summaryrefslogtreecommitdiff
path: root/tests/auth_tests/test_remote_user.py
diff options
context:
space:
mode:
authordjango-bot <ops@djangoproject.com>2022-02-03 20:24:19 +0100
committerMariusz Felisiak <felisiak.mariusz@gmail.com>2022-02-07 20:37:05 +0100
commit9c19aff7c7561e3a82978a272ecdaad40dda5c00 (patch)
treef0506b668a013d0063e5fba3dbf4863b466713ba /tests/auth_tests/test_remote_user.py
parentf68fa8b45dfac545cfc4111d4e52804c86db68d3 (diff)
Refs #33476 -- Reformatted code with Black.
Diffstat (limited to 'tests/auth_tests/test_remote_user.py')
-rw-r--r--tests/auth_tests/test_remote_user.py189
1 files changed, 94 insertions, 95 deletions
diff --git a/tests/auth_tests/test_remote_user.py b/tests/auth_tests/test_remote_user.py
index 3756f557a2..bd974cb1d5 100644
--- a/tests/auth_tests/test_remote_user.py
+++ b/tests/auth_tests/test_remote_user.py
@@ -10,22 +10,22 @@ from django.test import Client, TestCase, modify_settings, override_settings
from django.utils import timezone
-@override_settings(ROOT_URLCONF='auth_tests.urls')
+@override_settings(ROOT_URLCONF="auth_tests.urls")
class RemoteUserTest(TestCase):
- middleware = 'django.contrib.auth.middleware.RemoteUserMiddleware'
- backend = 'django.contrib.auth.backends.RemoteUserBackend'
- header = 'REMOTE_USER'
- email_header = 'REMOTE_EMAIL'
+ middleware = "django.contrib.auth.middleware.RemoteUserMiddleware"
+ backend = "django.contrib.auth.backends.RemoteUserBackend"
+ header = "REMOTE_USER"
+ email_header = "REMOTE_EMAIL"
# Usernames to be passed in REMOTE_USER for the test_known_user test case.
- known_user = 'knownuser'
- known_user2 = 'knownuser2'
+ known_user = "knownuser"
+ known_user2 = "knownuser2"
def setUp(self):
self.patched_settings = modify_settings(
- AUTHENTICATION_BACKENDS={'append': self.backend},
- MIDDLEWARE={'append': self.middleware},
+ AUTHENTICATION_BACKENDS={"append": self.backend},
+ MIDDLEWARE={"append": self.middleware},
)
self.patched_settings.enable()
@@ -36,16 +36,16 @@ class RemoteUserTest(TestCase):
"""Users are not created when remote user is not specified."""
num_users = User.objects.count()
- response = self.client.get('/remote_user/')
- self.assertTrue(response.context['user'].is_anonymous)
+ response = self.client.get("/remote_user/")
+ self.assertTrue(response.context["user"].is_anonymous)
self.assertEqual(User.objects.count(), num_users)
- response = self.client.get('/remote_user/', **{self.header: None})
- self.assertTrue(response.context['user'].is_anonymous)
+ response = self.client.get("/remote_user/", **{self.header: None})
+ self.assertTrue(response.context["user"].is_anonymous)
self.assertEqual(User.objects.count(), num_users)
- response = self.client.get('/remote_user/', **{self.header: ''})
- self.assertTrue(response.context['user'].is_anonymous)
+ response = self.client.get("/remote_user/", **{self.header: ""})
+ self.assertTrue(response.context["user"].is_anonymous)
self.assertEqual(User.objects.count(), num_users)
def test_csrf_validation_passes_after_process_request_login(self):
@@ -58,14 +58,14 @@ class RemoteUserTest(TestCase):
csrf_secret = _get_new_csrf_string()
csrf_token = _mask_cipher_secret(csrf_secret)
csrf_token_form = _mask_cipher_secret(csrf_secret)
- headers = {self.header: 'fakeuser'}
- data = {'csrfmiddlewaretoken': csrf_token_form}
+ headers = {self.header: "fakeuser"}
+ data = {"csrfmiddlewaretoken": csrf_token_form}
# Verify that CSRF is configured for the view
csrf_client.cookies.load({settings.CSRF_COOKIE_NAME: csrf_token})
- response = csrf_client.post('/remote_user/', **headers)
+ response = csrf_client.post("/remote_user/", **headers)
self.assertEqual(response.status_code, 403)
- self.assertIn(b'CSRF verification failed.', response.content)
+ self.assertIn(b"CSRF verification failed.", response.content)
# This request will call django.contrib.auth.login() which will call
# django.middleware.csrf.rotate_token() thus changing the value of
@@ -74,7 +74,7 @@ class RemoteUserTest(TestCase):
# by rotate_token(). Csrf validation should still pass when the view is
# later processed by CsrfViewMiddleware.process_view()
csrf_client.cookies.load({settings.CSRF_COOKIE_NAME: csrf_token})
- response = csrf_client.post('/remote_user/', data, **headers)
+ response = csrf_client.post("/remote_user/", data, **headers)
self.assertEqual(response.status_code, 200)
def test_unknown_user(self):
@@ -83,31 +83,29 @@ class RemoteUserTest(TestCase):
as a User.
