Full coverage of logout view

2016-06-28 16:41:27 +02:00 · 2016-06-28 16:41:27 +02:00 · 327a47566f
parent 166590f264
commit 327a47566f
1 changed files with 122 additions and 22 deletions
--- a/cas_server/tests.py
+++ b/cas_server/tests.py
@ -476,6 +476,7 @@ class LoginTestCase(TestCase):
        """test ajax, login required"""
        client = Client()
        response = client.get("/login", HTTP_X_AJAX='on')
+        self.assertEqual(response.status_code, 200)
        data = json.loads(response.content.decode("utf8"))
        self.assertEqual(data["status"], "error")
        self.assertEqual(data["detail"], "login required")
@ -490,6 +491,7 @@ class LoginTestCase(TestCase):
        )
        user.delete()
        response = client.get("/login", HTTP_X_AJAX='on')
+        self.assertEqual(response.status_code, 200)
        data = json.loads(response.content.decode("utf8"))
        self.assertEqual(data["status"], "error")
        self.assertEqual(data["detail"], "login required")
@ -499,6 +501,7 @@ class LoginTestCase(TestCase):
        """test ajax user is successfully logged"""
        client = get_auth_client()
        response = client.get("/login", HTTP_X_AJAX='on')
+        self.assertEqual(response.status_code, 200)
        data = json.loads(response.content.decode("utf8"))
        self.assertEqual(data["status"], "success")
        self.assertEqual(data["detail"], "logged")
@ -508,6 +511,7 @@ class LoginTestCase(TestCase):
        service = "https://www.example.com"
        client = get_auth_client()
        response = client.get("/login", {'service': service}, HTTP_X_AJAX='on')
+        self.assertEqual(response.status_code, 200)
        data = json.loads(response.content.decode("utf8"))
        self.assertEqual(data["status"], "success")
        self.assertEqual(data["detail"], "auth")
@ -518,6 +522,7 @@ class LoginTestCase(TestCase):
        service = "https://www.example.org"
        client = get_auth_client()
        response = client.get("/login", {'service': service}, HTTP_X_AJAX='on')
+        self.assertEqual(response.status_code, 200)
        data = json.loads(response.content.decode("utf8"))
        self.assertEqual(data["status"], "error")
        self.assertEqual(data["detail"], "auth")
@ -532,6 +537,7 @@ class LoginTestCase(TestCase):
        service = "https://www.example.com"
        client = get_auth_client(warn="on")
        response = client.get("/login", {'service': service}, HTTP_X_AJAX='on')
+        self.assertEqual(response.status_code, 200)
        data = json.loads(response.content.decode("utf8"))
        self.assertEqual(data["status"], "error")
        self.assertEqual(data["detail"], "confirmation needed")
@ -540,10 +546,22 @@ class LoginTestCase(TestCase):
 class LogoutTestCase(TestCase):

    def setUp(self):
+        """prepare logout test context"""
        settings.CAS_AUTH_CLASS = 'cas_server.auth.TestAuthUser'

+    def test_logout(self):
+        """logout is idempotent"""
+        client = Client()
+
+        client.get("/logout")
+
+        self.assertFalse(client.session.get("username"))
+        self.assertFalse(client.session.get("authenticated"))
+
    def test_logout_view(self):
+        """test simple logout"""
        client = get_auth_client()
+        client2 = get_auth_client()

        response = client.get("/login")
        self.assertEqual(response.status_code, 200)
@ -553,6 +571,8 @@ class LogoutTestCase(TestCase):
                b"the Central Authentication Service"
            ) in response.content
        )
+        self.assertTrue(client.session["username"] == settings.CAS_TEST_USER)
+        self.assertTrue(client.session["authenticated"] is True)

        response = client.get("/logout")
        self.assertEqual(response.status_code, 200)
@ -563,6 +583,40 @@ class LogoutTestCase(TestCase):
            ) in response.content
        )

+        self.assertFalse(client.session.get("username"))
+        self.assertFalse(client.session.get("authenticated"))
+        # client2 is still logged
+        self.assertTrue(client2.session["username"] == settings.CAS_TEST_USER)
+        self.assertTrue(client2.session["authenticated"] is True)
+
+        response = client.get("/login")
+        self.assertEqual(response.status_code, 200)
+        self.assertFalse(
+            (
+                b"You have successfully logged into "
+                b"the Central Authentication Service"
+            ) in response.content
+        )
+
+    def test_logout_from_all_session(self):
+        """test logout from all my session"""
+        client = get_auth_client()
+        client2 = get_auth_client()
+
+        client.get("/logout?all=1")
+
+        # both client are logged out
+        self.assertFalse(client.session.get("username"))
+        self.assertFalse(client.session.get("authenticated"))
+        self.assertFalse(client2.session.get("username"))
+        self.assertFalse(client2.session.get("authenticated"))
+
+    def assert_redirect_to_service(self, client, response):
+        """assert logout redirect to parameter"""
+        self.assertEqual(response.status_code, 302)
+        self.assertTrue(response.has_header("Location"))
+        self.assertEqual(response["Location"], "https://www.example.com")
+
        response = client.get("/login")
        self.assertEqual(response.status_code, 200)
        self.assertFalse(
@ -573,38 +627,84 @@ class LogoutTestCase(TestCase):
        )

