Pull out google login validation into validator class

2017-02-15 15:26:15 -05:00 · 2017-02-15 15:26:15 -05:00 · 49638b081b
commit 49638b081b
parent 620e377faf
3 changed files with 65 additions and 24 deletions
--- a/util/config/validators/test/test_validate_google_login.py
+++ b/util/config/validators/test/test_validate_google_login.py
@ -0,0 +1,37 @@
+import pytest
+
+from httmock import urlmatch, HTTMock
+
+from util.config.validators import ConfigValidationException
+from util.config.validators.validate_google_login import GoogleLoginValidator
+
+@pytest.mark.parametrize('unvalidated_config', [
+  ({}),
+  ({'GOOGLE_LOGIN_CONFIG': {}}),
+  ({'GOOGLE_LOGIN_CONFIG': {'CLIENT_ID': 'foo'}}),
+  ({'GOOGLE_LOGIN_CONFIG': {'CLIENT_SECRET': 'foo'}}),
+])
+def test_validate_invalid_google_login_config(unvalidated_config):
+  validator = GoogleLoginValidator()
+
+  with pytest.raises(ConfigValidationException):
+    validator.validate(unvalidated_config, None, None)
+
+def test_validate_google_login():
+  url_hit = [False]
+  @urlmatch(netloc=r'www.googleapis.com', path='/oauth2/v3/token')
+  def handler(_, __):
+    url_hit[0] = True
+    return {'status_code': 200, 'content': ''}
+
+  validator = GoogleLoginValidator()
+
+  with HTTMock(handler):
+    validator.validate({
+      'GOOGLE_LOGIN_CONFIG': {
+        'CLIENT_ID': 'foo',
+        'CLIENT_SECRET': 'bar',
+      },
+    }, None, None)
+
+  assert url_hit[0]
--- a/util/config/validators/validate_google_login.py
+++ b/util/config/validators/validate_google_login.py
@ -0,0 +1,25 @@
+from app import app
+from oauth.services.google import GoogleOAuthService
+from util.config.validators import BaseValidator, ConfigValidationException
+
+class GoogleLoginValidator(BaseValidator):
+  name = "google-login"
+
+  @classmethod
+  def validate(cls, config, user, user_password):
+    """ Validates the Google Login client ID and secret. """
+    google_login_config = config.get('GOOGLE_LOGIN_CONFIG')
+    if not google_login_config:
+      raise ConfigValidationException('Missing client ID and client secret')
+
+    if not google_login_config.get('CLIENT_ID'):
+      raise ConfigValidationException('Missing Client ID')
+
+    if not google_login_config.get('CLIENT_SECRET'):
+      raise ConfigValidationException('Missing Client Secret')
+
+    client = app.config['HTTPCLIENT']
+    oauth = GoogleOAuthService(config, 'GOOGLE_LOGIN_CONFIG')
+    result = oauth.validate_client_id_and_secret(client, app.config)
+    if not result:
+      raise ConfigValidationException('Invalid client id or client secret')