def purge(): ''' Truncate all tables ''' Users.delete().execute() Inventory.delete().execute() AccessRights.delete().execute() Credentials.delete().execute()
def test_multiple_credentials(self): ''' test to check if the program can save multiple credentials object in the credentials_list ''' self.new_credentials.save_credentials() test_credentials = Credentials("john", "dribble.com", "y") test_credentials.save_credentials() self.assertEqual(len(Credentials.credentials_list), 2)
def test_copy_password(self): ''' test to confirm that the application can copy the found password on the clipboard ''' self.new_credentials.save_credentials() Credentials.copy_password("medium.com") self.assertEqual(self.new_credentials.app_password, pyperclip.paste())
def post(self, request): form = request.POST if len(Credentials.objects.all()) > 0: Credentials.objects.all()[0].delete() print(form) cred = Credentials(servername=form.get('servername'), port=form.get('port'), uuid=form.get('uuid'), token=form.get('token'), cloud=form.get('cloud')) cred.save() return render(request, 'index.html', {'form': KnotForm(form)})
def grant(hostname, user, account_name, verbose=False): ''' Grant access to some credentials ''' inv = Inventory.get(hostname=hostname, account_name=account_name) ar = AccessRights.create(created_by=user.identifier, user=user.identifier, host=inv.identifier) plaintext = crypt.rsa_dec(user, inv.account_password, verbose) cipher = crypt.rsa_enc(user, plaintext) Credentials.create(access=ar.identifier, password=cipher)
def test_set_and_verify_new_phone_when_phone_verified(self): result = self.service.set_new_phone(self.phone_credentials, "+79212225577") verification_code = result["verification"]["send_code"] new_phone_credentials = Credentials() new_phone_credentials.phone = "+79212225577" new_phone_credentials.password = self.phone_credentials.password self.assertRaises(IncorrectLogin, lambda: self.service.authenticate(new_phone_credentials)) self.service.authenticate(self.phone_credentials) self.service.verify_phone(self.phone_credentials, verification_code) self.service.authenticate(new_phone_credentials) self.assertRaises(IncorrectLogin, lambda: self.service.authenticate(self.phone_credentials))
def test_vk_auth_fail(self): os.environ["VK_APP_SECRET_KEY"] = "12345" vk_id = 42 vk_concated_string = "blablabla=1&blabla=2" sig = md5(vk_concated_string.replace("&", "") + "12345") credentials = Credentials() credentials.vk_id = vk_id self.assertRaises( IncorrectOAuthSignature, self.service.authenticate_vk, credentials, vk_concated_string, sig+"1" )
def test_find_contact_by_name(self): ''' test to check if we can find an application credential by name and display data ''' self.new_credentials.save_credentials() test_credentials = Credentials("john", "dribble.com", "y") test_credentials.save_credentials() found_password = Credentials.find_by_app_name("dribble.com") self.assertEqual(found_password, test_credentials.app_password)
def test_contact_exists(self): ''' test to check if contact exists method works ''' self.new_credentials.save_credentials() test_credentials = Credentials("john", "dribble.com", "y") test_credentials.save_credentials() credentials_exists = Credentials.credentials_exists("dribble.com") self.assertTrue(credentials_exists)
def test_delete_credential(self): ''' test if the application can delete an application credentials object in credentials list ''' self.new_credentials.save_credentials() test_credentials = Credentials("john", "dribble.com", "y") test_credentials.save_credentials() self.new_credentials.delete_credentials() #delete credentials self.assertEqual(len(Credentials.credentials_list), 1)
def test_set_and_verify_email_when_phone_verified(self): result = self.service.set_new_email(self.phone_credentials, "*****@*****.**") verification_code = result["verification"]["send_code"] new_email_credentials = Credentials() new_email_credentials.email = "*****@*****.**" new_email_credentials.password = self.phone_credentials.password self.assertRaises(IncorrectLogin, lambda: self.service.authenticate(new_email_credentials)) self.service.authenticate(self.phone_credentials) self.service.verify_email(self.phone_credentials, verification_code) self.service.authenticate(new_email_credentials) self.service.authenticate(self.phone_credentials)
def test_fail_email_verification_and_delete_account(self): credentials = Credentials() credentials.email = "*****@*****.**" credentials.password = "******" register_result = self.service.register(credentials) verification_code = register_result["verification"]["send_code"] self.assertRaises(IncorrectVerificationCode, lambda: self.service.verify_email(credentials, "blablabla")) self.assertRaises(IncorrectVerificationCode, lambda: self.service.verify_email(credentials, "blablabla")) self.assertRaises(IncorrectVerificationCode, lambda: self.service.verify_email(credentials, "blablabla")) self.assertRaises(IncorrectVerificationCodeFatal, lambda: self.service.verify_email(credentials, "blablabla")) self.assertRaises(IncorrectLogin, lambda: self.service.verify_email(credentials, "blablabla")) self.assertRaises(IncorrectLogin, lambda: self.service.verify_email(credentials, verification_code))
