def test_process_notification_partial_refund(self):
"""Test processing PayU partial refund notification"""
self.payment.change_status(PaymentStatus.CONFIRMED)
self.payment.total = 220
self.payment.save()
self.payment.refresh_from_db()
self.set_up_provider(True, True)
mocked_request = MagicMock()
mocked_request.body = json.dumps({
"order": {
"status": "COMPLETED"
},
"refund": {
"amount": "11000",
"currencyCode": "USD",
"status": "FINALIZED",
"reasonDescription": "BlenderKit refund",
},
}).encode("utf8")
mocked_request.META = {
"CONTENT_TYPE":
"application/json",
"HTTP_OPENPAYU_SIGNATURE":
"signature=6f1076d9d2fa7dc58a87f20f2c69ebf8;algorithm=MD5",
}
mocked_request.status_code = 200
ret_val = self.provider.process_data(payment=self.payment,
request=mocked_request)
self.assertEqual(ret_val.__class__.__name__, "HttpResponse")
self.assertEqual(ret_val.status_code, 200)
self.assertEqual(ret_val.content, b"ok")
self.payment.refresh_from_db()
self.assertEqual(self.payment.total, Decimal("110"))
self.assertEqual(self.payment.status, PaymentStatus.CONFIRMED)
def setUp(self):
mock_handler = Mock(**{
'has_perm.return_value': False,
'get_permissions.return_value': 'permission.add_article',
})
mock_request = Mock()
mock_request.META = Mock()
mock_request.user = Mock()
mock_request.user.is_active.return_value = True
mock_request.user.is_authenticated.return_value = True
mock_request.user.has_perm.side_effect = mock_handler.has_perm
self.mock_handler = mock_handler
self.mock_request = mock_request
# store original registry
self._original_registry = registry._registry
# clear registry and register mock handler
registry._registry = {}
registry.register(
Article,
Mock(return_value=self.mock_handler)
)
self.view_func = Mock(return_value=HttpResponse)
view_class = type('MockView', (View,), {})
view_class.dispatch = self.view_func
view_class.dispatch = permission_required('permission.add_article')(view_class.dispatch)
view_class_exc = type('MockView', (View,), {})
view_class_exc.dispatch = self.view_func
view_class_exc.dispatch = permission_required('permission.add_article',
raise_exception=True)(view_class_exc.dispatch)
self.view_class_exc = view_class_exc
def test_process_notification_refund_not_finalized(self):
"""Test processing PayU partial refund notification"""
self.set_up_provider(True, True)
mocked_request = MagicMock()
mocked_request.body = json.dumps({
"order": {
"status": "COMPLETED"
},
"refund": {
"amount": "11000",
"currencyCode": "USD",
"status": "FOO",
"reasonDescription": "BlenderKit refund",
},
}).encode("utf8")
mocked_request.META = {
"CONTENT_TYPE":
"application/json",
"HTTP_OPENPAYU_SIGNATURE":
"signature=0af4d2830ed40ec2cea5249a172bf6d9;algorithm=MD5",
}
mocked_request.status_code = 200
with self.assertRaisesRegex(Exception, "Refund was not finelized"):
self.provider.process_data(payment=self.payment,
request=mocked_request)
def test_process_notification_total_amount(self):
""" Test processing PayU notification if it captures correct amount """
self.set_up_provider(True, True)
mocked_request = MagicMock()
mocked_request.body = json.dumps(
{
"order": {
"status": "COMPLETED",
"totalAmount": 200,
"currencyCode": "USD"
}
}, ).encode("utf8")
mocked_request.META = {
'CONTENT_TYPE':
'application/json',
"HTTP_OPENPAYU_SIGNATURE":
"signature=01a0e768ab1f762da4b955585aa4e59e;algorithm=MD5",
}
mocked_request.status_code = 200
ret_val = self.provider.process_data(payment=self.payment,
request=mocked_request)
self.assertEqual(ret_val.__class__.__name__, "HttpResponse")
self.assertEqual(ret_val.status_code, 200)
self.assertEqual(ret_val.content, b"ok")
self.assertEqual(self.payment.status, PaymentStatus.CONFIRMED)
self.assertEqual(self.payment.captured_amount, Decimal('2'))
def assert_expire_in_extended(self, req_path, should_expire_in, should_extend, headers=None, query_string=None):
request = MagicMock(path=req_path)
request.method = "GET"
request.user = MagicMock()
request.user.is_authenticated.return_value = True
thirty_mins_ago = (datetime.datetime.now() - datetime.timedelta(minutes=30)).strftime("%Y-%m-%dT%H:%M:%S.%f")
