def test_recovery_with_secondary_agent(self):
alias = utils.generate_alias(type=Alias.DOMAIN)
member = self.client.create_member(alias)
primary_agent_id = member.get_default_agent()
secondary_agent = self.client.create_member(utils.generate_alias(type=Alias.DOMAIN))
unused_secondary_agent = self.client.create_member(utils.generate_alias(type=Alias.DOMAIN))
recovery_rule = RecoveryRule(primary_agent=primary_agent_id,
secondary_agents=[secondary_agent.member_id, unused_secondary_agent.member_id])
member.add_recovery_rule(recovery_rule)
# remove all keys
self.client.CryptoEngine.__storage = {}
crypto_engine = self.client.CryptoEngine(member.member_id)
key = crypto_engine.generate_key(Key.PRIVILEGED)
verification_id = self.client.begin_recovery(alias)
authorization = MemberRecoveryOperation.Authorization(member_id=member.member_id,
prev_hash=member.get_last_hash(),
member_key=key)
signature = secondary_agent.authorize_recovery(authorization)
op1 = self.client.get_recovery_authorization(verification_id, 'code', key)
op2 = MemberRecoveryOperation(authorization=authorization, agent_signature=signature)
recovered = self.client.complete_recovery(member.member_id, [op1, op2], key, crypto_engine)
assert member.member_id == recovered.member_id
assert len(recovered.get_keys()) == 3
assert len(recovered.get_aliases()) == 0
assert not self.client.is_alias_exists(alias)
recovered.verify_alias(verification_id, 'code')
assert self.client.is_alias_exists(alias)
assert [alias] == utils.repeated_composite_container_to_list(recovered.get_aliases())
def test_auth_flow(self):
member1 = self.client.create_member(
utils.generate_alias(type=Alias.DOMAIN))
member2 = self.client.create_member(
utils.generate_alias(type=Alias.DOMAIN))
payload = AccessTokenBuilder.create_with_alias(
member2.get_first_alias()).for_all().build()
access_token = member1.create_access_token(payload)
token = member1.get_token(access_token.id)
request_id = generate_nonce()
original_state = generate_nonce()
csrf_token = generate_nonce()
token_request_url = self.client.generate_token_request_url(
request_id, original_state, csrf_token)
state = urllib.parse.urlparse(token_request_url).query.split('=')[1]
signature = member1.sign_token_request_state(request_id, token.id,
state)
path = 'path?tokenId={}&state={}&signature={}'.format(
token.id, state,
urllib.parse.quote(proto_message_to_bytes(signature).decode()))
token_request_callback_url = 'http://localhost:80/' + path
callback = self.client.parse_token_request_callback_url(
token_request_callback_url, csrf_token)
assert original_state == callback.state
def test_add_and_get_token_request_wrong_member(self):
member1 = self.client.create_member(utils.generate_alias())
member2 = self.client.create_member(utils.generate_alias())
payload = member1.create_transfer_token(10, 'EUR').set_to_member_id(member2.member_id).build()
stored_request = TokenRequest.builder(payload).build()
with pytest.raises(RequestError) as exec_info:
member1.store_token_request(stored_request)
assert exec_info.value.details == "Access denied to member {}".format(member1.member_id)
assert exec_info.value.code == StatusCode.PERMISSION_DENIED
def test_access_token_builder_set_transfer_destinations(self):
member1 = self.client.create_member(
utils.generate_alias(type=Alias.DOMAIN))
member2 = self.client.create_member(
utils.generate_alias(type=Alias.DOMAIN))
payload = AccessTokenBuilder.create_with_alias(
member2.get_first_alias()).for_all_transfer_destinations().build()
access_token = member1.create_access_token(payload)
result = member1.get_token(access_token.id)
assert access_token == result
def test_request_signature(self):
member1 = self.client.create_member(
utils.generate_alias(type=Alias.DOMAIN))
member2 = self.client.create_member(
utils.generate_alias(type=Alias.DOMAIN))
payload = AccessTokenBuilder.create_with_alias(
member2.get_first_alias()).for_all().build()
token = member1.create_access_token(payload)
signature = member1.sign_token_request_state(generate_nonce(),
token.id,
generate_nonce())
assert signature.signature
def test_add_and_remove_alias(self):
alias1 = utils.generate_alias(type=Alias.DOMAIN)
alias2 = utils.generate_alias(type=Alias.DOMAIN)
member = self.client.create_member(alias1)
member.add_alias(alias2)
received_aliases = utils.repeated_composite_container_to_list(member.get_aliases())
expected_aliases = [alias1, alias2]
