def test_response_id_for_missing_metadata(metadata, fake_business_metadata_runner): fake_business_metadata_runner["schema_name"] = "schema_name" del fake_business_metadata_runner["response_id"] del fake_business_metadata_runner[metadata] with pytest.raises(ValidationError): validate_runner_claims(fake_business_metadata_runner)
def test_response_id_for_empty_value(fake_business_metadata_runner): expected = (f"{fake_business_metadata_runner['ru_ref']}" f"{fake_business_metadata_runner['collection_exercise_sid']}" f"{fake_business_metadata_runner['eq_id']}" f"{fake_business_metadata_runner['form_type']}") fake_business_metadata_runner["response_id"] = "" claims = validate_runner_claims(fake_business_metadata_runner) assert claims["response_id"] == expected
def test_when_response_id_is_missing(fake_business_metadata_runner): expected = (f"{fake_business_metadata_runner['ru_ref']}" f"{fake_business_metadata_runner['collection_exercise_sid']}" f"{fake_business_metadata_runner['eq_id']}" f"{fake_business_metadata_runner['form_type']}") del fake_business_metadata_runner["response_id"] claims = validate_runner_claims(fake_business_metadata_runner) assert claims["response_id"] == expected
def login(): """ Initial url processing - expects a token parameter and then will authenticate this token. Once authenticated it will be placed in the users session :return: a 302 redirect to the next location for the user """ # logging in again clears any session state if cookie_session: cookie_session.clear() decrypted_token = decrypt_token(request.args.get("token")) validate_jti(decrypted_token) try: runner_claims = validate_runner_claims(decrypted_token) except ValidationError as e: raise InvalidTokenException("Invalid runner claims") from e # pylint: disable=assigning-non-slot g.schema = load_schema_from_metadata(runner_claims) schema_metadata = g.schema.json["metadata"] try: questionnaire_claims = validate_questionnaire_claims( decrypted_token, schema_metadata ) except ValidationError as e: raise InvalidTokenException("Invalid questionnaire claims") from e claims = {**runner_claims, **questionnaire_claims} schema_name = claims["schema_name"] tx_id = claims["tx_id"] ru_ref = claims["ru_ref"] case_id = claims["case_id"] logger.bind( schema_name=schema_name, tx_id=tx_id, ru_ref=ru_ref, case_id=case_id, ) logger.info("decrypted token and parsed metadata") store_session(claims) cookie_session["theme"] = g.schema.json["theme"] cookie_session["survey_title"] = g.schema.json["title"] cookie_session["expires_in"] = get_session_timeout_in_seconds(g.schema) if account_service_url := claims.get("account_service_url"): cookie_session["account_service_base_url"] = account_service_url
def parse_metadata(claims, schema_metadata): runner_claims = validate_runner_claims(claims) questionnaire_claims = validate_questionnaire_claims( claims, schema_metadata) return {**runner_claims, **questionnaire_claims}
def test_when_response_id_is_present(fake_business_metadata_runner): claims = validate_runner_claims(fake_business_metadata_runner) assert claims["response_id"] == fake_business_metadata_runner[ "response_id"]
def test_empty_strings_are_not_valid(fake_metadata_runner): fake_metadata_runner["schema_name"] = "" with pytest.raises(ValidationError): validate_runner_claims(fake_metadata_runner)
def test_business_params_without_schema_name(fake_business_metadata_runner): claims = validate_runner_claims(fake_business_metadata_runner) assert claims["schema_name"] == "mbs_0253"
def test_deserialisation_iso_8601_datetime_bad_datetime_raises_ValidationError( fake_metadata_runner, ): fake_metadata_runner["response_expires_at"] = "2021-11-22" with pytest.raises(ValidationError): validate_runner_claims(fake_metadata_runner)
def test_deserialisation_iso_8601_datetime_past_datetime_raises_ValidationError( fake_metadata_runner, ): fake_metadata_runner["response_expires_at"] = "1900-11-22T15:34:54+00:00" with pytest.raises(ValidationError): validate_runner_claims(fake_metadata_runner)
def test_deserialisation_iso_8601_date(date_string, fake_metadata_runner): fake_metadata_runner["response_expires_at"] = date_string claims = validate_runner_claims(fake_metadata_runner) assert claims["response_expires_at"] == "2021-11-22T15:34:54+00:00"
def test_minimum_length_on_runner_metadata(fake_metadata_runner): validate_runner_claims(fake_metadata_runner) fake_metadata_runner["schema_name"] = "" with pytest.raises(ValidationError): validate_runner_claims(fake_metadata_runner)
def test_unknown_claims_are_not_deserialized(fake_metadata_runner): fake_metadata_runner["unknown_key"] = "some value" claims = validate_runner_claims(fake_metadata_runner) assert "unknown_key" not in claims
def test_uuid_deserialisation(fake_metadata_runner): claims = validate_runner_claims(fake_metadata_runner) assert isinstance(claims["tx_id"], str)
def test_spaces_are_stripped_from_string_fields(fake_metadata_runner): fake_metadata_runner["collection_exercise_sid"] = " stripped " output = validate_runner_claims(fake_metadata_runner) assert output["collection_exercise_sid"] == "stripped"