Merge pull request #94 from francoisfreitag/add_logs

knaperek · web-flow · commit 2aa63a7689d0 · 2017-10-09T15:41:11.000+02:00
Log invalid model field in attribute mapping and missing fields in SAML response
diff --git a/CHANGES b/CHANGES
@@ -3,6 +3,8 @@ Changes
 
 UNRELEASED
 ----------
+- Log when fields are missing in a SAML response.
+- Log when attribute_mapping maps to nonexistent User fields.
 - Dropped compatibility for Python < 2.7 and Django < 1.8.
 
 0.16.10 (2017-10-02)
diff --git a/README.rst b/README.rst
@@ -65,9 +65,12 @@ do to make sure it is compatible with your Django version and environment.
 
 .. note::
 
-  When you finish the configuation you can run the djangosaml2 test suite
-  as you run any other Django application test suite. Just type
-  ``python manage.py test djangosaml2``
+  When you finish the configuration you can run the djangosaml2 test suite as
+  you run any other Django application test suite. Just type ``python manage.py
+  test djangosaml2``.
+
+  Python 2 users need to ``pip install djangosaml2[test]`` in order to run the
+  tests.
 
 Then you have to add the ``djangosaml2.backends.Saml2Backend``
 authentication backend to the list of authentications backends.
diff --git a/djangosaml2/backends.py b/djangosaml2/backends.py
@@ -215,6 +215,9 @@ def update_user(self, user, attributes, attribute_mapping,
         for saml_attr, django_attrs in attribute_mapping.items():
             attr_value_list = attributes.get(saml_attr)
             if not attr_value_list:
+                logger.debug(
+                    'Could not find value for "%s", not updating fields "%s"',
+                    saml_attr, django_attrs)
                 continue
 
             for attr in django_attrs:
@@ -226,6 +229,9 @@ def update_user(self, user, attributes, attribute_mapping,
                         modified = self._set_attribute(user, attr, attr_value_list[0])
 
                     user_modified = user_modified or modified
+                else:
+                    logger.debug(
+                        'Could not find attribute "%s" on user "%s"', attr, user)
 
         logger.debug('Sending the pre_save signal')
         signal_modified = any(
diff --git a/setup.py b/setup.py
@@ -13,15 +13,22 @@
 # limitations under the License.
 
 
-import os
 import codecs
+import os
+import sys
 from setuptools import setup, find_packages
 
 
 def read(*rnames):
     return codecs.open(os.path.join(os.path.dirname(__file__), *rnames), encoding='utf-8').read()
 
 
+extra = {'test': []}
+if sys.version_info < (3, 4):
+    # Necessary to use assertLogs in tests
+    extra['test'].append('unittest2')
+
+
 setup(
     name='djangosaml2',
     version='0.16.10',
@@ -66,4 +73,5 @@ def read(*rnames):
         'Django>=1.8',
         'pysaml2==4.4.0',
         ],
+    extras_require=extra,
     )
diff --git a/tests/testprofiles/tests.py b/tests/testprofiles/tests.py
@@ -14,6 +14,8 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
+import sys
+
 from django.contrib.auth import get_user_model
 from django.contrib.auth.models import User as DjangoUserModel
 from django.test import TestCase, override_settings
@@ -22,6 +24,17 @@
 
 User = get_user_model()
 
+if sys.version_info < (3, 4):
+    # Monkey-patch TestCase to add the assertLogs method introduced in
+    # Python 3.4
+    from unittest2.case import _AssertLogsContext
+
+    class LoggerTestCase(TestCase):
+        def assertLogs(self, logger=None, level=None):
+            return _AssertLogsContext(self, logger, level)
+
+    TestCase = LoggerTestCase
+
 
 class Saml2BackendTests(TestCase):
     def test_update_user(self):
@@ -89,11 +102,37 @@ def test_update_user_empty_attribute(self):
             'cn': ('John', ),
             'sn': (),
             }
-        backend.update_user(user, attributes, attribute_mapping)
+        with self.assertLogs('djangosaml2', level='DEBUG') as logs:
+            backend.update_user(user, attributes, attribute_mapping)
         self.assertEqual(user.email, 'john@example.com')
         self.assertEqual(user.first_name, 'John')
         # empty attribute list: no update
         self.assertEqual(user.last_name, 'Smith')
+        self.assertIn(
+            'DEBUG:djangosaml2:Could not find value for "sn", not '
+            'updating fields "(\'last_name\',)"',
+            logs.output,
+        )
+
+    def test_invalid_model_attribute_log(self):
+        backend = Saml2Backend()
+
+        attribute_mapping = {
+            'uid': ['username'],
+            'cn': ['nonexistent'],
+        }
+        attributes = {
+            'uid': ['john'],
+            'cn': ['John'],
+        }
+
+        with self.assertLogs('djangosaml2', level='DEBUG') as logs:
+            backend.get_saml2_user(True, 'john', attributes, attribute_mapping)
+
+        self.assertIn(
+            'DEBUG:djangosaml2:Could not find attribute "nonexistent" on user "john"',
+            logs.output,
+        )
 
     def test_django_user_main_attribute(self):
         backend = Saml2Backend()
diff --git a/tox.ini b/tox.ini
@@ -16,6 +16,7 @@ deps =
     django110: Django>=1.10,<1.11
     django111: Django>=1.11,<2.0
     djangomaster: https://github.com/django/django/archive/master.tar.gz
+    .[test]
 
 # Waiting on upstream fix for https://code.djangoproject.com/ticket/28679
 ignore_outcome =