"""
num_users = User.objects.count()
- response = self.client.get('/remote_user/', **{self.header: 'newuser'})
- self.assertEqual(response.context['user'].username, 'newuser')
+ response = self.client.get("/remote_user/", **{self.header: "newuser"})
+ self.assertEqual(response.context["user"].username, "newuser")
self.assertEqual(User.objects.count(), num_users + 1)
- User.objects.get(username='newuser')
+ User.objects.get(username="newuser")
# Another request with same user should not create any new users.
- response = self.client.get('/remote_user/', **{self.header: 'newuser'})
+ response = self.client.get("/remote_user/", **{self.header: "newuser"})
self.assertEqual(User.objects.count(), num_users + 1)
def test_known_user(self):
"""
Tests the case where the username passed in the header is a valid User.
"""
- User.objects.create(username='knownuser')
- User.objects.create(username='knownuser2')
+ User.objects.create(username="knownuser")
+ User.objects.create(username="knownuser2")
num_users = User.objects.count()
- response = self.client.get('/remote_user/',
- **{self.header: self.known_user})
- self.assertEqual(response.context['user'].username, 'knownuser')
+ response = self.client.get("/remote_user/", **{self.header: self.known_user})
+ self.assertEqual(response.context["user"].username, "knownuser")
self.assertEqual(User.objects.count(), num_users)
# A different user passed in the headers causes the new user
# to be logged in.
- response = self.client.get('/remote_user/',
- **{self.header: self.known_user2})
- self.assertEqual(response.context['user'].username, 'knownuser2')
+ response = self.client.get("/remote_user/", **{self.header: self.known_user2})
+ self.assertEqual(response.context["user"].username, "knownuser2")
self.assertEqual(User.objects.count(), num_users)
def test_last_login(self):
@@ -115,7 +113,7 @@ class RemoteUserTest(TestCase):
A user's last_login is set the first time they make a
request but not updated in subsequent requests with the same session.
"""
- user = User.objects.create(username='knownuser')
+ user = User.objects.create(username="knownuser")
# Set last_login to something so we can determine if it changes.
default_login = datetime(2000, 1, 1)
if settings.USE_TZ:
@@ -123,64 +121,60 @@ class RemoteUserTest(TestCase):
user.last_login = default_login
user.save()
- response = self.client.get('/remote_user/',
- **{self.header: self.known_user})
- self.assertNotEqual(default_login, response.context['user'].last_login)
+ response = self.client.get("/remote_user/", **{self.header: self.known_user})
+ self.assertNotEqual(default_login, response.context["user"].last_login)
- user = User.objects.get(username='knownuser')
+ user = User.objects.get(username="knownuser")
user.last_login = default_login
user.save()
- response = self.client.get('/remote_user/',
- **{self.header: self.known_user})
- self.assertEqual(default_login, response.context['user'].last_login)
+ response = self.client.get("/remote_user/", **{self.header: self.known_user})
+ self.assertEqual(default_login, response.context["user"].last_login)
def test_header_disappears(self):
"""
A logged in user is logged out automatically when
the REMOTE_USER header disappears during the same browser session.
