Merge pull request #241 from johngian/pr-233

Move OIDC tokens storing out of get_or_create_user

mozilla_django_oidc/auth.py

@@ -239,14 +239,13 @@ def authenticate(self, **kwargs):
         verified_id = self.verify_token(id_token, nonce=nonce)
 
         if verified_id:
+            self.store_tokens(access_token, id_token)
             return self.get_or_create_user(access_token, id_token, verified_id)
 
         return None
 
-    def get_or_create_user(self, access_token, id_token, verified_id):
-        """Returns a User instance if 1 user is found. Creates a user if not found
-        and configured to do so. Returns nothing if multiple users are matched."""
-
+    def store_tokens(self, access_token, id_token):
+        """Store OIDC tokens."""
         session = self.request.session
 
         if import_from_settings('OIDC_STORE_ACCESS_TOKEN', False):
@@ -255,7 +254,10 @@ def get_or_create_user(self, access_token, id_token, verified_id):
         if import_from_settings('OIDC_STORE_ID_TOKEN', False):
             session['oidc_id_token'] = id_token
 
-        # get userinfo
+    def get_or_create_user(self, access_token, id_token, verified_id):
+        """Returns a User instance if 1 user is found. Creates a user if not found
+        and configured to do so. Returns nothing if multiple users are matched."""
+
         user_info = self.get_userinfo(access_token, id_token, verified_id)
 
         email = user_info.get('email')