refactor(model): rename AuthProvider to ClaimsProvider

cal-itp · Jul 31, 2024 · 99c455e · 99c455e
1 parent cd3b083
commit 99c455e
Show file tree

Hide file tree

Showing 10 changed files with 111 additions and 90 deletions.
diff --git a/benefits/core/admin.py b/benefits/core/admin.py
@@ -21,8 +21,8 @@
 admin.site.register(models.PemData)
 
 
-@admin.register(models.AuthProvider)
-class AuthProviderAdmin(admin.ModelAdmin):  # pragma: no cover
+@admin.register(models.ClaimsProvider)
+class ClaimsProviderAdmin(admin.ModelAdmin):  # pragma: no cover
     def get_exclude(self, request, obj=None):
         if not request.user.is_superuser:
             return ["client_id_secret_name"]

diff --git a/benefits/core/migrations/0016_rename_authprovider_claimsprovider.py b/benefits/core/migrations/0016_rename_authprovider_claimsprovider.py
@@ -0,0 +1,17 @@
+# Generated by Django 5.0.7 on 2024-07-31 20:22
+
+from django.db import migrations
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ("core", "0015_staff_group_edit_permissions"),
+    ]
+
+    operations = [
+        migrations.RenameModel(
+            old_name="AuthProvider",
+            new_name="ClaimsProvider",
+        ),
+    ]
diff --git a/benefits/core/migrations/local_fixtures.json b/benefits/core/migrations/local_fixtures.json
@@ -27,7 +27,7 @@
     }
   },
   {
-    "model": "core.authprovider",
+    "model": "core.claimsprovider",
     "pk": 1,
     "fields": {
       "sign_out_button_template": "core/includes/button--sign-out--login-gov.html",
@@ -41,7 +41,7 @@
     }
   },
   {
-    "model": "core.authprovider",
+    "model": "core.claimsprovider",
     "pk": 2,
     "fields": {
       "sign_out_button_template": "core/includes/button--sign-out--login-gov.html",
@@ -55,7 +55,7 @@
     }
   },
   {
-    "model": "core.authprovider",
+    "model": "core.claimsprovider",
     "pk": 3,
     "fields": {
       "sign_out_button_template": "core/includes/button--sign-out--login-gov.html",

diff --git a/benefits/core/models.py b/benefits/core/models.py
@@ -75,8 +75,8 @@ def data(self):
         return secret_data if secret_data is not None else remote_data
 
 
-class AuthProvider(models.Model):
-    """An entity that provides authentication for eligibility verifiers."""
+class ClaimsProvider(models.Model):
+    """An entity that provides claims for eligibility verification."""
 
     id = models.AutoField(primary_key=True)
     sign_out_button_template = models.TextField(null=True, blank=True)
@@ -179,7 +179,7 @@ class EligibilityVerifier(models.Model):
     jwe_encryption_alg = models.TextField(null=True, blank=True)
     # The JWS-compatible signing algorithm
     jws_signing_alg = models.TextField(null=True, blank=True)
-    auth_provider = models.ForeignKey(AuthProvider, on_delete=models.PROTECT, null=True, blank=True)
+    auth_provider = models.ForeignKey(ClaimsProvider, on_delete=models.PROTECT, null=True, blank=True)
     selection_label_template = models.TextField()
     start_template = models.TextField(null=True, blank=True)
     # reference to a form class used by this Verifier, e.g. benefits.app.forms.FormClass

diff --git a/benefits/oauth/client.py b/benefits/oauth/client.py
@@ -41,7 +41,7 @@ def _authorize_params(scheme):
 
 def _register_provider(oauth_registry, provider):
     """
-    Register OAuth clients into the given registry, using configuration from AuthProvider model.
+    Register OAuth clients into the given registry, using configuration from ClaimsProvider model.
 
     Adapted from https://stackoverflow.com/a/64174413.
     """

diff --git a/docs/configuration/oauth.md b/docs/configuration/oauth.md
@@ -22,9 +22,9 @@ for more details about what features are available. Specifically, from Authlib w
 
 ## Django configuration
 
-OAuth settings are configured as instances of the [`AuthProvider` model](../development/models-migrations.md).
+OAuth settings are configured as instances of the [`ClaimsProvider` model](../development/models-migrations.md).
 
-The [data migration file](./data.md) contains sample values for an `AuthProvider` configuration. You can set values for a real Open ID Connect provider in environment variables so that they are used instead of the sample values.
+The [data migration file](./data.md) contains sample values for an `ClaimsProvider` configuration. You can set values for a real Open ID Connect provider in environment variables so that they are used instead of the sample values.
 
