Merge branch 'GREG-223-feide-nin-fix' into 'master'

Fix bug where nin was not saved from feide See merge request !298

Merge branch 'GREG-223-feide-nin-fix' into 'master'
Fix bug where nin was not saved from feide See merge request !298
9ef2ae46 · Andreas Ellewsen · 5b7099d3 · b53170fd · 9ef2ae46 · 9ef2ae46
Commit 9ef2ae46 authored 3 years ago by Andreas Ellewsen
--- a/gregui/authentication/auth_backends.py
+++ b/gregui/authentication/auth_backends.py
@@ -243,7 +243,7 @@ class GregOIDCBackend(ValidatingOIDCBackend):
                extended_userinfo = self.get_extended_userinfo(access_token)
                if "norEduPersonNIN" in extended_userinfo:
                    userinfo["userid_nin"] = extended_userinfo["norEduPersonNIN"]
+            self._get_or_create_greg_user_profile(userinfo, user)
        return user
    def _get_sponsor_from_userinfo(self, userinfo: dict) -> Optional[Sponsor]:

--- a/gregui/tests/authentication/test_user_profile.py
+++ b/gregui/tests/authentication/test_user_profile.py
@@ -318,3 +318,141 @@ def test_invited_existing_user(invited_person, user_person):
    user_profile = GregUserProfile.objects.get(user=user)
    assert user_profile.person == old_person
+@pytest.mark.django_db
+def test_invited_feide_nin_from_extended(requests_mock, invited_person):
+    """
+    Invitation login, user with existing person and no sponsor object,
+    nin only present in extended userinfo.
+    A GregUserProfile should be created, and the person should get feide-id and nin set
+    """
+    person, invitation_link = invited_person
+    email = "foo@example.com"
+    feide_id = "bar@example.com"
+    nin = "12345678901"
+    access_token = "foo"
+    id_token = "foo"
+    payload = "foo"
+    requests_mock.get(
+        "https://auth.dataporten.no/openid/userinfo",
+        json={
+            "sub": "subsub",
+            "dataporten-userid_sec": [f"feide:{feide_id}"],
+            "name": f"{person.first_name} {person.last_name}",
+            "email": f"{email}",
+        },
+    )
+    requests_mock.get(
+        "https://api.dataporten.no/userinfo/v1/userinfo", json={"norEduPersonNIN": nin}
+    )
+    auth_request = RequestFactory().get("/foo", {"code": "foo", "state": "bar"})
+    auth_request.session = {"invite_id": invitation_link.uuid}
+    backend = GregOIDCBackend()
+    backend.request = auth_request
+    # No profile beforehand
+    assert len(GregUserProfile.objects.filter(person_id=person.id)) == 0
+    user = backend.get_or_create_user(access_token, id_token, payload)
+    # User profile exists and all things set correctly after
+    user_profile = GregUserProfile.objects.get(user=user)
+    assert user_profile.person == person
+    assert user_profile.person.fnr and user_profile.person.fnr.value == nin
+    assert (
+        user_profile.person.feide_id and user_profile.person.feide_id.value == feide_id
+    )
+    assert user_profile.sponsor is None
+@pytest.mark.django_db
+def test_invited_feide_nin_from_regular(requests_mock, invited_person):
+    """
+    Invitation login, user with existing person and no sponsor object,
+    nin present in regular userinfo.
+    A GregUserProfile should be created, and the person should get feide-id and nin set
+    """
+    person, invitation_link = invited_person
+    email = "foo@example.com"
+    feide_id = "bar@example.com"
+    nin = "12345678901"
+    access_token = "foo"
+    id_token = "foo"
+    payload = "foo"
+    requests_mock.get(
+        "https://auth.dataporten.no/openid/userinfo",
+        json={
+            "sub": "subsub",
+            "dataporten-userid_sec": [f"feide:{feide_id}", f"nin:{nin}"],
+            "name": f"{person.first_name} {person.last_name}",
+            "email": f"{email}",
+        },
+    )
+    requests_mock.get("https://api.dataporten.no/userinfo/v1/userinfo", json={})
+    auth_request = RequestFactory().get("/foo", {"code": "foo", "state": "bar"})
+    auth_request.session = {"invite_id": invitation_link.uuid}
+    backend = GregOIDCBackend()
+    backend.request = auth_request
+    # No profile beforehand
+    assert len(GregUserProfile.objects.filter(person_id=person.id)) == 0
+    user = backend.get_or_create_user(access_token, id_token, payload)
+    # User profile exists and all things set correctly after
+    user_profile = GregUserProfile.objects.get(user=user)
+    assert user_profile.person == person
+    assert user_profile.person.fnr and user_profile.person.fnr.value == nin
+    assert (
+        user_profile.person.feide_id and user_profile.person.feide_id.value == feide_id
+    )
+    assert user_profile.sponsor is None
+@pytest.mark.django_db
+def test_invited_feide_no_nin(requests_mock, invited_person):
+    """
+    Invitation login, user with existing person and no sponsor object,
+    nin not present
+    A GregUserProfile should be created, and the person should get feide-id set
+    """
+    person, invitation_link = invited_person
+    email = "foo@example.com"
+    feide_id = "bar@example.com"
+    access_token = "foo"
+    id_token = "foo"
+    payload = "foo"
+    requests_mock.get(
+        "https://auth.dataporten.no/openid/userinfo",
+        json={
+            "sub": "subsub",
+            "dataporten-userid_sec": [f"feide:{feide_id}"],
+            "name": f"{person.first_name} {person.last_name}",
+            "email": f"{email}",
+        },
+    )
+    requests_mock.get("https://api.dataporten.no/userinfo/v1/userinfo", json={})
+    auth_request = RequestFactory().get("/foo", {"code": "foo", "state": "bar"})
+    auth_request.session = {"invite_id": invitation_link.uuid}
+    backend = GregOIDCBackend()
+    backend.request = auth_request
+    # No profile beforehand
+    assert len(GregUserProfile.objects.filter(person_id=person.id)) == 0
+    user = backend.get_or_create_user(access_token, id_token, payload)
+    # User profile exists and all things set correctly after
+    user_profile = GregUserProfile.objects.get(user=user)
+    assert user_profile.person == person
+    assert user_profile.person.fnr is None
+    assert (
+        user_profile.person.feide_id and user_profile.person.feide_id.value == feide_id
+    )
+    assert user_profile.sponsor is None