Skip to content

Commit

Permalink
feat: update session to handle one or more returned claims
Browse files Browse the repository at this point in the history
  • Loading branch information
lalver1 committed Oct 18, 2024
1 parent db0a7ae commit 632d610
Show file tree
Hide file tree
Showing 4 changed files with 34 additions and 26 deletions.
18 changes: 9 additions & 9 deletions benefits/core/session.py
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@
_ENROLLMENT_EXP = "enrollment_expiry"
_FLOW = "flow"
_LANG = "lang"
_OAUTH_CLAIM = "oauth_claim"
_OAUTH_CLAIMS = "oauth_claims"
_OAUTH_TOKEN = "oauth_token"
_ORIGIN = "origin"
_START = "start"
Expand Down Expand Up @@ -60,7 +60,7 @@ def context_dict(request):
_ENROLLMENT_TOKEN_EXP: enrollment_token_expiry(request),
_LANG: language(request),
_OAUTH_TOKEN: oauth_token(request),
_OAUTH_CLAIM: oauth_claim(request),
_OAUTH_CLAIMS: oauth_claims(request),
_ORIGIN: origin(request),
_START: start(request),
_UID: uid(request),
Expand Down Expand Up @@ -148,17 +148,17 @@ def logged_in(request):

def logout(request):
"""Reset the session claims and tokens."""
update(request, oauth_claim=False, oauth_token=False, enrollment_token=False)
update(request, oauth_claims=False, oauth_token=False, enrollment_token=False)


def oauth_token(request):
"""Get the oauth token from the request's session, or None"""
return request.session.get(_OAUTH_TOKEN)


def oauth_claim(request):
def oauth_claims(request):
"""Get the oauth claim from the request's session, or None"""
return request.session.get(_OAUTH_CLAIM)
return request.session.get(_OAUTH_CLAIMS)


def origin(request):
Expand All @@ -177,7 +177,7 @@ def reset(request):
request.session[_ENROLLMENT_TOKEN] = None
request.session[_ENROLLMENT_TOKEN_EXP] = None
request.session[_OAUTH_TOKEN] = None
request.session[_OAUTH_CLAIM] = None
request.session[_OAUTH_CLAIMS] = None

if _UID not in request.session or not request.session[_UID]:
logger.debug("Reset session time and uid")
Expand Down Expand Up @@ -236,7 +236,7 @@ def update(
enrollment_token=None,
enrollment_token_exp=None,
oauth_token=None,
oauth_claim=None,
oauth_claims=None,
origin=None,
):
"""Update the request's session with non-null values."""
Expand All @@ -260,8 +260,8 @@ def update(
request.session[_ENROLLMENT_TOKEN_EXP] = enrollment_token_exp
if oauth_token is not None:
request.session[_OAUTH_TOKEN] = oauth_token
if oauth_claim is not None:
request.session[_OAUTH_CLAIM] = oauth_claim
if oauth_claims is not None:
request.session[_OAUTH_CLAIMS] = oauth_claims
if origin is not None:
request.session[_ORIGIN] = origin
if flow is not None and isinstance(flow, models.EnrollmentFlow):
Expand Down
2 changes: 1 addition & 1 deletion benefits/eligibility/views.py
Original file line number Diff line number Diff line change
Expand Up @@ -85,7 +85,7 @@ def confirm(request):
if request.method == "GET" and flow.uses_claims_verification:
analytics.started_eligibility(request, flow)

is_verified = verify.eligibility_from_oauth(flow, session.oauth_claim(request), agency)
is_verified = verify.eligibility_from_oauth(flow, session.oauth_claims(request), agency)

if is_verified:
return verified(request)
Expand Down
10 changes: 5 additions & 5 deletions tests/pytest/core/test_session.py
Original file line number Diff line number Diff line change
Expand Up @@ -199,16 +199,16 @@ def test_logged_in_True(app_request):

@pytest.mark.django_db
def test_logout(app_request):
session.update(app_request, oauth_claim="oauth_claim", oauth_token="oauth_token", enrollment_token="enrollment_token")
session.update(app_request, oauth_claims="oauth_claim", oauth_token="oauth_token", enrollment_token="enrollment_token")
assert session.logged_in(app_request)
assert session.oauth_claim(app_request)
assert session.oauth_claims(app_request)

session.logout(app_request)

assert not session.logged_in(app_request)
assert not session.enrollment_token(app_request)
assert not session.oauth_token(app_request)
assert not session.oauth_claim(app_request)
assert not session.oauth_claims(app_request)


@pytest.mark.django_db
Expand Down Expand Up @@ -269,12 +269,12 @@ def test_reset_enrollment(app_request):
@pytest.mark.django_db
def test_reset_oauth(app_request):
app_request.session[session._OAUTH_TOKEN] = "oauthtoken456"
app_request.session[session._OAUTH_CLAIM] = "claim"
app_request.session[session._OAUTH_CLAIMS] = "claim"

session.reset(app_request)

assert session.oauth_token(app_request) is None
assert session.oauth_claim(app_request) is None
assert session.oauth_claims(app_request) is None


