def test_generate_secret_key(self):
"""Tests generate secret key generates
a key that matches the expected pattern
and generates distinct keys on subsquent calls"""
value1 = generate_secret_key()
value2 = generate_secret_key()
self.assertTrue(isinstance(value1, str))
self.assertTrue(isinstance(value2, str))
self.assertEqual(len(value1), SECRET_KEY_LENGTH)
self.assertEqual(len(value2), SECRET_KEY_LENGTH)
self.assertTrue(SECRET_KEY_PATTERN.match(value1))
self.assertTrue(SECRET_KEY_PATTERN.match(value2))
self.assertFalse(value1 == value2)
return value1
def log_default_warnings(key):
"""Print warning if using insecure default keys
"""
if key == "SECRET_KEY":
LOGGER.warning(
"""
---------------------------------------------
WARNING: The API secret key was not provided.
Using an insecure default key. Consider adding
the following to the environment (e.g. .env file):
SECRET_KEY=%s
---------------------------------------------
""",
generate_secret_key(),
)
elif key == "AES_KEY":
LOGGER.warning(
"""
---------------------------------------------
WARNING: The AES secret key was not provided.
Using an insecure default key. Consider adding
the following to the environment (e.g. .env file):
AES_KEY=%s
---------------------------------------------
""",
generate_aes_key(),
)
def load_config(app): # pylint: disable=too-many-branches
# CLI Options will override config file options
opts = parse_args(sys.argv[1:])
app.config.HOST = opts.host
app.config.PORT = opts.port
app.config.VALIDATOR_HOST = opts.validator_host
app.config.VALIDATOR_PORT = opts.validator_port
app.config.TIMEOUT = int(opts.timeout)
app.config.DB_HOST = opts.db_host
app.config.DB_PORT = opts.db_port
app.config.DB_NAME = opts.db_name
app.config.CHATBOT_HOST = opts.chatbot_host
app.config.CHATBOT_PORT = opts.chatbot_port
app.config.CLIENT_HOST = opts.client_host
app.config.CLIENT_PORT = opts.client_port
app.config.DEBUG = bool(opts.debug)
app.config.SECRET_KEY = opts.secret_key
app.config.AES_KEY = opts.aes_key
app.config.AIOHTTP_CONN_LIMIT = opts.aiohttp_conn_limit
app.config.AIOHTTP_DNS_TTL = opts.aiohttp_dns_ttl
if SECRET_KEY is DEFAULT_CONFIG["SECRET_KEY"]:
LOGGER.warning(
"""
---------------------------------------------
WARNING: The API secret key was not provided.
Using an insecure default key. Consider adding
the following to the environment (e.g. .env file):
SECRET_KEY=%s
---------------------------------------------
""",
generate_secret_key(),
)
if AES_KEY is DEFAULT_CONFIG["AES_KEY"]:
LOGGER.warning(
"""
---------------------------------------------
WARNING: The AES secret key was not provided.
Using an insecure default key. Consider adding
the following to the environment (e.g. .env file):
AES_KEY=%s
---------------------------------------------
""",
generate_aes_key(),
)
app.config.BATCHER_KEY_PAIR = Key()
DB_NAME = getenv("DB_NAME", DEFAULT_CONFIG["DB_NAME"])
AES_KEY = getenv("AES_KEY", DEFAULT_CONFIG["AES_KEY"])
SECRET_KEY = getenv("SECRET_KEY", DEFAULT_CONFIG["SECRET_KEY"])
if SECRET_KEY is DEFAULT_CONFIG["SECRET_KEY"]:
LOGGER.warning(
"""
---------------------------------------------
WARNING: The API secret key was not provided.
Using an insecure default key. Consider adding
the following to the environment (e.g. .env file):
SECRET_KEY=%s
---------------------------------------------
""",
generate_secret_key(),
)
if AES_KEY is DEFAULT_CONFIG["AES_KEY"]:
LOGGER.warning(
"""
---------------------------------------------
WARNING: The AES secret key was not provided.
Using an insecure default key. Consider adding
the following to the environment (e.g. .env file):
AES_KEY=%s
---------------------------------------------
""",
generate_aes_key(),
)
