From 9f052522842a3ff8f616db5681bcfd2bdaf70107 Mon Sep 17 00:00:00 2001 From: Luis Alvergue Date: Wed, 26 Feb 2025 16:58:18 +0000 Subject: [PATCH] refactor(session): rename oauth_token session property the name of the oauth_token property in the session module is updated to oauth_authorized to reflect that a boolean (instead of a string) is now stored in the user's session. several test fixtures and tests are updated given this change in the session module. --- benefits/core/session.py | 22 +++++++++---------- benefits/oauth/views.py | 2 +- tests/pytest/conftest.py | 4 ++-- .../core/test_middleware_login_required.py | 2 +- tests/pytest/core/test_session.py | 22 +++++++++---------- tests/pytest/eligibility/test_views.py | 10 +++++---- tests/pytest/oauth/test_views.py | 10 ++++----- 7 files changed, 37 insertions(+), 35 deletions(-) diff --git a/benefits/core/session.py b/benefits/core/session.py index d5d5a07750..01afac0e0a 100644 --- a/benefits/core/session.py +++ b/benefits/core/session.py @@ -27,7 +27,7 @@ _FLOW = "flow" _LANG = "lang" _OAUTH_CLAIMS = "oauth_claims" -_OAUTH_TOKEN = "oauth_token" +_OAUTH_AUTHORIZED = "oauth_authorized" _ORIGIN = "origin" _START = "start" _UID = "uid" @@ -59,7 +59,7 @@ def context_dict(request): _ENROLLMENT_TOKEN: enrollment_token(request), _ENROLLMENT_TOKEN_EXP: enrollment_token_expiry(request), _LANG: language(request), - _OAUTH_TOKEN: oauth_token(request), + _OAUTH_AUTHORIZED: oauth_authorized(request), _OAUTH_CLAIMS: oauth_claims(request), _ORIGIN: origin(request), _START: start(request), @@ -143,17 +143,17 @@ def language(request): def logged_in(request): """Check if the current session has an OAuth token.""" - return bool(oauth_token(request)) + return bool(oauth_authorized(request)) def logout(request): """Reset the session claims and tokens.""" - update(request, oauth_claims=[], oauth_token=False, enrollment_token=False) + update(request, oauth_claims=[], oauth_authorized=False, enrollment_token=False) -def oauth_token(request): - """Get the oauth token from the request's session, or None""" - return request.session.get(_OAUTH_TOKEN) +def oauth_authorized(request): + """Get the oauth authorization status from the request's session, or None""" + return request.session.get(_OAUTH_AUTHORIZED) def oauth_claims(request): @@ -189,7 +189,7 @@ def reset(request): request.session[_ENROLLMENT_EXP] = None request.session[_ENROLLMENT_TOKEN] = None request.session[_ENROLLMENT_TOKEN_EXP] = None - request.session[_OAUTH_TOKEN] = None + request.session[_OAUTH_AUTHORIZED] = False request.session[_OAUTH_CLAIMS] = None if _UID not in request.session or not request.session[_UID]: @@ -248,7 +248,7 @@ def update( enrollment_expiry=None, enrollment_token=None, enrollment_token_exp=None, - oauth_token=None, + oauth_authorized=None, oauth_claims=None, origin=None, ): @@ -271,8 +271,8 @@ def update( if enrollment_token is not None: request.session[_ENROLLMENT_TOKEN] = enrollment_token request.session[_ENROLLMENT_TOKEN_EXP] = enrollment_token_exp - if oauth_token is not None: - request.session[_OAUTH_TOKEN] = oauth_token + if oauth_authorized is not None: + request.session[_OAUTH_AUTHORIZED] = oauth_authorized if oauth_claims is not None: request.session[_OAUTH_CLAIMS] = oauth_claims if origin is not None: diff --git a/benefits/oauth/views.py b/benefits/oauth/views.py index daf711bb5b..69e458ab03 100644 --- a/benefits/oauth/views.py +++ b/benefits/oauth/views.py @@ -144,7 +144,7 @@ def authorize(request): elif claim_value >= 10: error_claim[claim] = claim_value - session.update(request, oauth_token=oauth_token_authorized, oauth_claims=stored_claims) + session.update(request, oauth_authorized=oauth_token_authorized, oauth_claims=stored_claims) analytics.finished_sign_in(request, error=error_claim) return redirect(routes.ELIGIBILITY_CONFIRM) diff --git a/tests/pytest/conftest.py b/tests/pytest/conftest.py index b6893fd1f2..6538bbcc89 100644 --- a/tests/pytest/conftest.py +++ b/tests/pytest/conftest.py @@ -223,8 +223,8 @@ def mocked_session_eligible(mocker): @pytest.fixture -def mocked_session_oauth_token(mocker): - return mocker.patch("benefits.core.session.oauth_token", autospec=True, return_value="token") +def mocked_session_oauth_authorized(mocker): + return mocker.patch("benefits.core.session.oauth_authorized", autospec=True, return_value=True) @pytest.fixture diff --git a/tests/pytest/core/test_middleware_login_required.py b/tests/pytest/core/test_middleware_login_required.py index a18df4a8ec..d47120340c 100644 --- a/tests/pytest/core/test_middleware_login_required.py +++ b/tests/pytest/core/test_middleware_login_required.py @@ -39,7 +39,7 @@ def test_login_flow_does_not_use_claims_verification(app_request, model_Enrollme @pytest.mark.usefixtures("mocked_session_flow_uses_claims_verification") def test_logged_in(app_request, mocked_view, decorated_view): # log in - session.update(app_request, oauth_token="something") + session.update(app_request, oauth_authorized=True) decorated_view(app_request) mocked_view.assert_called_once() diff --git a/tests/pytest/core/test_session.py b/tests/pytest/core/test_session.py index 086cd67c2b..8b5aeb2a68 100644 --- a/tests/pytest/core/test_session.py +++ b/tests/pytest/core/test_session.py @@ -185,21 +185,21 @@ def test_logged_in_default(app_request): @pytest.mark.django_db def test_logged_in_False(app_request): - session.update(app_request, oauth_token=False) + session.update(app_request, oauth_authorized=False) assert not session.logged_in(app_request) @pytest.mark.django_db def test_logged_in_True(app_request): - session.update(app_request, oauth_token=True) + session.update(app_request, oauth_authorized=True) assert session.logged_in(app_request) @pytest.mark.django_db def test_logout(app_request): - session.update(app_request, oauth_claims=["oauth_claim"], oauth_token="oauth_token", enrollment_token="enrollment_token") + session.update(app_request, oauth_claims=["oauth_claim"], oauth_authorized=True, enrollment_token="enrollment_token") assert session.logged_in(app_request) assert session.oauth_claims(app_request) @@ -207,13 +207,13 @@ def test_logout(app_request): assert not session.logged_in(app_request) assert not session.enrollment_token(app_request) - assert not session.oauth_token(app_request) + assert not session.oauth_authorized(app_request) assert not session.oauth_claims(app_request) @pytest.mark.django_db -def test_oauth_token_default(app_request): - assert not session.oauth_token(app_request) +def test_oauth_authorized_default(app_request): + assert not session.oauth_authorized(app_request) @pytest.mark.django_db @@ -268,12 +268,12 @@ def test_reset_enrollment(app_request): @pytest.mark.django_db def test_reset_oauth(app_request): - app_request.session[session._OAUTH_TOKEN] = "oauthtoken456" + app_request.session[session._OAUTH_AUTHORIZED] = True app_request.session[session._OAUTH_CLAIMS] = ["claim"] session.reset(app_request) - assert session.oauth_token(app_request) is None + assert session.oauth_authorized(app_request) is False assert session.oauth_claims(app_request) is None @@ -421,10 +421,10 @@ def test_update_enrollment_token(app_request): @pytest.mark.django_db -def