def test_storeAssociation_update_existing(self):
assoc = OIDAssociation('handle', 'secret', 42, 600, 'HMAC-SHA1')
self.store.storeAssociation('server-url', assoc)
# Now update the association with new information.
assoc = OIDAssociation('handle', 'secret2', 420, 900, 'HMAC-SHA256')
self.store.storeAssociation('server-url', assoc)
dbassoc = Association.objects.get(server_url='server-url',
handle='handle')
self.assertEqual(dbassoc.secret, 'secret2'.encode('base-64'))
self.assertEqual(dbassoc.issued, 420)
self.assertEqual(dbassoc.lifetime, 900)
self.assertEqual(dbassoc.assoc_type, 'HMAC-SHA256')
def test_cleanupAssociations(self):
timestamp = int(time.time()) - 100
self.store.storeAssociation(
'server-url',
OIDAssociation('handle1', 'secret', timestamp, 50, 'HMAC-SHA1'))
self.store.storeAssociation(
'server-url',
OIDAssociation('handle2', 'secret', timestamp, 200, 'HMAC-SHA1'))
self.assertEquals(self.store.cleanupAssociations(), 1)
# The second (non-expired) association is left behind.
self.assertNotEqual(self.store.getAssociation('server-url', 'handle2'),
None)
def test_getAssociation_no_handle(self):
timestamp = int(time.time())
self.store.storeAssociation(
'server-url', OIDAssociation('handle1', 'secret', timestamp + 1,
600, 'HMAC-SHA1'))
self.store.storeAssociation(
'server-url', OIDAssociation('handle2', 'secret', timestamp,
600, 'HMAC-SHA1'))
# The newest handle is returned.
assoc = self.store.getAssociation('server-url', None)
self.assertNotEqual(assoc, None)
self.assertEqual(assoc.handle, 'handle1')
self.assertEqual(assoc.issued, timestamp + 1)
def getAssociation(self, server_url, handle=None):
assocs = []
if handle is not None:
assocs = Association.view('%s/url_handle_view' %
Association._meta.app_label,
key=[server_url, handle],
include_docs=True).all()
else:
assocs = Association.view('%s/url_view' %
Association._meta.app_label,
key=server_url,
include_docs=True).all()
associations = []
try:
for assoc in assocs:
association = OIDAssociation(
assoc['handle'], base64.decodestring(assoc['secret']),
assoc['issued'], assoc['lifetime'], assoc['assoc_type'])
if association.getExpiresIn() == 0:
self.removeAssociation(server_url, assoc.handle)
else:
associations.append((association.issued, association))
except ResourceNotFound:
pass
if not associations:
return None
return associations[-1][1]
def getAssociation(self, server_url, handle=None):
stored_assocs = OpenIDStore.objects.filter(
server_url=server_url
)
if handle:
stored_assocs = stored_assocs.filter(handle=handle)
stored_assocs.order_by('-issued')
if stored_assocs.count() == 0:
return None
return_val = None
for stored_assoc in stored_assocs:
assoc = OIDAssociation(
stored_assoc.handle,
base64.decodestring(stored_assoc.secret.encode('utf-8')),
stored_assoc.issued, stored_assoc.lifetime,
stored_assoc.assoc_type
)
# See:
# necaris/python3-openid@1abb155c8fc7b508241cbe9d2cae24f18e4a379b
if hasattr(assoc, 'getExpiresIn'):
expires_in = assoc.getExpiresIn()
else:
expires_in = assoc.expiresIn
if expires_in == 0:
stored_assoc.delete()
else:
if return_val is None:
return_val = assoc
return return_val
def getAssociation(self, server_url, handle=None):
assocs = []
if handle is not None:
assocs = Association.objects.filter(server_url=server_url,
handle=handle)
else:
assocs = Association.objects.filter(server_url=server_url)
if not assocs:
return None
associations = []
expired = []
for assoc in assocs:
association = OIDAssociation(assoc.handle,
base64.decodestring(assoc.secret),
assoc.issued, assoc.lifetime,
assoc.assoc_type)
if association.getExpiresIn() == 0:
expired.append(assoc)
else:
associations.append((association.issued, association))
for assoc in expired:
assoc.delete()
if not associations:
return None
associations.sort()
return associations[-1][1]
def getAssociation(self, server_url, handle=None):
assocs = []
if handle is not None:
assocs = OpenIdAssociation.objects.filter(
server_url = server_url, handle = handle
)
else:
assocs = OpenIdAssociation.objects.filter(
server_url = server_url
)
if not assocs:
return None
associations = []
for assoc in assocs:
association = OIDAssociation(
assoc.handle, base64.decodestring(assoc.secret), assoc.issued,
assoc.lifetime, assoc.assoc_type
)
if association.getExpiresIn() == 0:
self.removeAssociation(server_url, assoc.handle)
else:
associations.append((association.issued, association))
if not associations:
return None
return associations[-1][1]
def getAssociation(self, server_url, handle=None):
stored_assocs = OpenIDStoreModel.objects.filter(server_url=server_url)
if handle:
stored_assocs = stored_assocs.filter(handle=handle)
stored_assocs.order_by('-issued')
if stored_assocs.count() == 0:
return None
return_val = None
for stored_assoc in stored_assocs:
assoc = OIDAssociation(stored_assoc.handle,
base64.decodestring(stored_assoc.secret),
stored_assoc.issued, stored_assoc.lifetime,
stored_assoc.assoc_type)
if assoc.getExpiresIn() == 0:
stored_assoc.delete()
else:
if return_val is None:
return_val = assoc
return return_val
def test_removeAssociation(self):
timestamp = int(time.time())
self.store.storeAssociation(
'server-url',
OIDAssociation('handle', 'secret', timestamp, 600, 'HMAC-SHA1'))
self.assertEquals(self.store.removeAssociation('server-url', 'handle'),
True)
self.assertEquals(self.store.getAssociation('server-url', 'handle'),
None)
def test_storeAssociation_update_existing(self):
assoc = OIDAssociation('handle', 'secret', 42, 600, 'HMAC-SHA1')
self.store.storeAssociation('server-url', assoc)