 ## Django usage
 
@@ -34,6 +34,6 @@ use in e.g. views.
 - `oauth` is an `authlib.integrations.django_client.OAuth` instance
 
 Consumers call `benefits.oauth.client.create_client(oauth, provider)` with the name of a client to obtain an Authlib client
-instance. If that client name has not been registered yet, `_register_provider(oauth_registry, provider)` uses data from the given `AuthProvider` instance to register the client into this instance and returns the client object.
+instance. If that client name has not been registered yet, `_register_provider(oauth_registry, provider)` uses data from the given `ClaimsProvider` instance to register the client into this instance and returns the client object.
 
 [oauth-client]: https://github.com/cal-itp/benefits/blob/main/benefits/oauth/client.py
diff --git a/tests/pytest/conftest.py b/tests/pytest/conftest.py
@@ -7,7 +7,7 @@
 from pytest_socket import disable_socket
 
 from benefits.core import session
-from benefits.core.models import AuthProvider, EligibilityType, EligibilityVerifier, PaymentProcessor, PemData, TransitAgency
+from benefits.core.models import ClaimsProvider, EligibilityType, EligibilityVerifier, PaymentProcessor, PemData, TransitAgency
 
 
 def pytest_runtest_setup():
@@ -47,8 +47,8 @@ def model_PemData():
 
 
 @pytest.fixture
-def model_AuthProvider():
-    auth_provider = AuthProvider.objects.create(
+def model_ClaimsProvider():
+    auth_provider = ClaimsProvider.objects.create(
         sign_out_button_template="core/includes/button--sign-out--senior.html",
         sign_out_link_template="core/includes/link--sign-out--senior.html",
         client_name="Client",
@@ -60,43 +60,43 @@ def model_AuthProvider():
 
 
 @pytest.fixture
-def model_AuthProvider_with_verification(model_AuthProvider):
-    model_AuthProvider.scope = "scope"
-    model_AuthProvider.claim = "claim"
-    model_AuthProvider.save()
+def model_ClaimsProvider_with_verification(model_ClaimsProvider):
+    model_ClaimsProvider.scope = "scope"
+    model_ClaimsProvider.claim = "claim"
+    model_ClaimsProvider.save()
 
-    return model_AuthProvider
+    return model_ClaimsProvider
 
 
 @pytest.fixture
-def model_AuthProvider_with_verification_no_sign_out(model_AuthProvider):
-    model_AuthProvider.scope = "scope"
-    model_AuthProvider.claim = "claim"
-    model_AuthProvider.sign_out_button_template = None
-    model_AuthProvider.sign_out_link_template = None
-    model_AuthProvider.save()
+def model_ClaimsProvider_with_verification_no_sign_out(model_ClaimsProvider):
+    model_ClaimsProvider.scope = "scope"
+    model_ClaimsProvider.claim = "claim"
+    model_ClaimsProvider.sign_out_button_template = None
+    model_ClaimsProvider.sign_out_link_template = None
+    model_ClaimsProvider.save()
 
-    return model_AuthProvider
+    return model_ClaimsProvider
 
 
 @pytest.fixture
-def model_AuthProvider_without_verification(model_AuthProvider):
-    model_AuthProvider.scope = None
-    model_AuthProvider.claim = None
-    model_AuthProvider.save()
+def model_ClaimsProvider_without_verification(model_ClaimsProvider):
+    model_ClaimsProvider.scope = None
+    model_ClaimsProvider.claim = None
+    model_ClaimsProvider.save()
 
-    return model_AuthProvider
+    return model_ClaimsProvider
 
 
 @pytest.fixture
-def model_AuthProvider_without_verification_no_sign_out(model_AuthProvider):
-    model_AuthProvider.scope = None
-    model_AuthProvider.claim = None
-    model_AuthProvider.sign_out_button_template = None
-    model_AuthProvider.sign_out_link_template = None
-    model_AuthProvider.save()
+def model_ClaimsProvider_without_verification_no_sign_out(model_ClaimsProvider):
+    model_ClaimsProvider.scope = None
+    model_ClaimsProvider.claim = None
+    model_ClaimsProvider.sign_out_button_template = None
+    model_ClaimsProvider.sign_out_link_template = None
+    model_ClaimsProvider.save()
 
-    return model_AuthProvider
+    return model_ClaimsProvider
 
 
 @pytest.fixture
@@ -168,8 +168,10 @@ def model_EligibilityVerifier(model_PemData, model_EligibilityType):
 
 
 @pytest.fixture
-def model_EligibilityVerifier_AuthProvider_with_verification(model_AuthProvider_with_verification, model_EligibilityVerifier):
-    model_EligibilityVerifier.auth_provider = model_AuthProvider_with_verification
+def model_EligibilityVerifier_ClaimsProvider_with_verification(
+    model_ClaimsProvider_with_verification, model_EligibilityVerifier
+):
+    model_EligibilityVerifier.auth_provider = model_ClaimsProvider_with_verification
     model_EligibilityVerifier.save()
 
     return model_EligibilityVerifier
@@ -276,34 +278,36 @@ def mocked_session_verifier(mocker, model_EligibilityVerifier):
 
