- {% if show_google_openid or show_saml_login or show_remote_user_login or show_ldap_login %}
+ {% if show_google_openid or show_oidc_login or show_saml_login or show_remote_user_login or show_ldap_login %}
To create your account, please choose a password or login with your SSO provider.
{% else %}
To create your account, please choose a password.
@@ -28,6 +28,13 @@
{% endif %}
+ {% if show_oidc_login %}
+
+
+ Login with OIDC
+
+ {% endif %}
+
{% if show_saml_login %}
SAML Login
{% endif %}
diff --git a/redash/templates/login.html b/redash/templates/login.html
index 926a084444..51ffa455d2 100644
--- a/redash/templates/login.html
+++ b/redash/templates/login.html
@@ -20,6 +20,13 @@
{% endif %}
+ {% if show_oidc_login %}
+
+
+ Login with OIDC
+
+ {% endif %}
+
{% if show_saml_login %}
SAML Login
{% endif %}
diff --git a/tests/test_authentication.py b/tests/test_authentication.py
index 8cfbef69eb..5ce33ab8df 100644
--- a/tests/test_authentication.py
+++ b/tests/test_authentication.py
@@ -17,6 +17,7 @@
get_login_url,
hmac_load_user_from_request,
jwt_auth,
+ oidc,
org_settings,
sign,
)
@@ -177,6 +178,32 @@ def test_prefers_api_key_over_session_user_id(self):
self.assertEqual(rv.status_code, 200)
+class TestCreateAndLoginUserOIDC(BaseTestCase):
+ def test_logins_valid_user(self):
+ user = self.factory.create_user(email="test@example.com")
+ with patch("redash.authentication.login_user") as login_user_mock:
+ oidc.create_and_login_user(self.factory.org, user.name, user.email)
+ login_user_mock.assert_called_once_with(user, remember=True)
+
+ def test_creates_vaild_new_user(self):
+ email = "test@example.com"
+ name = "Test User"
+
+ with patch("redash.authentication.login_user") as login_user_mock:
+ oidc.create_and_login_user(self.factory.org, name, email)
+
+ self.assertTrue(login_user_mock.called)
+ user = models.User.query.filter(models.User.email == email).one()
+ self.assertEqual(user.email, email)
+
+ def test_updates_user_name(self):
+ user = self.factory.create_user(email="test@example.com")
+
+ with patch("redash.authentication.login_user") as login_user_mock:
+ create_and_login_user(self.factory.org, "New Name", user.email)
+ login_user_mock.assert_called_once_with(user, remember=True)
+
+
class TestCreateAndLoginUser(BaseTestCase):
def test_logins_valid_user(self):
user = self.factory.create_user(email="test@example.com")