def generate_response(registration: Registration) -> Dict[str, Any]: state_data = get_state_data_cached(registration.state_id) custom_ovr_link = get_custom_ovr_link(registration) ovr_link = custom_ovr_link or state_data.external_tool_ovr if state_data.flow_type == RegistrationFlowType.OVR_OR_PRINT: jwt, jwt_expiry = make_action_jwt( action_id=str(registration.action_id), action_type="registration", expiration=JWT_EXPIRATION, ) buttons = [ { "message_text": "Register online", "primary": True, "url": ovr_link, "event_tracking": { "action": str(registration.action_id), "event_type": "FinishExternal", }, }, { "message_text": "Register by mail", "primary": False, "url": f"{settings.REGISTER_RESUME_URL}?skip_ovr=true&token={jwt}", "url_expiry": jwt_expiry.isoformat(), }, ] elif state_data.flow_type == RegistrationFlowType.PRINT_ONLY: jwt, jwt_expiry = make_action_jwt( action_id=str(registration.action_id), action_type="registration", expiration=JWT_EXPIRATION, ) buttons = [{ "message_text": "Register by mail", "primary": True, "url": f"{settings.REGISTER_RESUME_URL}?skip_ovr=true&token={jwt}", "url_expiry": jwt_expiry.isoformat(), }] else: buttons = [] return { "message_markdown": state_data.instructions_markdown, "buttons": buttons }
def test_jwt_bad_secret(mocker): jwt, _ = make_action_jwt(action_id="someid", action_type="sometype", expiration=timedelta(hours=1)) mocker.patch("apikey.crypto.SECRET_KEY", "different") assert verify_action_jwt(jwt, action_type="sometype") == None
def test_jwt(freezer): freezer.move_to("2009-01-20T11:30:00Z") jwt, exp = make_action_jwt(action_id="someid", action_type="sometype", expiration=timedelta(hours=1)) assert exp == datetime(2009, 1, 20, 12, 30, 0, tzinfo=timezone.utc) assert verify_action_jwt(jwt, action_type="sometype") == "someid"
def test_jwt_bad_action_type(): jwt, _ = make_action_jwt(action_id="someid", action_type="sometype", expiration=timedelta(hours=1)) assert verify_action_jwt(jwt, action_type="different") == None
def test_jwt_expired(): jwt, _ = make_action_jwt(action_id="someid", action_type="sometype", expiration=timedelta(hours=-1)) assert verify_action_jwt(jwt, action_type="sometype") == None