fix: avoid raising error when auth_entry is None (#29787)

This commit avoids raising AuthEntryError when auth_entry is None. At some point of the authentication flow, when the auth_entry is missing from the auth URL (eg. auth/login/tpa-saml/?idp=idp), the request session stores auth_entry: None causing this edited line to fail which stops the login from completing.
2022-01-31 15:36:44 -04:00
parent 0aae4a20df
commit 07f88fab4b
2 changed files with 62 additions and 1 deletions
--- a/common/djangoapps/third_party_auth/pipeline.py
+++ b/common/djangoapps/third_party_auth/pipeline.py
@@ -480,7 +480,7 @@ def parse_query_params(strategy, response, *args, **kwargs):
    """Reads whitelisted query params, transforms them into pipeline args."""
    # If auth_entry is not in the session, we got here by a non-standard workflow.
    # We simply assume 'login' in that case.
-    auth_entry = strategy.request.session.get(AUTH_ENTRY_KEY, AUTH_ENTRY_LOGIN)
+    auth_entry = strategy.request.session.get(AUTH_ENTRY_KEY) or AUTH_ENTRY_LOGIN
    if auth_entry not in _AUTH_ENTRY_CHOICES:
        raise AuthEntryError(strategy.request.backend, 'auth_entry invalid')

--- a/common/djangoapps/third_party_auth/tests/test_pipeline_integration.py
+++ b/common/djangoapps/third_party_auth/tests/test_pipeline_integration.py
@@ -594,3 +594,64 @@ class SetIDVerificationStatusTestCase(TestCase):

        # Ensure a verification signal was sent
        assert mock_signal.call_count == 1
+
+
+class ParseQueryParamsPipelineTestCase(TestCase):
+    """Tests to ensure reading queryparams from the auth/login URL works as expected."""
+
+    def setUp(self):
+        super().setUp()
+        self.strategy = mock.MagicMock()
+        self.response = mock.MagicMock()
+
+    def test_login_url_with_auth_entry(self):
+        """
+        Parsing query params with auth entry results in dictionary with the auth entry.
+        """
+        expected_query_params = {
+            "auth_entry": "login",
+        }
+        self.strategy.request.session = expected_query_params
+
+        query_params = pipeline.parse_query_params(self.strategy, self.response)
+
+        self.assertDictEqual(expected_query_params, query_params)
+
+    def test_login_url_with_auth_entry_none(self):
+        """
+        Parsing query params with auth entry equals to None results in dictionary with default auth entry.
+        """
+        expected_query_params = {
+            "auth_entry": "login",
+        }
+        self.strategy.request.session = {
+            "auth_entry": None,
+        }
+
+        query_params = pipeline.parse_query_params(self.strategy, self.response)
+
+        self.assertDictEqual(expected_query_params, query_params)
+
+    def test_login_url_without_auth_entry(self):
+        """
+        Parsing query params without auth entry results in dictionary with default auth entry.
+        """
+        expected_query_params = {
+            "auth_entry": "login",
+        }
+        self.strategy.request.session = {}
+
+        query_params = pipeline.parse_query_params(self.strategy, self.response)
+
+        self.assertDictEqual(expected_query_params, query_params)
+
+    def test_login_url_invalid_auth_entry(self):
+        """
+        Parsing query params with invalid auth entry results in AuthEntryError.
+        """
+        self.strategy.request.session = {
+            "auth_entry": "not-valid",
+        }
+
+        with self.assertRaises(pipeline.AuthEntryError):
+            pipeline.parse_query_params(self.strategy, self.response)