summary refs log tree commit diff
path: root/tests/handlers
diff options
context:
space:
mode:
authorAurélien Grimpard <aurelien@grimpard.net>2023-09-06 20:32:24 +0200
committerGitHub <noreply@github.com>2023-09-06 14:32:24 -0400
commitfe69e7f617199f51eb97f510a0a934fdcf02fbad (patch)
tree0768d0737a291cd5e71a0c02034ec6a54a0ca753 /tests/handlers
parentMerge remote-tracking branch 'origin/release-v1.92' into develop (diff)
downloadsynapse-fe69e7f617199f51eb97f510a0a934fdcf02fbad.tar.xz
Handle "registration_enabled" parameter for CAS (#16262)
Similar to OIDC, CAS providers can now disable registration such
that only existing users are able to login via SSO.
Diffstat (limited to 'tests/handlers')
-rw-r--r--tests/handlers/test_cas.py17
1 files changed, 17 insertions, 0 deletions
diff --git a/tests/handlers/test_cas.py b/tests/handlers/test_cas.py
index 8582b1cd1e..13e2cd153a 100644
--- a/tests/handlers/test_cas.py
+++ b/tests/handlers/test_cas.py
@@ -197,6 +197,23 @@ class CasHandlerTestCase(HomeserverTestCase):
             auth_provider_session_id=None,
         )
 
+    @override_config({"cas_config": {"enable_registration": False}})
+    def test_map_cas_user_does_not_register_new_user(self) -> None:
+        """Ensures new users are not registered if the enabled registration flag is disabled."""
+
+        # stub out the auth handler
+        auth_handler = self.hs.get_auth_handler()
+        auth_handler.complete_sso_login = AsyncMock()  # type: ignore[method-assign]
+
+        cas_response = CasResponse("test_user", {})
+        request = _mock_request()
+        self.get_success(
+            self.handler._handle_cas_response(request, cas_response, "redirect_uri", "")
+        )
+
+        # check that the auth handler was not called as expected
+        auth_handler.complete_sso_login.assert_not_called()
+
 
 def _mock_request() -> Mock:
     """Returns a mock which will stand in as a SynapseRequest"""