Tivix/django-rest-auth
1
1
Fork 0
mirror of https://github.com/Tivix/django-rest-auth.git synced 2025-06-20 04:43:03 +03:00
Code Issues Packages Projects Releases Wiki Activity

Merge 0ffc25219d into cdd04aa9be

Browse Source
This commit is contained in:
Luke Burden 2022-03-29 17:44:11 +02:00 committed by GitHub
commit d67f88b899
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 131 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
rest_auth/registration/serializers.py
View File

@ -73,6 +73,7 @@ class SocialLoginSerializer(serializers.Serializer):
adapter = adapter_class(request) adapter = adapter_class(request)
app = adapter.get_provider().get_app(request) app = adapter.get_provider().get_app(request)
token_attrs = {}
# More info on code vs access_token # More info on code vs access_token
# http://stackoverflow.com/questions/8666316/facebook-oauth-2-0-code-and-token # http://stackoverflow.com/questions/8666316/facebook-oauth-2-0-code-and-token
@ -80,6 +81,7 @@ class SocialLoginSerializer(serializers.Serializer):
# Case 1: We received the access_token # Case 1: We received the access_token
if attrs.get('access_token'): if attrs.get('access_token'):
access_token = attrs.get('access_token') access_token = attrs.get('access_token')
token_attrs['access_token'] = access_token
# Case 2: We received the authorization code # Case 2: We received the authorization code
elif attrs.get('code'): elif attrs.get('code'):
@ -108,14 +110,18 @@ class SocialLoginSerializer(serializers.Serializer):
self.callback_url, self.callback_url,
scope scope
) )
token = client.get_access_token(code) token_attrs = client.get_access_token(code)
access_token = token['access_token'] access_token = token_attrs['access_token']
else: else:
raise serializers.ValidationError( raise serializers.ValidationError(
_("Incorrect input. access_token or code is required.")) _("Incorrect input. access_token or code is required."))
social_token = adapter.parse_token({'access_token': access_token}) # To allow allauth to store the refresh token as well as the access token, we
# make another minor adjustment, not yet in all-auth.
# https://github.com/Tivix/django-rest-auth/pull/486
# social_token = adapter.parse_token({'access_token': access_token})
social_token = adapter.parse_token(token_attrs)
social_token.app = app social_token.app = app
try: try:

120
rest_auth/tests/test_social.py
View File

@ -10,7 +10,7 @@ try:
except ImportError: except ImportError:
from django.core.urlresolvers import reverse from django.core.urlresolvers import reverse
from allauth.socialaccount.models import SocialApp from allauth.socialaccount.models import SocialAccount, SocialApp
from allauth.socialaccount.providers.facebook.provider import GRAPH_API_URL from allauth.socialaccount.providers.facebook.provider import GRAPH_API_URL
import responses import responses
@ -53,6 +53,7 @@ class TestSocialAuth(TestsMixin, TestCase):
social_app.sites.add(site) social_app.sites.add(site)
twitter_social_app.sites.add(site) twitter_social_app.sites.add(site)
self.graph_api_url = GRAPH_API_URL + '/me' self.graph_api_url = GRAPH_API_URL + '/me'
self.graph_api_access_token_url = GRAPH_API_URL + '/oauth/access_token'
self.twitter_url = 'http://twitter.com/foobarme' self.twitter_url = 'http://twitter.com/foobarme'
@responses.activate @responses.activate
@ -110,6 +111,63 @@ class TestSocialAuth(TestsMixin, TestCase):
self.assertIn('key', self.response.json.keys()) self.assertIn('key', self.response.json.keys())
self.assertEqual(get_user_model().objects.all().count(), users_count + 1) self.assertEqual(get_user_model().objects.all().count(), users_count + 1)
@responses.activate
def test_social_auth_with_authorization_code(self):
# Test Facebook
resp_body = {
"id": "123123123123123123",
"access_token": "gimme-access",
"refresh_token": "sofresh", # Note: Facebook does not actually return this but other providers can
"token_refresh_interval_sec": 3600,
}
responses.add(
responses.POST,
self.graph_api_access_token_url,
body=json.dumps(resp_body),
status=200,
content_type='application/json'
)
resp_body = {
"id": "123123123123",
"first_name": "John",
"gender": "male",
"last_name": "Smith",
"link": "https://www.facebook.com/john.smith",
"locale": "en_US",
"name": "John Smith",
"timezone": 2,
"updated_time": "2014-08-13T10:14:38+0000",
"username": "john.smith",
"verified": True
}
responses.add(
responses.GET,
self.graph_api_url,
body=json.dumps(resp_body),
status=200,
content_type='application/json'
)
users_count = get_user_model().objects.all().count()
payload = {
'code': 'abc123'
}
self.post(self.fb_login_url, data=payload, status_code=200)
self.assertIn('key', self.response.json.keys())
self.assertEqual(get_user_model().objects.all().count(), users_count + 1)
# make sure that second request will not create a new user
self.post(self.fb_login_url, data=payload, status_code=200)
self.assertIn('key', self.response.json.keys())
self.assertEqual(get_user_model().objects.all().count(), users_count + 1)
account = SocialAccount.objects.first()
social_token = account.socialtoken_set.first()
self.assertEqual(social_token.token, "gimme-access")
self.assertEqual(social_token.token_secret, "sofresh")
def _twitter_social_auth(self): def _twitter_social_auth(self):
# fake response for twitter call # fake response for twitter call
resp_body = { resp_body = {
@ -297,13 +355,12 @@ class TestSocialAuth(TestsMixin, TestCase):
status=200, status=200,
content_type='application/json' content_type='application/json'
) )
users_count = get_user_model().objects.all().count() users_count = get_user_model().objects.all().count()
payload = { payload = {
'access_token': 'abc123' 'access_token': 'abc123'
} }
self.post(self.fb_login_url, data=payload, status_code=200) self.post(self.fb_login_url, data=payload)
self.assertIn('token', self.response.json.keys()) self.assertIn('token', self.response.json.keys())
self.assertIn('user', self.response.json.keys()) self.assertIn('user', self.response.json.keys())
@ -344,6 +401,7 @@ class TestSocialConnectAuth(TestsMixin, TestCase):
facebook_social_app.sites.add(site) facebook_social_app.sites.add(site)
twitter_social_app.sites.add(site) twitter_social_app.sites.add(site)
self.graph_api_url = GRAPH_API_URL + '/me' self.graph_api_url = GRAPH_API_URL + '/me'
self.graph_api_access_token_url = GRAPH_API_URL + '/oauth/access_token'
self.twitter_url = 'https://api.twitter.com/1.1/account/verify_credentials.json' self.twitter_url = 'https://api.twitter.com/1.1/account/verify_credentials.json'
@responses.activate @responses.activate
@ -445,3 +503,59 @@ class TestSocialConnectAuth(TestsMixin, TestCase):
self.get(self.social_account_list_url) self.get(self.social_account_list_url)
self.assertEqual(len(self.response.json), 1) self.assertEqual(len(self.response.json), 1)
self.assertEqual(self.response.json[0]['provider'], 'twitter') self.assertEqual(self.response.json[0]['provider'], 'twitter')
@responses.activate
def test_social_connect_with_authorization_code(self):
# register user
self.post(
self.register_url,
data=self.REGISTRATION_DATA,
status_code=201
)
# Test Facebook
resp_body = {
"id": "123123123123123123",
"access_token": "gimme-access",
"refresh_token": "sofresh", # Note: Facebook does not actually return this but other providers can
"token_refresh_interval_sec": 3600,
}
responses.add(
responses.POST,
self.graph_api_access_token_url,
body=json.dumps(resp_body),
status=200,
content_type='application/json'
)
resp_body = {
"id": "123123123123",
"first_name": "John",
"gender": "male",
"last_name": "Smith",
"link": "https://www.facebook.com/john.smith",
"locale": "en_US",
"name": "John Smith",
"timezone": 2,
"updated_time": "2014-08-13T10:14:38+0000",
"username": "john.smith",
"verified": True
}
responses.add(
responses.GET,
self.graph_api_url,
body=json.dumps(resp_body),
status=200,
content_type='application/json'
)
payload = {
'code': 'abc123'
}
self.post(self.fb_connect_url, data=payload, status_code=200)
self.assertIn('key', self.response.json.keys())
account = SocialAccount.objects.first()
social_token = account.socialtoken_set.first()
self.assertEqual(social_token.token, "gimme-access")
self.assertEqual(social_token.token_secret, "sofresh")

5
rest_auth/tests/urls.py
View File

@ -3,6 +3,7 @@ from django.views.generic import TemplateView
from . import django_urls from . import django_urls
from allauth.socialaccount.providers.facebook.views import FacebookOAuth2Adapter from allauth.socialaccount.providers.facebook.views import FacebookOAuth2Adapter
from allauth.socialaccount.providers.oauth2.client import OAuth2Client
from allauth.socialaccount.providers.twitter.views import TwitterOAuthAdapter from allauth.socialaccount.providers.twitter.views import TwitterOAuthAdapter
from rest_framework.decorators import api_view from rest_framework.decorators import api_view
@ -19,6 +20,8 @@ from rest_auth.social_serializers import (
class FacebookLogin(SocialLoginView): class FacebookLogin(SocialLoginView):
adapter_class = FacebookOAuth2Adapter adapter_class = FacebookOAuth2Adapter
callback_url = 'https://localhost:8000'
client_class = OAuth2Client
class TwitterLogin(SocialLoginView): class TwitterLogin(SocialLoginView):
@ -28,6 +31,8 @@ class TwitterLogin(SocialLoginView):
class FacebookConnect(SocialConnectView): class FacebookConnect(SocialConnectView):
adapter_class = FacebookOAuth2Adapter adapter_class = FacebookOAuth2Adapter
callback_url = 'https://localhost:8000'
client_class = OAuth2Client
class TwitterConnect(SocialConnectView): class TwitterConnect(SocialConnectView):