assert sorted(received_aliases, key=lambda v: v.value) == sorted(expected_aliases, key=lambda v: v.value)
member.remove_alias(alias1)
received_aliases = utils.repeated_composite_container_to_list(member.get_aliases())
expected_aliases = [alias2]
assert received_aliases == expected_aliases
def test_read_profile_not_yours(self):
in_profile = Profile(display_name_first='Ming',
display_name_last='Xiao')
back_profile = self.member.set_profile(in_profile)
other_member = self.client.create_member(utils.generate_alias())
out_profile = other_member.get_profile(self.member.member_id)
assert in_profile == back_profile == out_profile
def test_login_member(self):
alias = utils.generate_alias(type=Alias.DOMAIN)
member = self.client.create_member(alias)
logged_in = self.client.get_member(member.member_id)
expected_aliases = utils.repeated_composite_container_to_list(member.get_aliases())
actual_aliases = utils.repeated_composite_container_to_list(logged_in.get_aliases())
assert sorted(expected_aliases) == sorted(actual_aliases)
def test_add_and_get_address(self):
member = self.client.create_member(utils.generate_alias())
name = generate_nonce()
payload = utils.generate_address()
address = member.add_address(name, payload)
result = member.get_address(address.id)
assert name == address.name
assert payload == address.address
assert address == result
def test_access_token_for_accounts(self):
member1 = self.client.create_member(
utils.generate_alias(type=Alias.DOMAIN))
payload = AccessTokenBuilder.create_with_alias(
member1.get_first_alias()).for_all_accounts().build()
access_token = member1.create_access_token(payload)
result = member1.get_token(access_token.id)
print(result)
assert access_token == result
def test_get_access_tokens(self):
# TODO: cleanup
member1 = self.client.create_member(
utils.generate_alias(type=Alias.DOMAIN))
member2 = self.client.create_member(
utils.generate_alias(type=Alias.DOMAIN))
address = member1.add_address(generate_nonce(),
utils.generate_address())
payload = AccessTokenBuilder.create_with_alias(
member1.get_first_alias()).for_address(address.id).build()
member1.create_access_token(payload)
payload = AccessTokenBuilder.create_with_alias(
member2.get_first_alias()).for_address(address.id).build()
access_token = member1.create_access_token(payload)
member1.endorse_token(access_token, Key.STANDARD)
time.sleep(self.TOKEN_LOOKUP_POLL_FREQUENCY * 2)
result = member1.get_access_tokens(limit=2, offset=None)
token_ids = [item.id for item in result.tokens]
assert access_token.id in token_ids
def test_get_access_token(self):
member1 = self.client.create_member(
utils.generate_alias(type=Alias.DOMAIN))
address = member1.add_address(generate_nonce(),
utils.generate_address())
payload = AccessTokenBuilder.create_with_alias(
member1.get_first_alias()).for_address(address.id).build()
access_token = member1.create_access_token(payload)
result = member1.get_token(access_token.id)
assert access_token == result
def test_get_access_token_id(self):
member1 = self.client.create_member(
utils.generate_alias(type=Alias.DOMAIN))
member2 = self.client.create_member(
utils.generate_alias(type=Alias.DOMAIN))
address = member1.add_address(generate_nonce(),
utils.generate_address())
payload = AccessTokenBuilder.create_with_alias(
member2.get_first_alias()).for_address(address.id).build()
request = TokenRequest.builder(payload).build()
token_request_id = member2.store_token_request(request)
access_token = member1.create_access_token(payload)
member1.endorse_token(access_token, Key.STANDARD)
signature = member1.sign_token_request_state(token_request_id,
access_token.id,
generate_nonce())
assert signature.ByteSize != 0
result = self.client.get_token_request_result(token_request_id)
assert result.token_id == access_token.id
assert result.signature.signature == signature.signature
def test_add_and_get_transfer_token_request(self):
member = self.client.create_member(utils.generate_alias())
payload = member.create_transfer_token(10, 'EUR').set_to_member_id(member.member_id).set_redirect_url(self.TOKEN_URL).build()
stored_request = TokenRequest.builder(payload).build()
request_id = member.store_token_request(stored_request)
assert request_id
retrieved_request = self.client.retrieve_token_request(request_id)
assert str(stored_request.payload) == str(retrieved_request.payload)
assert request_id == retrieved_request.id
