WIP on more oidc testing

2025-05-15 17:17:02 +02:00 · 2023-12-07 14:46:21 -05:00 · 2023-12-07 14:46:21 -05:00 · 1a2b16a3da
commit 1a2b16a3da
parent ecb30fd73e
2 changed files with 42 additions and 5 deletions
--- a/src/djangooidc/tests/test_views.py
+++ b/src/djangooidc/tests/test_views.py
@ -1,9 +1,9 @@
 from unittest.mock import MagicMock, patch

-from django.http import HttpResponse
+from django.http import HttpResponse, HttpResponseRedirect
 from django.test import Client, TestCase, RequestFactory
 from django.urls import reverse
-from ..views import login_callback
+from ..views import login_callback, requires_step_up_auth

 from .common import less_console_noise

@ -61,11 +61,44 @@ class ViewsTest(TestCase):
        # mock
        mock_client.callback.side_effect = self.user_info
        # test
-        with less_console_noise():
+        with patch("djangooidc.views.requires_step_up_auth", return_value=False), \
+        less_console_noise():
            response = self.client.get(reverse("openid_login_callback"))
        # assert
        self.assertEqual(response.status_code, 302)
        self.assertEqual(response.url, reverse("logout"))
+        
+    def test_login_callback_no_step_up_auth(self, mock_client):
+        # setup
+        session = self.client.session
+        session.save()
+        # mock
+        mock_client.callback.side_effect = self.user_info
+        # test
+        with patch("djangooidc.views.requires_step_up_auth", return_value=False), \
+        less_console_noise():
+            response = self.client.get(reverse("openid_login_callback"))
+        # assert
+        self.assertEqual(response.status_code, 302)
+        self.assertEqual(response.url, "/")
+    
+    @patch.object(requires_step_up_auth, return_value=True)
+    def test_login_callback_requires_step_up_auth(self, mock_client):
+        # setup
+        callback_url = reverse("openid_login_callback")
+        # session = self.client.session
+        # session.save()
+        # mock
+        # mock_client.callback.side_effect = self.user_info
+        # mock_client.create_authn_request.side_effect = self.say_hi
+        # test
+        # with patch("djangooidc.views.requires_step_up_auth", return_value=True):
+            
+        response = self.client.get(reverse("openid_login_callback"))
+        
+        # assert
+        # self.assertEqual(response.status_code, 200)
+        # self.assertContains(response, "Hi")
    
    def test_requires_step_up_auth(self, mock_client):
        # Configure the mock to return an expected value for get_step_up_acr_value
@ -108,7 +141,8 @@ class ViewsTest(TestCase):
        mock_client.callback.side_effect = self.user_info
        mock_auth.return_value = None
        # test
-        with less_console_noise():
+        with patch("djangooidc.views.requires_step_up_auth", return_value=False), \
+        less_console_noise():
            response = self.client.get(reverse("openid_login_callback"))
        # assert
        self.assertEqual(response.status_code, 401)
--- a/src/djangooidc/views.py
+++ b/src/djangooidc/views.py
@ -70,10 +70,13 @@ def login_callback(request):
        userinfo = CLIENT.callback(query, request.session)
        # test for need for identity verification and if it is satisfied
        # if not satisfied, redirect user to login with stepped up acr_value
+        logger.info('login_callback start')
        if requires_step_up_auth(userinfo):
            # add acr_value to request.session
+            logger.info('login_callback inside requires_step_up_auth')
            request.session["acr_value"] = CLIENT.get_step_up_acr_value()
-            return CLIENT.create_authn_request(request.session)
+            logger.info('login_callback after get_step_up_acr_value')
+            # return CLIENT.create_authn_request(request.session)
        user = authenticate(request=request, **userinfo)
        if user:
            login(request, user)