuthMixin tests.
2016-10-28 09:27:56 -07:00
Umair Khan
6dbe425675
Add Google OAuth2 backend tests.
2016-10-28 09:27:56 -07:00
Umair Khan
088d8eebad
Add ZulipLDAPUserPopulator test.
2016-10-28 09:27:56 -07:00
Umair Khan
50422e775b
Add LDAP tests.
2016-10-28 09:27:55 -07:00
Umair Khan
486774b28d
Add tests for JWT based login.
2016-10-26 14:40:56 -07:00
Umair Khan
9b42b7fad3
Add tests for TestZulipRemoteUserBackend.
2016-10-25 08:13:35 -07:00
Umair Khan
9f37b9b386
Add tests for TestDevAuthBackend.
2016-10-25 17:57:33 +05:00
Tim Abbott
67d9e19ccf
views: Split views/auth.py out of core views file.
2016-10-11 21:27:06 -07:00
Umair Khan
b886e38a58
Increase test quality for GitHubAuthBackendTest.
2016-10-11 16:19:55 -07:00
Umair Khan
4fcd36b124
Add negative tests for Social auth backend.
...
Fixes : #1948
2016-10-11 16:19:55 -07:00
Umair Khan
4fa427bc74
auth_backends: Add backend tests for subdomains logic.
...
Fixes : #1870
2016-10-10 08:55:39 -07:00
Umair Khan
d0acda4635
Google: Show error on login page for wrong subdomain.
...
Takes care of Google OAuth.
Fixes : #1871
2016-10-10 08:42:34 -07:00
Umair Khan
c23aaa1785
GitHub: Show error on login page for wrong subdomain.
...
While logging in through GitHub, if the user tries to login
to the wrong subdomain then show an appropriate message.
2016-10-10 08:42:34 -07:00
Tim Abbott
e93a2e990f
Fix nondeterministic parsing failures in GoogleLoginTest.
...
Apparently, in urllib.parse, one need to extract the query string from
the rest of the URL before parsing the query string, otherwise the
very first query parameter will have rest of the URL in its name.
This results in a nondeterministic failure that happens 1/N of the
time, where N is the number of fields marshalled from a dictionary
into the query string.
2016-09-13 18:13:28 -07:00
Tim Abbott
6d8af06e32
Fix Google oauth2 logging to use %s for strings.
...
This has more consistent results in Python 2 vs. Python 3.
2016-09-13 17:30:39 -07:00
Tim Abbott
95a348382b
Fix nondeterministic failures in GoogleLoginTest.
2016-09-13 17:26:38 -07:00
Tim Abbott
b8bdf1365b
tests: Add a Google web authentication test suite.
2016-09-13 17:08:14 -07:00
Steve Howell
fd6ee7117f
tests: Renamed AuthedTestCase to ZulipTestCase.
2016-08-22 19:07:44 -07:00
Umair Khan
35dd1ffb13
Pass password as string to authenticate.
2016-08-08 15:17:01 -07:00
Umair Khan
266c791e64
Email should be a unicode.
2016-08-08 15:17:01 -07:00
Umair Khan
0dfc757447
Annotate test_auth_backends.py.
2016-08-08 15:12:12 -07:00
Tim Abbott
cc11229377
test_auth_backends: Add missing type annotations.
2016-08-04 15:57:02 -07:00
Umair Khan
b38ca0c690
Add tests for GitHub team and organization auth.
2016-08-03 12:01:15 -07:00
Umair Khan
fc1d8e217f
Don't pass `return_data` to mock functions.
...
GitHubAuthBackend already passes the `return_data` keyword argument
to the `do_auth` function.
2016-08-03 12:01:15 -07:00
Tim Abbott
6b2b7ab3ff
Rename GitHubBackend to GitHubAuthBackend for consistency.
2016-07-29 12:49:10 -07:00
Umair Khan
d43b031a32
Add tests to verify GitHub backend.
2016-07-29 12:49:10 -07:00
Steve Howell
6937f63fd5
Add client_get() test helper.
2016-07-27 20:49:33 -07:00
Steve Howell
38f2a2f475
Add client_post() test helper.
...
This makes us more consistent, since we have other wrappers
like client_patch, client_put, and client_delete.
Wrapping also will facilitate instrumentation of our posting code.
2016-07-27 20:49:32 -07:00
Eklavya Sharma
c98c3d5f8d
Re-enable some backend tests on python 3.
2016-07-12 14:06:29 -07:00
Eklavya Sharma
d740a87d04
zerver/tests: Use unicode strings.
...
* Use unicode strings for strings containing non-ASCII characters.
* Decode response content when text output is expected.
2016-07-12 14:06:29 -07:00
Eklavya Sharma
73a3c9fa47
On python 3, skip expected failures in backend tests.
2016-07-12 09:27:55 -07:00
acrefoot
a36e5d4987
Add get_auth_backends endpoint to API.
...
We would like to know which kind of authentication backends the server
supports.
This is information you can get from /login, but not in a way easily
parseable by API apps (e.g. the Zulip mobile apps).
2016-06-27 18:30:34 -07:00
kunall17
007eee6061
Add route to fetch emails for mobile passwordless login.
...
[Tweaked by tabbott to rename API to explicitly support not just
Android]
2016-06-17 11:03:19 -07:00
kunall17
7ea0eaed1c
Add passwordless login for mobile app development.
...
[Tweaked by tabbott to rename API to explicitly support not just
Android].
2016-06-17 10:58:33 -07:00
Tim Abbott
6fba0879a4
Annotate much of the rest of zerver/tests.
2016-06-04 11:53:20 -07:00
Nathan Florea
04c71fadc6
More removal of mutable default arguments.
...
I've left a few that clearly aren't being passed and aren't being mutated, but
I think I've gotten the rest of them.
2016-06-03 09:17:04 -07:00
Tim Abbott
37015fd7c5
Run mypy on zerver/lib/test_auth_backends.py.
2016-06-02 23:01:15 -07:00
Tim Abbott
f2aee961e1
test_auth_backends: Fix unused variables.
2016-05-10 11:46:39 -07:00
Tim Abbott
be216506a9
Improve api_fetch_api_key error messages.
...
Previously, api_fetch_api_key would not give clear error messages if
password auth was disabled or the user's realm had been deactivated;
additionally, the account disabled error stopped triggering when we
moved the active account check into the auth decorators.
2016-05-10 09:50:57 -07:00
Tim Abbott
52ddd500f0
Add tests for authentication backends.
2016-05-10 09:50:57 -07:00