Add support for OIDC (#389)

* added support for oidc auth * fixed oidc usernames * hiding password for users that aren't logged in via local auth * add dependency, update settings * keep change password link * add tests * add docs --------- Co-authored-by: Sascha Ißbrücker <sascha.issbruecker@gmail.com>
2025-08-14 05:59:29 +02:00 · 2024-03-16 23:42:46 +01:00
parent 4bee104b62
commit 39782e75e7
12 changed files with 192 additions and 17 deletions
--- a/bookmarks/tests/test_login_view.py
+++ b/bookmarks/tests/test_login_view.py
@@ -0,0 +1,29 @@
+from django.test import TestCase, override_settings
+from django.urls import path, include
+
+from bookmarks.tests.helpers import HtmlTestMixin
+from siteroot.urls import urlpatterns as base_patterns
+
+# Register OIDC urls for this test, otherwise login template can not render when OIDC is enabled
+urlpatterns = base_patterns + [path("oidc/", include("mozilla_django_oidc.urls"))]
+
+
+@override_settings(ROOT_URLCONF=__name__)
+class LoginViewTestCase(TestCase, HtmlTestMixin):
+
+    def test_should_not_show_oidc_login_by_default(self):
+        response = self.client.get("/login/")
+        soup = self.make_soup(response.content.decode())
+
+        oidc_login_link = soup.find("a", text="Login with OIDC")
+
+        self.assertIsNone(oidc_login_link)
+
+    @override_settings(LD_ENABLE_OIDC=True)
+    def test_should_show_oidc_login_when_enabled(self):
+        response = self.client.get("/login/")
+        soup = self.make_soup(response.content.decode())
+
+        oidc_login_link = soup.find("a", text="Login with OIDC")
+
+        self.assertIsNotNone(oidc_login_link)
--- a/bookmarks/tests/test_oidc_support.py
+++ b/bookmarks/tests/test_oidc_support.py
@@ -0,0 +1,51 @@
+import importlib
+import os
+
+from django.test import TestCase, override_settings
+from django.urls import URLResolver
+
+
+class OidcSupportTest(TestCase):
+    def test_should_not_add_oidc_urls_by_default(self):
+        siteroot_urls = importlib.import_module("siteroot.urls")
+        importlib.reload(siteroot_urls)
+        oidc_url_found = any(
+            isinstance(urlpattern, URLResolver) and urlpattern.pattern._route == "oidc/"
+            for urlpattern in siteroot_urls.urlpatterns
+        )
+
+        self.assertFalse(oidc_url_found)
+
+    @override_settings(LD_ENABLE_OIDC=True)
+    def test_should_add_oidc_urls_when_enabled(self):
+        siteroot_urls = importlib.import_module("siteroot.urls")
+        importlib.reload(siteroot_urls)
+        oidc_url_found = any(
+            isinstance(urlpattern, URLResolver) and urlpattern.pattern._route == "oidc/"
+            for urlpattern in siteroot_urls.urlpatterns
+        )
+
+        self.assertTrue(oidc_url_found)
+
+    def test_should_not_add_oidc_authentication_backend_by_default(self):
+        base_settings = importlib.import_module("siteroot.settings.base")
+        importlib.reload(base_settings)
+
+        self.assertListEqual(
+            ["django.contrib.auth.backends.ModelBackend"],
+            base_settings.AUTHENTICATION_BACKENDS,
+        )
+
+    def test_should_add_oidc_authentication_backend_when_enabled(self):
+        os.environ["LD_ENABLE_OIDC"] = "True"
+        base_settings = importlib.import_module("siteroot.settings.base")
+        importlib.reload(base_settings)
+
+        self.assertListEqual(
+            [
+                "django.contrib.auth.backends.ModelBackend",
+                "mozilla_django_oidc.auth.OIDCAuthenticationBackend",
+            ],
+            base_settings.AUTHENTICATION_BACKENDS,
+        )
+        del os.environ["LD_ENABLE_OIDC"]  # Remove the temporary environment variable