def get(self, request):
uuid = request.GET.get("uuid")
if uuid:
registration = Registration.objects.get(uuid=uuid)
else:
token = request.GET.get("token")
if not token:
return Response({"error": "No token or uuid given"},
status=400)
action_id = verify_action_jwt(token, action_type="registration")
if not action_id:
return Response({"error": "Invalid token"}, status=400)
registration = Registration.objects.select_related("state").get(
action_id=action_id)
return Response(
{
"uuid":
registration.uuid,
"state":
registration.state_id,
"action_id":
registration.action_id,
"custom_ovr_link":
get_custom_ovr_link(registration),
"allow_print_and_forward":
registration.state.allow_print_and_forward
if registration.state else None,
},
status=200,
)
def test_jwt_bad_secret(mocker):
jwt, _ = make_action_jwt(action_id="someid",
action_type="sometype",
expiration=timedelta(hours=1))
mocker.patch("apikey.crypto.SECRET_KEY", "different")
assert verify_action_jwt(jwt, action_type="sometype") == None
def test_jwt(freezer):
freezer.move_to("2009-01-20T11:30:00Z")
jwt, exp = make_action_jwt(action_id="someid",
action_type="sometype",
expiration=timedelta(hours=1))
assert exp == datetime(2009, 1, 20, 12, 30, 0, tzinfo=timezone.utc)
assert verify_action_jwt(jwt, action_type="sometype") == "someid"
def test_jwt_unsigned():
jwt = force_str(
jwtlib.encode(
{
"iss": JWT_ISSUER,
"exp": datetime.now(tz=timezone.utc) + timedelta(hours=1),
"action_type": "sometype",
"action_id": "someid",
},
None,
algorithm=None,
))
assert verify_action_jwt(jwt, action_type="sometype") == None
def test_jwt_bad_action_type():
jwt, _ = make_action_jwt(action_id="someid",
action_type="sometype",
expiration=timedelta(hours=1))
assert verify_action_jwt(jwt, action_type="different") == None
def test_jwt_expired():
jwt, _ = make_action_jwt(action_id="someid",
action_type="sometype",
expiration=timedelta(hours=-1))
assert verify_action_jwt(jwt, action_type="sometype") == None