Multiple fixes

* Absolutify redirect_uri
* Fix typo in token endpoint POST request.
* Fix typo in token_payload `grant_type`.
* Fix `default_val` check in `import_from_settings`.
* Use correct claim names on user get/create

Author: johngian

mozilla_django_oidc/auth.py

@@ -10,7 +10,7 @@
 from django.contrib.auth import get_user_model
 from django.core.urlresolvers import reverse
 
-from mozilla_django_oidc.utils import import_from_settings
+from mozilla_django_oidc.utils import absolutify, import_from_settings
 
 
 class OIDCAuthenticationBackend(object):
@@ -48,9 +48,9 @@ def authenticate(self, code=None, state=None):
         token_payload = {
             'client_id': self.OIDC_OP_CLIENT_ID,
             'client_secret': self.OIDC_OP_CLIENT_SECRET,
-            'grand_type': 'authorization_code',
+            'grant_type': 'authorization_code',
             'code': code,
-            'redirect_url': reverse('oidc_authentication_callback')
+            'redirect_uri': absolutify(reverse('oidc_authentication_callback'))
         }
 
         # Get the token
@@ -70,10 +70,10 @@ def authenticate(self, code=None, state=None):
             user_info = user_response.json()
 
             try:
-                return self.UserModel.objects.get(email=user_info['verified_email'])
+                return self.UserModel.objects.get(email=user_info['email'])
             except self.UserModel.DoesNotExist:
-                return self.UserModel.objects.create_user(username=user_info['username'],
-                                                          email=user_info['verified_email'])
+                return self.UserModel.objects.create_user(username=user_info['nickname'],
+                                                          email=user_info['email'])
         return None
 
     def get_user(self, user_id):

mozilla_django_oidc/utils.py

@@ -1,3 +1,8 @@
+try:
+    from urlparse import urljoin
+except ImportError:
+    from urllib.parse import urljoin
+
 from django.conf import settings
 from django.core.exceptions import ImproperlyConfigured
 
@@ -10,8 +15,15 @@ def import_from_settings(attr, default_val=None):
         ImproperlyConfigured
     """
     try:
-        if default_val:
+        if default_val is not None:
             return getattr(settings, attr, default_val)
         return getattr(settings, attr)
     except AttributeError:
         raise ImproperlyConfigured('Setting {0} not found'.format(attr))
+
+
+def absolutify(path):
+    """Return the absolute URL of url_path."""
+
+    site_url = import_from_settings('SITE_URL')
+    return urljoin(site_url, path)

runtests.py

@@ -20,6 +20,7 @@
             'mozilla_django_oidc',
         ],
         SITE_ID=1,
+        SITE_URL='http://example.com',
         MIDDLEWARE_CLASSES=(),
     )
 

tests/test_auth.py

@@ -1,7 +1,6 @@
 from mock import Mock, call, patch
 
 from django.contrib.auth import get_user_model
-from django.core.urlresolvers import reverse
 from django.test import TestCase, override_settings
 
 from mozilla_django_oidc.auth import OIDCAuthenticationBackend
@@ -28,8 +27,8 @@ def test_invalid_token(self, request_mock, token_mock):
         token_mock.return_value = None
         get_json_mock = Mock()
         get_json_mock.json.return_value = {
-            'username': 'username',
-            'verified_email': '[email protected]'
+            'nickname': 'username',
+            'email': '[email protected]'
         }
         request_mock.get.return_value = get_json_mock
         post_json_mock = Mock()
@@ -53,6 +52,7 @@ def test_get_invalid_user(self):
 
     @patch('mozilla_django_oidc.auth.requests')
     @patch('mozilla_django_oidc.auth.OIDCAuthenticationBackend.verify_token')
+    @override_settings(SITE_URL='http://site-url.com')
     def test_successful_authentication_existing_user(self, token_mock, request_mock):
         """Test successful authentication for existing user."""
 
