def forwards(apps, schema_editor): SocialToken = apps.get_model("socialaccount", "SocialToken") for token in SocialToken.objects.all(): token.token = fernet_encrypt(token.token) token.token_secret = fernet_encrypt(token.token_secret) token.save()
class SocialTokenFactory(factory.django.DjangoModelFactory): class Meta: model = SocialToken token = fernet_encrypt("0123456789abcdef") token_secret = fernet_encrypt("secret.0123456789abcdef") app = factory.SubFactory(SocialAppFactory)
def parse_token(self, data): """Wrap OAuth2Base.parse_token to encrypt tokens for storage. Called from OAuth2CallbackView""" data["access_token"] = fernet_encrypt(data["access_token"]) data["refresh_token"] = fernet_encrypt(data["refresh_token"]) return super().parse_token(data)
def test_complete_login(self, mocker, rf): # This is a mess of terrible mocking and I do not like it. # This is really just to exercise the mixin, and confirm that it # assigns instance_url get = mocker.patch("requests.get") userinfo_mock = mock.MagicMock() userinfo_mock.json.return_value = { "organization_id": "00D000000000001EAA", "urls": mock.MagicMock(), } get.side_effect = [userinfo_mock, mock.MagicMock(), mock.MagicMock()] adapter = SalesforceOAuth2Mixin() adapter.userinfo_url = None adapter.get_provider = mock.MagicMock() slfr = mock.MagicMock() slfr.account.extra_data = {} prov_ret = mock.MagicMock() prov_ret.sociallogin_from_response.return_value = slfr adapter.get_provider.return_value = prov_ret request = rf.get("/") request.session = {"socialaccount_state": (None, "some-verifier")} token = mock.MagicMock() token.token = fernet_encrypt("token") ret = adapter.complete_login( request, None, token, response={"instance_url": "https://example.com"}) assert ret.account.extra_data["instance_url"] == "https://example.com"
def test_complete_login_fail(self, rf, mocker): # This is a mess of terrible mocking and I do not like it. bad_response = mock.MagicMock() bad_response.raise_for_status.side_effect = requests.HTTPError get = mocker.patch("requests.get") insufficient_perms_mock = mock.MagicMock() insufficient_perms_mock.json.return_value = { "userSettings": { "canModifyAllData": False } } get.side_effect = [mock.MagicMock(), insufficient_perms_mock] adapter = SalesforceOAuth2Mixin() adapter.userinfo_url = None adapter.get_provider = mock.MagicMock() slfr = mock.MagicMock() slfr.account.extra_data = {} prov_ret = mock.MagicMock() prov_ret.sociallogin_from_response.return_value = slfr adapter.get_provider.return_value = prov_ret request = rf.get("/") request.session = {"socialaccount_state": (None, "some-verifier")} token = mock.MagicMock() token.token = fernet_encrypt("token") with pytest.raises(SalesforcePermissionsError): adapter.complete_login(request, None, token, response={})
def test_complete_login__api_disabled_for_org(self, rf, mocker): get = mocker.patch("requests.get") userinfo_mock = mock.MagicMock() userinfo_mock.json.return_value = { "organization_id": "00D000000000001EAA", "user_id": "003000000000001", "preferred_username": "******", "language": "en_US", "urls": mock.MagicMock(), } api_disabled_mock = mock.MagicMock(status_code=403) api_disabled_mock.json.return_value = [{ "message": "The REST API is not enabled for this Organization.", "errorCode": "API_DISABLED_FOR_ORG", }] get.side_effect = [userinfo_mock, mock.MagicMock(), api_disabled_mock] request = rf.post("/") request.session = {"socialaccount_state": (None, "some-verifier")} adapter = SalesforceOAuth2Adapter(request) adapter.get_provider = mock.MagicMock() slfr = mock.MagicMock() slfr.account.extra_data = {} prov_ret = mock.MagicMock() prov_ret.sociallogin_from_response.return_value = slfr adapter.get_provider.return_value = prov_ret token = mock.MagicMock() token.token = fernet_encrypt("token") with pytest.raises(SalesforcePermissionsError): adapter.complete_login(request, None, token, response={})