@pytest.mark.django_db
Expand Down
30 changes: 19 additions & 11 deletions tests/pytest/oauth/test_views.py
Original file line number Diff line number Diff line change
Expand Up @@ -213,11 +213,18 @@ def test_authorize_empty_token(


@pytest.mark.django_db
@pytest.mark.usefixtures("mocked_session_flow_uses_claims_verification")
def test_authorize_success(mocked_oauth_client_or_error_redirect__client, mocked_analytics_module, app_request):
def test_authorize_success(
mocked_session_flow_uses_claims_verification,
mocked_oauth_client_or_error_redirect__client,
mocked_analytics_module,
app_request,
):
mocked_oauth_client = mocked_oauth_client_or_error_redirect__client.return_value
mocked_oauth_client.authorize_access_token.return_value = {"id_token": "token"}

flow = mocked_session_flow_uses_claims_verification.return_value
flow.claims_extra_claims = ""

result = authorize(app_request)

mocked_oauth_client.authorize_access_token.assert_called_with(app_request)
Expand All @@ -234,14 +241,14 @@ def test_authorize_success_with_claim_true(
app_request, mocked_session_flow_uses_claims_verification, mocked_oauth_client_or_error_redirect__client
):
flow = mocked_session_flow_uses_claims_verification.return_value
flow.claims_claim = "claim"
flow.claims_extra_claims = ""
mocked_oauth_client = mocked_oauth_client_or_error_redirect__client.return_value
mocked_oauth_client.authorize_access_token.return_value = {"id_token": "token", "userinfo": {"claim": "1"}}

result = authorize(app_request)

mocked_oauth_client.authorize_access_token.assert_called_with(app_request)
assert session.oauth_claim(app_request) == "claim"
assert session.oauth_claims(app_request) == ["claim"]
assert result.status_code == 302
assert result.url == reverse(routes.ELIGIBILITY_CONFIRM)

Expand All @@ -252,14 +259,14 @@ def test_authorize_success_with_claim_false(
app_request, mocked_session_flow_uses_claims_verification, mocked_oauth_client_or_error_redirect__client
):
flow = mocked_session_flow_uses_claims_verification.return_value
flow.claims_claim = "claim"
flow.claims_extra_claims = ""
mocked_oauth_client = mocked_oauth_client_or_error_redirect__client.return_value
mocked_oauth_client.authorize_access_token.return_value = {"id_token": "token", "userinfo": {"claim": "0"}}

result = authorize(app_request)

mocked_oauth_client.authorize_access_token.assert_called_with(app_request)
assert session.oauth_claim(app_request) is None
assert session.oauth_claims(app_request) == []
assert result.status_code == 302
assert result.url == reverse(routes.ELIGIBILITY_CONFIRM)

Expand All @@ -272,15 +279,15 @@ def test_authorize_success_with_claim_error(
mocked_analytics_module,
):
flow = mocked_session_flow_uses_claims_verification.return_value
flow.claims_claim = "claim"
flow.claims_extra_claims = ""
mocked_oauth_client = mocked_oauth_client_or_error_redirect__client.return_value
mocked_oauth_client.authorize_access_token.return_value = {"id_token": "token", "userinfo": {"claim": "10"}}

result = authorize(app_request)

mocked_oauth_client.authorize_access_token.assert_called_with(app_request)
mocked_analytics_module.finished_sign_in.assert_called_with(app_request, error=10)
assert session.oauth_claim(app_request) is None
assert session.oauth_claims(app_request) == []
assert result.status_code == 302
assert result.url == reverse(routes.ELIGIBILITY_CONFIRM)

Expand All @@ -301,14 +308,15 @@ def test_authorize_success_without_claim_in_response(
access_token_response,
):
flow = mocked_session_flow_uses_claims_verification.return_value
flow.claims_claim = "claim"
flow.claims_eligibility_claim = "claim"
flow.claims_extra_claims = ""
mocked_oauth_client = mocked_oauth_client_or_error_redirect__client.return_value
mocked_oauth_client.authorize_access_token.return_value = access_token_response

result = authorize(app_request)

mocked_oauth_client.authorize_access_token.assert_called_with(app_request)
assert session.oauth_claim(app_request) is None
assert session.oauth_claims(app_request) == []
assert result.status_code == 302
assert result.url == reverse(routes.ELIGIBILITY_CONFIRM)

Expand Down Expand Up @@ -374,7 +382,7 @@ def test_logout(app_request, mocker, mocked_oauth_client_or_error_redirect__clie
assert not session.logged_in(app_request)
assert session.enrollment_token(app_request) is False
assert session.oauth_token(app_request) is False
assert session.oauth_claim(app_request) is False
assert session.oauth_claims(app_request) is False


@pytest.mark.django_db
Expand Down

0 comments on commit 632d610

Please sign in to comment.