oidc error on init logs error; oidc re-inits on request if in error state

2025-05-17 18:09:25 +02:00 · 2024-02-09 08:35:30 -05:00 · 2024-02-09 08:35:30 -05:00 · 1df7dc48df
commit 1df7dc48df
parent d4c47cc365
2 changed files with 46 additions and 24 deletions
--- a/src/djangooidc/tests/test_views.py
+++ b/src/djangooidc/tests/test_views.py
@ -82,14 +82,14 @@ class ViewsTest(TestCase):
            # mock
            mock_client.callback.side_effect = self.user_info
            # test
-            with patch("djangooidc.views.requires_step_up_auth", return_value=False), less_console_noise():
+            with patch("djangooidc.views._requires_step_up_auth", return_value=False), less_console_noise():
                response = self.client.get(reverse("openid_login_callback"))
            # assert
            self.assertEqual(response.status_code, 302)
            self.assertEqual(response.url, reverse("logout"))

    def test_login_callback_no_step_up_auth(self, mock_client):
-        """Walk through login_callback when requires_step_up_auth returns False
+        """Walk through login_callback when _requires_step_up_auth returns False
        and assert that we have a redirect to /"""
        with less_console_noise():
            # setup
@ -98,14 +98,14 @@ class ViewsTest(TestCase):
            # mock
            mock_client.callback.side_effect = self.user_info
            # test
-            with patch("djangooidc.views.requires_step_up_auth", return_value=False), less_console_noise():
+            with patch("djangooidc.views._requires_step_up_auth", return_value=False), less_console_noise():
                response = self.client.get(reverse("openid_login_callback"))
            # assert
            self.assertEqual(response.status_code, 302)
            self.assertEqual(response.url, "/")

    def test_requires_step_up_auth(self, mock_client):
-        """Invoke login_callback passing it a request when requires_step_up_auth returns True
+        """Invoke login_callback passing it a request when _requires_step_up_auth returns True
        and assert that session is updated and create_authn_request (mock) is called."""
        with less_console_noise():
            # Configure the mock to return an expected value for get_step_up_acr_value
@ -114,12 +114,12 @@ class ViewsTest(TestCase):
            request = self.factory.get("/some-url")
            request.session = {"acr_value": ""}
            # Ensure that the CLIENT instance used in login_callback is the mock
-            # patch requires_step_up_auth to return True
-            with patch("djangooidc.views.requires_step_up_auth", return_value=True), patch(
+            # patch _requires_step_up_auth to return True
+            with patch("djangooidc.views._requires_step_up_auth", return_value=True), patch(
                "djangooidc.views.CLIENT.create_authn_request", return_value=MagicMock()
            ) as mock_create_authn_request:
                login_callback(request)
-            # create_authn_request only gets called when requires_step_up_auth is True
+            # create_authn_request only gets called when _requires_step_up_auth is True
            # and it changes this acr_value in request.session
            # Assert that acr_value is no longer empty string
            self.assertNotEqual(request.session["acr_value"], "")
@ -127,7 +127,7 @@ class ViewsTest(TestCase):
            mock_create_authn_request.assert_called_once()

    def test_does_not_requires_step_up_auth(self, mock_client):
-        """Invoke login_callback passing it a request when requires_step_up_auth returns False
+        """Invoke login_callback passing it a request when _requires_step_up_auth returns False
        and assert that session is not updated and create_authn_request (mock) is not called.

        Possibly redundant with test_login_callback_requires_step_up_auth"""
@ -136,12 +136,12 @@ class ViewsTest(TestCase):
            request = self.factory.get("/some-url")
            request.session = {"acr_value": ""}
            # Ensure that the CLIENT instance used in login_callback is the mock
-            # patch requires_step_up_auth to return False
-            with patch("djangooidc.views.requires_step_up_auth", return_value=False), patch(
+            # patch _requires_step_up_auth to return False
+            with patch("djangooidc.views._requires_step_up_auth", return_value=False), patch(
                "djangooidc.views.CLIENT.create_authn_request", return_value=MagicMock()
            ) as mock_create_authn_request:
                login_callback(request)
-            # create_authn_request only gets called when requires_step_up_auth is True
+            # create_authn_request only gets called when _requires_step_up_auth is True
            # and it changes this acr_value in request.session
            # Assert that acr_value is NOT updated by testing that it is still an empty string
            self.assertEqual(request.session["acr_value"], "")
@ -155,7 +155,7 @@ class ViewsTest(TestCase):
            mock_client.callback.side_effect = self.user_info
            mock_auth.return_value = None
            # test
-            with patch("djangooidc.views.requires_step_up_auth", return_value=False), less_console_noise():
+            with patch("djangooidc.views._requires_step_up_auth", return_value=False), less_console_noise():
                response = self.client.get(reverse("openid_login_callback"))
            # assert
            self.assertEqual(response.status_code, 401)