From 9135dcaf7b1bd63293f2805eb9ea7bf4e06456d9 Mon Sep 17 00:00:00 2001 From: Ahsan Ulhaq Date: Thu, 23 Jun 2016 01:46:13 +0500 Subject: [PATCH] Added single signout --- credentials/apps/api/tests/test_views.py | 20 ++++++++------------ credentials/settings/base.py | 1 + credentials/urls.py | 18 +++--------------- requirements/base.txt | 2 +- 4 files changed, 13 insertions(+), 28 deletions(-) diff --git a/credentials/apps/api/tests/test_views.py b/credentials/apps/api/tests/test_views.py index 44b6c0023..29babf3e5 100644 --- a/credentials/apps/api/tests/test_views.py +++ b/credentials/apps/api/tests/test_views.py @@ -1,6 +1,7 @@ """ Tests for credentials service views. """ +# pylint: disable=no-member from __future__ import unicode_literals import json @@ -31,7 +32,7 @@ def setUp(self): super(UserCredentialViewSetTests, self).setUp() self.user = factories.UserFactory() - self.client.force_authenticate(self.user) # pylint: disable=no-member + self.client.force_authenticate(self.user) self.program_cert = factories.ProgramCertificateFactory() self.program_id = self.program_cert.program_id @@ -43,7 +44,6 @@ def setUp(self): def _add_permission(self, perm): """ DRY helper to add usercredential model permissions to self.user """ - # pylint: disable=no-member self.user.user_permissions.add(Permission.objects.get(codename='{}_usercredential'.format(perm))) def _attempt_update_user_credential(self, data): @@ -55,7 +55,6 @@ def _attempt_update_user_credential(self, data): Returns: Response: HTTP response from the API. """ - # pylint: disable=no-member self._add_permission('change') path = reverse("api:v1:usercredential-detail", args=[self.user_credential.id]) return self.client.patch(path=path, data=json.dumps(data), content_type=JSON_CONTENT_TYPE) @@ -120,7 +119,6 @@ def _attempt_create_user_credentials(self, data): Returns: Response: HTTP response from the API. """ - # pylint: disable=no-member self._add_permission('add') path = self.list_path return self.client.post(path=path, data=json.dumps(data), content_type=JSON_CONTENT_TYPE) @@ -457,7 +455,6 @@ class UserCredentialViewSetPermissionsTests(APITestCase): def make_user(self, group=None, perm=None, **kwargs): """ DRY helper to create users with specific groups and/or permissions. """ - # pylint: disable=no-member user = factories.UserFactory(**kwargs) if group: user.groups.add(Group.objects.get(name=group)) @@ -482,7 +479,7 @@ def test_list(self, user_kwargs, expected_status): """ list_path = reverse("api:v1:usercredential-list") - self.client.force_authenticate(self.make_user(**user_kwargs)) # pylint: disable=no-member + self.client.force_authenticate(self.make_user(**user_kwargs)) response = self.client.get(list_path, {'username': 'test-user'}) self.assertEqual(response.status_code, expected_status) @@ -509,7 +506,7 @@ def test_create(self, user_kwargs, expected_status): 'attributes': [], } - self.client.force_authenticate(self.make_user(**user_kwargs)) # pylint: disable=no-member + self.client.force_authenticate(self.make_user(**user_kwargs)) response = self.client.post(list_path, data=json.dumps(post_data), content_type=JSON_CONTENT_TYPE) self.assertEqual(response.status_code, expected_status) @@ -533,7 +530,7 @@ def test_retrieve(self, user_kwargs, expected_status): user_credential = factories.UserCredentialFactory.create(credential=program_cert, username='test-user') detail_path = reverse("api:v1:usercredential-detail", args=[user_credential.id]) - self.client.force_authenticate(self.make_user(**user_kwargs)) # pylint: disable=no-member + self.client.force_authenticate(self.make_user(**user_kwargs)) response = self.client.get(detail_path) self.assertEqual(response.status_code, expected_status) @@ -560,7 +557,7 @@ def test_partial_update(self, user_kwargs, expected_status): }, 