for k, v in stored_request.options.items():
assert v == retrieved_request.options.get(k)
def test_create_and_get_addresses(self):
member = self.client.create_member(utils.generate_alias())
addresses = {
utils.generate_nonce(): utils.generate_address()
for _ in range(3)
}
for name, address in addresses.items():
member.add_address(name, address)
actual = {
address_record.name: address_record.address
for address_record in member.get_addresses()
}
assert addresses == actual
def test_create_access_token_idempotent(self):
member1 = self.client.create_member(
utils.generate_alias(type=Alias.DOMAIN))
address = member1.add_address(generate_nonce(),
utils.generate_address())
payload = AccessTokenBuilder.create_with_alias(
member1.get_first_alias()).for_address(address.id).build()
member1.endorse_token(member1.create_access_token(payload),
Key.STANDARD)
member1.endorse_token(member1.create_access_token(payload),
Key.STANDARD)
time.sleep(self.TOKEN_LOOKUP_POLL_FREQUENCY * 2)
result = member1.get_access_tokens(2, None)
assert len(result.tokens) == 1
def test_only_one_access_token_allowed(self):
member = self.client.create_member(
utils.generate_alias(type=Alias.DOMAIN))
address = member.add_address(generate_nonce(),
utils.generate_address())
payload = AccessTokenBuilder.create_with_alias(
member.get_first_alias()).for_address(address.id).build()
member.create_access_token(payload)
payload = AccessTokenBuilder.create_with_alias(
member.get_first_alias()).for_address(address.id).build()
with pytest.raises(RequestError) as exec_info:
member.create_access_token(payload)
assert exec_info.value.details == "Token from {} to {} already exists".format(
member.member_id, member.member_id)
assert exec_info.value.code == StatusCode.ALREADY_EXISTS
def test_add_and_get_access_token_request(self):
member = self.client.create_member(utils.generate_alias())
to_member = TokenMember(id=member.member_id)
#resource = AccessBody.Resource(all_addresses=AccessBody.Resource.AllAddresses())
access = TokenRequestPayload.AccessBody(type=[TokenRequestPayload.AccessBody.ACCOUNTS])
payload = TokenRequestPayload(to=to_member, access_body=access, redirect_url=self.TOKEN_URL)
stored_request = TokenRequest.builder(payload).build()
request_id = member.store_token_request(stored_request)
assert request_id
retrieved_request = self.client.retrieve_token_request(request_id)
assert stored_request.payload == retrieved_request.payload
assert request_id == retrieved_request.id
for k, v in stored_request.options.items():
assert v == retrieved_request.options.get(k)
def test_recovery(self):
alias = utils.generate_alias(type=Alias.DOMAIN)
member = self.client.create_member(alias)
member.use_default_recovery_rule()
verification_id = self.client.begin_recovery(alias)
recovered = self.client.complete_recovery_with_default_rule(member.member_id, verification_id, 'code')
assert member.member_id == recovered.member_id
assert len(recovered.get_keys()) == 3
assert len(recovered.get_aliases()) == 0
assert not self.client.is_alias_exists(alias)
recovered.verify_alias(verification_id, 'code')
assert self.client.is_alias_exists(alias)
received_aliases = utils.repeated_composite_container_to_list(recovered.get_aliases())
expected_aliases = [alias]
assert received_aliases == expected_aliases
def setup_class(cls):
cls.client = utils.initialize_client()
cls.member1 = cls.client.create_member(utils.generate_alias())
cls.member2 = cls.client.create_member(utils.generate_alias())
cls.member3 = cls.client.create_member(utils.generate_alias())
def test_is_alias_exist(self):
alias = utils.generate_alias(type=Alias.DOMAIN)
assert not self.client.is_alias_exists(alias)
self.client.create_member(alias)
assert self.client.is_alias_exists(alias)
def test_get_no_profile_picture(self):
new_member = self.client.create_member(utils.generate_alias())
blob = new_member.get_profile_picture(new_member.member_id, ORIGINAL)
assert blob.id == ''
def test_create_member(self):
alias = utils.generate_alias(type=Alias.DOMAIN) # Alias.EMAIL failed
member = self.client.create_member(alias)
keys = member.get_keys()
assert len(keys) == 3
assert len(member.get_aliases()) != 0
def setup_class(cls):
cls.client = utils.initialize_client()
cls.member = cls.client.create_member(utils.generate_alias())
cls.other_member = cls.client.create_member(utils.generate_alias())
cls.file_name = 'file.json'
cls.file_type = 'application/json'
