Example #1
0
    def authenticate(self, provider, access_token):
        '''
        Authenticate user with the given access_token on the specific
        provider method. If it returns the user data, try to fetch the user
        on the database or create user if it doesn`t exist and then return
        the user object. Otherwise, returns None, meaning invalid
        authentication parameters.
        '''

        if provider == u'GooglePlus':
            oauth_user = yield self.authenticate_on_google(access_token)
        else:
            oauth_user = None

        if oauth_user:
            db = self.application.db
            user = User.by_email(oauth_user['email'], db)
            if user:
                user.last_login = datetime.utcnow()
                db.flush()
                db.commit()  # FIXME, test if commit() is necessary
                user.first_login = False
            else:
                user = User.add_user(db, oauth_user['fullname'],
                                     oauth_user['email'], provider,
                                     datetime.utcnow())
                user.first_login = True
        else:
            user = None

        raise gen.Return(user)
Example #2
0
    def test_authenticate_user_not_valid_for_this_app(self):
        self.db.query(User).delete()

        UserFactory(email='*****@*****.**')

        mock_response = Mock(
            code=200,
            body='{"issued_to": "222", "email": "*****@*****.**"}'
        )

        def handle_request(url, handler, proxy_host, proxy_port):
            handler(mock_response)

        fetch_mock = Mock()
        fetch_mock.side_effect = handle_request

        config = Config()
        config.GOOGLE_CLIENT_ID = '000'

        access_token = '111'

        User.authenticate(
            access_token,
            fetch_mock,
            self.db,
            config,
            callback=self.stop
        )

        response = self.wait()

        expect(response.get('status')).to_equal(401)
        expect(response.get('reason')).to_equal(
            "Token's client ID does not match app's."
        )
Example #3
0
    def test_authenticate_unauthorized_user(self):
        self.db.query(User).delete()

        mock_response = Mock(
            code=200,
            body='{"issued_to": "000", "email": "*****@*****.**"}'
        )

        def handle_request(url, handler, proxy_host, proxy_port):
            handler(mock_response)

        fetch_mock = Mock()
        fetch_mock.side_effect = handle_request

        config = Config()
        config.GOOGLE_CLIENT_ID = '000'

        access_token = '111'

        User.authenticate(
            access_token,
            fetch_mock,
            self.db,
            config,
            callback=self.stop
        )

        response = self.wait()

        expect(response.get('status')).to_equal(403)
        expect(response.get('reason')).to_equal('Unauthorized user')
Example #4
0
    def authenticate(self, provider, access_token):
        '''
        Authenticate user with the given access_token on the specific
        provider method. If it returns the user data, try to fetch the user
        on the database or create user if it doesn`t exist and then return
        the user object. Otherwise, returns None, meaning invalid
        authentication parameters.
        '''

        if provider == u'GooglePlus':
            oauth_user = yield self.authenticate_on_google(access_token)
        else:
            oauth_user = None

        if oauth_user:
            db = self.application.db
            user = User.by_email(oauth_user['email'], db)
            if user:
                user.last_login = datetime.utcnow()
                db.flush()
                db.commit()  # FIXME, test if commit() is necessary
                user.first_login = False
            else:
                user = User.add_user(
                    db, oauth_user['fullname'], oauth_user['email'], provider,
                    datetime.utcnow()
                )
                user.first_login = True
        else:
            user = None

        raise gen.Return(user)
Example #5
0
    def test_can_get_user_by_email(self):
        self.db.query(User).delete()

        user = UserFactory.create()

        loaded_user = User.by_email(user.email, self.db)
        expect(loaded_user.id).to_equal(user.id)

        invalid_user = User.by_email('*****@*****.**', self.db)
        expect(invalid_user).to_be_null()
Example #6
0
    def test_can_update_locale(self):
        user = UserFactory.create(locale='es_ES')

        loaded_user = User.by_email(user.email, self.db)
        expect(loaded_user.id).to_equal(user.id)
        expect(loaded_user.locale).to_equal('es_ES')

