def get_auth_handler(monkeypatch, folders):
g = GoogleAuthHandler()
def mock_connect(a):
return ConnectionStub()
g.get_authenticated_imap_connection = mock_connect
monkeypatch.setattr(GmailCrispinClient, "folder_names", lambda x: folders)
return g
def test_token(db, config, encrypt):
"""
If encryption is enabled, ensure that:
* tokens are encrypted.
* tokens are decrypted correctly on retrieval.
Note: This tests refresh_tokens but passwords work in the same way
"""
config["ENCRYPT_SECRETS"] = encrypt
token = u"tH*$&123abcº™™∞"
email = "*****@*****.**"
account_data = GoogleAccountData(
email=email,
secret_type=SecretType.Token,
secret_value=token,
client_id="",
scope="a b",
sync_email=True,
sync_contacts=False,
sync_events=True,
)
g = GoogleAuthHandler()
g.verify_config = lambda x: True
account = g.create_account(account_data)
db.session.add(account)
db.session.commit()
secret_id = account.refresh_token_id
secret = db.session.query(Secret).get(secret_id)
assert secret == account.secret
if encrypt:
assert secret._secret != token, "token not encrypted"
else:
assert secret._secret == token.encode(
"utf-8"
), "token encrypted when encryption disabled"
decrypted_secret = secret.secret # type: bytes
assert decrypted_secret == token.encode(
"utf-8"
) and account.refresh_token == decrypted_secret.decode(
"utf-8"
), "token not decrypted correctly"
# db.session.delete(account.auth_credentials[0])
db.session.commit()
def modify_account(namespace_public_id):
"""
Modify an existing account
This stops syncing an account until it is explicitly resumed.
"""
data = request.get_json(force=True)
with global_session_scope() as db_session:
namespace = (db_session.query(Namespace).filter(
Namespace.public_id == namespace_public_id).one())
account = namespace.account
if isinstance(account, GenericAccount):
auth_handler = GenericAuthHandler()
account_data = _get_account_data_for_generic_account(data)
elif isinstance(account, GmailAccount):
auth_handler = GoogleAuthHandler()
account_data = _get_account_data_for_google_account(data)
elif isinstance(account, OutlookAccount):
auth_handler = MicrosoftAuthHandler()
account_data = _get_account_data_for_microsoft_account(data)
else:
raise ValueError("Account type not supported.")
account = auth_handler.update_account(account, account_data)
db_session.add(account)
db_session.commit()
encoder = APIEncoder()
return encoder.jsonify(account.namespace)
def test_update_account(db):
handler = GoogleAuthHandler()
# Create an account
account = handler.create_account(account_data)
db.session.add(account)
db.session.commit()
id_ = account.id
# Verify it is updated correctly.
updated_data = attr.evolve(account_data, secret_value="NewRefreshToken")
account = handler.update_account(account, updated_data)
db.session.add(account)
db.session.commit()
account = db.session.query(Account).get(id_)
assert account.refresh_token == "NewRefreshToken"
def test_create_account(db):
handler = GoogleAuthHandler()
# Create an account
account = handler.create_account(account_data)
db.session.add(account)
db.session.commit()
# Verify its settings
id_ = account.id
account = db.session.query(Account).get(id_)
assert account.email_address == account_data.email
assert account.sync_email == account_data.sync_email
assert account.sync_contacts == account_data.sync_contacts
assert account.sync_events == account_data.sync_events
# Ensure that the emailed events calendar was created
assert account._emailed_events_calendar is not None
assert account._emailed_events_calendar.name == "Emailed events"
def test_verify_account(db, patched_gmail_client):
handler = GoogleAuthHandler()
handler.get_authenticated_imap_connection = lambda account: None
# Create an account with sync_email=True
account = handler.create_account(account_data)
db.session.add(account)
db.session.commit()
assert account.sync_email is True
# Verify an exception is raised if there is an email settings error.
with pytest.raises(ImapSupportDisabledError):
handler.verify_account(account)
# Create an account with sync_email=False
updated_data = attr.evolve(account_data,
email="*****@*****.**",
sync_email=False)
account = handler.create_account(updated_data)
db.session.add(account)
db.session.commit()
assert account.sync_email is False
# Verify an exception is NOT raised if there is an email settings error.
account = handler.verify_account(account)
def create_account():
""" Create a new account """
data = request.get_json(force=True)
if data["type"] == "generic":
auth_handler = GenericAuthHandler()
account_data = _get_account_data_for_generic_account(data)
elif data["type"] == "gmail":
auth_handler = GoogleAuthHandler()
account_data = _get_account_data_for_google_account(data)
elif data["type"] == "microsoft":
auth_handler = MicrosoftAuthHandler()
account_data = _get_account_data_for_microsoft_account(data)
else:
raise ValueError("Account type not supported.")
with global_session_scope() as db_session:
account = auth_handler.create_account(account_data)
db_session.add(account)
db_session.commit()
encoder = APIEncoder()
return encoder.jsonify(account.namespace)