Exemple #1
0
def test_is_valid_domain_returns_false_for_scheme_suffix_and_no_domain():
    # Because http://gov.uk as a setting just seems weird and is likely
    # a mistake. When providing suffix we expect "gov.uk" in settings
    assert is_valid_domain('http://gov.uk') is False
    assert is_valid_domain('http://.gov.uk') is False
    assert is_valid_domain('http://com') is False
    assert is_valid_domain('http://.com') is False
Exemple #2
0
def test_is_valid_domain_returns_false_if_path_or_params_included():
    assert is_valid_domain('http://google.com?q=exporting') is False
    assert is_valid_domain('http://google.com/exporing') is False
    assert is_valid_domain('google.com?q=exporting') is False
    assert is_valid_domain('google.com/exporing') is False
Exemple #3
0
def test_is_valid_domain_returns_false_if_subdomain_included():
    assert is_valid_domain('http://mail.google.com') is False
    assert is_valid_domain('mail.google.com') is False
Exemple #4
0
def test_is_valid_domain_returns_false_for_invalid_domains():
    assert is_valid_domain('http://') is False
    assert is_valid_domain('blabla') is False
    assert is_valid_domain('http://blabla') is False
    assert is_valid_domain('http://www.blablabla') is False
Exemple #5
0
def test_is_valid_domain_returns_true_for_valid_suffixes():
    assert is_valid_domain('gov.uk') is True
    assert is_valid_domain('.gov.uk') is True
    assert is_valid_domain('com') is True
    assert is_valid_domain('.com') is True
Exemple #6
0
def test_is_valid_domain_returns_true_for_valid_domains():
    assert is_valid_domain('http://google.com') is True
    assert is_valid_domain('google.com') is True
Exemple #7
0
    'reset_password': '******',
    'reset_password_from_key': 'sso.user.forms.ResetPasswordKeyForm',
}

SESSION_COOKIE_DOMAIN = env.str('SESSION_COOKIE_DOMAIN')
# env var not same as setting to be more explicit (directory-ui uses same name)
SESSION_COOKIE_NAME = env.str('SSO_SESSION_COOKIE')
SESSION_COOKIE_SECURE = env.bool('SESSION_COOKIE_SECURE', True)

CSRF_COOKIE_SECURE = env.bool('CSRF_COOKIE_SECURE', True)
CSRF_COOKIE_HTTPONLY = True

# Set with comma separated values in env
ALLOWED_REDIRECT_DOMAINS = env.list('ALLOWED_REDIRECT_DOMAINS', default=[])
for domain in ALLOWED_REDIRECT_DOMAINS:
    assert is_valid_domain(domain) is True

# Signature check
SIGNATURE_SECRET = env.str('SIGNATURE_SECRET')
SIGAUTH_URL_NAMES_WHITELIST = [
    'healthcheck',
    'healthcheck-ping',
    'activity-stream-users',
    'activity-stream-user-answers-vfm',
]

# api request key
DIRECTORY_API_SECRET = env.str('DIRECTORY_API_SECRET', '')

# Use proxy host name when generating links (e.g. in emails)
USE_X_FORWARDED_HOST = True