From ee444ed67faf89b9f55cba8cbefa33cc55df183c Mon Sep 17 00:00:00 2001 From: Braden MacDonald Date: Tue, 29 Mar 2016 14:16:03 -0700 Subject: [PATCH] Enable Azure AD third party auth provider by default --- .../tests/specs/test_azuread.py | 46 +++++++++++++++++++ .../third_party_auth/tests/testutil.py | 10 ++++ lms/envs/aws.py | 1 + lms/envs/test.py | 1 + 4 files changed, 58 insertions(+) create mode 100644 common/djangoapps/third_party_auth/tests/specs/test_azuread.py diff --git a/common/djangoapps/third_party_auth/tests/specs/test_azuread.py b/common/djangoapps/third_party_auth/tests/specs/test_azuread.py new file mode 100644 index 0000000000..680983250a --- /dev/null +++ b/common/djangoapps/third_party_auth/tests/specs/test_azuread.py @@ -0,0 +1,46 @@ +"""Integration tests for Azure Active Directory / Microsoft Account provider.""" + +from third_party_auth.tests.specs import base + + +# pylint: disable=test-inherits-tests +class AzureADOauth2IntegrationTest(base.Oauth2IntegrationTest): + """Integration tests for Azure Active Directory / Microsoft Account provider.""" + + def setUp(self): + super(AzureADOauth2IntegrationTest, self).setUp() + self.provider = self.configure_azure_ad_provider( + enabled=True, + key='azure_ad_oauth2_key', + secret='azure_ad_oauth2_secret', + ) + + TOKEN_RESPONSE_DATA = { + 'exp': 1234590302, + 'nbf': 1234586402, + 'iat': 1234586402, + 'expires_on': '1234590302', + 'ver': '1.0', + 'access_token': 'access_token_value', + 'expires_in': '3599', + 'id_token': 'id_token_value', + 'token_type': 'Bearer', + 'refresh_token': 'REFRESH1234567890', + 'iss': 'https://sts.windows.net/abcdefgh-1234-5678-900a-0aa0a00aa0aa/', + 'ipaddr': '123.123.123.123', + } + USER_RESPONSE_DATA = { + 'oid': 'abcdefgh-1234-5678-900a-0aa0a00aa0aa', + 'aud': 'abcdefgh-1234-5678-900a-0aa0a00aa0aa', + 'tid': 'abcdefgh-1234-5678-900a-0aa0a00aa0aa', + 'amr': ['pwd'], + 'unique_name': 'email_value@example.com', + 'upn': 'email_value@example.com', + 'family_name': 'family_name_value', + 'name': 'name_value', + 'given_name': 'given_name_value', + 'sub': 'aBC_ab12345678h94CSgP1lTYJCHATGQDAcfg8jSOck', + } + + def get_username(self): + return self.get_response_data().get('name') diff --git a/common/djangoapps/third_party_auth/tests/testutil.py b/common/djangoapps/third_party_auth/tests/testutil.py index 36ac1c698c..97b45ea0a9 100644 --- a/common/djangoapps/third_party_auth/tests/testutil.py +++ b/common/djangoapps/third_party_auth/tests/testutil.py @@ -112,6 +112,16 @@ class ThirdPartyAuthTestMixin(object): kwargs.setdefault("secret", "test") return cls.configure_oauth_provider(**kwargs) + @classmethod + def configure_azure_ad_provider(cls, **kwargs): + """ Update the settings for the Azure AD third party auth provider/backend """ + kwargs.setdefault("name", "Azure AD") + kwargs.setdefault("backend_name", "azuread-oauth2") + kwargs.setdefault("icon_class", "fa-azuread") + kwargs.setdefault("key", "test") + kwargs.setdefault("secret", "test") + return cls.configure_oauth_provider(**kwargs) + @classmethod def configure_twitter_provider(cls, **kwargs): """ Update the settings for the Twitter third party auth provider/backend """ diff --git a/lms/envs/aws.py b/lms/envs/aws.py index 8727c445b1..74d8f59a7e 100644 --- a/lms/envs/aws.py +++ b/lms/envs/aws.py @@ -576,6 +576,7 @@ if FEATURES.get('ENABLE_THIRD_PARTY_AUTH'): 'social.backends.google.GoogleOAuth2', 'social.backends.linkedin.LinkedinOAuth2', 'social.backends.facebook.FacebookOAuth2', + 'social.backends.azuread.AzureADOAuth2', 'third_party_auth.saml.SAMLAuthBackend', 'third_party_auth.lti.LTIAuthBackend', ]) + list(AUTHENTICATION_BACKENDS) diff --git a/lms/envs/test.py b/lms/envs/test.py index 886cc1ec4e..69ce227544 100644 --- a/lms/envs/test.py +++ b/lms/envs/test.py @@ -265,6 +265,7 @@ AUTHENTICATION_BACKENDS = ( 'social.backends.google.GoogleOAuth2', 'social.backends.linkedin.LinkedinOAuth2', 'social.backends.facebook.FacebookOAuth2', + 'social.backends.azuread.AzureADOAuth2', 'social.backends.twitter.TwitterOAuth', 'third_party_auth.dummy.DummyBackend', 'third_party_auth.saml.SAMLAuthBackend',