def test_policy_submission_with_valid_data_DEPR(gpg_key, gpg, factories, api_client, user, policy_data, monkeypatch, job_data): policy_data['identity']['verification_data']['proofs'].append({'dummy': 'data'}) policy_data['employmentHistory']['jobs'].append(job_data) monkeypatch.setitem(testing.PROOF_DB, ('test',), policy_data['identity']['verification_data']['proofs']) # sanity check that we are using valid test data. validate_policy_application(policy_data) policy_application = factories.PolicyApplicationFactory( user=user, data=json.dumps(policy_data), ) # sanity check that it isn't already finalized assert not policy_application.is_final submit_url = reverse('v1:policy-submit', kwargs={'pk': policy_application.pk}) data = { 'keybase_username': '******', 'signed_message': gpg.sign(policy_application.data).data, } response = api_client.post(submit_url, data) assert response.status_code == status.HTTP_200_OK, response.data policy_application = PolicyApplication.objects.get() assert policy_application.is_final is True assert policy_application.review_tasks.count() == 0 assert policy_application.state == POLICY_STATUS_SUBMITTED
def test_generate_employment_history_job_records_extended(gpg_key, gpg, factories, api_client, user, policy_data, monkeypatch, job_data_extended): policy_data['identity']['verification_data']['proofs'].append({'dummy': 'data'}) policy_data['employmentHistory']['jobs'].append(job_data_extended) monkeypatch.setitem(testing.PROOF_DB, ('test',), policy_data['identity']['verification_data']['proofs']) # sanity check that we are using valid test data. validate_policy_application(policy_data) policy_application = factories.PolicyApplicationFactory( user=user, data=json.dumps(policy_data), ) generate_employment_history_job_records(policy_application) job_record = EmploymentHistoryJob.objects.get() assert job_record.user == policy_application.user assert job_record.policy == policy_application assert job_record.company == job_data_extended['company'] assert job_record.is_current_job == job_data_extended['currentJob'] assert job_record.notes == job_data_extended['notes'] assert job_record.state == job_data_extended['state'] assert job_record.city == job_data_extended['city'] assert job_record.confirmer_email == job_data_extended['confirmerEmail'] assert job_record.confirmer_name == job_data_extended['confirmerName'] assert job_record.job_titile == job_data_extended['jobTitile'] assert job_record.date_begin.month == int(job_data_extended['startMonth']) + 1 assert job_record.date_begin.year == int(job_data_extended['startYear']) assert job_record.date_end.month == int(job_data_extended['endMonth']) + 1 assert job_record.date_end.year == int(job_data_extended['endYear'])
def test_policy_submission_with_invalid_signature(gpg_key, generate_gpg_key, gpg, factories, policy_data): # sanity check that we are using valid test data. validate_policy_application(policy_data) policy_application = factories.PolicyApplicationFactory(data=json.dumps(policy_data)) other_key = generate_gpg_key('wrong_username') data = { 'keybase_username': '******', 'signed_message': gpg.sign(policy_application.data, keyid=other_key.fingerprint).data, } serializer = PolicySubmissionSerializer(policy_application, data=data) assert not serializer.is_valid() assert serializer.error_messages['signature_invalid'] in serializer.errors['non_field_errors']
def test_generate_employment_history_job_records_incorrect_job_data(gpg_key, gpg, factories, api_client, user, policy_data, monkeypatch): policy_data['identity']['verification_data']['proofs'].append({'dummy': 'data'}) policy_data['employmentHistory']['jobs'].append({'dummy': 'data'}) monkeypatch.setitem(testing.PROOF_DB, ('test',), policy_data['identity']['verification_data']['proofs']) # sanity check that we are using valid test data. validate_policy_application(policy_data) policy_application = factories.PolicyApplicationFactory( user=user, data=json.dumps(policy_data), ) with pytest.raises(ValidationError) as excinfo: generate_employment_history_job_records(policy_application) assert excinfo.value.detail[0] == 'Incorrect job data'
def validate(self, data): keybase_username = data["keybase_username"] signed_message = data['signed_message'] public_key_provider = get_provider() public_key_pem = public_key_provider.get_public_key(keybase_username) with gpg_keyring(public_key_pem) as gpg: verification = gpg.verify(signed_message) validate_signature(verification) message = gpg.decrypt(signed_message).data try: policy_data = json.loads(message) except ValueError: raise serializers.ValidationError(self.error_messages['json_invalid']) validate_policy_application(policy_data) expected_proofs = public_key_provider.get_proofs(keybase_username) actual_proofs = policy_data['identity']['verification_data']['proofs'] expected_proofs_set = set(json.dumps(v, sort_keys=True) for v in expected_proofs) actual_proofs_set = set(json.dumps(v, sort_keys=True) for v in actual_proofs) if expected_proofs_set != actual_proofs_set: raise serializers.ValidationError(self.error_messages['proofs_invalid']) validated_data = { 'is_final': True, 'data': json.dumps({ 'policy_data': policy_data, 'signed_message': signed_message, 'public_key': public_key_pem, 'public_key_provider': public_key_provider.name, 'public_key_identity': { 'username': keybase_username, } }, sort_keys=True), 'is_signed': True } return validated_data
def test_policy_submission_with_valid_data(gpg_key, gpg, factories, policy_data): # sanity check that we are using valid test data. validate_policy_application(policy_data) policy_application = factories.PolicyApplicationFactory(data=json.dumps(policy_data)) data = { 'keybase_username': '******', 'signed_message': gpg.sign(policy_application.data).data, } serializer = PolicySubmissionSerializer(policy_application, data=data) assert serializer.is_valid(), serializer.errors assert policy_application.is_final is False saved_policy_application = serializer.save() assert saved_policy_application.pk == policy_application.pk assert saved_policy_application.is_final is True assert saved_policy_application.is_signed is True
def test_policy_submission_with_out_of_order_proofs(gpg_key, gpg, factories, policy_data, monkeypatch): proof_a = { 'field-a': 'x', 'field-b': 'y', } proof_b = { 'field-a': '1', 'field-b': '2', } policy_data['identity']['verification_data']['proofs'] = [proof_a, proof_b] monkeypatch.setitem(testing.PROOF_DB, ('test',), [proof_b, proof_a]) # sanity check that we are using valid test data. validate_policy_application(policy_data) policy_application = factories.PolicyApplicationFactory(data=json.dumps(policy_data)) data = { 'keybase_username': '******', 'signed_message': gpg.sign(policy_application.data).data, } serializer = PolicySubmissionSerializer(policy_application, data=data) assert serializer.is_valid(), serializer.errors