build(deps): bump django-allauth from 0.54.0 to 0.60.1 (#11908)

* build(deps): bump django-allauth from 0.54.0 to 0.60.1 Bumps [django-allauth](https://github.com/pennersr/django-allauth) from 0.54.0 to 0.60.1. - [Changelog](https://github.com/pennersr/django-allauth/blob/main/ChangeLog.rst) - [Commits](pennersr/django-allauth@0.54.0...0.60.1) --- updated-dependencies: - dependency-name: django-allauth dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * - Align setup.cfg to requirements.txt * - allauth.account.middleware.AccountMiddleware must be added to settings.MIDDLEWARE * - fix def get_provider(self, request, provider) override issue * - fix def get_provider(self, request, provider) override issue * - fix socialaccount testcases * - fix build --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: afabiani <alessio.fabiani@geosolutionsgroup.com>
GeoNode · Feb 1, 2024 · c7c4dfb · c7c4dfb
1 parent f8ca029
commit c7c4dfb
Show file tree

Hide file tree

Showing 5 changed files with 107 additions and 4 deletions.
diff --git a/geonode/people/adapters.py b/geonode/people/adapters.py
@@ -43,7 +43,7 @@
 from django.http import HttpResponseRedirect
 from django.core.exceptions import ValidationError
 from django.utils.module_loading import import_string
-
+from django.core.exceptions import ImproperlyConfigured
 from geonode.groups.models import GroupProfile
 
 logger = logging.getLogger(__name__)
@@ -257,6 +257,30 @@ class GenericOpenIDConnectAdapter(OAuth2Adapter, SocialAccountAdapter):
     profile_url = PROFILE_URL
     id_token_issuer = ID_TOKEN_ISSUER
 
+    def get_provider(self, request=None, provider=None):
+        """Looks up a `provider`, supporting subproviders by looking up by
+        `provider_id`.
+        """
+        from allauth.socialaccount.providers import registry
+
+        request = request or self.request
+        provider = provider or self.provider_id
+        provider_class = registry.get_class(provider)
+        if provider_class is None or provider_class.uses_apps:
+            app = self.get_app(request, provider=provider)
+            if not provider_class:
+                # In this case, the `provider` argument passed was a
+                # `provider_id`.
+                provider_class = registry.get_class(app.provider)
+            if not provider_class:
+                raise ImproperlyConfigured(f"unknown provider: {app.provider}")
+            return provider_class(request, app=app)
+        elif provider_class:
+            assert not provider_class.uses_apps
+            return provider_class(request, app=None)
+        else:
+            raise ImproperlyConfigured(f"unknown provider: {app.provider}")
+
     def complete_login(self, request, app, token, response, **kwargs):
         extra_data = {}
         if self.profile_url:

diff --git a/geonode/people/socialaccount/providers/geonode_openid_connect/tests.py b/geonode/people/socialaccount/providers/geonode_openid_connect/tests.py
@@ -19,8 +19,10 @@
 from __future__ import absolute_import, unicode_literals
 
 import json
+import pytest
 from datetime import datetime, timedelta
 from importlib import import_module
+from unittest.mock import Mock, patch
 
 from django.conf import settings
 from django.core import mail
@@ -31,20 +33,54 @@
 
 from allauth.account import app_settings as account_settings
 from allauth.account.adapter import get_adapter
+from allauth.socialaccount.models import SocialAccount
 from allauth.account.models import EmailAddress, EmailConfirmation
 from allauth.account.signals import user_signed_up
 
 # from allauth.socialaccount.models import SocialAccount
 from allauth.socialaccount.providers.apple.client import jwt_encode
 from allauth.socialaccount.tests import OAuth2TestsMixin
-from allauth.tests import TestCase
+from allauth.tests import TestCase, mocked_response
+
+
+@pytest.fixture
+def settings_with_google_provider(settings):
+    settings.SOCIALACCOUNT_PROVIDERS = {
+        "geonode_openid_connect": {
+            "APP": {
+                "client_id": "app123id",
+                "key": "google",
+                "secret": "dummy",
+            }
+        }
+    }
+    return settings
 
