Django 1.6 compatibility

+ Added installation notes about the SESSION_SERIALIZER setting. + Included tox.ini section for Python 2.7 + Django 1.6. + New decorator override_session_serializer enforces pickle session serialization in tests. + Added test checking Django version defaults for SESSION_SERIALIZER.
author: Ricardo Kirkner <ricardo.kirkner@canonical.com> 2014-04-23 11:40:42 -0300
committer: Ricardo Kirkner <ricardo.kirkner@canonical.com> 2014-04-23 11:40:42 -0300
commit: bf72b5db92b19bdefbebe767f78a6908c671c97f (patch)
tree: f9c69fdde7b5c10c9a9f035480590e026a9e7d95
parent: 0a6bd0aa3877cac5b01ce15718d999b71d5b9148 (diff)
parent: ff81e2ebba2a4f7f492427d8901a091d100a5f61 (diff)
7 files changed, 68 insertions, 9 deletions
diff --git a/README.txt b/README.txt
index 7df7110..46b5c07 100644
--- a/README.txt
+++ b/README.txt
@@ -8,13 +8,18 @@ single signon systems.
 
 == Basic Installation ==
 
- 1. Install the Jan Rain Python OpenID library.  It can be found at:
+ 0. Install the Jan Rain Python OpenID library.  It can be found at:
 
         http://openidenabled.com/python-openid/
 
     It can also be found in most Linux distributions packaged as
     "python-openid".  You will need version 2.2.0 or later.
 
+ 1. If you are using Django 1.6, configure your project to use the
+    pickle based session serializer:
+
+        SESSION_SERIALIZER = 'django.contrib.sessions.serializers.PickleSerializer'
+
  2. Add 'django_openid_auth' to INSTALLED_APPS for your application.
     At a minimum, you'll need the following in there:
 
@@ -143,8 +148,8 @@ If you require openid authentication into the admin application, add the followi
 
         OPENID_USE_AS_ADMIN_LOGIN = True
 
-It is worth noting that a user needs to be be marked as a "staff user" to be able to access the admin interface.  A new openid user will not normally be a "staff user".  
-The easiest way to resolve this is to use traditional authentication (OPENID_USE_AS_ADMIN_LOGIN = False) to sign in as your first user with a password and authorise your 
+It is worth noting that a user needs to be be marked as a "staff user" to be able to access the admin interface.  A new openid user will not normally be a "staff user".
+The easiest way to resolve this is to use traditional authentication (OPENID_USE_AS_ADMIN_LOGIN = False) to sign in as your first user with a password and authorise your
 openid user to be staff.
 
 == Change Django usernames if the nickname changes on the provider ==
@@ -162,7 +167,7 @@ If the user has already been renamed to nickname+1 due to a conflict, and the ni
 If you must have a valid, unique nickname in order to create a user accont, add the following setting:
 
         OPENID_STRICT_USERNAMES = True
-        
+
 This will cause an OpenID login attempt to fail if the provider does not return a 'nickname' (username) for the user, or if the nickname conflicts with an existing user with a different openid identiy url.
 Without this setting, logins without a nickname will be given the username 'openiduser', and upon conflicts with existing username, an incrementing number will be appended to the username until it is unique.
 
@@ -171,7 +176,7 @@ Without this setting, logins without a nickname will be given the username 'open
 If your users should use a physical multi-factor authentication method, such as RSA tokens or YubiKey, add the following setting:
 
         OPENID_PHYSICAL_MULTIFACTOR_REQUIRED = True
-        
+
 If the user's OpenID provider supports the PAPE extension and provides the Physical Multifactor authentication policy, this will
 cause the OpenID login to fail if the user does not provide valid physical authentication to the provider.
 
diff --git a/django_openid_auth/tests/__init__.py b/django_openid_auth/tests/__init__.py
index 5b3964a..70bcb36 100644
--- a/django_openid_auth/tests/__init__.py
+++ b/django_openid_auth/tests/__init__.py
@@ -28,6 +28,7 @@
 
 import unittest
 from test_views import *
+from test_settings import *
 from test_store import *
 from test_auth import *
 from test_admin import *
@@ -35,8 +36,8 @@ from test_admin import *
 
 def suite():
     suite = unittest.TestSuite()
-    for name in ['test_auth', 'test_models', 'test_store', 'test_views',
-                 'test_admin']:
+    for name in ['test_auth', 'test_models', 'test_settings', 'test_store',
+                 'test_views', 'test_admin']:
         mod = __import__('%s.%s' % (__name__, name), {}, {}, ['suite'])
         suite.addTest(mod.suite())
     return suite
diff --git a/django_openid_auth/tests/helpers.py b/django_openid_auth/tests/helpers.py
new file mode 100644
index 0000000..b663c5b
--- /dev/null
+++ b/django_openid_auth/tests/helpers.py
@@ -0,0 +1,5 @@
+from django.test.utils import override_settings
+
+
+override_session_serializer = override_settings(
+    SESSION_SERIALIZER='django.contrib.sessions.serializers.PickleSerializer')
diff --git a/django_openid_auth/tests/test_auth.py b/django_openid_auth/tests/test_auth.py
index 87536d1..ef70a7d 100644
--- a/django_openid_auth/tests/test_auth.py
+++ b/django_openid_auth/tests/test_auth.py
@@ -39,6 +39,7 @@ from django.test import TestCase
 from django_openid_auth.auth import OpenIDBackend
 from django_openid_auth.models import UserOpenID
 from django_openid_auth.teams import ns_uri as TEAMS_NS
+from django_openid_auth.tests.helpers import override_session_serializer
 from openid.consumer.consumer import SuccessResponse
 from openid.consumer.discover import OpenIDServiceEndpoint
 from openid.message import Message, OPENID2_NS
@@ -47,6 +48,8 @@ from openid.message import Message, OPENID2_NS
 SREG_NS = "http://openid.net/sreg/1.0"
 AX_NS = "http://openid.net/srv/ax/1.0"
 
