#369: Update middleware init to configure settings (#372)

* #369: Update middleware init to configure settings - This makes it work in the same was as other classes in the app - It makes overriding how settings are discovered more easy Also updated the overridden settings on the middleware test because the are required for anything accessing the middleware now * Fix linting issue
mozilla · Sep 28, 2020 · 2bd65e2 · 2bd65e2
1 parent 8c6c86b
commit 2bd65e2
Show file tree

Hide file tree

Showing 2 changed files with 33 additions and 25 deletions.
diff --git a/mozilla_django_oidc/middleware.py b/mozilla_django_oidc/middleware.py
@@ -39,6 +39,20 @@ class SessionRefresh(MiddlewareMixin):
 
     """
 
+    def __init__(self, *args, **kwargs):
+        super(SessionRefresh, self).__init__(*args, **kwargs)
+        self.OIDC_EXEMPT_URLS = self.get_settings('OIDC_EXEMPT_URLS', [])
+        self.OIDC_OP_AUTHORIZATION_ENDPOINT = self.get_settings('OIDC_OP_AUTHORIZATION_ENDPOINT')
+        self.OIDC_RP_CLIENT_ID = self.get_settings('OIDC_RP_CLIENT_ID')
+        self.OIDC_STATE_SIZE = self.get_settings('OIDC_STATE_SIZE', 32)
+        self.OIDC_AUTHENTICATION_CALLBACK_URL = self.get_settings(
+            'OIDC_AUTHENTICATION_CALLBACK_URL',
+            'oidc_authentication_callback',
+        )
+        self.OIDC_RP_SCOPES = self.get_settings('OIDC_RP_SCOPES', 'openid email')
+        self.OIDC_USE_NONCE = self.get_settings('OIDC_USE_NONCE', True)
+        self.OIDC_NONCE_SIZE = self.get_settings('OIDC_NONCE_SIZE', 32)
+
     @staticmethod
     def get_settings(attr, *args):
         return import_from_settings(attr, *args)
@@ -55,7 +69,7 @@ def exempt_urls(self):
 
         """
         exempt_urls = []
-        for url in self.get_settings('OIDC_EXEMPT_URLS', []):
+        for url in self.OIDC_EXEMPT_URLS:
             if not isinstance(url, re_Pattern):
                 exempt_urls.append(url)
         exempt_urls.extend([
@@ -80,7 +94,7 @@ def exempt_url_patterns(self):
             ``re.compile(r"/user/[0-9]+/image")``)
         """
         exempt_patterns = set()
-        for url_pattern in self.get_settings('OIDC_EXEMPT_URLS', []):
+        for url_pattern in self.OIDC_EXEMPT_URLS:
             if isinstance(url_pattern, re_Pattern):
                 exempt_patterns.add(url_pattern)
         return exempt_patterns
@@ -122,9 +136,9 @@ def process_request(self, request):
 
         LOGGER.debug('id token has expired')
         # The id_token has expired, so we have to re-authenticate silently.
-        auth_url = self.get_settings('OIDC_OP_AUTHORIZATION_ENDPOINT')
-        client_id = self.get_settings('OIDC_RP_CLIENT_ID')
-        state = get_random_string(self.get_settings('OIDC_STATE_SIZE', 32))
+        auth_url = self.OIDC_OP_AUTHORIZATION_ENDPOINT
+        client_id = self.OIDC_RP_CLIENT_ID
+        state = get_random_string(self.OIDC_STATE_SIZE)
 
         # Build the parameters as if we were doing a real auth handoff, except
         # we also include prompt=none.
@@ -133,16 +147,15 @@ def process_request(self, request):
             'client_id': client_id,
             'redirect_uri': absolutify(
                 request,
-                reverse(self.get_settings('OIDC_AUTHENTICATION_CALLBACK_URL',
-                                          'oidc_authentication_callback'))
+                reverse(self.OIDC_AUTHENTICATION_CALLBACK_URL)
             ),
             'state': state,
-            'scope': self.get_settings('OIDC_RP_SCOPES', 'openid email'),
+            'scope': self.OIDC_RP_SCOPES,
             'prompt': 'none',
         }
 
