def test_different_salt_creates_different_user_ik(self):
        id_generator_1 = UserIDGenerator(self._iterations, "", "")
        user_ik_1 = id_generator_1.generate_ik("1234567890123456")

        id_generator_2 = UserIDGenerator(self._iterations, "", "random")
        user_ik_2 = id_generator_2.generate_ik("1234567890123456")

        self.assertNotEqual(user_ik_1, user_ik_2)
def test_generate_ik():
    id_generator = UserIDGenerator(ITERATIONS, "", "")
    user_ik_1 = id_generator.generate_ik("1234567890123456")
    user_ik_2 = id_generator.generate_ik("1234567890123456")
    user_ik_3 = id_generator.generate_ik("1111111111111111")

    assert user_ik_1 == user_ik_2
    assert user_ik_1 != user_ik_3
    def test_generate_ik(self):
        id_generator = UserIDGenerator(self._iterations, "", "")
        user_ik_1 = id_generator.generate_ik("1234567890123456")
        user_ik_2 = id_generator.generate_ik("1234567890123456")
        user_ik_3 = id_generator.generate_ik("1111111111111111")

        self.assertEqual(user_ik_1, user_ik_2)
        self.assertNotEqual(user_ik_1, user_ik_3)
def test_different_salt_creates_different_user_ik():
    id_generator_1 = UserIDGenerator(ITERATIONS, "", "")
    user_ik_1 = id_generator_1.generate_ik("1234567890123456")

    id_generator_2 = UserIDGenerator(ITERATIONS, "", "random")
    user_ik_2 = id_generator_2.generate_ik("1234567890123456")

    assert user_ik_1 != user_ik_2
    def test_different_salt_creates_different_user_ik(self):
        id_generator_1 = UserIDGenerator(self._iterations, '', '')
        user_ik_1 = id_generator_1.generate_ik(self.create_token('1', '2', '3', '4'))

        id_generator_2 = UserIDGenerator(self._iterations, '', 'random')
        user_ik_2 = id_generator_2.generate_ik(self.create_token('1', '2', '3', '4'))

        self.assertNotEqual(user_ik_1, user_ik_2)
 def test_generate_ik_throws_invalid_token_exception(self):
     with self.assertRaises(InvalidTokenException) as ite:
         UserIDGenerator.generate_ik(self.create_token('1', '2', None, '4'))
     with self.assertRaises(InvalidTokenException) as ite:
         UserIDGenerator.generate_ik(self.create_token('1', None, '3', '4'))
     with self.assertRaises(InvalidTokenException) as ite:
         UserIDGenerator.generate_ik(self.create_token(None, '2', '3', '4'))
     with self.assertRaises(InvalidTokenException) as ite:
         UserIDGenerator.generate_ik(self.create_token(None, None, None, '4'))
     with self.assertRaises(InvalidTokenException) as ite:
         UserIDGenerator.generate_ik(self.create_token(None, None, None, None))
Example #7
0
 def test_generate_ik_throws_invalid_token_exception(self):
     with self.assertRaises(InvalidTokenException):
         UserIDGenerator.generate_ik(self.create_token('1', '2', None, '4'))
     with self.assertRaises(InvalidTokenException):
         UserIDGenerator.generate_ik(self.create_token('1', None, '3', '4'))
     with self.assertRaises(InvalidTokenException):
         UserIDGenerator.generate_ik(self.create_token(None, '2', '3', '4'))
     with self.assertRaises(InvalidTokenException):
         UserIDGenerator.generate_ik(self.create_token(None, None, None, '4'))
     with self.assertRaises(InvalidTokenException):
         UserIDGenerator.generate_ik(self.create_token(None, None, None, None))
Example #8
0
def jwt_login(request):
    """
    Login using a JWT token, this must be an encrypted JWT.
    :param request: The flask request
    """
    # clear the session entry in the database
    session_storage.clear()
    # also clear the secure cookie data
    session.clear()

    if request.args.get('token') is None:
        raise NoTokenException("Please provide a token")
    token = _jwt_decrypt(request)

