def test_auth_data_resource(
api_client,
data_source,
resource_factory,
resource_origin_factory,
hsa_params_factory,
):
resource = resource_factory()
resource_origin_factory(resource=resource, data_source=data_source)
hsa_params = {
"username": "******",
"data_source": data_source,
"resource": resource,
}
params = hsa_params_factory(**hsa_params)
# Create a fake DRF request
request_factory = APIRequestFactory()
http_request = request_factory.get("/", params)
request = APIView().initialize_request(http_request)
auth = HaukiSignedAuthentication()
(authenticated_user, auth) = auth.authenticate(request)
assert authenticated_user.id is not None
assert authenticated_user.username == "test_user"
assert auth.user == authenticated_user
assert auth.user_origin.data_source == data_source
assert auth.has_organization_rights is False
assert auth.organization is None
assert auth.resource == resource
def test_authenticate_existing_user_existing_same_data_source(
api_client, data_source, signed_auth_key_factory, user_factory, user_origin_factory
):
signed_auth_key = signed_auth_key_factory(data_source=data_source)
user = user_factory()
user_origin_factory(user=user, data_source=data_source)
now = datetime.datetime.utcnow()
data = {
"hsa_source": data_source.id,
"hsa_username": user.username,
"hsa_created_at": now.isoformat() + "Z",
"hsa_valid_until": (now + datetime.timedelta(minutes=10)).isoformat() + "Z",
}
source_string = join_params(data)
signature = calculate_signature(signed_auth_key.signing_key, source_string)
params = {**data, "hsa_signature": signature}
# Create a fake DRF request
request_factory = APIRequestFactory()
http_request = request_factory.get("/", params)
request = APIView().initialize_request(http_request)
auth = HaukiSignedAuthentication()
authenticated_user = auth.authenticate(request)[0]
assert authenticated_user.id == user.id
assert authenticated_user.username == user.username
def test_authenticate_existing_user_existing_different_data_source(
api_client,
data_source_factory,
signed_auth_key_factory,
user_factory,
user_origin_factory,
):
data_source1 = data_source_factory()
data_source2 = data_source_factory()
signed_auth_key = signed_auth_key_factory(data_source=data_source1)
user = user_factory()
user_origin_factory(user=user, data_source=data_source2)
now = datetime.datetime.utcnow()
data = {
"hsa_source": data_source1.id,
"hsa_username": user.username,
"hsa_created_at": now.isoformat() + "Z",
"hsa_valid_until": (now + datetime.timedelta(minutes=10)).isoformat() + "Z",
}
source_string = join_params(data)
signature = calculate_signature(signed_auth_key.signing_key, source_string)
params = {**data, "hsa_signature": signature}
# Create a fake DRF request
request_factory = APIRequestFactory()
http_request = request_factory.get("/", params)
request = APIView().initialize_request(http_request)
auth = HaukiSignedAuthentication()
with pytest.raises(AuthenticationFailed) as e:
auth.authenticate(request)[0]
assert e.value.detail == "User not from the same data source"