Coverage for ivatar/ivataraccount/auth.py: 92%

36 statements  

« prev     ^ index     » next       coverage.py v7.8.0, created at 2025-05-12 23:12 +0000

1# -*- coding: utf-8 -*- 

2from social_core.backends.open_id_connect import OpenIdConnectAuth 

3 

4from ivatar.ivataraccount.models import ConfirmedEmail, Photo 

5from ivatar.settings import logger, TRUST_EMAIL_FROM_SOCIAL_AUTH_BACKENDS 

6 

7 

8class FedoraOpenIdConnect(OpenIdConnectAuth): 

9 name = "fedora" 

10 USERNAME_KEY = "nickname" 

11 OIDC_ENDPOINT = "https://id.fedoraproject.org" 

12 DEFAULT_SCOPE = ["openid", "profile", "email"] 

13 TOKEN_ENDPOINT_AUTH_METHOD = "client_secret_post" 

14 

15 

16# Pipeline methods 

17 

18 

19def add_confirmed_email(backend, user, response, *args, **kwargs): 

20 """Add a ConfirmedEmail if we trust the auth backend to validate email.""" 

21 if not kwargs.get("is_new", False): 

22 return None # Only act on account creation 

23 if backend.name not in TRUST_EMAIL_FROM_SOCIAL_AUTH_BACKENDS: 

24 return None 

25 if ConfirmedEmail.objects.filter(email=user.email).count() > 0: 

26 # email already exists 

27 return None 

28 (confirmed_id, external_photos) = ConfirmedEmail.objects.create_confirmed_email( 

29 user, user.email, True 

30 ) 

31 confirmed_email = ConfirmedEmail.objects.get(id=confirmed_id) 

32 logger.debug( 

33 "Email %s added upon creation of user %s", confirmed_email.email, user.pk 

34 ) 

35 photo = Photo.objects.create(user=user, ip_address=confirmed_email.ip_address) 

36 import_result = photo.import_image("Gravatar", confirmed_email.email) 

37 if import_result: 

38 logger.debug("Gravatar image imported for %s", confirmed_email.email) 

39 

40 

41def associate_by_confirmed_email(backend, details, user=None, *args, **kwargs): 

42 """ 

43 Associate current auth with a user that has their email address as ConfirmedEmail in the DB. 

44 """ 

45 if user: 

46 return None 

47 email = details.get("email") 

48 if not email: 

49 return None 

50 try: 

51 confirmed_email = ConfirmedEmail.objects.get(email=email) 

52 except ConfirmedEmail.DoesNotExist: 

53 return None 

54 user = confirmed_email.user 

55 logger.debug("Found a matching ConfirmedEmail for %s upon login", user.username) 

56 return {"user": user, "is_new": False}