Skip to content

Commit

Permalink
commit(test): Add test for enterprise SAML authentication MFE redirec…
Browse files Browse the repository at this point in the history 
…tion logic

This test validates the conditional redirection to the authentication
microfrontend (MFE) for enterprise and SAML authentication scenarios.

The test covers different combinations of:
- Enterprise customer presence
- Third-party authentication provider
- SAML provider status
- Redirection setting

Ensures that enterprise customers with SAML providers are not redirected
to the authentication MFE, while other scenarios follow the standard
redirection rules.
  • Loading branch information
@leoaulasneo98
leoaulasneo98 committed Jan 30, 2025
1 parent 75196ac commit d00ae85
Showing 1 changed file with 74 additions and 0 deletions.
74 changes: 74 additions & 0 deletions openedx/core/djangoapps/user_authn/views/tests/test_logistration.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -648,6 +648,80 @@ def test_browser_language_dialent(self):

assert response['Content-Language'] == 'es-es'

@ddt.data(
(None, None, None, True),
({
'name': 'Test Enterprise',
'uuid': 'test-uuid'
}, None, None, True),
({
'name': 'Test Enterprise',
'uuid': 'test-uuid'
}, 'test-provider', None, True),
({
'name': 'Test Enterprise',
'uuid': 'test-uuid'
}, 'test-provider', True, False),
)
@ddt.unpack
@override_settings(FEATURES=FEATURES_WITH_AUTHN_MFE_ENABLED)
def test_enterprise_saml_redirection(self, enterprise_customer_data, provider_id, is_saml, should_redirect):
"""
Test that authentication MFE redirection respects the enterprise + SAML provider conditions.
In particular, verify that if we have an enterprise customer with a SAML-based tpa_hint_provider,
we do NOT redirect to the MFE, but handle the request in LMS. All other combinations should
redirect to the MFE when it's enabled.
"""
if provider_id and is_saml:
self.enable_saml()
self._configure_testshib_provider('TestShib', provider_id)

with mock.patch(
'openedx.core.djangoapps.user_authn.views.login_form.enterprise_customer_for_request') as mock_ec, \
mock.patch(
'openedx.core.djangoapps.user_authn.views.login_form.should_redirect_to_authn_microfrontend') as mock_should_redirect, \
mock.patch(
'openedx.core.djangoapps.user_authn.views.login_form.third_party_auth.utils.is_saml_provider') as mock_is_saml:

mock_ec.return_value = enterprise_customer_data
mock_should_redirect.return_value = should_redirect
mock_is_saml.return_value = (True, None) if is_saml else (False, None)

params = {}
if provider_id:
params['tpa_hint'] = provider_id

if provider_id and is_saml:
pipeline_target = 'openedx.core.djangoapps.user_authn.views.login_form.third_party_auth.pipeline'
with mock.patch(pipeline_target + '.get') as mock_pipeline:
pipeline_data = {
'backend': 'tpa-saml',
'kwargs': {
'response': {
'idp_name': provider_id
},
'details': {
'email': '[email protected]',
'fullname': 'Test User',
'username': 'testuser'
}
}
}
mock_pipeline.return_value = pipeline_data
response = self.client.get(reverse('signin_user'), params)
else:
response = self.client.get(reverse('signin_user'), params)

if should_redirect:
self.assertRedirects(
response,
settings.AUTHN_MICROFRONTEND_URL + '/login' +
('?' + urlencode(params) if params else ''),
fetch_redirect_response=False
)
else:
self.assertEqual(response.status_code, 200)


@skip_unless_lms
class AccountCreationTestCaseWithSiteOverrides(SiteMixin, TestCase):
Expand Down

0 comments on commit d00ae85

Please sign in to comment.