def test_fail_phone_verification_and_delete_account(self): credentials = Credentials() credentials.phone = "+79263435016" credentials.password = "******" register_result = self.service.register(credentials) verification_code = register_result["verification"]["send_code"] self.assertRaises(IncorrectVerificationCode, lambda: self.service.verify_phone(credentials, "blablabla")) self.assertRaises(IncorrectVerificationCode, lambda: self.service.verify_phone(credentials, "blablabla")) self.assertRaises(IncorrectVerificationCode, lambda: self.service.verify_phone(credentials, "blablabla")) self.assertRaises(IncorrectVerificationCodeFatal, lambda: self.service.verify_phone(credentials, "blablabla")) self.assertRaises(IncorrectLogin, lambda: self.service.verify_phone(credentials, "blablabla")) self.assertRaises(IncorrectLogin, lambda: self.service.verify_phone(credentials, verification_code))
def test_phone_verification_with_third_attempt(self): credentials = Credentials() credentials.phone = "+79263435016" credentials.password = "******" register_result = self.service.register(credentials) verification_code = register_result["verification"]["send_code"] self.assertRaises(IncorrectVerificationCode, lambda: self.service.verify_phone(credentials, "9999")) self.assertRaises(IncorrectVerificationCode, lambda: self.service.verify_phone(credentials, "9999")) self.assertTrue(self.service.verify_phone(credentials, verification_code)) auth_result = self.service.authenticate(credentials) self.assertTrue(isinstance(auth_result, dict)) self.assertEqual(1, auth_result["authentication"]["id"]) self.assertEqual(32, len(auth_result["authentication"]["token"]))
def test_email_verification_with_third_attempt(self): credentials = Credentials() credentials.email = "*****@*****.**" credentials.password = "******" register_result = self.service.register(credentials) verification_code = register_result["verification"]["send_code"] self.assertRaises(IncorrectVerificationCode, lambda: self.service.verify_email(credentials, "blablabla")) self.assertRaises(IncorrectVerificationCode, lambda: self.service.verify_email(credentials, "blablabla")) self.assertTrue(self.service.verify_email(credentials, verification_code)) auth_result = self.service.authenticate(credentials) self.assertTrue(isinstance(auth_result, tuple)) self.assertEqual(1, auth_result[0]) self.assertEqual(32, len(auth_result[1]))
def test_vk_auth_after_normal_registartion(self): os.environ["VK_APP_SECRET_KEY"] = "12345" vk_id = 42 vk_concated_string = "blablabla=1&blabla=2" sig = md5(vk_concated_string.replace("&", "") + "12345") # Обычная регистрация, получаем токен: credentials = Credentials() credentials.phone = "+79263435016" credentials.password = "******" register_result = self.service.register(credentials) verification_code = register_result["verification"]["send_code"] self.service.verify_phone(credentials, verification_code) auth_result = self.service.authenticate(credentials) self.assertEqual(1, auth_result[0]) token = auth_result[1] # Используем токен и укажем vk_id: new_credentials = Credentials() new_credentials.token = token new_credentials.vk_id = vk_id vk_auth_result = self.service.authenticate_vk(new_credentials, vk_concated_string, sig) self.assertTrue(isinstance(vk_auth_result, tuple)) self.assertEqual(1, vk_auth_result[0]) self.assertEqual(token, vk_auth_result[1]) # Теперь можно и без токена: new_credentials = Credentials() new_credentials.vk_id = vk_id vk_auth_result = self.service.authenticate_vk(new_credentials, vk_concated_string, sig) self.assertTrue(isinstance(vk_auth_result, tuple)) self.assertEqual(1, vk_auth_result[0]) self.assertEqual(32, len(vk_auth_result[1])) self.assertNotEqual(token, vk_auth_result[1])
def setUp(self): self.service = AuthenticationService() self.email_credentials = Credentials() self.email_credentials.email = "*****@*****.**" self.email_credentials.password = "******" register_result = self.service.register(self.email_credentials) verification_code = register_result["verification"]["send_code"] self.service.verify_email(self.email_credentials, verification_code) self.phone_credentials = Credentials() self.phone_credentials.phone = "+79263435016" self.phone_credentials.password = "******" register_result = self.service.register(self.phone_credentials) verification_code = register_result["verification"]["send_code"] self.service.verify_phone(self.phone_credentials, verification_code)
