test_terms_auth.py 4.5 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123
  1. # Copyright 2018 New Vector Ltd
  2. #
  3. # Licensed under the Apache License, Version 2.0 (the "License");
  4. # you may not use this file except in compliance with the License.
  5. # You may obtain a copy of the License at
  6. #
  7. # http://www.apache.org/licenses/LICENSE-2.0
  8. #
  9. # Unless required by applicable law or agreed to in writing, software
  10. # distributed under the License is distributed on an "AS IS" BASIS,
  11. # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  12. # See the License for the specific language governing permissions and
  13. # limitations under the License.
  14. import json
  15. import six
  16. from mock import Mock
  17. from twisted.test.proto_helpers import MemoryReactorClock
  18. from synapse.rest.client.v2_alpha.register import register_servlets
  19. from synapse.util import Clock
  20. from tests import unittest
  21. class TermsTestCase(unittest.HomeserverTestCase):
  22. servlets = [register_servlets]
  23. def prepare(self, reactor, clock, hs):
  24. self.clock = MemoryReactorClock()
  25. self.hs_clock = Clock(self.clock)
  26. self.url = "/_matrix/client/r0/register"
  27. self.registration_handler = Mock()
  28. self.auth_handler = Mock()
  29. self.device_handler = Mock()
  30. hs.config.enable_registration = True
  31. hs.config.registrations_require_3pid = []
  32. hs.config.auto_join_rooms = []
  33. hs.config.enable_registration_captcha = False
  34. def test_ui_auth(self):
  35. self.hs.config.user_consent_at_registration = True
  36. self.hs.config.user_consent_policy_name = "My Cool Privacy Policy"
  37. self.hs.config.public_baseurl = "https://example.org/"
  38. self.hs.config.user_consent_version = "1.0"
  39. # Do a UI auth request
  40. request, channel = self.make_request(b"POST", self.url, b"{}")
  41. self.render(request)
  42. self.assertEquals(channel.result["code"], b"401", channel.result)
  43. self.assertTrue(channel.json_body is not None)
  44. self.assertIsInstance(channel.json_body["session"], six.text_type)
  45. self.assertIsInstance(channel.json_body["flows"], list)
  46. for flow in channel.json_body["flows"]:
  47. self.assertIsInstance(flow["stages"], list)
  48. self.assertTrue(len(flow["stages"]) > 0)
  49. self.assertTrue("m.login.terms" in flow["stages"])
  50. expected_params = {
  51. "m.login.terms": {
  52. "policies": {
  53. "privacy_policy": {
  54. "en": {
  55. "name": "My Cool Privacy Policy",
  56. "url": "https://example.org/_matrix/consent?v=1.0",
  57. },
  58. "version": "1.0",
  59. }
  60. }
  61. }
  62. }
  63. self.assertIsInstance(channel.json_body["params"], dict)
  64. self.assertDictContainsSubset(channel.json_body["params"], expected_params)
  65. # We have to complete the dummy auth stage before completing the terms stage
  66. request_data = json.dumps(
  67. {
  68. "username": "kermit",
  69. "password": "monkey",
  70. "auth": {
  71. "session": channel.json_body["session"],
  72. "type": "m.login.dummy",
  73. },
  74. }
  75. )
  76. self.registration_handler.check_username = Mock(return_value=True)
  77. request, channel = self.make_request(b"POST", self.url, request_data)
  78. self.render(request)
  79. # We don't bother checking that the response is correct - we'll leave that to
  80. # other tests. We just want to make sure we're on the right path.
  81. self.assertEquals(channel.result["code"], b"401", channel.result)
  82. # Finish the UI auth for terms
  83. request_data = json.dumps(
  84. {
  85. "username": "kermit",
  86. "password": "monkey",
  87. "auth": {
  88. "session": channel.json_body["session"],
  89. "type": "m.login.terms",
  90. },
  91. }
  92. )
  93. request, channel = self.make_request(b"POST", self.url, request_data)
  94. self.render(request)
  95. # We're interested in getting a response that looks like a successful
  96. # registration, not so much that the details are exactly what we want.
  97. self.assertEquals(channel.result["code"], b"200", channel.result)
  98. self.assertTrue(channel.json_body is not None)
  99. self.assertIsInstance(channel.json_body["user_id"], six.text_type)
  100. self.assertIsInstance(channel.json_body["access_token"], six.text_type)
  101. self.assertIsInstance(channel.json_body["device_id"], six.text_type)