root

diff -r dd9036263c5c pokersocial/auth.py

--- a/pokersocial/auth.py       Mon Jan 25 16:46:09 2010 +0000

+++ b/pokersocial/auth.py       Fri Jan 29 16:27:58 2010 +0100

     session = request.getSession()

     if info:

         if site.verbose >= 3:

-            site.message("pokersocial: TWISTED " + session.uid + " / serial " + str(serial))

+            site.message("pokersocial: AUTH " + session.auth + " / UID " + session.uid + " / serial " + str(serial))

         #

         # Login if not logged in already

         #

             session.avatar.relogin(serial)

     else:

         if site.verbose >= 3:

-            site.message("pokersocial: TWISTED " + session.uid + " / anonymous")

+            site.message("pokersocial: AUTH " + session.auth + " / UID " + session.uid + " / serial " + str(serial))

         #

         # logout so that the request is processed anonymously

         #

diff -r dd9036263c5c tests/test.py

--- a/tests/test.py     Mon Jan 25 16:46:09 2010 +0000

+++ b/tests/test.py     Fri Jan 29 16:27:58 2010 +0100

 from pokersocial import auth, core

 from pokersocial.core import Pokersocial

 

+class PokerAvatarCollection:

+      def add(self, serial, avatar):

+            pass

+      def remove(self, serial, avatar):

+            pass

+

 class PokerServiceMockup:

 

       def __init__(self):

             self.verbose = 6

             self.dirs = []

             self.serial2client = {}

+            self.avatar_collection = PokerAvatarCollection()

 

       def getPlayerPlaces(self, serial):

             return PacketPokerPlayerPlaces(serial = serial)

       def message(self, string):

             pass

 

+      def packet2resthost(self, packet):

+            return None, None

+

 class Transport:

       def getPeer(self):

             return None

             container['context'] = self.social

             

       def test01_load_true(self):

-            """ before: user is logged, no TWISTED_SESSION

-            after: TWISTED_SESSION exists, users record exists, memcache is logged, session expired

+            """ before: opensocial viewed_id == owner_id, memcache not logged

+            after: users record exists, memcache is logged, new session

             """

             r = pokersite.Request(Channel(self.site), True)

             r.site = r.channel.site

             r.gotLength(len(input))

             r.handleContentChunk(input)

             d = r.notifyFinish()

+            auth = 'aaaa'

+            uid = 'bbbb'

             def finish(result):

                   #

                   # database state

                   # memcache state

                   #

                   session = r.getSession()

-                  self.assertTrue(session.expired)

-                  self.assertSubstring('TWISTED_SESSION', r.cookies[0])

-                  self.assertEquals(self.social.serial, r.site.memcache.get(session.uid))

-                  self.assertEquals(session.uid, r.site.memcache.get(self.social.serial))

+                  self.assertEquals(False, session.expired)

+                  self.assertEquals(self.social.serial, r.site.memcache.get(session.auth))

+                  session.expire()

                   

             d.addCallback(finish)

-            r.requestReceived('GET', '/?xoauth_signature_publickey=http%3A%2F%2Fshindig.opensocial.dachary.org%2Fpublic.cer&opensocial_viewer_id=' + self.social.serial + '&opensocial_owner_id=' + self.social.serial, 'HTTP/1.0')

+            r.requestReceived('GET', '/?xoauth_signature_publickey=http%3A%2F%2Fshindig.opensocial.dachary.org%2Fpublic.cer&opensocial_viewer_id=' + self.social.serial + '&opensocial_owner_id=' + self.social.serial + '&auth=aaaa&uid=bbbb', 'HTTP/1.0')

             return d

 

       def test02_load_false(self):

-            """ before: user is not logged, TWISTED_SESSION exists, memcache is logged, session expired

-            after: TWISTED_SESSION exists, memcache logged out, session expired

+            """ before: opensocial viewer_id != owner_id, memcache is logged

+            after: memcache logged out, new session

             """

             r = pokersite.Request(Channel(self.site), True)

             r.site = r.channel.site

             input = '{"type": "PacketPing"}'

             r.gotLength(len(input))

             r.handleContentChunk(input)

-            sessionCookie = 'aaaa'

-            r.received_cookies['TWISTED_SESSION'] = sessionCookie

-            r.site.memcache.set(sessionCookie, self.social.serial)

-            r.site.memcache.set(self.social.serial, sessionCookie)

+            auth = 'aaaa'

+            uid = 'bbbb'

+            r.site.memcache.set(auth, self.social.serial)

             d = r.notifyFinish()

             def finish(result):

                   self.assertSubstring('\r\n\r\n[]', r.transport.getvalue())

-                  self.assertEquals('0', r.site.memcache.get(sessionCookie))

-                  self.assertEquals(None, r.site.memcache.get(self.social.serial))

