def login(user):
client = Client("https://api.accounts.firefox.com")
session = client.login(user['email'], user['password'], keys=True)
keyA,keyB = session.fetch_keys()
info = b"identity.mozilla.com/picl/v1/oldsync"
namespace = b"oldsync"
keys = derive_key(secret=keyB, namespace=namespace, size=64)
encryption_key = keys[0:32]
hmac_key = keys[32:64]
# TODO: Store this or a derived longer-lived token
# Causes a login event which causes an email
# TODO: Should move to use OAuth which solves the long-term cred storage
# issue
fxab = FxABrowserIDAuth(user['email'], user['password'], with_client_state=True)
raw_resp = requests.get('https://token.services.mozilla.com/1.0/sync/1.5', auth=fxab)
raw_resp.raise_for_status()
hawk_resp = raw_resp.json()
return {
"hawk_resp": hawk_resp,
"hawk_uid": hawk_resp['uid'],
"hawk_hashalg": hawk_resp['hashalg'],
"hawk_api_endpoint": hawk_resp['api_endpoint'],
"hawk_duration": hawk_resp['duration'],
"hawk_key": hawk_resp['key'],
"hawk_hashed_fxa_uid": hawk_resp['hashed_fxa_uid'],
"hawk_id": hawk_resp['id'],
'encryption_key': encryption_key.hex(),
'hmac_key': hmac_key.hex(),
}
def test_it_works_with_cache_deactivated(self, client_patch):
auth = FxABrowserIDAuth(email="*****@*****.**",
password="******",
server_url="http://localhost:5000",
cache=False)
assert not auth.cache
r = auth(Request())
self.assertIn('Authorization', r.headers)
def test_memory_cache_is_used(self, client_patch):
auth = FxABrowserIDAuth(email="*****@*****.**",
password="******",
server_url="http://localhost:5000")
assert type(auth.cache) is MemoryCache
self.assertEqual(auth.cache.ttl, DEFAULT_CACHE_EXPIRY - 1)
# First call should set the cache value
auth(Request())
self.assertEquals(
client_patch.return_value.login.return_value.
get_identity_assertion.call_count, 1)
# Second call should use the cache value
auth(Request())
self.assertEquals(
client_patch.return_value.login.return_value.
get_identity_assertion.call_count, 1)
def login(user):
"""
Logs a user into their Firefox account and returns tempoary credentials
for use by AuthRequest.
"""
# TODO: pull out the urls to be part of the config.
client = Client("https://api.accounts.firefox.com")
session = client.login(user['email'], user['password'], keys=True)
keyA, keyB = session.fetch_keys()
# Magic strings from the docs
# https://moz-services-docs.readthedocs.io/en/latest/sync/storageformat5.html
info = b"identity.mozilla.com/picl/v1/oldsync"
namespace = b"oldsync"
keys = derive_key(secret=keyB, namespace=namespace, size=64)
encryption_key = keys[0:32]
hmac_key = keys[32:64]
# TODO: Store this or a derived longer-lived token
# Causes a login event which causes an email
# TODO: Should move to use OAuth which solves the long-term cred storage
# issue
fxab = FxABrowserIDAuth(user['email'],
user['password'],
with_client_state=True)
raw_resp = requests.get('https://token.services.mozilla.com/1.0/sync/1.5',
auth=fxab)
raw_resp.raise_for_status()
hawk_resp = raw_resp.json()
return {
"hawk_resp": hawk_resp,
"hawk_uid": hawk_resp['uid'],
"hawk_hashalg": hawk_resp['hashalg'],
"hawk_api_endpoint": hawk_resp['api_endpoint'],
"hawk_duration": hawk_resp['duration'],
"hawk_key": hawk_resp['key'],
"hawk_hashed_fxa_uid": hawk_resp['hashed_fxa_uid'],
"hawk_id": hawk_resp['id'],
'encryption_key': encryption_key.hex(),
'hmac_key': hmac_key.hex(),
}
def test_memory_cache_is_set_by_default(self, client_patch):
auth = FxABrowserIDAuth(email="*****@*****.**",
password="******",
server_url="http://localhost:5000")
assert type(auth.cache) is MemoryCache
self.assertEqual(auth.cache.ttl, DEFAULT_CACHE_EXPIRY - 1)
def test_client_state_not_set_by_default(self, client_patch):
auth = FxABrowserIDAuth(email="*****@*****.**",
password="******",
server_url="http://localhost:5000")
r = auth(Request())
self.assertNotIn('X-Client-State', r.headers)
def __init__(self, *args, **kwargs):
super(TestFxABrowserIDAuth, self).__init__(*args, **kwargs)
self.auth = FxABrowserIDAuth(email="*****@*****.**",
password="******",
with_client_state=True,
server_url="http://localhost:5000")
client = Client("https://api.accounts.firefox.com")
session = client.login(user['email'], user['password'], keys=True)
keyA, keyB = session.fetch_keys()
info = b"identity.mozilla.com/picl/v1/oldsync"
namespace = b"oldsync"
keys = derive_key(secret=keyB, namespace=namespace, size=64)
encryption_key = keys[0:32]
hmac_key = keys[32:64]
# TODO: Store this or a derived longer-lived token
# Causes a login event which causes an email
fxab = FxABrowserIDAuth(user['email'],
user['password'],
with_client_state=True)
raw_resp = requests.get('https://token.services.mozilla.com/1.0/sync/1.5',
auth=fxab)
raw_resp.raise_for_status()
hawk_resp = raw_resp.json()
config['hawk'] = hawk_resp
config['fxa'] = {
'encryption_key': encryption_key.hex(),
'hmac_key': hmac_key.hex(),
}
with open(config_file_name, 'w') as configfile:
config.write(configfile)
else:
hawk_resp = config['hawk']