request.session = {"_session_security": thirty_mins_ago}
if headers:
request.META = headers
if query_string:
request.REQUEST = query_string
before_response = {}
response = self.middleware.process_response(request, before_response)
self.assertIsNotNone(response.get("Session-Expires-In"))
self.assertIsAlmostEqualMinutes(response.get("Session-Expires-In"), should_expire_in - 30, delta=1.0)
self.middleware.process_request(request)
response2 = self.middleware.process_response(request, before_response)
self.assertIsNotNone(response2.get("Session-Expires-In"))
if should_extend:
self.assertIsAlmostEqualMinutes(response.get("Session-Expires-In"), should_expire_in, delta=1.0)
else:
self.assertIsAlmostEqualMinutes(response.get("Session-Expires-In"), should_expire_in - 30, delta=1.0)
def test_process_notification_refund(self):
"""Test processing PayU refund notification"""
self.set_up_provider(True, True)
mocked_request = MagicMock()
mocked_request.body = json.dumps({
"order": {
"status": "COMPLETED"
},
"refund": {
"amount": "22000",
"currencyCode": "USD",
"status": "FINALIZED",
"reasonDescription": "BlenderKit refund",
},
}).encode("utf8")
mocked_request.META = {
"CONTENT_TYPE":
"application/json",
"HTTP_OPENPAYU_SIGNATURE":
"signature=dd8cdddaa98438e7a76f5e830395d7e8;algorithm=MD5",
}
mocked_request.status_code = 200
ret_val = self.provider.process_data(payment=self.payment,
request=mocked_request)
self.assertEqual(ret_val.__class__.__name__, "HttpResponse")
self.assertEqual(ret_val.status_code, 200)
self.assertEqual(ret_val.content, b"ok")
self.assertEqual(self.payment.status, PaymentStatus.REFUNDED)
self.assertEqual(self.payment.captured_amount, Decimal("0"))
def setUp(self):
mock_handler = Mock(**{
'has_perm.return_value': False,
'get_permissions.return_value': 'permission.add_article',
})
mock_request = Mock()
mock_request.META = Mock()
mock_request.user = Mock()
mock_request.user.is_active.return_value = True
mock_request.user.is_authenticated.return_value = True
mock_request.user.has_perm.side_effect = mock_handler.has_perm
self.mock_handler = mock_handler
self.mock_request = mock_request
# store original registry
self._original_registry = registry._registry
# clear registry and register mock handler
registry._registry = {}
registry.register(
Article,
Mock(return_value=self.mock_handler)
)
self.view_func = Mock(return_value=HttpResponse())
self.decorated = permission_required('permission.add_article')(self.view_func)
self.decorated_exc = permission_required('permission.add_article',
raise_exception=True)(self.view_func)
def test_multiple_proxy_should_leave_only_first(self):
multiple_mid = MultipleProxyMiddleware()
request = MagicMock(name='request_mock')
request.META = {'HTTP_X_FORWARDED_FOR': 'first_address,last_address'}
multiple_mid.process_request(request)
self.assertEquals('last_address', request.META['HTTP_X_FORWARDED_FOR'])
def test_process_notification_error_malformed_post(self):
""" Test processing PayU notification with malformed POST """
self.set_up_provider(True, True)
mocked_request = MagicMock()
mocked_request.body = b'{}'
mocked_request.META = {'CONTENT_TYPE': 'application/json'}
with self.assertRaises(PayuApiError) as context:
self.provider.process_data(payment=self.payment, request=mocked_request)
self.assertEqual(context.exception.args[0], "Malformed POST")
def mock_request(self, authed, path='/'):
mock_request = MagicMock()
mock_request.method = 'GET'
mock_request.user.is_authenticated.return_value = authed
mock_request.POST = {}
mock_request.META = {}
mock_request.session = {}
mock_request.build_absolute_uri.return_value = path
mock_request.get_full_path.return_value = path
return mock_request
def test_ssl_middleware_should_handle_redirect2_secured(self):
ssl_mid = SSLRedirectMiddleware()
request = MagicMock(name='request_mock')
request.is_secure.return_value = False
request.META = {'HTTP_X_FORWARDED_SSL': 'on'}
view_func = MagicMock(name='view_mock')
resp = ssl_mid.process_view(request, view_func, (), {'SSL': True})
self.assertTrue(resp is None)
def test_remoteip_filter(self, mock_get_request):
mock_request = MagicMock()
mock_request.META = {'REMOTE_ADDR': '192.168.1.1'}
mock_get_request.return_value = mock_request
ip_filter = RemoteIpFilter()
test_record = MockRecord()
ip_filter.filter(test_record)
self.assertEqual(test_record.remoteip, '192.168.1.1')
def _get_mock_request(self, twofactor_required=False, devices=None):
devices = devices or []
mock_request = MagicMock()
mock_request.user.is_authenticated.return_value = True
mock_request.user.preferredemail.email = '*****@*****.**'
mock_request.user.twofactor_required = twofactor_required
mock_request.method = 'GET'
mock_request.POST = {}
mock_request.META = {}
mock_request.user.devices.all.return_value = devices
return mock_request
def test_process_notification_error(self):
""" Test processing PayU notification with wrong signature """
self.set_up_provider(True, True)
mocked_request = MagicMock()
mocked_request.body = b'{}'
mocked_request.META = {'CONTENT_TYPE': 'application/json', "HTTP_OPENPAYU_SIGNATURE": "signature=foo;algorithm=MD5"}
ret_val = self.provider.process_data(payment=self.payment, request=mocked_request)
self.assertEqual(ret_val.__class__.__name__, "HttpResponse")
self.assertEqual(ret_val.status_code, 500)
self.assertEqual(ret_val.content, b"not ok")
self.assertEqual(self.payment.status, PaymentStatus.WAITING)
self.assertEqual(self.payment.captured_amount, Decimal('0'))
def test_create_request_with_custom_headers(self):
http_request = MagicMock()
mock_api = MagicMock()
meta = dict(HTTP_CUSTOM_HEADER='custom_value')
http_request.META = meta
request_body = MagicMock()
request = api_request_builder.build_request(http_request=http_request,
url='candidates',
api=mock_api,
request_data={},
request_body=request_body)
assert_that(request.request_headers, has_entry('HTTP_CUSTOM_HEADER',
'custom_value'))
def test_process_notification(self):
""" Test processing PayU notification """
self.set_up_provider(True, True)
mocked_request = MagicMock()
mocked_request.body = json.dumps({"order": {"status": "COMPLETED"}}).encode("utf8")
mocked_request.META = {
'CONTENT_TYPE': 'application/json',
"HTTP_OPENPAYU_SIGNATURE": "signature=a12fbd21c48e69bedee18edf042b816c;algorithm=MD5",
}
mocked_request.status_code = 200
ret_val = self.provider.process_data(payment=self.payment, request=mocked_request)
self.assertEqual(ret_val.__class__.__name__, "HttpResponse")
self.assertEqual(ret_val.status_code, 200)
self.assertEqual(ret_val.content, b"ok")
self.assertEqual(self.payment.status, PaymentStatus.CONFIRMED)
self.assertEqual(self.payment.captured_amount, Decimal('0'))
def test_oauth(self):
# Test GET to ensure a provider name is returned for dynamically naming oauth login.
oauth_name = "provider"
client_id = "name"
redirect_uri = "http://test.dev/callback"
response_type = "code"
scope = "profile"
authorization_url = "http://remote.dev/authorize"
referer = "/status/12345"
with self.settings(OAUTH_NAME=oauth_name):
response = self.client.get(reverse('oauth'),{'query':'name'})
return_name = response.json().get('name')
self.assertEqual(return_name, oauth_name)
self.assertEqual(response.status_code, 200)
# Test post to ensure that a valid redirect is returned.
with self.settings(OAUTH_CLIENT_ID=client_id,
OAUTH_REDIRECT_URI=redirect_uri,
OAUTH_RESPONSE_TYPE=response_type,
OAUTH_SCOPE=scope,
OAUTH_NAME=oauth_name):
response = self.client.post(reverse('oauth'))
params = urllib.parse.urlencode((
('client_id', client_id),
('redirect_uri', redirect_uri),
('response_type', response_type),
('scope', scope)
))
self.assertRedirects(response, '{url}?{params}'.format(url=authorization_url.rstrip('/'),
params=params),
fetch_redirect_response=False)
mock_request = MagicMock()
mock_request.META = {'HTTP_REFERER': referer}
mock_request.GET = {'query': None}
response = oauth(mock_request)
params = urllib.parse.urlencode((
('client_id', client_id),
('redirect_uri', redirect_uri),
('response_type', response_type),
('scope', scope),
('state', base64.b64encode(referer.encode()))
))
self.assertRedirects(response, '{url}?{params}'.format(url=authorization_url.rstrip('/'),
params=params),
fetch_redirect_response=False)
def test_oauth(self):
