Handle user creation.

akatsoulas · akatsoulas · commit 9f97309a9973 · 2016-11-01T18:23:42.000+02:00
* Use a default username algo.
* Allow users to override the algo through settings.
diff --git a/mozilla_django_oidc/auth.py b/mozilla_django_oidc/auth.py
@@ -1,18 +1,37 @@
 import base64
+import hashlib
 import jwt
+import logging
 import requests
 
 try:
     from urllib import urlencode
 except ImportError:
     from urllib.parse import urlencode
 
+try:
+    from django.utils.encoding import smart_bytes
+except ImportError:
+    from django.utils.encoding import smart_str as smart_bytes
 from django.contrib.auth import get_user_model
 from django.core.urlresolvers import reverse
 
 from mozilla_django_oidc.utils import absolutify, import_from_settings
 
 
+LOGGER = logging.getLogger(__name__)
+
+
+def default_username_algo(email):
+    # bluntly stolen from django-browserid
+    # store the username as a base64 encoded sha224 of the email address
+    # this protects against data leakage because usernames are often
+    # treated as public identifiers (so we can't use the email address).
+    return base64.urlsafe_b64encode(
+        hashlib.sha224(smart_bytes(email)).digest()
+    ).rstrip(b'=')
+
+
 class OIDCAuthenticationBackend(object):
     """Override Django's authentication."""
 
@@ -25,6 +44,20 @@ def __init__(self, *args, **kwargs):
 
         self.UserModel = get_user_model()
 
+    def create_user(self, email, **kwargs):
+        """Return object for a newly created user account."""
+        # bluntly stolen from django-browserid
+        # https://github.com/mozilla/django-browserid/blob/master/django_browserid/auth.py
+
+        username_algo = import_from_settings('OIDC_USERNAME_ALGO', None)
+
+        if username_algo:
+            username = username_algo(email)
+        else:
+            username = default_username_algo(email)
+
+        return self.UserModel.objects.create_user(username, email)
+
     def verify_token(self, token, **kwargs):
         """Validate the token signature."""
 
@@ -68,12 +101,28 @@ def authenticate(self, code=None, state=None):
             user_response = requests.get('{url}?{query}'.format(url=self.OIDC_OP_USER_ENDPOINT,
                                                                 query=query))
             user_info = user_response.json()
+            email = user_info.get('email')
+            if not email:
+                return None
 
+            create_user = False
             try:
-                return self.UserModel.objects.get(email=user_info['email'])
+                return self.UserModel.objects.get(email=email)
+            except self.UserModel.MultipleObjectsReturned:
+                # In the rare case that two user accounts have the same email address,
+                # log and bail. Randomly selecting one seems really wrong.
+                LOGGER.warn('Multiple users with email address %s.', email)
+                return None
             except self.UserModel.DoesNotExist:
-                return self.UserModel.objects.create_user(username=user_info['nickname'],
-                                                          email=user_info['email'])
+                create_user = import_from_settings('OIDC_CREATE_USER', True)
+
+            if create_user:
+                user = self.create_user(email)
+                return user
+            else:
+                LOGGER.debug('Login failed: No user with email %s found, and '
+                             'OIDC_CREATE_USER is False', email)
+                return None
         return None
 
     def get_user(self, user_id):
diff --git a/mozilla_django_oidc/utils.py b/mozilla_django_oidc/utils.py
@@ -7,16 +7,16 @@
 from django.core.exceptions import ImproperlyConfigured
 
 
-def import_from_settings(attr, default_val=None):
+def import_from_settings(attr, *args):
     """
     Load an attribute from the django settings.
 
     :raises:
         ImproperlyConfigured
     """
     try:
-        if default_val is not None:
-            return getattr(settings, attr, default_val)
+        if args:
+            return getattr(settings, attr, args[0])
         return getattr(settings, attr)
     except AttributeError:
         raise ImproperlyConfigured('Setting {0} not found'.format(attr))
diff --git a/runtests.py b/runtests.py
@@ -22,6 +22,7 @@
         SITE_ID=1,
         SITE_URL='http://example.com',
         MIDDLEWARE_CLASSES=(),
+        OIDC_USERNAME_ALGO=None
     )
 
     try:
diff --git a/tests/test_auth.py b/tests/test_auth.py
@@ -1,5 +1,6 @@
 from mock import Mock, call, patch
 
+from django.conf import settings
 from django.contrib.auth import get_user_model
 from django.test import TestCase, override_settings
 
@@ -88,12 +89,14 @@ def test_successful_authentication_existing_user(self, token_mock, request_mock)
             'https://server.example.com/user?access_token=access_granted'
         )
 
+    @patch.object(settings, 'OIDC_USERNAME_ALGO')
     @patch('mozilla_django_oidc.auth.requests')
     @patch('mozilla_django_oidc.auth.OIDCAuthenticationBackend.verify_token')
     @override_settings(SITE_URL='http://site-url.com')
-    def test_successful_authentication_new_user(self, token_mock, request_mock):
+    def test_successful_authentication_new_user(self, token_mock, request_mock, algo_mock):
         """Test successful authentication and user creation."""
 