-        if self.get_settings('OIDC_USE_NONCE', True):
-            nonce = get_random_string(self.get_settings('OIDC_NONCE_SIZE', 32))
+        if self.OIDC_USE_NONCE:
+            nonce = get_random_string(self.OIDC_NONCE_SIZE)
             params.update({
                 'nonce': nonce
             })

diff --git a/tests/test_middleware.py b/tests/test_middleware.py
@@ -27,37 +27,37 @@
 User = get_user_model()
 
 
+@override_settings(OIDC_OP_AUTHORIZATION_ENDPOINT='http://example.com/authorize')
+@override_settings(OIDC_RP_CLIENT_ID='foo')
+@override_settings(OIDC_RENEW_ID_TOKEN_EXPIRY_SECONDS=120)
+@patch('mozilla_django_oidc.middleware.get_random_string')
 class SessionRefreshTokenMiddlewareTestCase(TestCase):
     def setUp(self):
         self.factory = RequestFactory()
         self.middleware = SessionRefresh()
         self.user = User.objects.create_user('example_username')
 
-    def test_anonymous(self):
+    def test_anonymous(self, mock_middleware_random):
         request = self.factory.get('/foo')
         request.session = {}
         request.user = AnonymousUser()
         response = self.middleware.process_request(request)
         self.assertTrue(not response)
 
-    def test_is_oidc_path(self):
+    def test_is_oidc_path(self, mock_middleware_random):
         request = self.factory.get('/oidc/callback/')
         request.user = AnonymousUser()
         request.session = {}
         response = self.middleware.process_request(request)
         self.assertTrue(not response)
 
-    def test_is_POST(self):
+    def test_is_POST(self, mock_middleware_random):
         request = self.factory.post('/foo')
         request.user = AnonymousUser()
         request.session = {}
         response = self.middleware.process_request(request)
         self.assertTrue(not response)
 
-    @override_settings(OIDC_OP_AUTHORIZATION_ENDPOINT='http://example.com/authorize')
-    @override_settings(OIDC_RP_CLIENT_ID='foo')
-    @override_settings(OIDC_RENEW_ID_TOKEN_EXPIRY_SECONDS=120)
-    @patch('mozilla_django_oidc.middleware.get_random_string')
     def test_is_ajax(self, mock_middleware_random):
         mock_middleware_random.return_value = 'examplestring'
 
@@ -88,10 +88,6 @@ def test_is_ajax(self, mock_middleware_random):
         json_payload = json.loads(response.content.decode('utf-8'))
         self.assertEqual(json_payload['refresh_url'], response['refresh_url'])
 
-    @override_settings(OIDC_OP_AUTHORIZATION_ENDPOINT='http://example.com/authorize')
-    @override_settings(OIDC_RP_CLIENT_ID='foo')
-    @override_settings(OIDC_RENEW_ID_TOKEN_EXPIRY_SECONDS=120)
-    @patch('mozilla_django_oidc.middleware.get_random_string')
     def test_no_oidc_token_expiration_forces_renewal(self, mock_middleware_random):
         mock_middleware_random.return_value = 'examplestring'
 
@@ -115,10 +111,6 @@ def test_no_oidc_token_expiration_forces_renewal(self, mock_middleware_random):
         }
         self.assertEqual(expected_query, parse_qs(qs))
 
-    @override_settings(OIDC_OP_AUTHORIZATION_ENDPOINT='http://example.com/authorize')
-    @override_settings(OIDC_RP_CLIENT_ID='foo')
-    @override_settings(OIDC_RENEW_ID_TOKEN_EXPIRY_SECONDS=120)
-    @patch('mozilla_django_oidc.middleware.get_random_string')
     def test_expired_token_forces_renewal(self, mock_middleware_random):
         mock_middleware_random.return_value = 'examplestring'
 
@@ -208,6 +200,9 @@ def login(self, **credentials):
         return ret
 
 
+@override_settings(OIDC_RP_CLIENT_ID='foo')
+@override_settings(OIDC_RENEW_ID_TOKEN_EXPIRY_SECONDS=120)
+@override_settings(OIDC_OP_AUTHORIZATION_ENDPOINT='http://example.com/authorize')
 @override_settings(ROOT_URLCONF='tests.test_middleware')
 @override_middleware
 class MiddlewareTestCase(TestCase):