def test_receipt_data(self, encode): encode.return_value = "tmp-to-keep-memoize-happy" ins = self.create_install(self.user, self.webapp) create_receipt(ins.pk) receipt = encode.call_args[0][0] eq_(receipt["product"]["url"], self.webapp.manifest_url[:-1]) eq_(receipt["product"]["storedata"], "id=%s" % int(ins.addon.pk)) assert receipt["exp"] > (calendar.timegm(time.gmtime()) + settings.WEBAPPS_RECEIPT_EXPIRY_SECONDS - 100) eq_(receipt["reissue"], self.webapp.get_purchase_url("reissue"))
def for_user(self, ins, flavour, encode): encode.return_value = 'tmp-to-keep-memoize-happy' create_receipt(ins.pk, flavour=flavour) receipt = encode.call_args[0][0] eq_(receipt['product']['type'], flavour) eq_(receipt['verify'], absolutify(reverse('reviewers.receipt.verify', args=[self.webapp.app_slug]))) assert receipt['exp'] > (calendar.timegm(time.gmtime()) + (60 * 60 * 24) - TEST_LEEWAY)
def test_receipt_data(self, encode): encode.return_value = 'tmp-to-keep-memoize-happy' ins = self.create_install(self.user, self.webapp) create_receipt(ins.pk) receipt = encode.call_args[0][0] eq_(receipt['product']['url'], self.webapp.manifest_url[:-1]) eq_(receipt['product']['storedata'], 'id=%s' % int(ins.addon.pk)) assert receipt['exp'] > (calendar.timegm(time.gmtime()) + settings.WEBAPPS_RECEIPT_EXPIRY_SECONDS - 100) eq_(receipt['reissue'], self.webapp.get_purchase_url('reissue'))
def test_receipt_data(self, encode): encode.return_value = 'tmp-to-keep-memoize-happy' ins = self.create_install(self.user, self.webapp) create_receipt(ins.pk) receipt = encode.call_args[0][0] eq_(receipt['product']['url'], self.webapp.manifest_url[:-1]) eq_(receipt['product']['storedata'], 'id=%s' % int(ins.addon.pk)) assert receipt['exp'] > (calendar.timegm(time.gmtime()) + settings.WEBAPPS_RECEIPT_EXPIRY_SECONDS - TEST_LEEWAY) eq_(receipt['reissue'], self.webapp.get_purchase_url('reissue'))
def record(request, addon): is_dev = request.check_ownership(addon, require_owner=False, ignore_disabled=True) if (not (addon.is_public() or acl.check_reviewer(request) or is_dev or not addon.is_webapp())): raise http.Http404 if addon.is_premium() and not addon.has_purchased(request.amo_user): return http.HttpResponseForbidden() installed, c = Installed.objects.safer_get_or_create(addon=addon, user=request.amo_user) send_request('install', request, { 'app-domain': addon.domain_from_url(addon.origin), 'app-id': addon.pk}) # Look up to see if its in the receipt cache and log if we have # to recreate it. receipt = memoize_get('create-receipt', installed.pk) error = '' cef(request, addon, 'request', 'Receipt requested') if not receipt: cef(request, addon, 'sign', 'Receipt signing') try: receipt = create_receipt(installed.pk) except SigningError: error = _('There was a problem installing the app.') return {'addon': addon.pk, 'receipt': receipt, 'error': error}
def _record(request, addon): logged = request.user.is_authenticated() premium = addon.is_premium() allow_anon_install = waffle.switch_is_active('anonymous-free-installs') # Require login for premium. if not logged and (premium or not allow_anon_install): return redirect(reverse('users.login')) ctx = {'addon': addon.pk} # Don't generate receipts if we're allowing logged-out install. if logged or not allow_anon_install: is_dev = request.check_ownership(addon, require_owner=False, ignore_disabled=True) is_reviewer = acl.check_reviewer(request) if (not addon.is_webapp() or not addon.is_public() and not (is_reviewer or is_dev)): raise http.Http404 if (premium and not addon.has_purchased(request.amo_user) and not is_reviewer and not is_dev): return http.HttpResponseForbidden() installed, c = Installed.objects.safer_get_or_create(addon=addon, user=request.amo_user) # Look up to see if its in the receipt cache and log if we have # to recreate it. receipt = memoize_get('create-receipt', installed.pk) error = '' receipt_cef.log(request, addon, 'request', 'Receipt requested') if not receipt: receipt_cef.log(request, addon, 'sign', 'Receipt signing') try: receipt = create_receipt(installed.pk) except SigningError: error = _('There was a problem installing the app.') ctx.update(receipt=receipt, error=error) else: if not addon.is_public() or not addon.is_webapp(): raise http.Http404 amo.log(amo.LOG.INSTALL_ADDON, addon) send_request('install', request, { 'app-domain': addon.domain_from_url(addon.origin), 'app-id': addon.pk }) return ctx
