WIP on more oidc testing

src/djangooidc/tests/test_views.py

@@ -1,9 +1,9 @@
 from unittest.mock import MagicMock, patch
 
-from django.http import HttpResponse
+from django.http import HttpResponse, HttpResponseRedirect
 from django.test import Client, TestCase, RequestFactory
 from django.urls import reverse
-from ..views import login_callback
+from ..views import login_callback, requires_step_up_auth
 
 from .common import less_console_noise
 
@@ -61,11 +61,44 @@ class ViewsTest(TestCase):
         # mock
         mock_client.callback.side_effect = self.user_info
         # test
-        with less_console_noise():
+        with patch("djangooidc.views.requires_step_up_auth", return_value=False), \
+        less_console_noise():
             response = self.client.get(reverse("openid_login_callback"))
         # assert
         self.assertEqual(response.status_code, 302)
         self.assertEqual(response.url, reverse("logout"))
+        
+    def test_login_callback_no_step_up_auth(self, mock_client):
+        # setup
+        session = self.client.session
+        session.save()
+        # mock
+        mock_client.callback.side_effect = self.user_info
+        # test
+        with patch("djangooidc.views.requires_step_up_auth", return_value=False), \
+        less_console_noise():
+            response = self.client.get(reverse("openid_login_callback"))
+        # assert
+        self.assertEqual(response.status_code, 302)
+        self.assertEqual(response.url, "/")
+    
+    @patch.object(requires_step_up_auth, return_value=True)
+    def test_login_callback_requires_step_up_auth(self, mock_client):
+        # setup
+        callback_url = reverse("openid_login_callback")
+        # session = self.client.session
+        # session.save()
+        # mock
+        # mock_client.callback.side_effect = self.user_info
+        # mock_client.create_authn_request.side_effect = self.say_hi
+        # test
+        # with patch("djangooidc.views.requires_step_up_auth", return_value=True):
+            
+        response = self.client.get(reverse("openid_login_callback"))
+        
+        # assert
+        # self.assertEqual(response.status_code, 200)
+        # self.assertContains(response, "Hi")
     
     def test_requires_step_up_auth(self, mock_client):
         # Configure the mock to return an expected value for get_step_up_acr_value
@@ -108,7 +141,8 @@ class ViewsTest(TestCase):
         mock_client.callback.side_effect = self.user_info
         mock_auth.return_value = None
         # test
-        with less_console_noise():
+        with patch("djangooidc.views.requires_step_up_auth", return_value=False), \
+        less_console_noise():
             response = self.client.get(reverse("openid_login_callback"))
         # assert
         self.assertEqual(response.status_code, 401)

src/djangooidc/views.py

@@ -70,10 +70,13 @@ def login_callback(request):
         userinfo = CLIENT.callback(query, request.session)
         # test for need for identity verification and if it is satisfied
         # if not satisfied, redirect user to login with stepped up acr_value
+        logger.info('login_callback start')
         if requires_step_up_auth(userinfo):
             # add acr_value to request.session
+            logger.info('login_callback inside requires_step_up_auth')
             request.session["acr_value"] = CLIENT.get_step_up_acr_value()
-            return CLIENT.create_authn_request(request.session)
+            logger.info('login_callback after get_step_up_acr_value')
+            # return CLIENT.create_authn_request(request.session)
         user = authenticate(request=request, **userinfo)
         if user:
             login(request, user)