Merge pull request #65 Update to latest version of Superset and OpenLMIS

onaio · Aug 4, 2022 · 3e5c064 · 3e5c064
2 parents dfc921a + 69aeb5b
commit 3e5c064
Show file tree

Hide file tree

Showing 2 changed files with 25 additions and 15 deletions.
diff --git a/superset_patchup/oauth.py b/superset_patchup/oauth.py
@@ -110,6 +110,11 @@ def login_init(self, provider=None):
         session[f"{provider}_oauthredir"] = redirect_url
 
         state = self.generate_state()
+
+        # Newest version of Superset for OpenLMIS
+        session[f"_{provider}_authlib_state_"] = state
+        session[f"_{provider}_authlib_redirect_uri_"] = redirect_url
+
         return make_response(jsonify(isAuthorized=False, state=state))
 
     @expose("/oauth-authorized/<provider>")
@@ -321,7 +326,7 @@ def oauth_user_info(self, provider, response=None):
             # get access token
             my_token = self.oauth_tokengetter()[0]
             # get referenceDataUserId
-            reference_user = self.appbuilder.sm.oauth_remotes[provider].get(
+            reference_user = self.appbuilder.sm.oauth_remotes[provider].post(
                 "oauth/check_token", data={"token": my_token}
             )
             reference_data_user_id = reference_user.json()["referenceDataUserId"]

diff --git a/tests/test_oauth.py b/tests/test_oauth.py
@@ -16,26 +16,28 @@
 
 class TestLoginPreferHTTPS(unittest.TestCase):
     """Some test"""
+
     def setUp(self):
         from flask import Flask  # pylint: disable=C0415,E0401
         from flask_appbuilder import AppBuilder  # pylint: disable=C0415,E0401
 
         self.app = Flask(__name__)
-        self.app.config.from_object('tests.test_config')
-        self.app.config['PREFERRED_URL_SCHEME'] = 'https'
+        self.app.config.from_object("tests.test_config")
+        self.app.config["PREFERRED_URL_SCHEME"] = "https"
 
         self.db = SQLA(self.app)  # pylint: disable=invalid-name
-        self.appbuilder = AppBuilder(self.app, self.db.session,
-                                     security_manager_class=CustomSecurityManager)
+        self.appbuilder = AppBuilder(
+            self.app, self.db.session, security_manager_class=CustomSecurityManager
+        )
 
     def test_login(self):
         """Test /login/<provider>"""
-        self.appbuilder.add_view(AuthOAuthView(), 'KetchupAuthOAuthView')
+        self.appbuilder.add_view(AuthOAuthView(), "KetchupAuthOAuthView")
         client = self.app.test_client()
-        response = client.get('/login/onadata')
+        response = client.get("/login/onadata")
         self.assertEqual(response.status_code, 302)
         # Confirm Redirect URL has https
-        self.assertIn('redirect_uri=https%3A', response.headers['Location'])
+        self.assertIn("redirect_uri=https%3A", response.headers["Location"])
 
     def tearDown(self):
         self.db = None
@@ -153,19 +155,22 @@ def test_oauth_user_info_openlmis_provider(self):  # pylint: disable=R0201
         user_email = MagicMock()
         user_email.json.return_value = contacts_endpoint
 
-        request_mock = MagicMock(side_effect=[reference_user, user_data, user_email])
+        request_post_mock = MagicMock(side_effect=[reference_user])
+        request_get_mock = MagicMock(side_effect=[user_data, user_email])
 
-        appbuilder.sm.oauth_remotes["openlmis"].get = request_mock
+        appbuilder.sm.oauth_remotes["openlmis"].get = request_get_mock
+        appbuilder.sm.oauth_remotes["openlmis"].post = request_post_mock
         csm = CustomSecurityManager(appbuilder=appbuilder)
         csm.oauth_tokengetter = MagicMock(
             return_value=["a337ec45-31a0-4f2b-9b2e-a105c4b669bb"]
         )
         user_info = csm.oauth_user_info(provider="openlmis")
 
-        assert request_mock.call_count == 3
-        check_token_call, _ = request_mock.call_args_list[0]
-        user_call, _ = request_mock.call_args_list[1]
-        contacts_call, _ = request_mock.call_args_list[2]
+        assert request_get_mock.call_count == 2
+        assert request_post_mock.call_count == 1
+        check_token_call, _ = request_post_mock.call_args_list[0]
+        user_call, _ = request_get_mock.call_args_list[0]
+        contacts_call, _ = request_get_mock.call_args_list[1]
         assert check_token_call[0] == "oauth/check_token"
         assert user_call[0] == "users/a337ec45-31a0-4f2b-9b2e-a105c4b669bb"
         assert (
@@ -351,7 +356,7 @@ def test_oauth_authorized(
     @patch("superset_patchup.oauth.request.args.get")
     @patch("superset_patchup.oauth.request")
     def test_login_redirect(
-            self, mock_request, mock_redirect_arg, mock_safe_url, mock_g, mock_redirect
+        self, mock_request, mock_redirect_arg, mock_safe_url, mock_g, mock_redirect
     ):  # pylint: disable=R0201,R0913,W0613
         """
         Test that we are redirected to the redirect url when it is passed