test_update_oauth_token(app_request): - session.update(app_request, oauth_token="token") +def test_update_oauth_authorized(app_request): + session.update(app_request, oauth_authorized=True) - assert session.oauth_token(app_request) == "token" + assert session.oauth_authorized(app_request) is True @pytest.mark.django_db diff --git a/tests/pytest/eligibility/test_views.py b/tests/pytest/eligibility/test_views.py index 3bd4e9ed74..6f4174a8c4 100644 --- a/tests/pytest/eligibility/test_views.py +++ b/tests/pytest/eligibility/test_views.py @@ -18,9 +18,9 @@ def mocked_analytics_module(mocked_analytics_module): @pytest.fixture -def mocked_eligibility_auth_request(mocked_eligibility_request_session, mocked_session_oauth_token): +def mocked_eligibility_auth_request(mocked_eligibility_request_session, mocked_session_oauth_authorized): """ - Stub fixture combines mocked_eligibility_request_session and mocked_session_oauth_token + Stub fixture combines mocked_eligibility_request_session and mocked_session_oauth_authorized so that session behaves like in an authenticated request to the eligibility app """ pass @@ -260,7 +260,9 @@ def test_confirm_get_verified(client, mocked_session_update): @pytest.mark.django_db -@pytest.mark.usefixtures("mocked_session_agency", "mocked_session_flow_uses_claims_verification", "mocked_session_oauth_token") +@pytest.mark.usefixtures( + "mocked_session_agency", "mocked_session_flow_uses_claims_verification", "mocked_session_oauth_authorized" +) def test_confirm_get_oauth_verified(mocker, client, mocked_session_update, mocked_analytics_module): mocker.patch("benefits.eligibility.verify.eligibility_from_oauth", return_value=True) @@ -277,7 +279,7 @@ def test_confirm_get_oauth_verified(mocker, client, mocked_session_update, mocke @pytest.mark.usefixtures( "mocked_session_agency", "mocked_session_flow_uses_claims_verification", - "mocked_session_oauth_token", + "mocked_session_oauth_authorized", "mocked_session_update", ) def test_confirm_get_oauth_unverified(mocker, client): diff --git a/tests/pytest/oauth/test_views.py b/tests/pytest/oauth/test_views.py index bffa715b2e..b4f6f4ba04 100644 --- a/tests/pytest/oauth/test_views.py +++ b/tests/pytest/oauth/test_views.py @@ -230,7 +230,7 @@ def test_authorize_success( mocked_oauth_client.authorize_access_token.assert_called_with(app_request) mocked_analytics_module.finished_sign_in.assert_called_once() assert session.logged_in(app_request) - assert session.oauth_token(app_request) is True + assert session.oauth_authorized(app_request) is True assert result.status_code == 302 assert result.url == reverse(routes.ELIGIBILITY_CONFIRM) @@ -410,9 +410,9 @@ def test_logout(app_request, mocker, mocked_oauth_client_or_error_redirect__clie mocked_oauth_client = mocked_oauth_client_or_error_redirect__client.return_value mocked_redirect = mocker.patch("benefits.oauth.views.redirects.deauthorize_redirect", return_value=HttpResponse(message)) - token = "token" - session.update(app_request, oauth_token=token) - assert session.oauth_token(app_request) == token + oauth_token_authorized = True + session.update(app_request, oauth_authorized=oauth_token_authorized) + assert session.oauth_authorized(app_request) == oauth_token_authorized result = logout(app_request) @@ -423,7 +423,7 @@ def test_logout(app_request, mocker, mocked_oauth_client_or_error_redirect__clie assert not session.logged_in(app_request) assert session.enrollment_token(app_request) is False - assert session.oauth_token(app_request) is False + assert session.oauth_authorized(app_request) is False assert session.oauth_claims(app_request) == []