+
+@override_session_serializer
 class OpenIDBackendTests(TestCase):
 
     def setUp(self):
diff --git a/django_openid_auth/tests/test_settings.py b/django_openid_auth/tests/test_settings.py
new file mode 100644
index 0000000..5704ffa
--- /dev/null
+++ b/django_openid_auth/tests/test_settings.py
@@ -0,0 +1,35 @@
+from unittest import skipIf, TestLoader
+
+from django import VERSION
+from django.conf import settings
+from django.test import TestCase
+
+
+class SessionSerializerTest(TestCase):
+    """Django 1.6 changed the default session serializer to use JSON
+    instead of pickle for security reasons[0]. Unfortunately the
+    openid module on which we rely stores objects which are not JSON
+    serializable[1], so until this is fixed upstream (or we decide to
+    create a wrapper serializer) we are recommending Django 1.6 users
+    to fallback to the PickleSerializer.
+
+    [0] https://bit.ly/1myzetd
+    [1] https://github.com/openid/python-openid/issues/17
+    """
+    @skipIf(VERSION >= (1, 6, 0), "Old versions used the pickle serializer.")
+    def test_not_using_json_session_serializer(self):
+        # We use getattr because this setting did not exist in Django
+        # 1.4 (pickle serialization was hard coded)
+        serializer = getattr(settings, 'SESSION_SERIALIZER', '')
+        self.assertNotEqual(
+            serializer, 'django.contrib.sessions.serializers.JSONSerializer')
+
+    @skipIf(VERSION < (1, 6, 0), "Newer versions use JSON by default.")
+    def test_using_json_session_serializer(self):
+        serializer = getattr(settings, 'SESSION_SERIALIZER', '')
+        self.assertEqual(
+            serializer, 'django.contrib.sessions.serializers.JSONSerializer')
+
+
+def suite():
+    return TestLoader().loadTestsFromName(__name__)
diff --git a/django_openid_auth/tests/test_views.py b/django_openid_auth/tests/test_views.py
index 47187b2..2660be8 100644
--- a/django_openid_auth/tests/test_views.py
+++ b/django_openid_auth/tests/test_views.py
@@ -47,6 +47,7 @@ from openid.message import IDENTIFIER_SELECT
 
 from django_openid_auth import teams
 from django_openid_auth.models import UserOpenID
+from django_openid_auth.tests.helpers import override_session_serializer
 from django_openid_auth.views import (
     sanitise_redirect_url,
     make_consumer,
@@ -161,6 +162,8 @@ class DummyDjangoRequest(object):
         return request
     REQUEST = property(_combined_request)
 
+
+@override_session_serializer
 class RelyingPartyTests(TestCase):
     urls = 'django_openid_auth.tests.urls'
 
@@ -1354,7 +1357,7 @@ class RelyingPartyTests(TestCase):
         self.assertTrue(group3 not in user.groups.all())
 
     def test_login_teams_staff_not_defined(self):
-        delattr(settings, 'OPENID_LAUNCHPAD_STAFF_TEAMS')
+        assert getattr(settings, 'OPENID_LAUNCHPAD_STAFF_TEAMS', None) is None
         user = User.objects.create_user('testuser', 'someone@example.com')
         user.is_staff = True
         user.save()
@@ -1433,6 +1436,7 @@ class RelyingPartyTests(TestCase):
         openid_login_complete.disconnect(login_callback)
 
 
+@override_session_serializer
 class HelperFunctionsTest(TestCase):
     def test_sanitise_redirect_url(self):
         settings.ALLOWED_EXTERNAL_OPENID_REDIRECT_DOMAINS = [
diff --git a/tox.ini b/tox.ini
index 40d7727..28b8703 100644
--- a/tox.ini
+++ b/tox.ini
@@ -1,6 +1,6 @@
 [tox]
 envlist =
-        py2.7-django1.4, py2.7-django1.5
+        py2.7-django1.4, py2.7-django1.5, py2.7-django1.6
 
 [testenv]
 commands = make check
@@ -17,3 +17,9 @@ basepython = python2.7
 deps = django >= 1.5, < 1.6
        python-openid
        south
+
+[testenv:py2.7-django1.6]
+basepython = python2.7
+deps = django >= 1.6, < 1.7
+       python-openid
+       south
author	Ricardo Kirkner <ricardo.kirkner@canonical.com>	2014-04-23 11:40:42 -0300
committer	Ricardo Kirkner <ricardo.kirkner@canonical.com>	2014-04-23 11:40:42 -0300
commit	bf72b5db92b19bdefbebe767f78a6908c671c97f (patch)
tree	f9c69fdde7b5c10c9a9f035480590e026a9e7d95
parent	0a6bd0aa3877cac5b01ce15718d999b71d5b9148 (diff)
parent	ff81e2ebba2a4f7f492427d8901a091d100a5f61 (diff)