-
-
Notifications
You must be signed in to change notification settings - Fork 544
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Fix access_token expiration and refresh handling in GitHub backend
Ensure the correct key is used for access_token expiration in the GitHub backend's extra_data, and save the refresh_token. Previously, the expiration of the access_token was not stored, causing the refresh_token functionality to be skipped. Signed-off-by: George Margaritis <[email protected]>
- Loading branch information
1 parent
5899cb9
commit 19ae97d
Showing
3 changed files
with
67 additions
and
2 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -10,7 +10,24 @@ class GithubOAuth2Test(OAuth2Test): | |
backend_path = "social_core.backends.github.GithubOAuth2" | ||
user_data_url = "https://api.github.com/user" | ||
expected_username = "foobar" | ||
access_token_body = json.dumps({"access_token": "foobar", "token_type": "bearer"}) | ||
access_token_body = json.dumps( | ||
{ | ||
"access_token": "foobar", | ||
"token_type": "bearer", | ||
"expires_in": 28800, | ||
"refresh_token": "foobar-refresh-token", | ||
} | ||
) | ||
refresh_token_body = json.dumps( | ||
{ | ||
"access_token": "foobar-new-token", | ||
"token_type": "bearer", | ||
"expires_in": 28800, | ||
"refresh_token": "foobar-new-refresh-token", | ||
"refresh_token_expires_in": 15897600, | ||
"scope": "", | ||
} | ||
) | ||
user_data_body = json.dumps( | ||
{ | ||
"login": "foobar", | ||
|
@@ -46,12 +63,25 @@ class GithubOAuth2Test(OAuth2Test): | |
} | ||
) | ||
|
||
def do_login(self): | ||
user = super().do_login() | ||
social = user.social[0] | ||
|
||
self.assertIsNotNone(social.extra_data["expires"]) | ||
self.assertIsNotNone(social.extra_data["refresh_token"]) | ||
|
||
return user | ||
|
||
def test_login(self): | ||
self.do_login() | ||
|
||
def test_partial_pipeline(self): | ||
self.do_partial_pipeline() | ||
|
||
def test_refresh_token(self): | ||
user, social = self.do_refresh_token() | ||
self.assertEqual(social.extra_data["access_token"], "foobar-new-token") | ||
|
||
|
||
class GithubOAuth2NoEmailTest(GithubOAuth2Test): | ||
user_data_body = json.dumps( | ||
|
@@ -122,6 +152,17 @@ def test_partial_pipeline(self): | |
) | ||
self.do_partial_pipeline() | ||
|
||
def test_refresh_token(self): | ||
url = "https://api.github.com/user/emails" | ||
HTTPretty.register_uri( | ||
HTTPretty.GET, | ||
url, | ||
status=200, | ||
body=json.dumps([{"email": "[email protected]"}]), | ||
content_type="application/json", | ||
) | ||
self.do_refresh_token() | ||
|
||
|
||
class GithubOrganizationOAuth2Test(GithubOAuth2Test): | ||
backend_path = "social_core.backends.github.GithubOrganizationOAuth2" | ||
|
@@ -139,6 +180,10 @@ def test_partial_pipeline(self): | |
self.strategy.set_settings({"SOCIAL_AUTH_GITHUB_ORG_NAME": "foobar"}) | ||
self.do_partial_pipeline() | ||
|
||
def test_refresh_token(self): | ||
self.strategy.set_settings({"SOCIAL_AUTH_GITHUB_ORG_NAME": "foobar"}) | ||
self.do_refresh_token() | ||
|
||
|
||
class GithubOrganizationOAuth2FailTest(GithubOAuth2Test): | ||
backend_path = "social_core.backends.github.GithubOrganizationOAuth2" | ||
|
@@ -164,6 +209,11 @@ def test_partial_pipeline(self): | |
with self.assertRaises(AuthFailed): | ||
self.do_partial_pipeline() | ||
|
||
def test_refresh_token(self): | ||
self.strategy.set_settings({"SOCIAL_AUTH_GITHUB_ORG_NAME": "foobar"}) | ||
with self.assertRaises(AuthFailed): | ||
self.do_refresh_token() | ||
|
||
|
||
class GithubTeamOAuth2Test(GithubOAuth2Test): | ||
backend_path = "social_core.backends.github.GithubTeamOAuth2" | ||
|
@@ -181,6 +231,10 @@ def test_partial_pipeline(self): | |
self.strategy.set_settings({"SOCIAL_AUTH_GITHUB_TEAM_ID": "123"}) | ||
self.do_partial_pipeline() | ||
|
||
def test_refresh_token(self): | ||
self.strategy.set_settings({"SOCIAL_AUTH_GITHUB_TEAM_ID": "123"}) | ||
self.do_refresh_token() | ||
|
||
|
||
class GithubTeamOAuth2FailTest(GithubOAuth2Test): | ||
backend_path = "social_core.backends.github.GithubTeamOAuth2" | ||
|
@@ -205,3 +259,8 @@ def test_partial_pipeline(self): | |
self.strategy.set_settings({"SOCIAL_AUTH_GITHUB_TEAM_ID": "123"}) | ||
with self.assertRaises(AuthFailed): | ||
self.do_partial_pipeline() | ||
|
||
def test_refresh_token(self): | ||
self.strategy.set_settings({"SOCIAL_AUTH_GITHUB_TEAM_ID": "123"}) | ||
with self.assertRaises(AuthFailed): | ||
self.do_refresh_token() |