 
 @pytest.fixture
-def mocked_session_verifier_oauth(mocker, model_EligibilityVerifier_AuthProvider_with_verification):
+def mocked_session_verifier_oauth(mocker, model_EligibilityVerifier_ClaimsProvider_with_verification):
     return mocker.patch(
-        "benefits.core.session.verifier", autospec=True, return_value=model_EligibilityVerifier_AuthProvider_with_verification
+        "benefits.core.session.verifier",
+        autospec=True,
+        return_value=model_EligibilityVerifier_ClaimsProvider_with_verification,
     )
 
 
 @pytest.fixture
 def mocked_session_verifier_uses_auth_verification(
-    model_EligibilityVerifier_AuthProvider_with_verification, mocked_session_verifier_oauth
+    model_EligibilityVerifier_ClaimsProvider_with_verification, mocked_session_verifier_oauth
 ):
-    mock_verifier = model_EligibilityVerifier_AuthProvider_with_verification
-    mock_verifier.name = model_EligibilityVerifier_AuthProvider_with_verification.name
+    mock_verifier = model_EligibilityVerifier_ClaimsProvider_with_verification
+    mock_verifier.name = model_EligibilityVerifier_ClaimsProvider_with_verification.name
     mock_verifier.auth_provider.sign_out_button_template = (
-        model_EligibilityVerifier_AuthProvider_with_verification.auth_provider.sign_out_button_template
+        model_EligibilityVerifier_ClaimsProvider_with_verification.auth_provider.sign_out_button_template
     )
     mock_verifier.auth_provider.sign_out_link_template = (
-        model_EligibilityVerifier_AuthProvider_with_verification.auth_provider.sign_out_link_template
+        model_EligibilityVerifier_ClaimsProvider_with_verification.auth_provider.sign_out_link_template
     )
     mocked_session_verifier_oauth.return_value = mock_verifier
     return mocked_session_verifier_oauth
 
 
 @pytest.fixture
 def mocked_session_verifier_does_not_use_auth_verification(
-    mocked_session_verifier_uses_auth_verification, model_AuthProvider_without_verification
+    mocked_session_verifier_uses_auth_verification, model_ClaimsProvider_without_verification
 ):
     mocked_verifier = mocked_session_verifier_uses_auth_verification
-    mocked_verifier.auth_provider = model_AuthProvider_without_verification
+    mocked_verifier.auth_provider = model_ClaimsProvider_without_verification
     return mocked_verifier
 
 

diff --git a/tests/pytest/core/test_models.py b/tests/pytest/core/test_models.py
@@ -93,40 +93,40 @@ def test_PemData_data_text_secret_name_and_remote__uses_remote(
 
 
 @pytest.mark.django_db
-def test_model_AuthProvider(model_AuthProvider):
-    assert not model_AuthProvider.supports_claims_verification
-    assert model_AuthProvider.supports_sign_out
-    assert str(model_AuthProvider) == model_AuthProvider.client_name
+def test_model_ClaimsProvider(model_ClaimsProvider):
+    assert not model_ClaimsProvider.supports_claims_verification
+    assert model_ClaimsProvider.supports_sign_out
+    assert str(model_ClaimsProvider) == model_ClaimsProvider.client_name
 
 
 @pytest.mark.django_db
-def test_model_AuthProvider_client_id(model_AuthProvider, mock_models_get_secret_by_name):
-    secret_value = model_AuthProvider.client_id
+def test_model_ClaimsProvider_client_id(model_ClaimsProvider, mock_models_get_secret_by_name):
+    secret_value = model_ClaimsProvider.client_id
 
-    mock_models_get_secret_by_name.assert_called_once_with(model_AuthProvider.client_id_secret_name)
+    mock_models_get_secret_by_name.assert_called_once_with(model_ClaimsProvider.client_id_secret_name)
     assert secret_value == mock_models_get_secret_by_name.return_value
 
 
 @pytest.mark.django_db
-def test_model_AuthProvider_with_verification(model_AuthProvider_with_verification):
-    assert model_AuthProvider_with_verification.supports_claims_verification
+def test_model_ClaimsProvider_with_verification(model_ClaimsProvider_with_verification):
+    assert model_ClaimsProvider_with_verification.supports_claims_verification
 