        User.update_locale(self.db, user, 'pt_BR')

        loaded_user = User.by_email(user.email, self.db)
        expect(loaded_user.id).to_equal(user.id)
        expect(loaded_user.locale).to_equal('pt_BR')
Example #7
0
    def post(self):
        user = self.get_authenticated_user()

        if not user:
            return

        post_data = loads(self.request.body)
        locale = post_data.get('locale', None)

        if locale:
            User.update_locale(self.db, user, locale)

        self.write_json(self._('OK'))
        self.finish()
Example #8
0
    def post(self):
        user = self.get_authenticated_user()

        if not user:
            return

        post_data = loads(self.request.body)
        locale = post_data.get('locale', None)

        if locale:
            User.update_locale(self.db, user, locale)

        self.write_json(self._('OK'))
        self.finish()
Example #9
0
    def test_can_authenticate_inexistent_user(self):
        with patch.object(AuthenticateHandler,
                          'authenticate_on_google') as auth_mock:
            result = gen.Future()
            result.set_result({
                'email': '*****@*****.**',
                'fullname': 'Test',
                'id': '12345'
            })
            auth_mock.return_value = result
            try:
                response = yield self.anonymous_fetch('/authenticate',
                                                      method='POST',
                                                      body=dumps({
                                                          'provider':
                                                          'GooglePlus',
                                                          'access_token':
                                                          'VALID-TOKEN',
                                                      }))
            except HTTPError, e:
                response = e.response

            user = User.by_email('*****@*****.**', self.db)
            expect(response.code).to_equal(200)
            expect(loads(response.body)['first_login']).to_be_true()
            expect(loads(response.body)['authenticated']).to_be_true()
            expect(user).not_to_be_null()
Example #10
0
    def post(self):
        access_token = self.request.headers.get('X-AUTH-HOLMES', None)

        if access_token is None:
            self.set_status(403)
            self.write_json({'reason': 'Empty access token'})
            return

        result = yield User.authenticate(
            access_token,
            self.application.http_client.fetch,
            self.db,
            self.application.config
        )

        if result and result.get('user', None) is None:
            self.set_status(403)
            self.write_json({'reason': 'Not authorized user.'})
            return

        post_data = loads(self.request.body)
        url = post_data.get('url', None)
        connections = self.application.config.DEFAULT_NUMBER_OF_CONCURRENT_CONNECTIONS
        value = post_data.get('value', connections)

        if not url and not value:
            self.set_status(400)
            self.write_json({'reason': 'Not url or value'})
            return

        result = Limiter.add_or_update_limiter(self.db, url, value)

        yield self.cache.remove_domain_limiters_key()

        self.write_json(result)
Example #11
0
 def get_authenticated_user(self):
     authenticated, payload = self.is_authenticated()
     if authenticated:
         user_email = payload['sub']
         user = User.by_email(user_email, self.db)
         return user
     else:
         return None
Example #12
0
 def get_authenticated_user(self):
     authenticated, payload = self.is_authenticated()
     if authenticated:
         user_email = payload['sub']
         user = User.by_email(user_email, self.db)
         return user
     else:
         return None
Example #13
0
    def test_authenticate(self, datetime_mock):
        dt = datetime(2014, 2, 14, 15, 0, 30)
        datetime_mock.now.return_value = dt

        self.db.query(User).delete()

        UserFactory(email='*****@*****.**')

        mock_response = Mock(
            code=200,
            body='{"issued_to": "000", "email": "*****@*****.**"}'
        )

        def handle_request(url, handler, proxy_host, proxy_port):
            handler(mock_response)

        fetch_mock = Mock()
        fetch_mock.side_effect = handle_request

        config = Config()
        config.GOOGLE_CLIENT_ID = '000'

        access_token = '111'

        User.authenticate(
            access_token,
            fetch_mock,
            self.db,
            config,
            callback=self.stop
        )

        response = self.wait()

        expect(response).to_be_like({
            'status': 200,
            'user': {
                'is_superuser': True,
                'fullname': u'Marcelo Jorge Vieira',
                'last_login': dt,
                'email': u'*****@*****.**'
            }
        })

        loaded_user = User.by_email('*****@*****.**', self.db)
        expect(loaded_user.last_login).to_equal(dt)
    def test_users_violations_prefs_str(self):
        data = UsersViolationsPrefsFactory.create(
            user=User(email='*****@*****.**', fullname='Sherlock Holmes'),
            key=Key(name='some.random.fact'),
            is_active=False)

        loaded = self.db.query(UsersViolationsPrefs).get(data.id)

        expect(str(loaded)).to_be_like('[email protected]: some.random.fact')
Example #15
0
    def test_can_save_user_locale(self):
        user = UserFactory.create(locale='pt_BR')

        loaded_user = User.by_email(user.email, self.db)
        expect(loaded_user.id).to_equal(user.id)
        expect(loaded_user.locale).to_equal('pt_BR')