+        algo_mock.return_value = 'username_algo'
         token_mock.return_value = True
         get_json_mock = Mock()
         get_json_mock.json.return_value = {
@@ -119,7 +122,7 @@ def test_successful_authentication_new_user(self, token_mock, request_mock):
         self.assertEqual(User.objects.all().count(), 1)
         user = User.objects.all()[0]
         self.assertEquals(user.email, 'email@example.com')
-        self.assertEquals(user.username, 'a_username')
+        self.assertEquals(user.username, 'username_algo')
 
         token_mock.assert_called_once_with('id_token')
         request_mock.post.assert_called_once_with('https://server.example.com/token',
@@ -189,3 +192,92 @@ def test_jwt_decode_params_verify_false(self, request_mock, jwt_mock):
 
         self.backend.authenticate(code='foo', state='bar')
         jwt_mock.decode.assert_has_calls(calls)
+
+    @override_settings(OIDC_CREATE_USER=False)
+    @patch('mozilla_django_oidc.auth.jwt')
+    @patch('mozilla_django_oidc.auth.requests')
+    def test_create_user_disabled(self, request_mock, jwt_mock):
+        """Test with user creation disabled and no user found."""
+
+        jwt_mock.return_value = True
+        get_json_mock = Mock()
+        get_json_mock.json.return_value = {
+            'nickname': 'a_username',
+            'email': 'email@example.com'
+        }
+        request_mock.get.return_value = get_json_mock
+        post_json_mock = Mock()
+        post_json_mock.json.return_value = {
+            'id_token': 'id_token',
+            'access_token': 'access_granted'
+        }
+        request_mock.post.return_value = post_json_mock
+        self.assertEqual(self.backend.authenticate(code='foo', state='bar'), None)
+
+    @patch('mozilla_django_oidc.auth.jwt')
+    @patch('mozilla_django_oidc.auth.requests')
+    def test_create_user_enabled(self, request_mock, jwt_mock):
+        """Test with user creation enabled and no user found."""
+
+        self.assertEqual(User.objects.filter(email='email@example.com').exists(), False)
+        jwt_mock.return_value = True
+        get_json_mock = Mock()
+        get_json_mock.json.return_value = {
+            'nickname': 'a_username',
+            'email': 'email@example.com'
+        }
+        request_mock.get.return_value = get_json_mock
+        post_json_mock = Mock()
+        post_json_mock.json.return_value = {
+            'id_token': 'id_token',
+            'access_token': 'access_granted'
+        }
+        request_mock.post.return_value = post_json_mock
+        self.assertEqual(self.backend.authenticate(code='foo', state='bar'),
+                         User.objects.get(email='email@example.com'))
+
+    @patch.object(settings, 'OIDC_USERNAME_ALGO')
+    @patch('mozilla_django_oidc.auth.jwt')
+    @patch('mozilla_django_oidc.auth.requests')
+    def test_custom_username_algo(self, request_mock, jwt_mock, algo_mock):
+        """Test user creation with custom username algorithm."""
+
+        self.assertEqual(User.objects.filter(email='email@example.com').exists(), False)
+        algo_mock.return_value = 'username_algo'
+        jwt_mock.return_value = True
+        get_json_mock = Mock()
+        get_json_mock.json.return_value = {
+            'nickname': 'a_username',
+            'email': 'email@example.com'
+        }
+        request_mock.get.return_value = get_json_mock
+        post_json_mock = Mock()
+        post_json_mock.json.return_value = {
+            'id_token': 'id_token',
+            'access_token': 'access_granted'
+        }
+        request_mock.post.return_value = post_json_mock
+        self.assertEqual(self.backend.authenticate(code='foo', state='bar'),
+                         User.objects.get(username='username_algo'))
+
+    @patch('mozilla_django_oidc.auth.jwt')
+    @patch('mozilla_django_oidc.auth.requests')
+    def test_duplicate_emails(self, request_mock, jwt_mock):
+        """Test auth with two users having the same email."""
+
+        User.objects.create(username='user1', email='email@example.com')
+        User.objects.create(username='user2', email='email@example.com')
+        jwt_mock.return_value = True
+        get_json_mock = Mock()
+        get_json_mock.json.return_value = {
+            'nickname': 'a_username',
+            'email': 'email@example.com'
+        }
+        request_mock.get.return_value = get_json_mock
+        post_json_mock = Mock()
+        post_json_mock.json.return_value = {
+            'id_token': 'id_token',
+            'access_token': 'access_granted'
+        }
+        request_mock.post.return_value = post_json_mock
+        self.assertEqual(self.backend.authenticate(code='foo', state='bar'), None)

Original file line number	Diff line number	Diff line change
`@@ -22,6 +22,7 @@`
`22`	`22`	`SITE_ID=1,`
`23`	`23`	`SITE_URL='http://example.com',`
`24`	`24`	`MIDDLEWARE_CLASSES=(),`
	`25`	`+ OIDC_USERNAME_ALGO=None`
`25`	`26`	`)`
`26`	`27`
`27`	`28`	`try:`