+                  self.assertEquals('0', r.site.memcache.get(auth))

+                  session = r.getSession()

+                  self.assertEquals(False, session.expired)

+                  session.expire()

             d.addCallback(finish)

-            r.requestReceived('GET', '/?xoauth_signature_publickey=http%3A%2F%2Fshindig.opensocial.dachary.org%2Fpublic.cer&opensocial_viewer_id=0&opensocial_owner_id=' + self.social.serial, 'HTTP/1.0')

+            r.requestReceived('GET', '/?xoauth_signature_publickey=http%3A%2F%2Fshindig.opensocial.dachary.org%2Fpublic.cer&opensocial_viewer_id=0&opensocial_owner_id=' + self.social.serial + '&auth=aaaa&uid=bbbb', 'HTTP/1.0')

             return d

 

       def test03_opensocial_owner_id_unset(self):

             container['context'] = self.social

             self.container = container

 

-      def createRequest(self, owner_id = '20', twisted_session = 'twisted_session'):

-            if twisted_session:

-                  self.site.memcache.set(twisted_session, '0')

+      def createRequest(self, owner_id = '20'):

             r = pokersite.Request(Channel(self.site), True)

             r.site = r.channel.site

             def process():

             input = '{"type": "PacketPing"}'

             r.gotLength(len(input))

             r.handleContentChunk(input)

-            if twisted_session:

-                  r.received_cookies['TWISTED_SESSION'] = twisted_session

             if owner_id == '':

                   viewer_id = '0'

                   owner_id = '20'

             else:

                   viewer_id = owner_id

-            r.requestReceived('GET', '/?xoauth_signature_publickey=http%3A%2F%2Fshindig.opensocial.dachary.org%2Fpublic.cer&opensocial_viewer_id=' + viewer_id + '&opensocial_owner_id=' + owner_id, 'HTTP/1.0')

+            r.requestReceived('GET', '/?xoauth_signature_publickey=http%3A%2F%2Fshindig.opensocial.dachary.org%2Fpublic.cer&opensocial_viewer_id=' + viewer_id + '&opensocial_owner_id=' + owner_id + '&auth=auth_hash&uid=uid_hash', 'HTTP/1.0')

             return r

 

       def test01_duplicate_name(self):

             """ It is ok to have the same name with different serials

             """

             serial = '10'

+            self.site.memcache.set('auth_hash', 10)

             auth.update_session(self.site, self.createRequest(serial)).expire()

             other_serial = '20'

+            self.site.memcache.set('auth_hash', 20)

             auth.update_session(self.site, self.createRequest(other_serial)).expire()

             cursor = self.service.db.cursor(DictCursor)

             cursor.execute("SELECT name FROM users WHERE serial = %s", serial)

             """ create user in the database and memcache session, based on a opensocial_owner_id

             """

             serial = '20'

-            r = self.createRequest(owner_id = serial, twisted_session = None)

+            r = self.createRequest(owner_id = serial)

+            self.site.memcache.set('auth_hash', serial)

             user_info = Pokersocial.importUser(self.service, self.container, int(serial))

             signature = md5.new(str(user_info)).hexdigest()

             session = auth.update_session(self.site, r)

             #

             # memcache state

             #

-            self.assertSubstring('TWISTED_SESSION', r.cookies[0])

-            self.assertEquals(serial, self.site.memcache.get(session.uid))

-            self.assertEquals(session.uid, self.site.memcache.get(serial))

+            self.assertEquals(serial, self.site.memcache.get(session.auth))

             session.expire()

 

       def test04_relogin_same_user(self):

             """ a user already logged in is confirmed

             """

             serial = '30'

-            r = self.createRequest(owner_id = serial, twisted_session = None)

+            r = self.createRequest(owner_id = serial)

+            self.site.memcache.set('auth_hash', serial)

             r.getSession().avatar.relogin(int(serial))

             session = auth.update_session(self.site, r)

             self.assertTrue(hasattr(r, 'pokersocial_same_user'))

             """ a user already logged and memcache session says serial changed

             """

             serial = '30'

-            r = self.createRequest(owner_id = serial, twisted_session = None)

+            r = self.createRequest(owner_id = serial)

+            self.site.memcache.set('auth_hash', int(serial)+1)

             r.getSession().avatar.relogin(int(serial) + 1)

             session = auth.update_session(self.site, r)

             self.assertEquals(int(serial), r.getSession().avatar.getSerial())

             r = self.createRequest(owner_id = '')

             session = r.getSession()

             session.avatar.relogin(5)

+            self.site.memcache.set('auth_hash', 5)

             self.assertTrue(session.avatar.isLogged())

             auth.update_session(self.site, r)

             self.assertFalse(session.avatar.isLogged())