    # once we've decrypted the token correct
    # check we have the required user data
    _check_user_data(token)

    # get the hashed user id for eq
    user_id = UserIDGenerator.generate_id(token)
    user_ik = UserIDGenerator.generate_ik(token)

    # store the user id in the session
    session_storage.store_user_id(user_id)
    # store the user ik in the cookie
    session_storage.store_user_ik(user_ik)

    # store the meta data
    metadata = parse_metadata(token)
    logger.bind(tx_id=metadata["tx_id"])

    questionnaire_store = get_questionnaire_store(user_id, user_ik)
    questionnaire_store.metadata = metadata
    questionnaire_store.add_or_update()
    logger.info("user authenticated")
    def jwt_login(self, request):
        """
        Login using a JWT token, this must be an encrypted JWT.
        :param request: The flask request
        """
        # clear the session entry in the database
        session_manager.clear()
        # also clear the secure cookie data
        session.clear()

        if request.args.get(EQ_URL_QUERY_STRING_JWT_FIELD_NAME) is None:
            raise NoTokenException("Please provide a token")
        token = self._jwt_decrypt(request)

        # once we've decrypted the token correct
        # check we have the required user data
        self._check_user_data(token)

        # get the hashed user id for eq
        user_id = UserIDGenerator.generate_id(token)
        user_ik = UserIDGenerator.generate_ik(token)

        # store the user id in the session
        session_manager.store_user_id(user_id)
        # store the user ik in the cookie
        session_manager.store_user_ik(user_ik)

        # store the meta data
        metadata = parse_metadata(token)

        questionnaire_store = get_questionnaire_store(user_id, user_ik)
        questionnaire_store.metadata = metadata
        questionnaire_store.save()

        logger.info("User authenticated with tx_id=%s", metadata["tx_id"])
    def test_generate_ik(self):
        id_generator = UserIDGenerator(self._iterations, '', '')
        user_ik_1 = id_generator.generate_ik(self.create_token('1', '2', '3', '4'))
        user_ik_2 = id_generator.generate_ik(self.create_token('1', '2', '3', '4'))
        user_ik_3 = id_generator.generate_ik(self.create_token('1', '2', '4', '4'))
        user_ik_4 = id_generator.generate_ik(self.create_token('2', '2', '3', '4'))
        user_ik_5 = id_generator.generate_ik(self.create_token('1', '1', '3', '4'))
        user_ik_6 = id_generator.generate_ik(self.create_token('2', '2', '4', '4'))
        user_ik_7 = id_generator.generate_ik(self.create_token('2', '2', '4', '5'))
        user_ik_8 = id_generator.generate_ik(self.create_token('1', '2', '3', '5'))

        self.assertEqual(user_ik_1, user_ik_2)

        self.assertNotEqual(user_ik_1, user_ik_3)
        self.assertNotEqual(user_ik_1, user_ik_3)
        self.assertNotEqual(user_ik_1, user_ik_4)
        self.assertNotEqual(user_ik_1, user_ik_5)
        self.assertNotEqual(user_ik_1, user_ik_6)
        self.assertNotEqual(user_ik_1, user_ik_7)
        self.assertNotEqual(user_ik_1, user_ik_8)
    def test_generate_ik(self):
        user_ik_1 = UserIDGenerator.generate_ik(self.create_token('1', '2', '3', '4'))
        user_ik_2 = UserIDGenerator.generate_ik(self.create_token('1', '2', '3', '4'))
        user_ik_3 = UserIDGenerator.generate_ik(self.create_token('1', '2', '4', '4'))
        user_ik_4 = UserIDGenerator.generate_ik(self.create_token('2', '2', '3', '4'))
        user_ik_5 = UserIDGenerator.generate_ik(self.create_token('1', '1', '3', '4'))
        user_ik_6 = UserIDGenerator.generate_ik(self.create_token('2', '2', '4', '4'))
        user_ik_7 = UserIDGenerator.generate_ik(self.create_token('2', '2', '4', '5'))
        user_ik_8 = UserIDGenerator.generate_ik(self.create_token('1', '2', '3', '5'))