# Test GET to ensure a provider name is returned for dynamically naming oauth login.
oauth_name = "provider"
client_id = "name"
redirect_uri = "http://test.dev/callback"
response_type = "code"
scope = "profile"
authorization_url = "http://remote.dev/authorize"
referer = "/status/12345"
with self.settings(OAUTH_NAME=oauth_name):
response = self.client.get(reverse('oauth'), {'query': 'name'})
return_name = response.json().get('name')
self.assertEqual(return_name, oauth_name)
self.assertEqual(response.status_code, 200)
# Test post to ensure that a valid redirect is returned.
with self.settings(OAUTH_CLIENT_ID=client_id,
OAUTH_REDIRECT_URI=redirect_uri,
OAUTH_RESPONSE_TYPE=response_type,
OAUTH_SCOPE=scope,
OAUTH_NAME=oauth_name):
response = self.client.post(reverse('oauth'))
params = urllib.parse.urlencode(
(('client_id', client_id), ('redirect_uri', redirect_uri),
('response_type', response_type), ('scope', scope)))
self.assertRedirects(response,
'{url}?{params}'.format(
url=authorization_url.rstrip('/'),
params=params),
fetch_redirect_response=False)
mock_request = MagicMock()
mock_request.META = {'HTTP_REFERER': referer}
mock_request.GET = {'query': None}
response = oauth(mock_request)
params = urllib.parse.urlencode(
(('client_id', client_id), ('redirect_uri', redirect_uri),
('response_type', response_type), ('scope', scope),
('state', base64.b64encode(referer.encode()))))
self.assertRedirects(response,
'{url}?{params}'.format(
url=authorization_url.rstrip('/'),
params=params),
fetch_redirect_response=False)
def test_helpscout_request(self):
# Compute signature for request body
request_body = 'Request body'
secret = settings.HELPSCOUT_SECRET
dig = hmac.new(b(secret), msg=b(request_body),
digestmod=hashlib.sha1).digest()
computed_sig = b(base64.b64encode(dig).decode())
# Valid signature should return decorated function
request = MagicMock()
request.META = {'HTTP_X_HELPSCOUT_SIGNATURE': computed_sig}
request.body = request_body
decorator = helpers.helpscout_request(lambda x: True)
self.assertTrue(decorator(request))
# Invalid signature should return a response code of 401
request.META['HTTP_X_HELPSCOUT_SIGNATURE'] = '234'
response = decorator(request)
self.assertEquals(401, response.status_code)
def assert_expire_in_extended(self,
req_path,
should_expire_in,
should_extend,
headers=None,
query_string=None):
request = MagicMock(path=req_path)
request.method = "GET"
request.user = MagicMock()
request.user.is_authenticated.return_value = True
thirty_mins_ago = (
datetime.datetime.now() -
datetime.timedelta(minutes=30)).strftime("%Y-%m-%dT%H:%M:%S.%f")
request.session = {"_session_security": thirty_mins_ago}
if headers:
request.META = headers
if query_string:
request.REQUEST = query_string
before_response = {}
response = self.middleware.process_response(request, before_response)
self.assertIsNotNone(response.get("Session-Expires-In"))
self.assertIsAlmostEqualMinutes(response.get("Session-Expires-In"),
should_expire_in - 30,
delta=1.0)
self.middleware.process_request(request)
response2 = self.middleware.process_response(request, before_response)
self.assertIsNotNone(response2.get("Session-Expires-In"))
if should_extend:
self.assertIsAlmostEqualMinutes(response.get("Session-Expires-In"),
should_expire_in,
delta=1.0)
else:
self.assertIsAlmostEqualMinutes(response.get("Session-Expires-In"),
should_expire_in - 30,
delta=1.0)
def _build_mock_request(self, user=None, get=None, post=None):
request = MagicMock()
if user:
request.user = user
if django.VERSION[0] == 1:
request.user.is_authenticated.__get__ = MagicMock(
return_value=True)
elif django.VERSION[0] >= 2:
request.user.__dict__['is_authenticated'] = True
else:
request.user = AnonymousUser()
csrf = _salt_cipher_secret(_get_new_csrf_string())
request.GET = {}
request.POST = {}
request.META = {"SCRIPT_NAME": "/"}
request.COOKIES = {settings.CSRF_COOKIE_NAME: csrf}
request.resolver_match.kwargs = {}
if get is not None:
request.GET.update(get)
if post is not None:
request.POST.update(post)
return request
