def test_require_2fa__delete_with_multiple_auth__ok(self, email_log): self._require_2fa_for_organization() new_options = settings.SENTRY_OPTIONS.copy() new_options["sms.twilio-account"] = "twilio-account" with self.settings(SENTRY_OPTIONS=new_options): # enroll in two auth methods interface = SmsInterface() interface.phone_number = "5551231234" interface.enroll(self.user) interface = TotpInterface() interface.enroll(self.user) auth = interface.authenticator url = reverse( "sentry-api-0-user-authenticator-details", kwargs={"user_id": self.user.id, "auth_id": auth.id}, ) resp = self.client.delete(url, format="json") assert resp.status_code == 204, (resp.status_code, resp.content) assert not Authenticator.objects.filter(id=auth.id).exists() self._assert_security_email_sent("mfa-removed", email_log)
def test_sms_get_phone(self): interface = SmsInterface() interface.phone_number = "5551231234" interface.enroll(self.user) resp = self.get_success_response(self.user.id, interface.authenticator.id) assert resp.data["id"] == "sms" assert resp.data["authId"] == str(interface.authenticator.id) assert resp.data["phone"] == "5551231234" # should not have these because enrollment assert "totp_secret" not in resp.data assert "form" not in resp.data
def test_sms_get_phone(self): interface = SmsInterface() interface.phone_number = "5551231234" interface.enroll(self.user) url = reverse( "sentry-api-0-user-authenticator-details", kwargs={"user_id": self.user.id, "auth_id": interface.authenticator.id}, ) resp = self.client.get(url) assert resp.status_code == 200 assert resp.data["id"] == "sms" assert resp.data["authId"] == six.text_type(interface.authenticator.id) assert resp.data["phone"] == "5551231234" # should not have these because enrollment assert "totp_secret" not in resp.data assert "form" not in resp.data
def test_activate(self): request = HttpRequest() request.user = self.user request.META["REMOTE_ADDR"] = "127.0.0.1" responses.add( responses.POST, "https://api.twilio.com/2010-04-01/Accounts/ACXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX/Messages.json", json={ "account_sid": "ACXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", "api_version": "2010-04-01", "body": "Hi there!", "date_created": "Thu, 30 Jul 2015 20:12:31 +0000", "date_sent": "Thu, 30 Jul 2015 20:12:33 +0000", "date_updated": "Thu, 30 Jul 2015 20:12:33 +0000", "direction": "outbound-api", "error_code": None, "error_message": None, "from": "+15551231234", "messaging_service_sid": None, "num_media": "0", "num_segments": "1", "price": None, "price_unit": None, "sid": "SMXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", "status": "sent", "subresource_uris": { "media": "/2010-04-01/Accounts/ACXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX/Messages/SMXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX/Media.json" }, "to": "+15551231234", "uri": "/2010-04-01/Accounts/ACXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX/Messages/SMXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX.json", }, ) interface = SmsInterface() interface.phone_number = "5551231234" with self.options({"sms.twilio-account": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"}): rv = interface.activate(request) assert ( rv.message == "A confirmation code was sent to <strong>(***) ***-**34</strong>. It is valid for 45 seconds." )
def test_require_2fa__delete_with_multiple_auth__ok(self): self._require_2fa_for_organization() new_options = settings.SENTRY_OPTIONS.copy() new_options["sms.twilio-account"] = "twilio-account" with self.settings(SENTRY_OPTIONS=new_options): # enroll in two auth methods interface = SmsInterface() interface.phone_number = "5551231234" interface.enroll(self.user) interface = TotpInterface() interface.enroll(self.user) auth = interface.authenticator with self.tasks(): self.get_success_response(self.user.id, auth.id, method="delete") assert not Authenticator.objects.filter(id=auth.id).exists() assert_security_email_sent("mfa-removed")