From 47351a6c8ba0e7e817d03d67ed42f361d80b7a1a Mon Sep 17 00:00:00 2001 From: Paul Schilling Date: Mon, 23 Oct 2023 14:09:22 +0200 Subject: [PATCH] [#1814] Upgrade digid-eherkenning to 0.9 - The new version validates BSN numbers during the mock login flow --- requirements/base.txt | 2 +- requirements/ci.txt | 2 +- requirements/dev.txt | 2 +- src/open_inwoner/accounts/tests/test_auth.py | 34 +++++++++++++------- 4 files changed, 26 insertions(+), 14 deletions(-) diff --git a/requirements/base.txt b/requirements/base.txt index cdac757861..ac4bf52682 100644 --- a/requirements/base.txt +++ b/requirements/base.txt @@ -161,7 +161,7 @@ django-csp==3.7 # via -r requirements/base.in django-csp-reports==1.8.1 # via -r requirements/base.in -django-digid-eherkenning==0.7.0 +django-digid-eherkenning==0.9.0 # via -r requirements/base.in django-elasticsearch-dsl==7.2.1 # via -r requirements/base.in diff --git a/requirements/ci.txt b/requirements/ci.txt index f5aea5b62b..6a4e82133a 100644 --- a/requirements/ci.txt +++ b/requirements/ci.txt @@ -249,7 +249,7 @@ django-csp-reports==1.8.1 # via # -c requirements/base.txt # -r requirements/base.txt -django-digid-eherkenning==0.7.0 +django-digid-eherkenning==0.9.0 # via # -c requirements/base.txt # -r requirements/base.txt diff --git a/requirements/dev.txt b/requirements/dev.txt index 755ab63390..d28a7a4494 100644 --- a/requirements/dev.txt +++ b/requirements/dev.txt @@ -276,7 +276,7 @@ django-csp-reports==1.8.1 # -r requirements/ci.txt django-debug-toolbar==3.2.2 # via -r requirements/dev.in -django-digid-eherkenning==0.7.0 +django-digid-eherkenning==0.9.0 # via # -c requirements/ci.txt # -r requirements/ci.txt diff --git a/src/open_inwoner/accounts/tests/test_auth.py b/src/open_inwoner/accounts/tests/test_auth.py index 5c60b5213c..673237b6d6 100644 --- a/src/open_inwoner/accounts/tests/test_auth.py +++ b/src/open_inwoner/accounts/tests/test_auth.py @@ -1,4 +1,5 @@ from datetime import date +from unittest.mock import patch from urllib.parse import urlencode from django.contrib.sites.models import Site @@ -68,7 +69,11 @@ def test_registration_page_only_digid_with_invite(self): furl(reverse("digid:login")).add({"next": necessary_url}).url, ) - def test_digid_fail_without_invite_redirects_to_login_page(self): + @patch("digid_eherkenning.validators.Proef11ValidatorBase.__call__") + def test_digid_fail_without_invite_redirects_to_login_page(self, m): + # disable mock form validation to check redirect + m.return_value = True + self.assertNotIn("invite_url", self.client.session.keys()) url = reverse("digid-mock:password") @@ -87,7 +92,11 @@ def test_digid_fail_without_invite_redirects_to_login_page(self): self.assertRedirectsLogin(response, with_host=True) - def test_digid_fail_without_invite_and_next_url_redirects_to_login_page(self): + @patch("digid_eherkenning.validators.Proef11ValidatorBase.__call__") + def test_digid_fail_without_invite_and_next_url_redirects_to_login_page(self, m): + # disable mock form validation to check redirect + m.return_value = True + self.assertNotIn("invite_url", self.client.session.keys()) url = reverse("digid-mock:password") @@ -106,7 +115,10 @@ def test_digid_fail_without_invite_and_next_url_redirects_to_login_page(self): self.assertRedirectsLogin(response, with_host=True) - def test_digid_fail_with_invite_redirects_to_register_page(self): + @patch("digid_eherkenning.validators.Proef11ValidatorBase.__call__") + def test_digid_fail_with_invite_redirects_to_register_page(self, m): + # disable mock form validation to check redirect + m.return_value = True invite = InviteFactory() session = self.client.session session[ @@ -149,7 +161,7 @@ def test_invite_url_not_in_session_after_successful_login(self): url = f"{url}?{urlencode(params)}" data = { - "auth_name": "123456789", + "auth_name": "533458225", "auth_pass": "bar", } @@ -175,7 +187,7 @@ def test_user_can_modify_only_email_when_digid_and_brp(self, m): "next": reverse("profile:registration_necessary"), } data = { - "auth_name": "123456789", + "auth_name": "533458225", "auth_pass": "bar", } url = f"{url}?{urlencode(params)}" @@ -223,7 +235,7 @@ def test_partial_response_from_haalcentraal_when_digid_and_brp(self, m): "next": reverse("profile:registration_necessary"), } data = { - "auth_name": "123456789", + "auth_name": "533458225", "auth_pass": "bar", } url = f"{url}?{urlencode(params)}" @@ -260,7 +272,7 @@ def test_first_digid_login_updates_brp_fields(self, m): url = f"{url}?{urlencode(params)}" data = { - "auth_name": "123456782", + "auth_name": "533458225", "auth_pass": "bar", } # post our password to the IDP @@ -691,7 +703,7 @@ def test_digid_user_success(self): """Assert that digid users can register with duplicate emails""" test_user = DigidUserFactory.create( email="test@example.com", - bsn="123456789", + bsn="648197724", ) url = reverse("digid-mock:password") @@ -703,7 +715,7 @@ def test_digid_user_success(self): data = { # different BSN - "auth_name": "112083948", + "auth_name": "533458225", "auth_pass": "bar", } # post our password to the IDP @@ -780,7 +792,7 @@ def test_digid_user_non_digid_duplicate_fail(self): url = f"{url}?{urlencode(params)}" data = { - "auth_name": "123456789", + "auth_name": "533458225", "auth_pass": "bar", } # post our password to the IDP @@ -816,7 +828,7 @@ def test_digid_user_can_edit_profile(self): url = f"{url}?{urlencode(params)}" data = { - "auth_name": "123456782", + "auth_name": "533458225", "auth_pass": "bar", } # post our password to the IDP