    def test_logout_view_url(self):
+        """test logout redirect to url parameter"""
        client = get_auth_client()

        response = client.get('/logout?url=https://www.example.com')
-        self.assertEqual(response.status_code, 302)
-        self.assertTrue(response.has_header("Location"))
-        self.assertEqual(response["Location"], "https://www.example.com")
-
-        response = client.get("/login")
-        self.assertEqual(response.status_code, 200)
-        self.assertFalse(
-            (
-                b"You have successfully logged into "
-                b"the Central Authentication Service"
-            ) in response.content
-        )
+        self.assert_redirect_to_service(client, response)

    def test_logout_view_service(self):
+        """test logout redirect to service parameter"""
        client = get_auth_client()

        response = client.get('/logout?service=https://www.example.com')
-        self.assertEqual(response.status_code, 302)
-        self.assertTrue(response.has_header("Location"))
-        self.assertEqual(response["Location"], "https://www.example.com")
+        self.assert_redirect_to_service(client, response)

-        response = client.get("/login")
+    def test_ajax_logout(self):
+        """test ajax logout"""
+        client = get_auth_client()
+
+        response = client.get('/logout', HTTP_X_AJAX='on')
        self.assertEqual(response.status_code, 200)
-        self.assertFalse(
-            (
-                b"You have successfully logged into "
-                b"the Central Authentication Service"
-            ) in response.content
-        )
+        data = json.loads(response.content.decode("utf8"))
+        self.assertEqual(data["status"], "success")
+        self.assertEqual(data["detail"], "logout")
+        self.assertEqual(data['session_nb'], 1)
+
+    def test_ajax_logout_all_session(self):
+        """test ajax logout from a random number a sessions"""
+        nb_client = random.randint(2, 10)
+        clients = [get_auth_client() for i in range(nb_client)]
+        response = clients[0].get('/logout?all=1', HTTP_X_AJAX='on')
+        self.assertEqual(response.status_code, 200)
+        data = json.loads(response.content.decode("utf8"))
+        self.assertEqual(data["status"], "success")
+        self.assertEqual(data["detail"], "logout")
+        self.assertEqual(data['session_nb'], nb_client)
+
+    def test_redirect_after_logout(self):
+        """Test redirect to login after logout parameter"""
+        settings.CAS_REDIRECT_TO_LOGIN_AFTER_LOGOUT = True
+        client = get_auth_client()
+
+        response = client.get('/logout')
+        self.assertEqual(response.status_code, 302)
+        if django.VERSION < (1, 9):
+            self.assertEqual(response["Location"], "http://testserver/login")
+        else:
+            self.assertEqual(response["Location"], "/login")
+        self.assertFalse(client.session.get("username"))
+        self.assertFalse(client.session.get("authenticated"))
+
+        settings.CAS_REDIRECT_TO_LOGIN_AFTER_LOGOUT = False
+
+    def test_redirect_after_logout_to_service(self):
+        """test prevalence of redirect url/service parameter over redirect to login after logout"""
+        settings.CAS_REDIRECT_TO_LOGIN_AFTER_LOGOUT = True
+        client = get_auth_client()
+
+        response = client.get('/logout?url=https://www.example.com')
+        self.assert_redirect_to_service(client, response)
+
+        response = client.get('/logout?service=https://www.example.com')
+        self.assert_redirect_to_service(client, response)
+
+        settings.CAS_REDIRECT_TO_LOGIN_AFTER_LOGOUT = False
+
+    def test_ajax_redirect_after_logout(self):
+        """Test ajax redirect to login after logout parameter"""
+        settings.CAS_REDIRECT_TO_LOGIN_AFTER_LOGOUT = True
+        client = get_auth_client()
+
+        response = client.get('/logout', HTTP_X_AJAX='on')
+        self.assertEqual(response.status_code, 200)
+        data = json.loads(response.content.decode("utf8"))
+        self.assertEqual(data["status"], "success")
+        self.assertEqual(data["detail"], "logout")
+        self.assertEqual(data['session_nb'], 1)
+        self.assertEqual(data['url'], '/login')
+
+        settings.CAS_REDIRECT_TO_LOGIN_AFTER_LOGOUT = False


 class AuthTestCase(TestCase):