def _record(request, addon): logged = request.user.is_authenticated() premium = addon.is_premium() allow_anon_install = waffle.switch_is_active('anonymous-free-installs') # Require login for premium. if not logged and (premium or not allow_anon_install): return redirect(reverse('users.login')) ctx = {'addon': addon.pk} # Don't generate receipts if we're allowing logged-out install. if logged or not allow_anon_install: is_dev = request.check_ownership(addon, require_owner=False, ignore_disabled=True) is_reviewer = acl.check_reviewer(request) if (not addon.is_webapp() or not addon.is_public() and not (is_reviewer or is_dev)): raise http.Http404 if (premium and not addon.has_purchased(request.amo_user) and not is_reviewer and not is_dev): return http.HttpResponseForbidden() installed, c = Installed.objects.safer_get_or_create( addon=addon, user=request.amo_user) # Look up to see if its in the receipt cache and log if we have # to recreate it. receipt = memoize_get('create-receipt', installed.pk) error = '' cef(request, addon, 'request', 'Receipt requested') if not receipt: cef(request, addon, 'sign', 'Receipt signing') try: receipt = create_receipt(installed.pk) except SigningError: error = _('There was a problem installing the app.') ctx.update(receipt=receipt, error=error) else: if not addon.is_public() or not addon.is_webapp(): raise http.Http404 amo.log(amo.LOG.INSTALL_ADDON, addon) send_request('install', request, { 'app-domain': addon.domain_from_url(addon.origin), 'app-id': addon.pk }) return ctx
def issue(request, addon): user = request.amo_user review = acl.action_allowed_user(user, 'Apps', 'Review') if user else None author = addon.has_author(user) if not user or not (review or author): return http.HttpResponseForbidden() installed, c = Installed.objects.safer_get_or_create(addon=addon, user=request.amo_user) error = '' flavour = 'reviewer' if review else 'developer' cef(request, addon, 'sign', 'Receipt signing for %s' % flavour) try: receipt = create_receipt(installed.pk, flavour=flavour) except SigningError: error = _('There was a problem installing the app.') return {'addon': addon.pk, 'receipt': receipt, 'error': error}
def issue(request, addon): user = request.amo_user review = acl.action_allowed_user(user, 'Apps', 'Review') if user else None author = addon.has_author(user) if not user or not (review or author): return http.HttpResponseForbidden() installed, c = Installed.objects.safer_get_or_create(addon=addon, user=request.amo_user) error = '' flavour = 'reviewer' if review else 'developer' receipt_cef.log(request, addon, 'sign', 'Receipt signing for %s' % flavour) try: receipt = create_receipt(installed.pk, flavour=flavour) except SigningError: error = _('There was a problem installing the app.') return {'addon': addon.pk, 'receipt': receipt, 'error': error}
def record(request, addon): if not (addon.is_public() or acl.check_reviewer(request)): raise http.Http404 if addon.is_webapp(): installed, c = Installed.objects.safer_get_or_create(addon=addon, user=request.amo_user) send_request("install", request, {"app-domain": addon.domain_from_url(addon.origin), "app-id": addon.pk}) # Look up to see if its in the receipt cache and log if we have # to recreate it. receipt = memoize_get("create-receipt", installed.pk) error = "" cef(request, addon, "request", "Receipt requested") if not receipt: cef(request, addon, "sign", "Receipt signing") try: receipt = create_receipt(installed.pk) except SigningError: error = _("There was a problem installing the app.") return {"addon": addon.pk, "receipt": receipt, "error": error}
def test_receipt_signer(self, sign): sign.return_value = 'something-cunning' ins = self.create_install(self.user, self.webapp) eq_(create_receipt(ins.pk), 'something-cunning')
def test_crack_receipt(self): # Check that we can decode our receipt and get a dictionary back. self.addon.update(type=amo.ADDON_WEBAPP, manifest_url="http://a.com") receipt = create_receipt(self.make_install().pk) result = verify.decode_receipt(receipt) eq_(result["typ"], u"purchase-receipt")
def test_addon_free(self): for type_ in amo.ADDON_FREES: self.webapp.update(premium_type=amo.ADDON_FREE) ins = self.create_install(self.user, self.webapp) assert create_receipt(ins.pk)
def test_addon_premium(self): for type_ in amo.ADDON_PREMIUMS: self.webapp.update(premium_type=type_) ins = self.create_install(self.user, self.webapp) assert create_receipt(ins.pk)
def test_receipt_different(self): ins = self.create_install(self.user, self.webapp) ins_other = self.create_install(self.other_user, self.webapp) assert create_receipt(ins.pk) != create_receipt(ins_other.pk)
def test_receipt(self): ins = self.create_install(self.user, self.webapp) assert create_receipt(ins.pk).startswith('eyJhbGciOiAiUlM1MTIiLCA')
def test_crack_borked_receipt(self): self.addon.update(type=amo.ADDON_WEBAPP, manifest_url="http://a.com") receipt = create_receipt(self.make_install().pk) self.assertRaises(M2Crypto.RSA.RSAError, verify.decode_receipt, receipt + "x")
def test_crack_receipt(self): # Check that we can decode our receipt and get a dictionary back. self.addon.update(type=amo.ADDON_WEBAPP, manifest_url='http://a.com') receipt = create_receipt(self.make_install().pk) result = verify.decode_receipt(receipt) eq_(result['typ'], u'purchase-receipt')
def test_crack_borked_receipt(self): self.addon.update(type=amo.ADDON_WEBAPP, manifest_url='http://a.com') receipt = create_receipt(self.make_install().pk) self.assertRaises(M2Crypto.RSA.RSAError, verify.decode_receipt, receipt + 'x')