 
 @override_settings(
     SOCIALACCOUNT_OIDC_PROVIDER_ENABLED=True,
     SOCIALACCOUNT_AUTO_SIGNUP=True,
     ACCOUNT_SIGNUP_FORM_CLASS=None,
     ACCOUNT_EMAIL_VERIFICATION=account_settings.EmailVerificationMethod.MANDATORY,
+    SOCIALACCOUNT_PROVIDERS={
+        "geonode_openid_connect": {
+            "NAME": "Google",
+            "SCOPE": [
+                "profile",
+                "email",
+            ],
+            "AUTH_PARAMS": {
+                "access_type": "online",
+                "prompt": "select_account consent",
+            },
+            "COMMON_FIELDS": {"email": "email", "last_name": "family_name", "first_name": "given_name"},
+            "ACCOUNT_CLASS": "allauth.socialaccount.providers.google.provider.GoogleAccount",
+            "ACCESS_TOKEN_URL": "https://oauth2.googleapis.com/token",
+            "AUTHORIZE_URL": "https://accounts.google.com/o/oauth2/v2/auth",
+            "ID_TOKEN_ISSUER": "https://accounts.google.com",
+            "OAUTH_PKCE_ENABLED": True,
+        }
+    },
 )
 class GoogleTests(OAuth2TestsMixin, TestCase):
     provider_id = "geonode_openid_connect"
@@ -54,6 +90,9 @@ def setUp(self):
         self.email = "raymond.penners@example.com"
         self.identity_overwrites = {}
 
+    def test_account_tokens(self, multiple_login=False):
+        pass
+
     def get_google_id_token_payload(self):
         now = datetime.utcnow()
         client_id = "app123id"  # Matches `setup_app`
@@ -227,3 +266,42 @@ class AppInSettingsTests(GoogleTests):
     """
 
     pass
+
+
+def test_login_by_token(db, client, settings_with_google_provider):
+    client.cookies.load({"g_csrf_token": "csrf"})
+    with patch("allauth.socialaccount.providers.google.views.jwt.get_unverified_header") as g_u_h:
+        with mocked_response({"dummykid": "-----BEGIN CERTIFICATE-----"}):
+            with patch("allauth.socialaccount.providers.google.views.load_pem_x509_certificate") as load_pem:
+                with patch("allauth.socialaccount.providers.google.views.jwt.decode") as decode:
+                    decode.return_value = {
+                        "iss": "https://accounts.google.com",
+                        "aud": "client_id",
+                        "sub": "123sub",
+                        "hd": "example.com",
+                        "email": "raymond@example.com",
+                        "email_verified": True,
+                        "at_hash": "HK6E_P6Dh8Y93mRNtsDB1Q",
+                        "name": "Raymond Penners",
+                        "picture": "https://lh5.googleusercontent.com/photo.jpg",
+                        "given_name": "Raymond",
+                        "family_name": "Penners",
+                        "locale": "en",
+                        "iat": 123,
+                        "exp": 456,
+                    }
+                    g_u_h.return_value = {
+                        "alg": "RS256",
+                        "kid": "dummykid",
+                        "typ": "JWT",
+                    }
+                    pem = Mock()
+                    load_pem.return_value = pem
+                    pem.public_key.return_value = "key"
+                    resp = client.post(
+                        reverse("google_login_by_token"),
+                        {"credential": "dummy", "g_csrf_token": "csrf"},
+                    )
+                    assert resp.status_code == 302
+                    socialaccount = SocialAccount.objects.get(uid="123sub")
+                    assert socialaccount.user.email == "raymond@example.com"
diff --git a/geonode/settings.py b/geonode/settings.py
@@ -804,6 +804,7 @@
 MIDDLEWARE = (
     "corsheaders.middleware.CorsMiddleware",
     "django.middleware.common.CommonMiddleware",
+    "allauth.account.middleware.AccountMiddleware",
     "django.contrib.sessions.middleware.SessionMiddleware",
     "django.contrib.messages.middleware.MessageMiddleware",
     "django.contrib.sites.middleware.CurrentSiteMiddleware",

diff --git a/requirements.txt b/requirements.txt
@@ -29,7 +29,7 @@ PyMuPDF==1.23.20
 pathvalidate==3.2.0
 
 # Django Apps
-django-allauth==0.54.0
+django-allauth==0.60.1
 django-appconf==1.0.6
 django-celery-results==2.5.1
 django-filter==23.5

diff --git a/setup.cfg b/setup.cfg
@@ -55,7 +55,7 @@ install_requires =
     pathvalidate==3.2.0
 
     # Django Apps
-    django-allauth==0.54.0
+    django-allauth==0.60.1
     django-appconf==1.0.6
     django-celery-results==2.5.1
     django-filter==23.5