Skip to content

Commit

Permalink
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
fix: tests
Browse files Browse the repository at this point in the history
syedsajjadkazmii committed Jan 26, 2024
1 parent 9f527ca commit fe968a4
Showing 4 changed files with 16 additions and 14 deletions.
8 changes: 8 additions & 0 deletions CHANGELOG.rst
Original file line number Diff line number Diff line change
@@ -12,6 +12,14 @@ Change Log
Unreleased
----------

[10.1.0] - 2024-01-26
---------------------

* Added toggle EDX_DRF_EXTENSIONS[ENABLE_JWT_AND_LMS_USER_EMAIL_MATCH]:

* If enabled, makes sure that the user email in JWT cookies and LMS user email matches
* If email matches, it allows authentication otherwise raise JwtUserEmailMismatchError error.

[10.0.0] - 2023-11-30
---------------------

2 changes: 1 addition & 1 deletion edx_rest_framework_extensions/__init__.py
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
""" edx Django REST Framework extensions. """

__version__ = '10.0.0' # pragma: no cover
__version__ = '10.1.0' # pragma: no cover
Original file line number Diff line number Diff line change
@@ -36,7 +36,6 @@
ENABLE_JWT_AND_LMS_USER_EMAIL_MATCH,
ENABLE_SET_REQUEST_USER_FOR_JWT_COOKIE,
)
from edx_rest_framework_extensions.config import ENABLE_SET_REQUEST_USER_FOR_JWT_COOKIE
from edx_rest_framework_extensions.tests import factories


@@ -251,11 +250,6 @@ def test_authenticate_with_correct_jwt_cookie_and_django_request(
mock_set_custom_attribute.assert_any_call('jwt_auth_with_django_request', True)
mock_set_custom_attribute.assert_any_call('jwt_auth_result', 'success-cookie')

@override_settings(
EDX_DRF_EXTENSIONS={
ENABLE_JWT_AND_LMS_USER_EMAIL_MATCH: False
}
)
@mock.patch('edx_rest_framework_extensions.auth.jwt.authentication.set_custom_attribute')
def test_authenticate_csrf_protected(self, mock_set_custom_attribute):
"""
@@ -551,12 +545,11 @@ def test_authenticate_jwt_and_no_session_and_set_request_user(self, mock_set_cus
),
ROOT_URLCONF='edx_rest_framework_extensions.auth.jwt.tests.test_authentication',
)
def test_authenticate_user_lms_and_jwt_email_mismatch_not_checked(self):
def test_authenticate_user_lms_and_jwt_email_mismatch_toggle_disabled(self):
"""
Test that lms and jwt user email is not checked for match if ENABLE_JWT_AND_LMS_USER_EMAIL_MATCH is false.
Test success for JwtAuthentication when ENABLE_JWT_AND_LMS_USER_EMAIL_MATCH is disabled.
"""
user_email = 'old@example.com'
user = factories.UserFactory(email=user_email)
user = factories.UserFactory(email='old@example.com')
jwt_header_payload, jwt_signature = self._get_test_jwt_token_payload_and_signature(user=user)

# Cookie parts will be recombined by JwtAuthCookieMiddleware
@@ -591,7 +584,8 @@ def test_authenticate_user_lms_and_jwt_email_mismatch_not_checked(self):
@mock.patch('edx_rest_framework_extensions.auth.jwt.authentication.set_custom_attribute')
def test_authenticate_user_lms_and_jwt_email_match_failure(self, mock_set_custom_attribute):
"""
Tests failure when lms and jwt user email do not match if ENABLE_JWT_AND_LMS_USER_EMAIL_MATCH is True.
Test failure for JwtAuthentication when ENABLE_JWT_AND_LMS_USER_EMAIL_MATCH
is enabled and the lms and jwt user email do not match.
"""
user_email = 'old@example.com'
user = factories.UserFactory(email=user_email)
@@ -634,7 +628,8 @@ def test_authenticate_user_lms_and_jwt_email_match_failure(self, mock_set_custom
@mock.patch('edx_rest_framework_extensions.auth.jwt.authentication.set_custom_attribute')
def test_authenticate_user_lms_and_jwt_email_match_success(self, mock_set_custom_attribute):
"""
Tests success when lms and jwt user email match if ENABLE_JWT_AND_LMS_USER_EMAIL_MATCH is True.
Test success for JwtAuthentication when ENABLE_JWT_AND_LMS_USER_EMAIL_MATCH
is enabled and the lms and jwt user email match.
"""
user_email = 'old@example.com'
user = factories.UserFactory(email=user_email)
1 change: 0 additions & 1 deletion edx_rest_framework_extensions/settings.py
Original file line number Diff line number Diff line change
@@ -27,7 +27,6 @@
DEFAULT_SETTINGS = {
ENABLE_JWT_AND_LMS_USER_EMAIL_MATCH: False,
ENABLE_SET_REQUEST_USER_FOR_JWT_COOKIE: False,
ENABLE_JWT_AND_LMS_USER_EMAIL_MATCH: False,

'JWT_PAYLOAD_MERGEABLE_USER_ATTRIBUTES': (),
# Map JWT claims to user attributes.

0 comments on commit fe968a4

Please sign in to comment.