launchpad-reviewers team mailing list archive

Thread
Date

[Merge] ~pappacena/turnip:py3-openid-login-flow into turnip:master

To: mp+395751@xxxxxxxxxxxxxxxxxx
From: "Thiago F. Pappacena" <pappacena@xxxxxxxxx>
Date: Mon, 04 Jan 2021 21:34:22 -0000
Reply-to: mp+395751@xxxxxxxxxxxxxxxxxx
Sender: bounces@xxxxxxxxxxxxx

Thiago F. Pappacena has proposed merging ~pappacena/turnip:py3-openid-login-flow into turnip:master.

Commit message:
Fixing OpenID login flow for cgit

Requested reviews:
  Launchpad code reviewers (launchpad-reviewers)

For more details, see:
https://code.launchpad.net/~pappacena/turnip/+git/turnip/+merge/395751
-- 
Your team Launchpad code reviewers is requested to review the proposed merge of ~pappacena/turnip:py3-openid-login-flow into turnip:master.

diff --git a/turnip/pack/http.py b/turnip/pack/http.py
index a9772be..f138c77 100644
--- a/turnip/pack/http.py
+++ b/turnip/pack/http.py
@@ -604,15 +604,16 @@ class HTTPAuthRootResource(BaseHTTPAuthResource):
         that we can then redirect them again to the page they were looking
         at, with a cookie that gives us the identity URL and username.
         """
+        base_url = 'https://%s' % compat.nativeString(
+            request.getRequestHostname())
+        back_to = six.ensure_binary(base_url) + request.uri
+        realm = base_url + '/'
+        return_to = base_url + '/+login/?' + urlencode({'back_to': back_to})
+
         openid_request = self._makeConsumer(session).begin(
             self.root.openid_provider_root)
         openid_request.addExtension(SRegRequest(required=['nickname']))
-        base_url = 'https://%s' % compat.nativeString(
-            request.getRequestHostname())
-        back_to = base_url + request.uri
-        target = openid_request.redirectURL(
-            base_url + '/',
-            base_url + '/+login/?' + urlencode({'back_to': back_to}))
+        target = openid_request.redirectURL(realm, return_to)
         request.redirect(target.encode('UTF-8'))
         request.finish()
 
diff --git a/turnip/pack/tests/test_http.py b/turnip/pack/tests/test_http.py
index dcd4b22..86a5c95 100644
--- a/turnip/pack/tests/test_http.py
+++ b/turnip/pack/tests/test_http.py
@@ -321,6 +321,28 @@ class TestHTTPAuthRootResource(TestCase):
         root.reactor = task.Clock()
         root.cgit_secret = None
 
+    def test__beginLogin(self):
+        root = self.root
+        root.openid_provider_root = 'https://testopenid.test/'
+        request = LessDummyRequest([''])
+        request.method = b'GET'
+        request.path = b'/example'
+        session = {}
+        openid_request = mock.Mock()
+        openid_request.redirectURL.return_value = 'http://redirected.test'
+
+        # Quite a lot of things are mocked here, mainly because we only want
+        # to make sure that we redirect to OpenID correctly.
+        resource = http.HTTPAuthRootResource(root)
+        resource._makeConsumer = mock.Mock()
+        resource._makeConsumer.return_value.begin.return_value = openid_request
+
+        resource._beginLogin(request, session)
+        self.assertEqual(302, request.responseCode)
+        self.assertEqual(
+            [b'http://redirected.test'],
+            request.responseHeaders.getRawHeaders(b'location'))
+
     def test_translatePath_timeout(self):
         root = self.root
         request = LessDummyRequest([''])