def validate(self, **kwargs):
url = kwargs.get('url', self.URL_NOTIFICATION)
institution = kwargs.get('institution', str(self.institution.code))
request_datetime = kwargs.get('request_datetime',
timezone.now().isoformat())
certificate = kwargs.get('certificate', self.DOCUMENT)
request_url = kwargs.get('request_url', self.REQUEST_URL)
data = {
'institution': institution,
'notification_url': url,
'document': certificate,
'request_datetime': request_datetime,
}
if self.FORMAT:
data['format'] = self.FORMAT
params = self.get_request_params(data, **kwargs)
response = self.client.post(request_url, params, format='json')
try:
response = decrypt(self.institution.private_key,
response.data['data'])
except Exception as e:
# print(e)
try:
response = json.loads(response.json()['data'])
except:
pass
return response
def authenticate(self, **kwargs):
url = kwargs.get('url', self.URL_NOTIFICATION)
institution = kwargs.get('institution', str(self.institution.code))
request_datetime = kwargs.get(
'request_datetime', timezone.now().isoformat())
identification = kwargs.get('identification', None)
request_url = kwargs.get('request_url', '/authenticate/institution/')
data = {
'institution': institution,
'notification_url': url,
'request_datetime': request_datetime,
}
if identification:
data['identification'] = identification
params = self.get_request_params(data, **kwargs)
response = self.client.post(request_url,
params, format='json')
try:
response = decrypt(self.institution.private_key,
response.data['data'])
except Exception as e:
try:
response = json.loads(response.json()['data'])
except:
pass
return response
def sign(self, **kwargs):
url = kwargs.get('url', self.URL_NOTIFICATION)
institution = kwargs.get('institution', str(self.institution.code))
request_datetime = kwargs.get('request_datetime',
timezone.now().isoformat())
resumen = kwargs.get('resumen', 'Documento de prueba xml')
identificacion = kwargs.get('identificacion', self.IDENTIFICATION)
data = {
'institution': institution,
'notification_url': url,
'document': self.DOCUMENT,
'format': self.FORMAT,
'algorithm_hash': 'sha512',
'document_hash': self.HASH,
'identification': identificacion,
'resumen': resumen,
'request_datetime': request_datetime,
}
params = self.get_request_params(data, **kwargs)
response = self.client.post('/sign/institution/',
params,
format='json')
try:
response = decrypt(self.institution.private_key,
response.data['data'])
except Exception as e:
# print(e)
try:
response = json.loads(response.json()['data'])
except:
pass
return response
def sign_delete(self, **kwargs):
if self.DOCUMENT is None:
return
url = kwargs.get('url', self.URL_NOTIFICATION)
institution = kwargs.get('institution', str(self.institution.code))
request_datetime = kwargs.get('request_datetime',
timezone.now().isoformat())
request_url = kwargs.get('request_url', '/sign/institution/')
data = {
'institution': institution,
'notification_url': url,
'request_datetime': request_datetime,
}
params = self.get_request_params(data, **kwargs)
response = self.client.post(request_url, params, format='json')
try:
response = decrypt(self.institution.private_key,
response.data['data'])
except Exception as e:
# print(e)
try:
response = json.loads(response.json()['data'])
except:
pass
return response
def test_check_wrong_sign(self):
"""if all credential are well but data is encrypted with other private
key"""
institution2 = create_institution(self.user)
url = "https://institution2.com/notify"
create_url(institution2, url=url)
response = self.authenticate(
institution=str(institution2.code),
url=url,
public_certificate=institution2.public_certificate)
response = decrypt(institution2.private_key, response.data['data'])
self.check_wrong_sign_test(response)
def test_check_wrong_sign(self):
"""if all credential are well but data is encrypted with other private
key"""
if self.DOCUMENT is None:
return
institution2 = create_institution(self.user)
url = "https://institution2.com/notify"
create_url(institution2, url=url)
response = self.sign_check(
institution=str(institution2.code),
url=url,
public_certificate=institution2.public_certificate,
request_url=self.BASE_URL % (self.data['id_transaction'], ))
response = decrypt(institution2.private_key, response.data['data'])
self.check_wrong_sign_test(response)
def test_check_wrong_sign(self):
"""if all credential are well but data is encrypted with other private
key"""
institution2 = create_institution(self.user)
url = "https://institution2.com/notify"
create_url(institution2, url=url)
response = self.authenticate(institution=str(institution2.code),
url=url,
public_certificate=institution2.public_certificate,
request_url=self.BASE_URL % (
self.data['id_transaction'],)
)
response = decrypt(institution2.private_key,
response.data['data'])
self.check_result(response, False)
self.assertIsNotNone(AuthenticateDataRequest.objects.filter(
id_transaction=self.data['id_transaction']).first())
def validate_certificate(self):
self.get_institution()
if self.check_subject():
if not check_certificate(self.data['public_certificate']):
self._errors['public_certificate'] = [_('Invalid certificate')]
try:
self.requestdata = decrypt(self._get_decrypt_key(),
self.data['data'],
method=self.encrypt_method)
logger.debug("Data: %r" % (self.requestdata, ))
self.check_internal_data(self.requestdata)
except Exception as e:
self._errors['data'] = [
_('Data was not decrypted well %r') % (e, )
]
logger.error('Data was not decrypted well %r' % (e, ))
return False
def validate_certificate(self):
self.get_encryption_cipher()
self.get_institution()
if self.institution is None:
self._errors['data'] = [
_('Institution not found, certificate does not match')]
return False
if not check_certificate(self.data['public_certificate']):
self._errors['public_certificate'] = [_('Invalid Certificate')]
try:
self.requestdata = decrypt(self.institution.server_sign_key,
self.data['data'],
method=self.encrypt_method)
self.check_internal_data(
self.requestdata, fields=self.check_internal_fields)
self.check_received_extra_data(self.requestdata)
except Exception as e:
self._errors['data'] = [_('Data was not decrypted well')]
logger.error('Data was not decrypted well %r' % (e,))
return False