 
 @pytest.mark.django_db
-def test_model_AuthProvider_with_verification_no_sign_out(model_AuthProvider_with_verification_no_sign_out):
-    assert model_AuthProvider_with_verification_no_sign_out.supports_claims_verification
-    assert not model_AuthProvider_with_verification_no_sign_out.supports_sign_out
+def test_model_ClaimsProvider_with_verification_no_sign_out(model_ClaimsProvider_with_verification_no_sign_out):
+    assert model_ClaimsProvider_with_verification_no_sign_out.supports_claims_verification
+    assert not model_ClaimsProvider_with_verification_no_sign_out.supports_sign_out
 
 
 @pytest.mark.django_db
-def test_model_AuthProvider_without_verification(model_AuthProvider_without_verification):
-    assert not model_AuthProvider_without_verification.supports_claims_verification
+def test_model_ClaimsProvider_without_verification(model_ClaimsProvider_without_verification):
+    assert not model_ClaimsProvider_without_verification.supports_claims_verification
 
 
 @pytest.mark.django_db
-def test_model_AuthProvider_without_verification_no_sign_out(model_AuthProvider_without_verification_no_sign_out):
-    assert not model_AuthProvider_without_verification_no_sign_out.supports_claims_verification
-    assert not model_AuthProvider_without_verification_no_sign_out.supports_sign_out
+def test_model_ClaimsProvider_without_verification_no_sign_out(model_ClaimsProvider_without_verification_no_sign_out):
+    assert not model_ClaimsProvider_without_verification_no_sign_out.supports_claims_verification
+    assert not model_ClaimsProvider_without_verification_no_sign_out.supports_sign_out
 
 
 @pytest.mark.django_db
@@ -292,47 +292,47 @@ def test_EligibilityVerifier_by_id_nonmatching():
 
 
 @pytest.mark.django_db
-def test_EligibilityVerifier_with_AuthProvider_with_verification(
-    model_EligibilityVerifier, model_AuthProvider_with_verification
+def test_EligibilityVerifier_with_ClaimsProvider_with_verification(
+    model_EligibilityVerifier, model_ClaimsProvider_with_verification
 ):
-    model_EligibilityVerifier.auth_provider = model_AuthProvider_with_verification
+    model_EligibilityVerifier.auth_provider = model_ClaimsProvider_with_verification
 
     assert model_EligibilityVerifier.is_auth_required
     assert model_EligibilityVerifier.uses_auth_verification
 
 
 @pytest.mark.django_db
-def test_EligibilityVerifier_with_AuthProvider_with_verification_no_sign_out(
-    model_EligibilityVerifier, model_AuthProvider_with_verification_no_sign_out
+def test_EligibilityVerifier_with_ClaimsProvider_with_verification_no_sign_out(
+    model_EligibilityVerifier, model_ClaimsProvider_with_verification_no_sign_out
 ):
-    model_EligibilityVerifier.auth_provider = model_AuthProvider_with_verification_no_sign_out
+    model_EligibilityVerifier.auth_provider = model_ClaimsProvider_with_verification_no_sign_out
 
     assert model_EligibilityVerifier.is_auth_required
     assert model_EligibilityVerifier.uses_auth_verification
 
 
 @pytest.mark.django_db
-def test_EligibilityVerifier_with_AuthProvider_without_verification(
-    model_EligibilityVerifier, model_AuthProvider_without_verification
+def test_EligibilityVerifier_with_ClaimsProvider_without_verification(
+    model_EligibilityVerifier, model_ClaimsProvider_without_verification
 ):
-    model_EligibilityVerifier.auth_provider = model_AuthProvider_without_verification
+    model_EligibilityVerifier.auth_provider = model_ClaimsProvider_without_verification
 
     assert model_EligibilityVerifier.is_auth_required
     assert not model_EligibilityVerifier.uses_auth_verification
 
 
 @pytest.mark.django_db
-def test_EligibilityVerifier_with_AuthProvider_without_verification_no_sign_out(
-    model_EligibilityVerifier, model_AuthProvider_without_verification_no_sign_out
+def test_EligibilityVerifier_with_ClaimsProvider_without_verification_no_sign_out(
+    model_EligibilityVerifier, model_ClaimsProvider_without_verification_no_sign_out
 ):
-    model_EligibilityVerifier.auth_provider = model_AuthProvider_without_verification_no_sign_out
+    model_EligibilityVerifier.auth_provider = model_ClaimsProvider_without_verification_no_sign_out
 
     assert model_EligibilityVerifier.is_auth_required
     assert not model_EligibilityVerifier.uses_auth_verification
 
 
 @pytest.mark.django_db
-def test_EligibilityVerifier_without_AuthProvider(model_EligibilityVerifier):
+def test_EligibilityVerifier_without_ClaimsProvider(model_EligibilityVerifier):
     model_EligibilityVerifier.auth_provider = None
 
     assert not model_EligibilityVerifier.is_auth_required