Onboarding to generate auth code (#21777)

2019-03-08 13:51:42 -08:00 · 2019-03-08 13:51:42 -08:00 · 3da0ed9cc7
parent a0e8543aed
commit 3da0ed9cc7
4 changed files with 44 additions and 2 deletions
--- a/homeassistant/components/auth/init.py
+++ b/homeassistant/components/auth/init.py
@ -127,6 +127,7 @@ import voluptuous as vol

 from homeassistant.auth.models import User, Credentials, \
    TOKEN_TYPE_LONG_LIVED_ACCESS_TOKEN
+from homeassistant.loader import bind_hass
 from homeassistant.components import websocket_api
 from homeassistant.components.http import KEY_REAL_IP
 from homeassistant.components.http.auth import async_sign_path
@ -184,10 +185,18 @@ RESULT_TYPE_USER = 'user'
 _LOGGER = logging.getLogger(__name__)


+@bind_hass
+def create_auth_code(hass, client_id: str, user: User) -> str:
+    """Create an authorization code to fetch tokens."""
+    return hass.data[DOMAIN](client_id, user)
+
+
 async def async_setup(hass, config):
    """Component to allow users to login."""
    store_result, retrieve_result = _create_auth_code_store()

+    hass.data[DOMAIN] = store_result
+
    hass.http.register_view(TokenView(retrieve_result))
    hass.http.register_view(LinkUserView(retrieve_result))

--- a/homeassistant/components/onboarding/init.py
+++ b/homeassistant/components/onboarding/init.py
@ -4,7 +4,7 @@ from homeassistant.loader import bind_hass

 from .const import DOMAIN, STEP_USER, STEPS

-DEPENDENCIES = ['http']
+DEPENDENCIES = ['auth', 'http']

 STORAGE_KEY = DOMAIN
 STORAGE_VERSION = 1
--- a/homeassistant/components/onboarding/views.py
+++ b/homeassistant/components/onboarding/views.py
@ -74,6 +74,7 @@ class UserOnboardingView(_BaseOnboardingView):
        vol.Required('name'): str,
        vol.Required('username'): str,
        vol.Required('password'): str,
+        vol.Required('client_id'): str,
    }))
    async def post(self, request, data):
        """Return the manifest.json."""
@ -98,8 +99,17 @@ class UserOnboardingView(_BaseOnboardingView):
                await hass.components.person.async_create_person(
                    data['name'], user_id=user.id
                )
+
            await self._async_mark_done(hass)

+            # Return an authorization code to allow fetching tokens.
+            auth_code = hass.components.auth.create_auth_code(
+                data['client_id'], user
+            )
+            return self.json({
+                'auth_code': auth_code
+            })
+

@callback
 def _async_get_hass_provider(hass):
--- a/tests/components/onboarding/test_views.py
+++ b/tests/components/onboarding/test_views.py
@ -8,7 +8,7 @@ from homeassistant.setup import async_setup_component
 from homeassistant.components import onboarding
 from homeassistant.components.onboarding import views

-from tests.common import register_auth_provider
+from tests.common import CLIENT_ID, register_auth_provider

 from . import mock_storage

@ -59,6 +59,7 @@ async def test_onboarding_user_already_done(hass, hass_storage,
    client = await aiohttp_client(hass.http.app)

    resp = await client.post('/api/onboarding/users', json={
+        'client_id': CLIENT_ID,
        'name': 'Test Name',
        'username': 'test-user',
        'password': 'test-pass',
@ -79,12 +80,16 @@ async def test_onboarding_user(hass, hass_storage, aiohttp_client):
    client = await aiohttp_client(hass.http.app)

    resp = await client.post('/api/onboarding/users', json={
+        'client_id': CLIENT_ID,
        'name': 'Test Name',
        'username': 'test-user',
        'password': 'test-pass',
    })

    assert resp.status == 200
+    data = await resp.json()
+    assert 'auth_code' in data
+
    users = await hass.auth.async_get_users()
    assert len(users) == 1
    user = users[0]
@ -93,6 +98,21 @@ async def test_onboarding_user(hass, hass_storage, aiohttp_client):
    assert user.credentials[0].data['username'] == 'test-user'
    assert len(hass.data['person'].storage_data) == 1

+    # Request refresh tokens
+    resp = await client.post('/auth/token', data={
+        'client_id': CLIENT_ID,
+        'grant_type': 'authorization_code',
+        'code': data['auth_code']
+    })
+
+    assert resp.status == 200
+    tokens = await resp.json()
+
+    assert (
+        await hass.auth.async_validate_access_token(tokens['access_token'])
+        is not None
+    )
+

 async def test_onboarding_user_invalid_name(hass, hass_storage,
                                            aiohttp_client):
@ -106,6 +126,7 @@ async def test_onboarding_user_invalid_name(hass, hass_storage,
    client = await aiohttp_client(hass.http.app)

    resp = await client.post('/api/onboarding/users', json={
+        'client_id': CLIENT_ID,
        'username': 'test-user',
        'password': 'test-pass',
    })
@ -124,11 +145,13 @@ async def test_onboarding_user_race(hass, hass_storage, aiohttp_client):
    client = await aiohttp_client(hass.http.app)

    resp1 = client.post('/api/onboarding/users', json={
+        'client_id': CLIENT_ID,
        'name': 'Test 1',
        'username': '1-user',
        'password': '1-pass',
    })
    resp2 = client.post('/api/onboarding/users', json={
+        'client_id': CLIENT_ID,
        'name': 'Test 2',
        'username': '2-user',
        'password': '2-pass',