def test_missing_required_eq_id_in_token(self):
metadata = {
'jti': str(uuid.uuid4()),
'user_id': '1',
'form_type': 'a',
'collection_exercise_sid': 'test-sid',
'period_id': '3',
'period_str': '2016-01-01',
'ref_p_start_date': '2016-02-02',
'ref_p_end_date': '2016-03-03',
'ru_ref': '2016-04-04',
'ru_name': 'Apple',
'return_by': '2016-07-07'
}
with self.assertRaises(InvalidTokenException) as ite_key:
parse_runner_claims(metadata)
self.assertEqual('Missing key/value for eq_id', str(ite_key.exception))
with self.assertRaises(InvalidTokenException) as ite_value:
metadata['eq_id'] = ''
parse_runner_claims(metadata)
self.assertEqual('Missing key/value for eq_id',
str(ite_value.exception))
def test_malformed_tx_id(self):
metadata = {
'jti': str(uuid.uuid4()),
'user_id': '1',
'form_type': 'a',
'collection_exercise_sid': 'test-sid',
'eq_id': '2',
'period_id': '3',
'ru_ref': '2016-04-04',
# one character short
'tx_id': '83a3db82-bea7-403c-a411-6357ff70f2f'
}
with self.assertRaises(InvalidTokenException) as ite:
parse_runner_claims(metadata)
self.assertEqual('incorrect data in token', str(ite.exception))
def test_invalid_tx_id(self):
metadata = {
'jti': str(uuid.uuid4()),
'user_id': '1',
'form_type': 'a',
'collection_exercise_sid': 'test-sid',
'eq_id': '2',
'period_id': '3',
'ru_ref': '2016-04-04',
# invalid
'tx_id': '12121'
}
with self.assertRaises(InvalidTokenException) as ite:
parse_runner_claims(metadata)
self.assertEqual('incorrect data in token', str(ite.exception))
def login():
"""
Initial url processing - expects a token parameter and then will authenticate this token. Once authenticated
it will be placed in the users session
:return: a 302 redirect to the next location for the user
"""
# logging in again clears any session state
if cookie_session:
cookie_session.clear()
decrypted_token = decrypt_token(request.args.get('token'))
validate_jti(decrypted_token)
claims = parse_runner_claims(decrypted_token)
g.schema = load_schema_from_metadata(claims)
schema_metadata = g.schema.json['metadata']
validate_metadata(claims, schema_metadata)
eq_id = claims['eq_id']
form_type = claims['form_type']
tx_id = claims['tx_id']
ru_ref = claims['ru_ref']
logger.bind(eq_id=eq_id, form_type=form_type, tx_id=tx_id, ru_ref=ru_ref)
logger.info('decrypted token and parsed metadata')
store_session(claims)
cookie_session['theme'] = g.schema.json['theme']
cookie_session['survey_title'] = g.schema.json['title']
cookie_session['expires_in'] = get_session_timeout_in_seconds(g.schema)
if claims.get('account_service_url'):
cookie_session['account_service_url'] = claims.get(
'account_service_url')
if claims.get('account_service_log_out_url'):
cookie_session['account_service_log_out_url'] = claims.get(
'account_service_log_out_url')
routing_path = path_finder.get_full_routing_path()
completeness = get_completeness(current_user)
router = Router(g.schema, routing_path, completeness)
next_location = router.get_next_location()
return redirect(next_location.url(claims))
def test_generated_tx_id_format(self):
metadata = {
'tx_id': str(uuid.uuid4()),
'jti': str(uuid.uuid4()),
'user_id': '1',
'form_type': 'a',
'collection_exercise_sid': 'test-sid',
'eq_id': '2',
'period_id': '3',
'ru_ref': '2016-04-04',
}
parsed = parse_runner_claims(metadata)
tx_id = parsed['tx_id']
self.assertEqual(tx_id, str(uuid.UUID(tx_id)))
def parse_metadata(claims, schema_metadata):
validated_claims = parse_runner_claims(claims)
validate_metadata(validated_claims, schema_metadata)
return validated_claims