"""
- User.objects.create(username='knownuser')
+ User.objects.create(username="knownuser")
# Known user authenticates
- response = self.client.get('/remote_user/',
- **{self.header: self.known_user})
- self.assertEqual(response.context['user'].username, 'knownuser')
+ response = self.client.get("/remote_user/", **{self.header: self.known_user})
+ self.assertEqual(response.context["user"].username, "knownuser")
# During the session, the REMOTE_USER header disappears. Should trigger logout.
- response = self.client.get('/remote_user/')
- self.assertTrue(response.context['user'].is_anonymous)
+ response = self.client.get("/remote_user/")
+ self.assertTrue(response.context["user"].is_anonymous)
# verify the remoteuser middleware will not remove a user
# authenticated via another backend
- User.objects.create_user(username='modeluser', password='foo')
- self.client.login(username='modeluser', password='foo')
- authenticate(username='modeluser', password='foo')
- response = self.client.get('/remote_user/')
- self.assertEqual(response.context['user'].username, 'modeluser')
+ User.objects.create_user(username="modeluser", password="foo")
+ self.client.login(username="modeluser", password="foo")
+ authenticate(username="modeluser", password="foo")
+ response = self.client.get("/remote_user/")
+ self.assertEqual(response.context["user"].username, "modeluser")
def test_user_switch_forces_new_login(self):
"""
If the username in the header changes between requests
that the original user is logged out
"""
- User.objects.create(username='knownuser')
+ User.objects.create(username="knownuser")
# Known user authenticates
- response = self.client.get('/remote_user/',
- **{self.header: self.known_user})
- self.assertEqual(response.context['user'].username, 'knownuser')
+ response = self.client.get("/remote_user/", **{self.header: self.known_user})
+ self.assertEqual(response.context["user"].username, "knownuser")
# During the session, the REMOTE_USER changes to a different user.
- response = self.client.get('/remote_user/',
- **{self.header: "newnewuser"})
+ response = self.client.get("/remote_user/", **{self.header: "newnewuser"})
# The current user is not the prior remote_user.
# In backends that create a new user, username is "newnewuser"
# In backends that do not create new users, it is '' (anonymous user)
- self.assertNotEqual(response.context['user'].username, 'knownuser')
+ self.assertNotEqual(response.context["user"].username, "knownuser")
def test_inactive_user(self):
- User.objects.create(username='knownuser', is_active=False)
- response = self.client.get('/remote_user/', **{self.header: 'knownuser'})
- self.assertTrue(response.context['user'].is_anonymous)
+ User.objects.create(username="knownuser", is_active=False)
+ response = self.client.get("/remote_user/", **{self.header: "knownuser"})
+ self.assertTrue(response.context["user"].is_anonymous)
class RemoteUserNoCreateBackend(RemoteUserBackend):
"""Backend that doesn't create unknown users."""
+
create_unknown_user = False
@@ -190,23 +184,24 @@ class RemoteUserNoCreateTest(RemoteUserTest):
class that doesn't create unknown users.
"""
- backend = 'auth_tests.test_remote_user.RemoteUserNoCreateBackend'
+ backend = "auth_tests.test_remote_user.RemoteUserNoCreateBackend"
def test_unknown_user(self):
num_users = User.objects.count()
- response = self.client.get('/remote_user/', **{self.header: 'newuser'})
- self.assertTrue(response.context['user'].is_anonymous)
+ response = self.client.get("/remote_user/", **{self.header: "newuser"})
+ self.assertTrue(response.context["user"].is_anonymous)
self.assertEqual(User.objects.count(), num_users)
class AllowAllUsersRemoteUserBackendTest(RemoteUserTest):
"""Backend that allows inactive users."""
- backend = 'django.contrib.auth.backends.AllowAllUsersRemoteUserBackend'
+
+ backend = "django.contrib.auth.backends.AllowAllUsersRemoteUserBackend"
def test_inactive_user(self):
- user = User.objects.create(username='knownuser', is_active=False)
- response = self.client.get('/remote_user/', **{self.header: self.known_user})
- self.assertEqual(response.context['user'].username, user.username)
+ user = User.objects.create(username="knownuser", is_active=False)
+ response = self.client.get("/remote_user/", **{self.header: self.known_user})
+ self.assertEqual(response.context["user"].username, user.username)
class CustomRemoteUserBackend(RemoteUserBackend):
@@ -218,13 +213,13 @@ class CustomRemoteUserBackend(RemoteUserBackend):
"""
Grabs username before the @ character.
"""
- return username.split('@')[0]
+ return username.split("@")[0]
def configure_user(self, request, user):
"""
Sets user's email address using the email specified in an HTTP header.
"""
- user.email = request.META.get(RemoteUserTest.email_header, '')
+ user.email = request.META.get(RemoteUserTest.email_header, "")
user.save()
return user
@@ -235,11 +230,11 @@ class RemoteUserCustomTest(RemoteUserTest):
and configure_user methods.
