def test_require_authorization_expired():
# temporal expiration
token = tokens.jwt_issue(group_id="group",
user_id="user",
t=time.time() -
tokens.TOKEN_EXPIRY.total_seconds() - 1)
fake_aws_events = {"headers": {"Cookie": "token=" + token}}
with pytest.raises(shared.AuthException) as e:
tokens.require_authorization(fake_aws_events)
assert "Token is expired" in str(e)
def test_auth_google():
result = auth.google_oauth(
{"queryStringParameters": {
"code": TEST_CODE
}}, {},
google_oauth_call=fake_oauth_result) # Mocks out the actual oauth work
assert result["statusCode"] == 302
headers = result["headers"]
assert headers["Location"] == auth.AFTER_AUTH_REDIRECT
cookie = headers["Set-Cookie"]
# This tests both that the issued cookie is valid, and that the user entry was made
tokens.require_authorization({"headers": {"Cookie": cookie}})
def test_require_authorization():
group_id = "foobarbaz"
user = models_testlib.create_fake_user(group_id)
user.delete()
cookie = tokens.get_jwt_cookie(user)
fake_aws_events = {"headers": {"Cookie": cookie}}
# User not saved yet, so should fail to get
with pytest.raises(shared.AuthException):
tokens.require_authorization(fake_aws_events)
user.save()
tokens.require_authorization(fake_aws_events)
def get_answer(event, context):
user = tokens.require_authorization(event)
match_id = event["pathParameters"]["match_id"]
match = models.MatchesModel.get(user.group_id,
match_id,
consistent_read=True)
print("Match answer raw:" + str(match.answer))
answer = json.loads(match.answer) if match.answer is not None else None
return shared.json_success_response({"answer": answer})
def post_answer(event, context):
user = tokens.require_authorization(event)
event_dict = json.loads(event["body"])
match_id = event_dict["match_id"]
match = models.MatchesModel.get(user.group_id,
match_id,
consistent_read=True)
print("Post answer for user_id:" + user.user_id)
answer_object = json.loads(event["body"])["answer"]
match.answer = json.dumps(answer_object)
match.save()
return shared.json_success_response({})
def get_user_info(event, context):
user = tokens.require_authorization(event)
if event["pathParameters"] is None:
path_params = {}
else:
path_params = event["pathParameters"]
user_id_to_get = path_params.get('id', user.user_id)
try:
user_queried = models.UsersModel.get(user.group_id, user_id_to_get)
except models.UsersModel.DoesNotExist:
return shared.json_error_response(
message='User "{}" does not exist.'.format(user_id_to_get),
code=404)
return shared.json_success_response({
"user_id": user_queried.user_id,
"username": user_queried.username,
"avatar": user_queried.avatar
})
def match(event, context):
user = tokens.require_authorization(event)
event_dict = json.loads(event["body"])
offer = event_dict["offer"]
# The user is calling /match, but already has a match record...
# - Delete it
# - log it
# - time this user out for longer than usual
try:
match = models.MatchesModel.get(user.group_id, user.user_id)
match.delete()
logger.warning(user.answerer_id + " found hanging match record.")
return timeout_response(5000)
except models.MatchesModel.DoesNotExist:
pass
try:
match = models.propose_match(user, offer)
logger.info("Successful proposal to: " + match.answerer_id)
return match_id_to_response(match.answerer_id, match.match_id, offer,
True)
except models.NoMatchException as e:
logger.info("No luck proposing a match: " + e.msg)
time_to_await_match_ms = (context.get_remaining_time_in_millis() -
CLEANUP_TIME_MS)
time_to_await_match_ms = max(0, time_to_await_match_ms)
try:
match = models.await_match(user, time_to_await_match_ms)
return match_id_to_response(match.offerer_id, match.match_id,
json.loads(match.offer), False)
except models.NoMatchException as e:
logger.info("No luck after waiting: " + e.msg)
return timeout_response()
def test_require_authorization_fail3():
# invalid
fake_aws_events = {"headers": {"Cookie": "token=def_invalid"}}
with pytest.raises(shared.AuthException):
tokens.require_authorization(fake_aws_events)
def test_require_authorization_fail2():
# Malformed
fake_aws_events = {"headers": {"Cookie": "hella-malformed"}}
with pytest.raises(shared.AuthException):
tokens.require_authorization(fake_aws_events)
def test_require_authorization_fail1():
# Non-existant
fake_aws_events = {"headers": {}}
with pytest.raises(shared.AuthException):
tokens.require_authorization(fake_aws_events)