From 3df56a4f3c411c3bde51c88e6e0bf34d5e582119 Mon Sep 17 00:00:00 2001 From: NavaL Date: Wed, 26 Oct 2016 15:31:23 +0200 Subject: extracting username before doing bonafide auth #795 --- service/pixelated/authentication.py | 3 ++- service/test/unit/test_authentication.py | 7 +++++++ 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/service/pixelated/authentication.py b/service/pixelated/authentication.py index a8326fb9..02b43a1e 100644 --- a/service/pixelated/authentication.py +++ b/service/pixelated/authentication.py @@ -21,7 +21,8 @@ class Authenticator(object): @inlineCallbacks def _srp_auth(self, username, password): try: - auth = yield authenticate(self._leap_provider, username, password) + extracted_username = self.extract_username(username) + auth = yield authenticate(self._leap_provider, extracted_username, password) except SRPAuthError: raise UnauthorizedLogin() diff --git a/service/test/unit/test_authentication.py b/service/test/unit/test_authentication.py index f9f98af9..cebb6543 100644 --- a/service/test/unit/test_authentication.py +++ b/service/test/unit/test_authentication.py @@ -33,6 +33,13 @@ class AuthenticatorTest(unittest.TestCase): with self.assertRaises(UnauthorizedLogin): yield auth.authenticate('username', 'password') + @inlineCallbacks + def test_auth_username_with_domain_only_makes_bonafide_auth_with_username(self): + auth = Authenticator(self._leap_provider) + with patch('pixelated.authentication.authenticate') as mock_leap_authenticate: + yield auth.authenticate('username@domain.org', 'password') + mock_leap_authenticate.assert_called_once_with(self._leap_provider, 'username', 'password') + def test_validate_username_accepts_username(self): auth = Authenticator(self._leap_provider) self.assertTrue(auth.validate_username('username')) -- cgit v1.2.3