"""
- backend = 'auth_tests.test_remote_user.CustomRemoteUserBackend'
+ backend = "auth_tests.test_remote_user.CustomRemoteUserBackend"
# REMOTE_USER strings with email addresses for the custom backend to
# clean.
- known_user = 'knownuser@example.com'
- known_user2 = 'knownuser2@example.com'
+ known_user = "knownuser@example.com"
+ known_user2 = "knownuser2@example.com"
def test_known_user(self):
"""
@@ -247,8 +242,8 @@ class RemoteUserCustomTest(RemoteUserTest):
should not have been configured with an email address.
"""
super().test_known_user()
- self.assertEqual(User.objects.get(username='knownuser').email, '')
- self.assertEqual(User.objects.get(username='knownuser2').email, '')
+ self.assertEqual(User.objects.get(username="knownuser").email, "")
+ self.assertEqual(User.objects.get(username="knownuser2").email, "")
def test_unknown_user(self):
"""
@@ -256,22 +251,26 @@ class RemoteUserCustomTest(RemoteUserTest):
provided in the request header.
"""
num_users = User.objects.count()
- response = self.client.get('/remote_user/', **{
- self.header: 'newuser',
- self.email_header: 'user@example.com',
- })
- self.assertEqual(response.context['user'].username, 'newuser')
- self.assertEqual(response.context['user'].email, 'user@example.com')
+ response = self.client.get(
+ "/remote_user/",
+ **{
+ self.header: "newuser",
+ self.email_header: "user@example.com",
+ },
+ )
+ self.assertEqual(response.context["user"].username, "newuser")
+ self.assertEqual(response.context["user"].email, "user@example.com")
self.assertEqual(User.objects.count(), num_users + 1)
- newuser = User.objects.get(username='newuser')
- self.assertEqual(newuser.email, 'user@example.com')
+ newuser = User.objects.get(username="newuser")
+ self.assertEqual(newuser.email, "user@example.com")
class CustomHeaderMiddleware(RemoteUserMiddleware):
"""
Middleware that overrides custom HTTP auth user header.
"""
- header = 'HTTP_AUTHUSER'
+
+ header = "HTTP_AUTHUSER"
class CustomHeaderRemoteUserTest(RemoteUserTest):
@@ -279,10 +278,9 @@ class CustomHeaderRemoteUserTest(RemoteUserTest):
Tests a custom RemoteUserMiddleware subclass with custom HTTP auth user
header.
"""
- middleware = (
- 'auth_tests.test_remote_user.CustomHeaderMiddleware'
- )
- header = 'HTTP_AUTHUSER'
+
+ middleware = "auth_tests.test_remote_user.CustomHeaderMiddleware"
+ header = "HTTP_AUTHUSER"
class PersistentRemoteUserTest(RemoteUserTest):
@@ -290,7 +288,8 @@ class PersistentRemoteUserTest(RemoteUserTest):
PersistentRemoteUserMiddleware keeps the user logged in even if the
subsequent calls do not contain the header value.
"""
- middleware = 'django.contrib.auth.middleware.PersistentRemoteUserMiddleware'
+
+ middleware = "django.contrib.auth.middleware.PersistentRemoteUserMiddleware"
require_header = False
def test_header_disappears(self):
@@ -298,11 +297,11 @@ class PersistentRemoteUserTest(RemoteUserTest):
A logged in user is kept logged in even if the REMOTE_USER header
disappears during the same browser session.
"""
- User.objects.create(username='knownuser')
+ User.objects.create(username="knownuser")
# Known user authenticates
- response = self.client.get('/remote_user/', **{self.header: self.known_user})
- self.assertEqual(response.context['user'].username, 'knownuser')
+ response = self.client.get("/remote_user/", **{self.header: self.known_user})
+ self.assertEqual(response.context["user"].username, "knownuser")
# Should stay logged in if the REMOTE_USER header disappears.
- response = self.client.get('/remote_user/')
- self.assertFalse(response.context['user'].is_anonymous)
- self.assertEqual(response.context['user'].username, 'knownuser')
+ response = self.client.get("/remote_user/")
+ self.assertFalse(response.context["user"].is_anonymous)
+ self.assertEqual(response.context["user"].username, "knownuser")
generated by cgit v1.3 (git 2.53.0) at 2026-05-02 01:20:24 +0000