Added support for OAuth 2 authentication. Fixes #5940

Initial patch sent by: Florian Sabonchi
2025-02-25 18:55:31 -06:00 · 2021-07-06 13:22:58 +05:30
parent fff4060b31
commit 48ca83f31d
35 changed files with 750 additions and 227 deletions
--- a/web/regression/python_test_utils/csrf_test_client.py
+++ b/web/regression/python_test_utils/csrf_test_client.py
@@ -92,9 +92,7 @@ class TestClient(testing.FlaskClient):
        # and make a test request context that has those cookies in it.
        environ_overrides = {}
        self.cookie_jar.inject_wsgi(environ_overrides)
-        with self.app.test_request_context(
-            "/login", environ_overrides=environ_overrides,
-        ):
+        with self.app.test_request_context():
            # Now, we call Flask-WTF's method of generating a CSRF token...
            csrf_token = generate_csrf()
            # ...which also sets a value in `flask.session`, so we need to
@@ -106,18 +104,27 @@ class TestClient(testing.FlaskClient):
            return csrf_token

    def login(self, email, password, _follow_redirects=False,
-              headers=None):
+              headers=None, extra_form_data=dict()):
+        csrf_token = None
        if config.SERVER_MODE is True:
-            res = self.get('/login', follow_redirects=True)
+            res = self.get('/login',
+                           follow_redirects=_follow_redirects)
            csrf_token = self.fetch_csrf(res)
-        else:
+
+        if csrf_token is None:
            csrf_token = self.generate_csrf_token()

+        form_data = dict(
+            email=email,
+            password=password,
+            csrf_token=csrf_token
+        )
+
+        if extra_form_data:
+            form_data.update(extra_form_data)
+
        res = self.post(
-            '/authenticate/login', data=dict(
-                email=email, password=password,
-                csrf_token=csrf_token,
-            ),
+            '/authenticate/login', data=form_data,
            follow_redirects=_follow_redirects,
            headers=headers
        )
--- a/web/regression/python_test_utils/test_utils.py
+++ b/web/regression/python_test_utils/test_utils.py
@@ -1656,14 +1656,14 @@ def create_user(user_details):
        cur = conn.cursor()
        user_details = (
            user_details['login_username'], user_details['login_username'],
-            user_details['login_password'], 1)
+            user_details['login_password'], 1, uuid.uuid4().hex)

        cur.execute(
            'select * from user where username = "%s"' % user_details[0])
        user = cur.fetchone()
        if user is None:
-            cur.execute('INSERT INTO user (username, email, password, active) '
-                        'VALUES (?,?,?,?)', user_details)
+            cur.execute('INSERT INTO user (username, email, password, active,'
+                        ' fs_uniquifier) VALUES (?,?,?,?,?)', user_details)
            user_id = cur.lastrowid
            conn.commit()
        else: