def client_with_secrets(tmp_path): secret_key = random_bytes(32) bearer_token = random_bytes(32).hex() app = create_app( media_server_secret_key=secret_key, media_server_bearer_token=bearer_token, main_server_address="localhost:8088", main_server_use_ssl=False, media_upload_location=tmp_path, avatar_size=200, ) with app.test_client() as client: yield client, secret_key, bearer_token
def client_with_secrets(tmp_path): secret_key = random_bytes(32) bearer_token = random_bytes(32).hex() app = create_app( media_server_secret_key=secret_key, media_server_bearer_token=bearer_token, media_server_base_url="https://testing.couchers.invalid", main_server_address="localhost:8088", main_server_use_ssl=False, media_upload_location=tmp_path, thumbnail_size=200, ) with app.test_client() as client: yield client, secret_key, bearer_token
def test_fails_expired(client_with_secrets): client, secret_key, bearer_token = client_with_secrets key = random_bytes(32).hex() now = datetime.utcnow() created = now - timedelta(minutes=12) expiry = now - timedelta(minutes=2) request = media_pb2.UploadRequest( key=key, type=media_pb2.UploadRequest.UploadType.IMAGE, created=Timestamp_from_datetime(created), expiry=Timestamp_from_datetime(expiry), max_width=2000, max_height=1600, ) upload_path = generate_upload_path(request, secret_key) with mock_main_server(bearer_token, lambda x: True): with open(DATADIR / "1x1.jpg", "rb") as f: rv = client.post(upload_path, data={"file": (f, "pixel.jpg")}) assert rv.status_code == 400
def test_fails_wrong_sig(client_with_secrets): client, secret_key, bearer_token = client_with_secrets wrong_secret_key = random_bytes(32) key, request = create_upload_request() upload_path = generate_upload_path(request, wrong_secret_key) with mock_main_server(bearer_token, lambda x: True): with open(DATADIR / "1x1.jpg", "rb") as f: rv = client.post(upload_path, data={"file": (f, "pixel.jpg")}) assert rv.status_code == 400
def create_upload_request(): key = random_bytes(32).hex() now = datetime.utcnow() expiry = now + timedelta(minutes=20) return key, media_pb2.UploadRequest( key=key, type=media_pb2.UploadRequest.UploadType.IMAGE, created=Timestamp_from_datetime(now), expiry=Timestamp_from_datetime(expiry), max_width=2000, max_height=1600, )
def random_hex(length=32): """ Length in binary """ return random_bytes(length).hex()
def urlsafe_random_bytes(length=32) -> str: return b64encode(random_bytes(length))
def aead_generate_key(): return random_bytes(_aead_key_len)
def aead_generate_nonce(): return random_bytes(_aead_nonce_len)
def urlsafe_random_bytes(length=32): return urlsafe_b64encode(random_bytes(length)).decode("utf8")