Fix unit test

2025-05-15 09:07:02 +02:00 · 2024-05-21 12:17:25 -06:00 · 2024-05-21 12:17:25 -06:00 · c0a0e07530
commit c0a0e07530
parent c779255b28
3 changed files with 16 additions and 15 deletions
--- a/src/djangooidc/oidc.py
+++ b/src/djangooidc/oidc.py
@ -137,8 +137,8 @@ class Client(oic.Client):
    def _set_args_for_biometric_auth_request(self, session, request_args):
        if "acr_value" in session:
            session.pop("acr_value")
-        request_args["vtr"] = self.get_vtr_value()
-        request_args["vtm"] = self.get_vtm_value()
+        request_args["vtr"] = session.get("vtr")
+        request_args["vtm"] = session.get("vtm")

    def _prepare_authn_request(self, request_args, state):
        """
@ -247,12 +247,6 @@ class Client(oic.Client):
            raise o_e.AuthenticationFailed(locator=state)
        info_response_dict = info_response.to_dict()

-        # Define vtm/vtr information on the user dictionary so we can track this in one location.
-        # If a user has this information, then they are bumped up in terms of verification level.
-        if session.get("needs_biometric_validation") is True:
-            info_response_dict["vtm"] = session.get("vtm", "")
-            info_response_dict["vtr"] = session.get("vtr", "")
-
        logger.debug("user info: %s" % info_response_dict)
        return info_response_dict

--- a/src/djangooidc/tests/test_views.py
+++ b/src/djangooidc/tests/test_views.py
@ -406,6 +406,11 @@ class ViewsTest(TestCase):
            with patch("djangooidc.views._requires_step_up_auth", return_value=True), patch(
                "djangooidc.views.CLIENT.create_authn_request"
            ) as mock_create_authn_request:
+                with patch("djangooidc.views.CLIENT.get_vtm_value") as mock_get_vtm_value, patch(
+                    "djangooidc.views.CLIENT.get_vtr_value"
+                ) as mock_get_vtr_value:
+                    mock_get_vtm_value.return_value = "test_vtm"
+                    mock_get_vtr_value.return_value = "test_vtr"
                    # TEST
                    # test the login callback
                    login_callback(request)
@ -414,7 +419,8 @@ class ViewsTest(TestCase):
            # create_authn_request only gets called when _requires_step_up_auth is True.
            # The acr_value should be blank here
            self.assertEqual(request.session["acr_value"], "")
-            self.assertEqual(request.session["needs_biometric_validation"], True)
+            self.assertEqual(request.session["vtm"], "test_vtm")
+            self.assertEqual(request.session["vtr"], "test_vtr")

            # And create_authn_request was called again
            mock_create_authn_request.assert_called_once()
--- a/src/djangooidc/views.py
+++ b/src/djangooidc/views.py
@ -97,11 +97,12 @@ def login_callback(request):

        # Tests for the presence of the vtm/vtr values in the userinfo object.
        # If they are there, then we can set a flag in our session for tracking purposes.
-        needs_biometric_validation = _requires_step_up_auth(userinfo)
-        request.session["needs_biometric_validation"] = needs_biometric_validation
+        needs_step_up_auth = _requires_step_up_auth(userinfo)

        # Return a redirect request to a new auth url that does biometric validation
-        if needs_biometric_validation:
+        if needs_step_up_auth:
+            request.session["vtm"] = CLIENT.get_vtm_value()
+            request.session["vtr"] = CLIENT.get_vtr_value()
            return CLIENT.create_authn_request(request.session, do_step_up_auth=True)

        user = authenticate(request=request, **userinfo)