Coverage for ivatar/ivataraccount/auth.py: 92%

36 statements  

« prev     ^ index     » next       coverage.py v7.11.0, created at 2025-10-24 23:06 +0000

1from social_core.backends.open_id_connect import OpenIdConnectAuth 

2 

3from ivatar.ivataraccount.models import ConfirmedEmail, Photo 

4from ivatar.settings import logger, TRUST_EMAIL_FROM_SOCIAL_AUTH_BACKENDS 

5 

6 

7class FedoraOpenIdConnect(OpenIdConnectAuth): 

8 name = "fedora" 

9 USERNAME_KEY = "nickname" 

10 OIDC_ENDPOINT = "https://id.fedoraproject.org" 

11 DEFAULT_SCOPE = ["openid", "profile", "email"] 

12 TOKEN_ENDPOINT_AUTH_METHOD = "client_secret_post" 

13 

14 

15# Pipeline methods 

16 

17 

18def add_confirmed_email(backend, user, response, *args, **kwargs): 

19 """Add a ConfirmedEmail if we trust the auth backend to validate email.""" 

20 if not kwargs.get("is_new", False): 

21 return None # Only act on account creation 

22 if backend.name not in TRUST_EMAIL_FROM_SOCIAL_AUTH_BACKENDS: 

23 return None 

24 if ConfirmedEmail.objects.filter(email=user.email).count() > 0: 

25 # email already exists 

26 return None 

27 (confirmed_id, external_photos) = ConfirmedEmail.objects.create_confirmed_email( 

28 user, user.email, True 

29 ) 

30 confirmed_email = ConfirmedEmail.objects.get(id=confirmed_id) 

31 logger.debug( 

32 "Email %s added upon creation of user %s", confirmed_email.email, user.pk 

33 ) 

34 photo = Photo.objects.create(user=user, ip_address=confirmed_email.ip_address) 

35 import_result = photo.import_image("Gravatar", confirmed_email.email) 

36 if import_result: 

37 logger.debug("Gravatar image imported for %s", confirmed_email.email) 

38 

39 

40def associate_by_confirmed_email(backend, details, user=None, *args, **kwargs): 

41 """ 

42 Associate current auth with a user that has their email address as ConfirmedEmail in the DB. 

43 """ 

44 if user: 

45 return None 

46 email = details.get("email") 

47 if not email: 

48 return None 

49 try: 

50 confirmed_email = ConfirmedEmail.objects.get(email=email) 

51 except ConfirmedEmail.DoesNotExist: 

52 return None 

53 user = confirmed_email.user 

54 logger.debug("Found a matching ConfirmedEmail for %s upon login", user.username) 

55 return {"user": user, "is_new": False}