def test_authenticate_vk(self): os.environ["VK_APP_SECRET_KEY"] = "12345" vk_id = 42 vk_concated_string = "blablabla=1&blabla=2" sig = md5(vk_concated_string.replace("&", "") + "12345") credentials = Credentials() credentials.vk_id = vk_id response = self.app.get( "/v1/authenticate_vk/", {"vk_id": "42", "vk_concated_string": vk_concated_string, "signature": sig} ) response = json.loads(response.body.decode()) self.assertTrue(isinstance(response, list)) self.assertTrue(len(response), 2) self.assertEqual(1, response[0]) self.assertEqual(32, len(response[1]))
def register(uid, password): """ register a new user :param uid: user's global id :param password: user's password :return: user instance :raises UserAlreadyExist: """ if User.find_with_uid(uid) is not None: raise UserAlreadyExist() user = User.register(uid) Credentials.init(user, password) return user
def test_registration_with_autogenerated_password(self): credentials = Credentials() self.assertRaises(IncorrectLogin, lambda: self.service.register(credentials)) credentials.email = "*****@*****.**" register_result = self.service.register(credentials) self.assertTrue(isinstance(register_result, dict)) self.assertTrue("verification" in register_result) self.assertTrue("id" in register_result["verification"]) self.assertTrue("password" in register_result["verification"]) self.assertTrue("send_code" in register_result["verification"]) self.assertTrue("send_via" in register_result["verification"]) self.assertTrue("send_address" in register_result["verification"]) self.assertEqual(1, register_result["verification"]["id"]) self.assertEqual(8, len(register_result["verification"]["password"])) self.assertEqual("email", register_result["verification"]["send_via"]) self.assertEqual("*****@*****.**", register_result["verification"]["send_address"]) verification_code = register_result["verification"]["send_code"] credentials2 = Credentials() credentials2.email = "*****@*****.**" self.assertRaises(IncorrectLogin, lambda: self.service.authenticate(credentials2)) verification_result = self.service.verify_email(credentials2, verification_code) self.assertTrue(isinstance(verification_result, dict)) self.assertTrue("verification" in verification_result) self.assertTrue("result" in verification_result["verification"]) self.assertEqual(True, verification_result["verification"]["result"]) self.assertTrue("password" in verification_result["verification"]) self.assertEqual(8, len(verification_result["verification"]["password"])) self.assertRaises(IncorrectPassword, lambda : self.service.authenticate(credentials2)) credentials2.password = verification_result["verification"]["password"] auth_result = self.service.authenticate(credentials2) self.assertTrue(isinstance(auth_result, dict)) self.assertEqual(1, auth_result["authentication"]["id"]) self.assertEqual(32, len(auth_result["authentication"]["token"]))
def test_auth_by_token(self): auth_result = self.service.authenticate(self.email_credentials) self.assertTrue(isinstance(auth_result, tuple)) self.assertEqual(1, auth_result[0]) self.assertEqual(32, len(auth_result[1])) token = auth_result[1] new_credentials = Credentials() new_credentials.token = token auth_result = self.service.authenticate(new_credentials) self.assertTrue(isinstance(auth_result, tuple)) self.assertEqual(1, auth_result[0]) self.assertEqual(token, token) # При авторизации по токену, токен не меняется: auth_result = self.service.authenticate(new_credentials) self.assertTrue(isinstance(auth_result, tuple)) self.assertEqual(1, auth_result[0]) self.assertEqual(token, token)
def test_init_registration_with_vk(self): os.environ["VK_APP_SECRET_KEY"] = "12345" vk_id = 42 vk_concated_string = "blablabla=1&blabla=2" sig = md5(vk_concated_string.replace("&", "") + "12345") credentials = Credentials() credentials.vk_id = vk_id result = self.service.authenticate_vk(credentials, vk_concated_string, sig) self.assertTrue(isinstance(result, tuple)) self.assertEqual(1, result[0]) self.assertEqual(32, len(result[1])) token = result[1] # Используя токен, полученный при регистрации через вк авторизуемся стандартным путем: credentials.token = token auth_result = self.service.authenticate(credentials) self.assertTrue(isinstance(auth_result, tuple)) self.assertEqual(1, auth_result[0]) self.assertEqual(token, auth_result[1])
def test_auth_by_domain_specific_token(self): self.email_credentials.token_name = "test" auth_result = self.service.authenticate(self.email_credentials) self.assertTrue(isinstance(auth_result, dict)) self.assertEqual(1, auth_result["authentication"]["id"]) self.assertEqual(32, len(auth_result["authentication"]["testtoken"])) token = auth_result["authentication"]["testtoken"] new_credentials = Credentials() new_credentials.token = token new_credentials.token_name = "test" auth_result = self.service.authenticate(new_credentials) self.assertTrue(isinstance(auth_result, dict)) self.assertEqual(1, auth_result["authentication"]["id"]) self.assertEqual(32, len(auth_result["authentication"]["testtoken"])) # При авторизации по токену, токен не меняется: auth_result = self.service.authenticate(new_credentials) self.assertTrue(isinstance(auth_result, dict)) self.assertEqual(1, auth_result["authentication"]["id"]) self.assertEqual(token, auth_result["authentication"]["testtoken"])