@@ -61,8 +61,8 @@ def test_successful_authentication_existing_user(self, token_mock, request_mock)
         token_mock.return_value = True
         get_json_mock = Mock()
         get_json_mock.json.return_value = {
-            'username': 'a_username',
-            'verified_email': '[email protected]'
+            'nickname': 'a_username',
+            'email': '[email protected]'
         }
         request_mock.get.return_value = get_json_mock
         post_json_mock = Mock()
@@ -75,9 +75,9 @@ def test_successful_authentication_existing_user(self, token_mock, request_mock)
         post_data = {
             'client_id': 'example_id',
             'client_secret': 'example_secret',
-            'grand_type': 'authorization_code',
+            'grant_type': 'authorization_code',
             'code': 'foo',
-            'redirect_url': reverse('oidc_authentication_callback')
+            'redirect_uri': 'http://site-url.com/oidc/authentication_callback/'
         }
         self.assertEqual(self.backend.authenticate(code='foo', state='bar'), user)
         token_mock.assert_called_once_with('id_token')
@@ -90,14 +90,15 @@ def test_successful_authentication_existing_user(self, token_mock, request_mock)
 
     @patch('mozilla_django_oidc.auth.requests')
     @patch('mozilla_django_oidc.auth.OIDCAuthenticationBackend.verify_token')
+    @override_settings(SITE_URL='http://site-url.com')
     def test_successful_authentication_new_user(self, token_mock, request_mock):
         """Test successful authentication and user creation."""
 
         token_mock.return_value = True
         get_json_mock = Mock()
         get_json_mock.json.return_value = {
-            'username': 'a_username',
-            'verified_email': '[email protected]'
+            'nickname': 'a_username',
+            'email': '[email protected]'
         }
         request_mock.get.return_value = get_json_mock
         post_json_mock = Mock()
@@ -109,9 +110,9 @@ def test_successful_authentication_new_user(self, token_mock, request_mock):
         post_data = {
             'client_id': 'example_id',
             'client_secret': 'example_secret',
-            'grand_type': 'authorization_code',
+            'grant_type': 'authorization_code',
             'code': 'foo',
-            'redirect_url': reverse('oidc_authentication_callback')
+            'redirect_uri': 'http://site-url.com/oidc/authentication_callback/',
         }
         self.assertEqual(User.objects.all().count(), 0)
         self.backend.authenticate(code='foo', state='bar')
@@ -143,8 +144,8 @@ def test_jwt_decode_params(self, request_mock, jwt_mock):
         }
         get_json_mock = Mock()
         get_json_mock.json.return_value = {
-            'username': 'username',
-            'verified_email': '[email protected]'
+            'nickname': 'username',
+            'email': '[email protected]'
         }
         request_mock.get.return_value = get_json_mock
         post_json_mock = Mock()
@@ -171,8 +172,8 @@ def test_jwt_decode_params_verify_false(self, request_mock, jwt_mock):
         }
         get_json_mock = Mock()
         get_json_mock.json.return_value = {
-            'username': 'username',
-            'verified_email': '[email protected]'
+            'nickname': 'username',
+            'email': '[email protected]'
         }
         request_mock.get.return_value = get_json_mock
         post_json_mock = Mock()

tests/test_utils.py

@@ -1,7 +1,7 @@
 from django.core.exceptions import ImproperlyConfigured
 from django.test import TestCase, override_settings
 
-from mozilla_django_oidc.utils import import_from_settings
+from mozilla_django_oidc.utils import absolutify, import_from_settings
 
 
 class SettingImportTestCase(TestCase):
@@ -18,3 +18,10 @@ def test_attr_nonexisting_no_default_value(self):
     def test_attr_nonexisting_default_value(self):
         s = import_from_settings('EXAMPLE_VARIABLE', 'example_default')
         self.assertEqual(s, 'example_default')
+
+
+class AbsolutifyTestCase(TestCase):
+    @override_settings(SITE_URL='http://site-url.com')
+    def test_absolutify(self):
+        url = absolutify('/foo/bar')
+        self.assertEqual(url, 'http://site-url.com/foo/bar')