'attributes': [{'name': 'dummy-attr-name', 'value': 'dummy-attr-value'}], } - self.client.force_authenticate(self.make_user(**user_kwargs)) # pylint: disable=no-member + self.client.force_authenticate(self.make_user(**user_kwargs)) response = self.client.patch(path=detail_path, data=json.dumps(post_data), content_type=JSON_CONTENT_TYPE) self.assertEqual(response.status_code, expected_status) @@ -574,10 +571,9 @@ class CredentialViewSetTests(APITestCase): def setUp(self): super(CredentialViewSetTests, self).setUp() - # pylint: disable=no-member self.user = factories.UserFactory() self.user.groups.add(Group.objects.get(name=Role.ADMINS)) - self.client.force_authenticate(self.user) # pylint: disable=no-member + self.client.force_authenticate(self.user) self.request = APIRequestFactory().get('/') def assert_permission_required(self, data): @@ -585,7 +581,7 @@ def assert_permission_required(self, data): Ensure access to these APIs is restricted to those with explicit model permissions. """ - self.client.force_authenticate(user=factories.UserFactory()) # pylint: disable=no-member + self.client.force_authenticate(user=factories.UserFactory()) response = self.client.get(self.list_path, data) self.assertEqual(response.status_code, 403) diff --git a/credentials/settings/base.py b/credentials/settings/base.py index 369c1bb11..c1a918089 100644 --- a/credentials/settings/base.py +++ b/credentials/settings/base.py @@ -230,6 +230,7 @@ SOCIAL_AUTH_EDX_OIDC_KEY = 'replace-me' SOCIAL_AUTH_EDX_OIDC_SECRET = 'replace-me' SOCIAL_AUTH_EDX_OIDC_URL_ROOT = 'replace-me' +SOCIAL_AUTH_EDX_OIDC_LOGOUT_URL = 'replace-me' SOCIAL_AUTH_EDX_OIDC_ID_TOKEN_DECRYPTION_KEY = SOCIAL_AUTH_EDX_OIDC_SECRET # Request the user's permissions in the ID token diff --git a/credentials/urls.py b/credentials/urls.py index f51222949..0a4ade48b 100644 --- a/credentials/urls.py +++ b/credentials/urls.py @@ -15,37 +15,25 @@ import os +from auth_backends.urls import auth_urlpatterns from django.conf import settings from django.conf.urls import include, url from django.conf.urls.static import static from django.contrib import admin -from django.contrib.auth.views import logout -from django.core.urlresolvers import reverse_lazy -from django.views.generic import RedirectView from credentials.apps.core import views as core_views admin.autodiscover() -# pylint: disable=invalid-name -# Always login via edX OpenID Connect -login = RedirectView.as_view(url=reverse_lazy('social:begin', args=['edx-oidc']), permanent=False, query_string=True) -AUTH_URLS = [ - url(r'^login/$', login, name='login'), - url(r'^logout/$', logout, name='logout'), -] - -urlpatterns = [ - url(r'^accounts/', include(AUTH_URLS)), +urlpatterns = auth_urlpatterns + [ url(r'^admin/', include(admin.site.urls)), url(r'^api/', include('credentials.apps.api.urls', namespace='api')), - url(r'^api-auth/', include(AUTH_URLS, namespace='rest_framework')), + url(r'^api-auth/', include(auth_urlpatterns, namespace='rest_framework')), url(r'^auto_auth/$', core_views.AutoAuth.as_view(), name='auto_auth'), url(r'^credentials/', include('credentials.apps.credentials.urls', namespace='credentials')), url(r'^health/$', core_views.health, name='health'), url(r'^jsi18n/$', 'django.views.i18n.javascript_catalog', ''), - url('', include('social.apps.django_app.urls', namespace='social')), ] handler500 = 'credentials.apps.core.views.render_500' diff --git a/requirements/base.txt b/requirements/base.txt index 5a8ca67ea..e4fde8483 100644 --- a/requirements/base.txt +++ b/requirements/base.txt @@ -9,7 +9,7 @@ djangorestframework==3.2.3 djangorestframework-jwt==1.7.2 django-rest-swagger==0.3.4 django-storages==1.1.8 -edx-auth-backends==0.2.3 +edx-auth-backends==0.5.0 edx-drf-extensions==0.5.1 edx-opaque-keys==0.3.1 edx-rest-api-client==1.4.0