def test_fail_to_verify_phone_when_email_verified_doesnt_remove_credentials(self): result = self.service.set_new_phone(self.email_credentials, "+79164143212") verification_code = result["verification"]["send_code"] self.assertRaises(IncorrectVerificationCode, self.service.verify_phone, self.email_credentials, "bla") self.assertRaises(IncorrectVerificationCode, self.service.verify_phone, self.email_credentials, "bla") self.assertRaises(IncorrectVerificationCode, self.service.verify_phone, self.email_credentials, "bla") self.assertRaises(IncorrectVerificationCodeFatal, self.service.verify_phone, self.email_credentials, "bla") self.assertRaises(NoVerificationProcess, self.service.verify_phone, self.email_credentials, verification_code) self.service.authenticate(self.email_credentials) result = self.service.set_new_phone(self.email_credentials, "+79164143212") verification_code = result["verification"]["send_code"] self.service.verify_phone(self.email_credentials, verification_code) new_phone_credentials = Credentials() new_phone_credentials.phone = "+79164143212" new_phone_credentials.password = self.email_credentials.password auth_result = self.service.authenticate(new_phone_credentials) self.assertTrue(isinstance(auth_result, tuple)) self.assertEqual(1, auth_result[0])
def test_change_password(self): credentials = Credentials() credentials.token = self.email_account_token self.assertRaises(IncorrectPassword, self.service.set_new_password, credentials, "blabla", "123", "456") self.assertRaises(NewPasswordsMismatch, self.service.set_new_password, credentials, "qwerty123", "123", "456") change_password_result = self.service.set_new_password(credentials, "qwerty123", "12345", "12345") self.assertTrue(isinstance(change_password_result, dict)) self.assertTrue("new_password" in change_password_result) self.assertEqual("email", change_password_result["new_password"]["send_via"]) self.assertEqual("*****@*****.**", change_password_result["new_password"]["send_address"]) self.assertEqual("12345", change_password_result["new_password"]["send_password"]) credentials = Credentials() credentials.token = self.phone_account_token self.assertRaises(IncorrectPassword, self.service.set_new_password, credentials, "blabla", "123", "456") self.assertRaises(NewPasswordsMismatch, self.service.set_new_password, credentials, "qwerty123", "123", "456") change_password_result = self.service.set_new_password(credentials, "qwerty123", "12345", "12345") self.assertTrue(isinstance(change_password_result, dict)) self.assertTrue("new_password" in change_password_result) self.assertEqual("phone", change_password_result["new_password"]["send_via"]) self.assertEqual("+79263435016", change_password_result["new_password"]["send_address"]) self.assertEqual("12345", change_password_result["new_password"]["send_password"])
def test_init_registration_process_with_email(self): credentials = Credentials() self.assertRaises(IncorrectLogin, lambda: self.service.register(credentials)) credentials.email = "*****@*****.**" credentials.password = "******" register_result = self.service.register(credentials) self.assertTrue(isinstance(register_result, dict)) self.assertTrue("verification" in register_result) self.assertTrue("send_code" in register_result["verification"]) self.assertTrue("send_via" in register_result["verification"]) self.assertTrue("send_address" in register_result["verification"]) self.assertEqual("email", register_result["verification"]["send_via"]) self.assertEqual("*****@*****.**", register_result["verification"]["send_address"]) verification_code = register_result["verification"]["send_code"] self.assertRaises(IncorrectLogin, lambda: self.service.authenticate(credentials)) self.assertTrue(self.service.verify_email(credentials, verification_code)) auth_result = self.service.authenticate(credentials) self.assertTrue(isinstance(auth_result, dict)) self.assertEqual(1, auth_result["authentication"]["id"]) self.assertEqual(32, len(auth_result["authentication"]["token"]))