def test_complete_login__no_modify_all_data_perm(self, rf, mocker): bad_response = mock.MagicMock() bad_response.raise_for_status.side_effect = requests.HTTPError get = mocker.patch("requests.get") insufficient_perms_mock = mock.MagicMock() insufficient_perms_mock.json.return_value = { "userSettings": { "canModifyAllData": False } } get.side_effect = [mock.MagicMock(), insufficient_perms_mock] request = rf.post("/") request.session = {"socialaccount_state": (None, "some-verifier")} adapter = SalesforceOAuth2Adapter(request) adapter.get_provider = mock.MagicMock() slfr = mock.MagicMock() slfr.account.extra_data = {} prov_ret = mock.MagicMock() prov_ret.sociallogin_from_response.return_value = slfr adapter.get_provider.return_value = prov_ret token = mock.MagicMock() token.token = fernet_encrypt("token") with pytest.raises(SalesforcePermissionsError): adapter.complete_login(request, None, token, response={})
def test_complete_login(self, mocker, rf): get = mocker.patch("requests.get") userinfo_mock = mock.MagicMock() userinfo_mock.json.return_value = { "organization_id": "00D000000000001EAA", "user_id": "003000000000001", "preferred_username": "******", "language": "en_US", "urls": mock.MagicMock(), } get.side_effect = [userinfo_mock, mock.MagicMock(), mock.MagicMock()] request = rf.post("/") request.session = {"socialaccount_state": (None, "some-verifier")} adapter = SalesforceOAuth2Adapter(request) adapter.get_provider = mock.MagicMock() slfr = mock.MagicMock() slfr.account.extra_data = {} prov_ret = mock.MagicMock() prov_ret.sociallogin_from_response.return_value = slfr adapter.get_provider.return_value = prov_ret token = mock.MagicMock(app=SocialApp(provider="salesforce")) token.token = fernet_encrypt("token") ret = adapter.complete_login( request, None, token, response={"instance_url": "https://example.com"}) assert ret.account.extra_data["instance_url"] == "https://example.com"
def test_complete_login__org_info_not_required(self, rf, mocker): bad_response = mock.MagicMock() bad_response.raise_for_status.side_effect = requests.HTTPError get = mocker.patch("requests.get") insufficient_perms_mock = mock.MagicMock() insufficient_perms_mock.json.return_value = { "userSettings": { "canModifyAllData": False } } get.side_effect = [mock.MagicMock(), insufficient_perms_mock] request = rf.post("/") request.session = {"socialaccount_state": (None, "some-verifier")} adapter = SalesforceOAuth2Adapter(request) adapter.get_provider = mock.MagicMock() slfr = mock.MagicMock() slfr.account.extra_data = {} prov_ret = mock.MagicMock() prov_ret.sociallogin_from_response.return_value = slfr adapter.get_provider.return_value = prov_ret token = mock.MagicMock() token.token = fernet_encrypt("token") mocker.patch( "sfdo_template_helpers.oauth2.salesforce.views.settings", SOCIALACCOUNT_SALESFORCE_REQUIRE_ORG_DETAILS=False, ) ret = adapter.complete_login(request, None, token, response={}) assert ret.account.extra_data["organization_details"] is None
def test_complete_login_fail(self, rf, mocker): # This is a mess of terrible mocking and I do not like it. # This is really just to exercise the mixin, and confirm that it # assigns organization_details to None if there's an error. bad_response = mock.MagicMock() bad_response.raise_for_status.side_effect = requests.HTTPError get = mocker.patch("requests.get") insufficient_perms_mock = mock.MagicMock() insufficient_perms_mock.json.return_value = { "userSettings": { "canModifyAllData": False } } get.side_effect = [mock.MagicMock(), insufficient_perms_mock] adapter = SalesforceOAuth2Mixin() adapter.userinfo_url = None adapter.get_provider = mock.MagicMock() slfr = mock.MagicMock() slfr.account.extra_data = {} prov_ret = mock.MagicMock() prov_ret.sociallogin_from_response.return_value = slfr adapter.get_provider.return_value = prov_ret request = rf.get("/") request.session = {"socialaccount_state": (None, "some-verifier")} token = mock.MagicMock() token.token = fernet_encrypt("token") ret = adapter.complete_login(request, None, token, response={}) assert ret.account.extra_data["organization_details"] is None
def test_roundtrip(): s = "I am a test string." assert fernet_encrypt(s) != s assert fernet_decrypt(fernet_encrypt(s)) == s