        response = yield self.authenticated_fetch('/users/locale/',
                                                  user_email=user.email,
                                                  method='POST',
                                                  body=dumps(
                                                      {'locale': 'es_ES'}))

        expect(response.code).to_equal(200)
        expect(loads(response.body)).to_equal('OK')

        loaded_user = User.by_email(user.email, self.db)
        expect(loaded_user.id).to_equal(user.id)
        expect(loaded_user.locale).to_equal('es_ES')
    def test_can_convert_to_dict(self):
        data = UsersViolationsPrefsFactory.create(
            user=User(email='*****@*****.**', fullname='Sherlock Holmes'),
            key=Key(name='some.random.fact'),
            is_active=False)

        expect(data.to_dict()).to_be_like({
            'user': '******',
            'key': 'some.random.fact',
            'is_active': False
        })
Example #17
0
    def test_can_save_user_locale(self):
        user = UserFactory.create(locale='pt_BR')

        loaded_user = User.by_email(user.email, self.db)
        expect(loaded_user.id).to_equal(user.id)
        expect(loaded_user.locale).to_equal('pt_BR')

        response = yield self.authenticated_fetch(
            '/users/locale/',
            user_email=user.email,
            method='POST',
            body=dumps({'locale': 'es_ES'})
        )

        expect(response.code).to_equal(200)
        expect(loads(response.body)).to_equal('OK')

        loaded_user = User.by_email(user.email, self.db)
        expect(loaded_user.id).to_equal(user.id)
        expect(loaded_user.locale).to_equal('es_ES')
    def test_can_create_users_violations_prefs(self):
        data = UsersViolationsPrefsFactory.create(
            user=User(email='*****@*****.**', fullname='Sherlock Holmes'),
            key=Key(name='some.random.fact'),
            is_active=False)

        loaded = self.db.query(UsersViolationsPrefs).get(data.id)

        expect(loaded.user.email).to_equal('*****@*****.**')
        expect(loaded.key.name).to_equal('some.random.fact')
        expect(loaded.is_active).to_equal(False)
Example #19
0
    def test_authenticate_invalid_token(self):
        self.db.query(User).delete()

        UserFactory(email='*****@*****.**')

        mock_response = Mock(
            code=400,
            body=dumps({
                "error": "invalid_token",
                "error_description": "Invalid Value"
            })
        )

        def handle_request(url, handler, proxy_host, proxy_port):
            handler(mock_response)

        fetch_mock = Mock()
        fetch_mock.side_effect = handle_request

        config = Config()
        config.GOOGLE_CLIENT_ID = '000'

        access_token = '111'

        User.authenticate(
            access_token,
            fetch_mock,
            self.db,
            config,
            callback=self.stop
        )

        response = self.wait()

        expect(response).to_be_like({
            'status': 400,
            'reason': 'Error',
            'details': '{"error_description":"Invalid Value", \
                         "error":"invalid_token"}'
        })
Example #20
0
        def handle(code, body):
            if code > 399:
                callback(({
                    'reason': 'Error',
                    'status': code,
                    'details': body
                }))
                return

            data = loads(body)

            # Verify that the access token is valid for this app.
            if data.get('issued_to') != config.GOOGLE_CLIENT_ID:
                callback({
                    'status': 401,
                    'reason': "Token's client ID does not match app's.",
                })
                return

            user_email = data.get('email')

            from holmes.models import User

            user = User.by_email(user_email, db)
            if user:
                user.last_login = datetime.datetime.now()
                db.flush()
                db.commit()
                callback({
                    'status': 200,
                    'user': user.to_dict()
                })
                return

            callback({
                'status': 403,
                'reason': 'Unauthorized user'
            })
            return
Example #21
0
    def test_can_authenticate_inexistent_user(self):
        with patch.object(AuthenticateHandler, 'authenticate_on_google') as auth_mock:
            result = gen.Future()
            result.set_result({
                'email': '*****@*****.**',
                'fullname': 'Test',
                'id': '12345'
            })
            auth_mock.return_value = result
            try:
                response = yield self.anonymous_fetch(
                    '/authenticate', method='POST', body=dumps({
                        'provider': 'GooglePlus',
                        'access_token': 'VALID-TOKEN',
                    })
                )
            except HTTPError, e:
                response = e.response

            user = User.by_email('*****@*****.**', self.db)
            expect(response.code).to_equal(200)
            expect(loads(response.body)['first_login']).to_be_true()
            expect(loads(response.body)['authenticated']).to_be_true()
            expect(user).not_to_be_null()