def test_init_registration_process_with_phone(self): credentials = Credentials() credentials.phone = "+79263435016" credentials.password = "******" register_result = self.service.register(credentials) self.assertTrue(isinstance(register_result, dict)) self.assertTrue("verification" in register_result) self.assertTrue("send_code" in register_result["verification"]) self.assertTrue("send_via" in register_result["verification"]) self.assertTrue("send_address" in register_result["verification"]) self.assertEqual("phone", register_result["verification"]["send_via"]) self.assertEqual("+79263435016", register_result["verification"]["send_address"]) verification_code = register_result["verification"]["send_code"] self.assertRaises(IncorrectLogin, lambda: self.service.authenticate(credentials)) self.assertTrue(self.service.verify_phone(credentials, verification_code)) auth_result = self.service.authenticate(credentials) self.assertTrue(isinstance(auth_result, tuple)) self.assertEqual(1, auth_result[0]) self.assertEqual(32, len(auth_result[1]))
def credentials_validate(): if request.method == "POST": print request.method service = (request.form.get("service")) email = (request.form.get("email")) password = (request.form.get("password")) if service and email and password: p = Credentials(service,email,password) db.session.add(p) db.session.commit() flash('Created with Successfully','success') return redirect(url_for('webui.credentials'))
def build_credentials(cls, request: Request): """ Метод для создания экземпляра класса Credentials на основе предоставленного объекта Request :param request: :return: """ credentials = Credentials() credentials.email = request.get("email").lower() if request.get( "email", None) else None credentials.phone = normalize_phone_number( request.get("phone")) if request.get("phone", False) else None credentials.token_name = request.get("token_name", "") credentials.token = request.get("%stoken" % credentials.token_name, None) credentials.password = request.get("password", None) credentials.vk_id = request.get("vk_id", None) return credentials
def build_credentials(cls, request: Request): """ Метод для создания экземпляра класса Credentials на основе предоставленного объекта Request :param request: :return: """ credentials = Credentials() credentials.email = request.get("email").lower() if request.get("email", None) else None credentials.phone = normalize_phone_number(request.get("phone")) if request.get("phone", False) else None credentials.token_name = request.get("token_name", "") credentials.token = request.get("%stoken" % credentials.token_name, None) credentials.password = request.get("password", None) credentials.vk_id = request.get("vk_id", None) return credentials
def test_test(self): """ Регрессионный тест Странная особенность - если при повторной попытке зарегистрироваться указана недействительная кука - то ограничение по уникальности логина не срабатывает, получаются дубли Такого быть не должно. Данный тест проверяет, что в системе предусмотрена жесткая проверка на наличие указанного логина перед вставкой новых записей :return: """ credentials1 = Credentials() credentials1.email = "*****@*****.**" credentials1.password = "******" register_result1 = self.service.register(credentials1) verification_code1 = register_result1["verification"]["send_code"] self.service.verify_email(credentials1, verification_code1) credentials2 = Credentials() credentials2.email = "*****@*****.**" credentials2.token = "blablbalblabdlablblad" credentials2.password = "******" self.assertRaises(AlreadyRegistred, lambda: self.service.register(credentials2))
def test_second_attempt_to_start_registration_process(self): credentials1 = Credentials() credentials1.email = "*****@*****.**" credentials1.password = "******" register_result1 = self.service.register(credentials1) verification_code1 = register_result1["verification"]["send_code"] credentials2 = Credentials() credentials2.email = "*****@*****.**" credentials2.password = "******" register_result2 = self.service.register(credentials2) verification_code2 = register_result2["verification"]["send_code"] self.assertNotEqual(verification_code1, verification_code2) self.assertTrue(self.service.verify_email(credentials2, verification_code2)) auth_result = self.service.authenticate(credentials2) self.assertTrue(isinstance(auth_result, dict)) self.assertEqual(1, auth_result["authentication"]["id"]) self.assertEqual(32, len(auth_result["authentication"]["token"]))
def post(self): # parsing arguments args = parser.parse_args() FirstName = args['FirstName'] LastName = args['LastName'] Email = args['Email'] Password = args['Password'] Mobile = args['Mobile'] DateOfBirth = args['DateOfBirth'] Address = args['Address'] Is_Admin = args['Is_Admin'] user_details = Details( FirstName=FirstName, LastName=LastName, Email=Email, DateOfBirth=DateOfBirth, Mobile=Mobile, Address=Address ) user_credentials = Credentials( Email=Email, Password=Password ) user_Role = Role( Email=Email, Is_Admin=Is_Admin ) my_session.add(user_details) my_session.commit() my_session.add(user_credentials) my_session.commit() my_session.add(user_Role) my_session.commit() employee = my_session.query(Details).filter(Details.Email == Email).first() return employee, 201