Example #1
0
def test_response_id_for_missing_metadata(metadata,
                                          fake_business_metadata_runner):
    fake_business_metadata_runner["schema_name"] = "schema_name"
    del fake_business_metadata_runner["response_id"]
    del fake_business_metadata_runner[metadata]
    with pytest.raises(ValidationError):
        validate_runner_claims(fake_business_metadata_runner)
Example #2
0
def test_response_id_for_empty_value(fake_business_metadata_runner):
    expected = (f"{fake_business_metadata_runner['ru_ref']}"
                f"{fake_business_metadata_runner['collection_exercise_sid']}"
                f"{fake_business_metadata_runner['eq_id']}"
                f"{fake_business_metadata_runner['form_type']}")
    fake_business_metadata_runner["response_id"] = ""
    claims = validate_runner_claims(fake_business_metadata_runner)
    assert claims["response_id"] == expected
Example #3
0
def test_when_response_id_is_missing(fake_business_metadata_runner):
    expected = (f"{fake_business_metadata_runner['ru_ref']}"
                f"{fake_business_metadata_runner['collection_exercise_sid']}"
                f"{fake_business_metadata_runner['eq_id']}"
                f"{fake_business_metadata_runner['form_type']}")
    del fake_business_metadata_runner["response_id"]
    claims = validate_runner_claims(fake_business_metadata_runner)
    assert claims["response_id"] == expected
Example #4
0
def login():
    """
    Initial url processing - expects a token parameter and then will authenticate this token. Once authenticated
    it will be placed in the users session
    :return: a 302 redirect to the next location for the user
    """
    # logging in again clears any session state
    if cookie_session:
        cookie_session.clear()

    decrypted_token = decrypt_token(request.args.get("token"))

    validate_jti(decrypted_token)

    try:
        runner_claims = validate_runner_claims(decrypted_token)
    except ValidationError as e:
        raise InvalidTokenException("Invalid runner claims") from e
    # pylint: disable=assigning-non-slot
    g.schema = load_schema_from_metadata(runner_claims)
    schema_metadata = g.schema.json["metadata"]

    try:
        questionnaire_claims = validate_questionnaire_claims(
            decrypted_token, schema_metadata
        )
    except ValidationError as e:
        raise InvalidTokenException("Invalid questionnaire claims") from e

    claims = {**runner_claims, **questionnaire_claims}

    schema_name = claims["schema_name"]
    tx_id = claims["tx_id"]
    ru_ref = claims["ru_ref"]
    case_id = claims["case_id"]

    logger.bind(
        schema_name=schema_name,
        tx_id=tx_id,
        ru_ref=ru_ref,
        case_id=case_id,
    )
    logger.info("decrypted token and parsed metadata")

    store_session(claims)

    cookie_session["theme"] = g.schema.json["theme"]
    cookie_session["survey_title"] = g.schema.json["title"]
    cookie_session["expires_in"] = get_session_timeout_in_seconds(g.schema)

    if account_service_url := claims.get("account_service_url"):
        cookie_session["account_service_base_url"] = account_service_url
Example #5
0
 def parse_metadata(claims, schema_metadata):
     runner_claims = validate_runner_claims(claims)
     questionnaire_claims = validate_questionnaire_claims(
         claims, schema_metadata)
     return {**runner_claims, **questionnaire_claims}
Example #6
0
def test_when_response_id_is_present(fake_business_metadata_runner):
    claims = validate_runner_claims(fake_business_metadata_runner)
    assert claims["response_id"] == fake_business_metadata_runner[
        "response_id"]
Example #7
0
def test_empty_strings_are_not_valid(fake_metadata_runner):
    fake_metadata_runner["schema_name"] = ""

    with pytest.raises(ValidationError):
        validate_runner_claims(fake_metadata_runner)
Example #8
0
def test_business_params_without_schema_name(fake_business_metadata_runner):
    claims = validate_runner_claims(fake_business_metadata_runner)

    assert claims["schema_name"] == "mbs_0253"
Example #9
0
def test_deserialisation_iso_8601_datetime_bad_datetime_raises_ValidationError(
    fake_metadata_runner, ):
    fake_metadata_runner["response_expires_at"] = "2021-11-22"
    with pytest.raises(ValidationError):
        validate_runner_claims(fake_metadata_runner)
Example #10
0
def test_deserialisation_iso_8601_datetime_past_datetime_raises_ValidationError(
    fake_metadata_runner, ):
    fake_metadata_runner["response_expires_at"] = "1900-11-22T15:34:54+00:00"
    with pytest.raises(ValidationError):
        validate_runner_claims(fake_metadata_runner)
Example #11
0
def test_deserialisation_iso_8601_date(date_string, fake_metadata_runner):
    fake_metadata_runner["response_expires_at"] = date_string
    claims = validate_runner_claims(fake_metadata_runner)
    assert claims["response_expires_at"] == "2021-11-22T15:34:54+00:00"
Example #12
0
def test_minimum_length_on_runner_metadata(fake_metadata_runner):
    validate_runner_claims(fake_metadata_runner)

    fake_metadata_runner["schema_name"] = ""
    with pytest.raises(ValidationError):
        validate_runner_claims(fake_metadata_runner)
Example #13
0
def test_unknown_claims_are_not_deserialized(fake_metadata_runner):
    fake_metadata_runner["unknown_key"] = "some value"
    claims = validate_runner_claims(fake_metadata_runner)
    assert "unknown_key" not in claims
Example #14
0
def test_uuid_deserialisation(fake_metadata_runner):
    claims = validate_runner_claims(fake_metadata_runner)

    assert isinstance(claims["tx_id"], str)
Example #15
0
def test_spaces_are_stripped_from_string_fields(fake_metadata_runner):
    fake_metadata_runner["collection_exercise_sid"] = "  stripped     "

    output = validate_runner_claims(fake_metadata_runner)

    assert output["collection_exercise_sid"] == "stripped"