# Now update the association with new information.
assoc = OIDAssociation('handle', 'secret2', 420, 900, 'HMAC-SHA256')
self.store.storeAssociation('server-url', assoc)
dbassoc = Association.objects.get(server_url='server-url',
handle='handle')
if isinstance(dbassoc.secret,
str) and not dbassoc.secret.startswith("b'"):
dbassoc.secret = bytes(dbassoc.secret, 'utf-8')
if PY3:
self.assertEqual('%s' % dbassoc.secret,
'%s' % base64.b64encode(b'secret2'))
else:
self.assertEqual('%s' % dbassoc.secret,
'%s' % base64.encodestring(b'secret2'))
self.assertEqual(dbassoc.issued, 420)
self.assertEqual(dbassoc.lifetime, 900)
self.assertEqual(dbassoc.assoc_type, 'HMAC-SHA256')
def test_storeAssociation(self):
assoc = OIDAssociation('handle', 'secret', 42, 600, 'HMAC-SHA1')
self.store.storeAssociation('server-url', assoc)
dbassoc = Association.objects.get(server_url='server-url',
handle='handle')
self.assertEquals(dbassoc.server_url, 'server-url')
self.assertEquals(dbassoc.handle, 'handle')
self.assertEquals(dbassoc.secret, 'secret'.encode('base-64'))
self.assertEquals(dbassoc.issued, 42)
self.assertEquals(dbassoc.lifetime, 600)
self.assertEquals(dbassoc.assoc_type, 'HMAC-SHA1')
def test_getAssociation_expired(self):
lifetime = 600
timestamp = int(time.time()) - 2 * lifetime
self.store.storeAssociation(
'server-url', OIDAssociation('handle', 'secret', timestamp,
lifetime, 'HMAC-SHA1'))
# The association is not returned, and is removed from the database.
assoc = self.store.getAssociation('server-url', 'handle')
self.assertEqual(assoc, None)
self.assertRaises(Association.DoesNotExist, Association.objects.get,
server_url='server-url', handle='handle')
def test_getAssociation(self):
timestamp = int(time.time())
self.store.storeAssociation(
'server-url',
OIDAssociation('handle', 'secret', timestamp, 600, 'HMAC-SHA1'))
assoc = self.store.getAssociation('server-url', 'handle')
self.assertTrue(isinstance(assoc, OIDAssociation))
self.assertEquals(assoc.handle, 'handle')
self.assertEquals(assoc.secret, b'secret')
self.assertEquals(assoc.issued, timestamp)
self.assertEquals(assoc.lifetime, 600)
self.assertEquals(assoc.assoc_type, 'HMAC-SHA1')
def get_oid_associations(cls, server_url, handle=None):
from social_auth.models import Association
args = {'server_url': server_url}
if handle is not None:
args['handle'] = handle
return sorted(
[(assoc.id,
OIDAssociation(assoc.handle, base64.decodestring(assoc.secret),
assoc.issued, assoc.lifetime, assoc.assoc_type))
for assoc in Association.objects.filter(**args)],
key=lambda x: x[1].issued,
reverse=True)
def getAssociation(self, server_url, handle=None):
stored_assocs = OpenIDStoreModel.objects.filter(server_url=server_url)
if handle:
stored_assocs = stored_assocs.filter(handle=handle)
stored_assocs.order_by('-issued')
if stored_assocs.count() == 0:
return None
stored_assoc = stored_assocs[0]
assoc = OIDAssociation(stored_assoc.handle,
base64.decodestring(stored_assoc.secret),
stored_assoc.issued, stored_assoc.lifetime,
stored_assoc.assoc_type)
return assoc
def test_storeAssociation(self):
assoc = OIDAssociation('handle', 'secret', 42, 600, 'HMAC-SHA1')
self.store.storeAssociation('server-url', assoc)
dbassoc = Association.objects.get(server_url='server-url',
handle='handle')
self.assertEquals(dbassoc.server_url, 'server-url')
self.assertEquals(dbassoc.handle, 'handle')
if isinstance(dbassoc.secret,
str) and not dbassoc.secret.startswith("b'"):
dbassoc.secret = bytes(dbassoc.secret, 'utf-8')
if PY3:
self.assertEquals('%s' % dbassoc.secret,
'%s' % base64.b64encode(b'secret'))
else:
self.assertEquals('%s' % dbassoc.secret,
'%s' % base64.encodestring(b'secret'))
self.assertEquals(dbassoc.issued, 42)
self.assertEquals(dbassoc.lifetime, 600)
self.assertEquals(dbassoc.assoc_type, 'HMAC-SHA1')
def handle(self, *args, **options):
from social_auth.models import Association
print('Clearing expired Association instances')
timestamp = time.time() + Signatory.SECRET_LIFETIME
associations = Association.objects.filter(issued__lt=timestamp)
remove = []
for assoc in associations:
oid = OIDAssociation(assoc.handle,
base64.decodestring(assoc.secret),
assoc.issued,
assoc.lifetime,
assoc.assoc_type)
if oid.getExpiresIn() == 0:
remove.append(assoc.pk)
if remove:
print('Cleaning %s Associations' % len(remove))
Association.filter(pk__in=remove).delete()
else:
print('No Associations to remove')
def getAssociation(self, server_url, handle=None):
assocs = []
if handle is not None:
assocs = Association.objects.filter(
server_url=server_url, handle=handle)
else:
assocs = Association.objects.filter(server_url=server_url)
associations = []
expired = []
for assoc in assocs:
if isinstance(assoc.secret, str) and PY3:
try:
assoc.secret = assoc.secret.split("b'")[1].split("'")[0]
except Exception:
pass
assoc.secret = bytes(assoc.secret, 'utf-8')
if isinstance(assoc.secret, bytes) and PY3:
assoc.secret = bytes(assoc.secret.decode('utf-8').rstrip(), 'utf-8')
if PY3:
decoded = base64.decodebytes(assoc.secret)
else:
decoded = base64.decodestring(assoc.secret)
association = OIDAssociation(
assoc.handle,
decoded,
assoc.issued, assoc.lifetime, assoc.assoc_type
)
if PY3:
expires_in = association.expiresIn
else:
expires_in = association.getExpiresIn()
if expires_in == 0:
expired.append(assoc)
else:
associations.append((association.issued, association))
for assoc in expired:
assoc.delete()
if not associations:
return None
associations.sort()
return associations[-1][1]
def getAssociation(self, server_url, handle=None):
"""Return stored assocition"""
args = {'server_url': server_url}
if handle is not None:
args['handle'] = handle
associations, expired = [], []
for assoc in Association.objects.filter(**args):
association = OIDAssociation(assoc.handle,
base64.decodestring(assoc.secret),
assoc.issued, assoc.lifetime,
assoc.assoc_type)
if association.getExpiresIn() == 0:
expired.append(assoc.id)
else:
associations.append(association)
if expired: # clear expired associations
Association.objects.filter(pk__in=expired).delete()
if associations: # return most recet association
associations.sort(key=lambda x: x.issued, reverse=True)
return associations[0]
def getAssociation(self, server_url, handle=None): # pragma: no cover
'''
Helper method to get associations
'''
assocs = []
if handle is not None:
assocs = OpenIDAssociation.objects.filter( # pylint: disable=no-member
server_url=server_url,
handle=handle)
else:
assocs = OpenIDAssociation.objects.filter( # pylint: disable=no-member
server_url=server_url)
if not assocs:
return None
associations = []
for assoc in assocs:
if isinstance(assoc.secret, str):
assoc.secret = assoc.secret.split("b'")[1].split("'")[0]
assoc.secret = bytes(assoc.secret, 'utf-8')
association = OIDAssociation(assoc.handle,
base64.decodebytes(assoc.secret),
assoc.issued, assoc.lifetime,
assoc.assoc_type)
expires = 0
try:
# pylint: disable=no-member
expires = association.getExpiresIn()
except AttributeError:
expires = association.expiresIn
if expires == 0:
self.removeAssociation(server_url, assoc.handle)
else:
associations.append((association.issued, association))
if not associations:
return None
return associations[-1][1]
