From c165770ef88da8963c6db1fbc84cc68c13bbde2e Mon Sep 17 00:00:00 2001 From: Steven Bal Date: Tue, 5 Dec 2023 13:52:45 +0100 Subject: [PATCH] :white_check_mark: [#1902/1903] Tests for DigiD/eHerkenning via OIDC tasks: * https://taiga.maykinmedia.nl/project/open-inwoner/task/1902 * https://taiga.maykinmedia.nl/project/open-inwoner/task/1903 --- src/open_inwoner/accounts/tests/test_auth.py | 126 ++++++++++++++---- .../accounts/tests/test_profile_views.py | 57 +++++++- 2 files changed, 158 insertions(+), 25 deletions(-) diff --git a/src/open_inwoner/accounts/tests/test_auth.py b/src/open_inwoner/accounts/tests/test_auth.py index 5bb730c65a..cee126a935 100644 --- a/src/open_inwoner/accounts/tests/test_auth.py +++ b/src/open_inwoner/accounts/tests/test_auth.py @@ -13,6 +13,10 @@ from furl import furl from pyquery import PyQuery as PQ +from digid_eherkenning_oidc_generics.models import ( + OpenIDConnectDigiDConfig, + OpenIDConnectEHerkenningConfig, +) from open_inwoner.configurations.models import SiteConfiguration from open_inwoner.contrib.kvk.models import KvKConfig from open_inwoner.contrib.kvk.tests.factories import CertificateFactory @@ -42,20 +46,31 @@ class DigiDRegistrationTest(AssertRedirectsMixin, HaalCentraalMixin, WebTest): def setUpTestData(cls): cms_tools.create_homepage() - def test_registration_page_only_digid(self): - response = self.app.get(self.url) + @patch("digid_eherkenning_oidc_generics.models.OpenIDConnectDigiDConfig.get_solo") + def test_registration_page_only_digid(self, mock_solo): + for oidc_enabled in [True, False]: + with self.subTest(oidc_enabled=oidc_enabled): + mock_solo.return_value.enabled = oidc_enabled - self.assertEqual(response.status_code, 200) - self.assertIsNone(response.html.find(id="registration-form")) + digid_url = ( + reverse("digid_oidc:init") + if oidc_enabled + else reverse("digid:login") + ) - digid_tag = response.html.find("a", title="Registreren met DigiD") - self.assertIsNotNone(digid_tag) - self.assertEqual( - digid_tag.attrs["href"], - furl(reverse("digid:login")) - .add({"next": reverse("profile:registration_necessary")}) - .url, - ) + response = self.app.get(self.url) + + self.assertEqual(response.status_code, 200) + self.assertIsNone(response.html.find(id="registration-form")) + + digid_tag = response.html.find("a", title="Registreren met DigiD") + self.assertIsNotNone(digid_tag) + self.assertEqual( + digid_tag.attrs["href"], + furl(digid_url) + .add({"next": reverse("profile:registration_necessary")}) + .url, + ) def test_registration_page_only_digid_with_invite(self): invite = InviteFactory.create() @@ -422,24 +437,39 @@ class eHerkenningRegistrationTest(AssertRedirectsMixin, WebTest): def setUpTestData(cls): cms_tools.create_homepage() + @patch( + "digid_eherkenning_oidc_generics.models.OpenIDConnectEHerkenningConfig.get_solo" + ) @patch("open_inwoner.configurations.models.SiteConfiguration.get_solo") - def test_registration_page_eherkenning(self, mock_solo): + def test_registration_page_eherkenning(self, mock_solo, mock_eherkenning_config): mock_solo.return_value.eherkenning_enabled = True mock_solo.return_value.login_allow_registration = False - response = self.app.get(self.url) + for oidc_enabled in [True, False]: + with self.subTest(oidc_enabled=oidc_enabled): + mock_eherkenning_config.return_value.enabled = oidc_enabled - self.assertEqual(response.status_code, 200) - self.assertIsNone(response.html.find(id="registration-form")) + eherkenning_url = ( + reverse("eherkenning_oidc:init") + if oidc_enabled + else reverse("eherkenning:login") + ) - eherkenning_tag = response.html.find("a", title="Registreren met eHerkenning") - self.assertIsNotNone(eherkenning_tag) - self.assertEqual( - eherkenning_tag.attrs["href"], - furl(reverse("eherkenning:login")) - .add({"next": reverse("profile:registration_necessary")}) - .url, - ) + response = self.app.get(self.url) + + self.assertEqual(response.status_code, 200) + self.assertIsNone(response.html.find(id="registration-form")) + + eherkenning_tag = response.html.find( + "a", title="Registreren met eHerkenning" + ) + self.assertIsNotNone(eherkenning_tag) + self.assertEqual( + eherkenning_tag.attrs["href"], + furl(eherkenning_url) + .add({"next": reverse("profile:registration_necessary")}) + .url, + ) @patch("open_inwoner.configurations.models.SiteConfiguration.get_solo") def test_registration_page_eherkenning_with_invite(self, mock_solo): @@ -1453,6 +1483,54 @@ def test_login(self): # Verify that the user has been authenticated self.assertIn("_auth_user_id", self.app.session) + def test_login_page_shows_correct_digid_login_url(self): + config = OpenIDConnectDigiDConfig.get_solo() + + for oidc_enabled in [True, False]: + with self.subTest(oidc_enabled=oidc_enabled): + config.enabled = oidc_enabled + config.save() + + login_url = ( + reverse("digid_oidc:init") + if oidc_enabled + else f"{reverse('digid:login')}?next=" + ) + + response = self.app.get(reverse("login")) + + digid_login_title = _("Inloggen met DigiD") + digid_login_link = response.pyquery(f"[title='{digid_login_title}']") + + self.assertEqual(digid_login_link.attr("href"), login_url) + + def test_login_page_shows_correct_eherkenning_login_url(self): + site_config = SiteConfiguration.get_solo() + site_config.eherkenning_enabled = True + site_config.save() + + config = OpenIDConnectEHerkenningConfig.get_solo() + + for oidc_enabled in [True, False]: + with self.subTest(oidc_enabled=oidc_enabled): + config.enabled = oidc_enabled + config.save() + + login_url = ( + reverse("eherkenning_oidc:init") + if oidc_enabled + else f"{reverse('eherkenning:login')}?next=" + ) + + response = self.app.get(reverse("login")) + + eherkenning_login_title = _("Inloggen met eHerkenning") + eherkenning_login_link = response.pyquery( + f"[title='{eherkenning_login_title}']" + ) + + self.assertEqual(eherkenning_login_link.attr("href"), login_url) + def test_login_for_inactive_user_shows_appropriate_message(self): # Change user to inactive self.user.is_active = False diff --git a/src/open_inwoner/accounts/tests/test_profile_views.py b/src/open_inwoner/accounts/tests/test_profile_views.py index 5d6c4d09ae..372751127d 100644 --- a/src/open_inwoner/accounts/tests/test_profile_views.py +++ b/src/open_inwoner/accounts/tests/test_profile_views.py @@ -28,7 +28,12 @@ from ..choices import ContactTypeChoices, LoginTypeChoices from ..forms import BrpUserForm, UserForm from ..models import User -from .factories import ActionFactory, DigidUserFactory, DocumentFactory, UserFactory +from .factories import ( + ActionFactory, + DigidUserFactory, + UserFactory, + eHerkenningUserFactory, +) @override_settings(ROOT_URLCONF="open_inwoner.cms.tests.urls") @@ -37,6 +42,8 @@ def setUp(self): self.url = reverse("profile:detail") self.return_url = reverse("logout") self.user = UserFactory(street="MyStreet") + self.digid_user = DigidUserFactory() + self.eherkenning_user = eHerkenningUserFactory() self.action_deleted = ActionFactory( name="deleted action, should not show up", @@ -57,6 +64,54 @@ def test_login_required(self): response = self.app.get(self.url) self.assertRedirects(response, f"{login_url}?next={self.url}") + def test_show_correct_logout_button_for_login_type_default(self): + response = self.app.get(self.url, user=self.user) + + logout_title = _("Logout") + logout_link = response.pyquery.find(f"[title='{logout_title}']") + + self.assertEqual(logout_link.attr("href"), reverse("logout")) + + @patch("digid_eherkenning_oidc_generics.models.OpenIDConnectDigiDConfig.get_solo") + def test_show_correct_logout_button_for_login_type_digid(self, mock_solo): + for oidc_enabled in [True, False]: + with self.subTest(oidc_enabled=oidc_enabled): + mock_solo.return_value.enabled = oidc_enabled + + logout_url = ( + reverse("digid_oidc:logout") + if oidc_enabled + else reverse("digid:logout") + ) + + response = self.app.get(self.url, user=self.digid_user) + + logout_title = _("Logout") + logout_link = response.pyquery.find(f"[title='{logout_title}']") + + self.assertEqual(logout_link.attr("href"), logout_url) + + @patch( + "digid_eherkenning_oidc_generics.models.OpenIDConnectEHerkenningConfig.get_solo" + ) + def test_show_correct_logout_button_for_login_type_eherkenning(self, mock_solo): + for oidc_enabled in [True, False]: + with self.subTest(oidc_enabled=oidc_enabled): + mock_solo.return_value.enabled = oidc_enabled + + logout_url = ( + reverse("eherkenning_oidc:logout") + if oidc_enabled + else reverse("eherkenning:logout") + ) + + response = self.app.get(self.url, user=self.eherkenning_user) + + logout_title = _("Logout") + logout_link = response.pyquery.find(f"[title='{logout_title}']") + + self.assertEqual(logout_link.attr("href"), logout_url) + def test_user_information_profile_page(self): response = self.app.get(self.url, user=self.user)