        self.assertEqual(user_ik_1, user_ik_2)

        self.assertNotEquals(user_ik_1, user_ik_3)
        self.assertNotEquals(user_ik_1, user_ik_3)
        self.assertNotEquals(user_ik_1, user_ik_4)
        self.assertNotEquals(user_ik_1, user_ik_5)
        self.assertNotEquals(user_ik_1, user_ik_6)
        self.assertNotEquals(user_ik_1, user_ik_7)
        self.assertNotEquals(user_ik_1, user_ik_8)
Example #12
0
    def test_generate_ik(self):
        user_ik_1 = UserIDGenerator.generate_ik(self.create_token('1', '2', '3', '4'))
        user_ik_2 = UserIDGenerator.generate_ik(self.create_token('1', '2', '3', '4'))
        user_ik_3 = UserIDGenerator.generate_ik(self.create_token('1', '2', '4', '4'))
        user_ik_4 = UserIDGenerator.generate_ik(self.create_token('2', '2', '3', '4'))
        user_ik_5 = UserIDGenerator.generate_ik(self.create_token('1', '1', '3', '4'))
        user_ik_6 = UserIDGenerator.generate_ik(self.create_token('2', '2', '4', '4'))
        user_ik_7 = UserIDGenerator.generate_ik(self.create_token('2', '2', '4', '5'))
        user_ik_8 = UserIDGenerator.generate_ik(self.create_token('1', '2', '3', '5'))

        self.assertEqual(user_ik_1, user_ik_2)

        self.assertNotEqual(user_ik_1, user_ik_3)
        self.assertNotEqual(user_ik_1, user_ik_3)
        self.assertNotEqual(user_ik_1, user_ik_4)
        self.assertNotEqual(user_ik_1, user_ik_5)
        self.assertNotEqual(user_ik_1, user_ik_6)
        self.assertNotEqual(user_ik_1, user_ik_7)
        self.assertNotEqual(user_ik_1, user_ik_8)
Example #13
0
def store_session(metadata):
    """
    Store new session and metadata
    :param metadata: metadata parsed from jwt token
    """
    # clear the session entry in the database
    current_app.eq['session_storage'].delete_session_from_db()

    # also clear the secure cookie data
    session.clear()

    # get the hashed user id for eq
    user_id = UserIDGenerator.generate_id(metadata)
    user_ik = UserIDGenerator.generate_ik(metadata)

    # store the user id in the session
    current_app.eq['session_storage'].store_user_id(user_id)
    # store the user ik in the cookie
    current_app.eq['session_storage'].store_user_ik(user_ik)

    questionnaire_store = get_questionnaire_store(user_id, user_ik)
    questionnaire_store.metadata = metadata
    questionnaire_store.add_or_update()
    logger.info("user authenticated")
Example #14
0
def _get_user(decrypted_token):
    user_id = UserIDGenerator.generate_id(decrypted_token)
    user_ik = UserIDGenerator.generate_ik(decrypted_token)
    return User(user_id, user_ik)
 def test_different_salt_creates_different_useriks(self):
     user_id_1 = UserIDGenerator.generate_ik(self.create_token('1', '2', '3', '4'))
     settings.EQ_SERVER_SIDE_STORAGE_USER_IK_SALT = "random"
     user_id_2 = UserIDGenerator.generate_ik(self.create_token('1', '2', '3', '4'))
     self.assertNotEqual(user_id_1, user_id_2)
Example #16
0
 def test_different_salt_creates_different_useriks(self):
     user_id_1 = UserIDGenerator.generate_ik(self.create_token('1', '2', '3', '4'))
     settings.EQ_SERVER_SIDE_STORAGE_USER_IK_SALT = "random"
     user_id_2 = UserIDGenerator.generate_ik(self.create_token('1', '2', '3', '4'))
     self.assertNotEqual(user_id_1, user_id_2)