class TestEncryption(unittest.TestCase): def setUp(self): secret_key = os.urandom(32) self.cipher = DataCipher(secret_key) def test_it_encrypts_and_decrypts(self): secret = {"to_happiness": "money"} encrypted = self.cipher.encrypt(secret) assert type(encrypted) == bytes decrypted = self.cipher.decrypt(encrypted) assert decrypted["to_happiness"] == secret["to_happiness"] def test_other_data_types(self): a = [1, 2, 3, 4, 5, 6] assert a == self.cipher.decrypt(self.cipher.encrypt(a)) b = 123456.78 assert b == self.cipher.decrypt(self.cipher.encrypt(b)) c = "a secret message" assert c == self.cipher.decrypt(self.cipher.encrypt(c))
def post(self): request_data = request.get_json() if request_data is None: error(400, "No json data in request body") check_data_fields( request_data, ["first_name", "last_name", "middle_name", "birth_date"]) cipher = DataCipher(key=current_app.config.get("SECRET_KEY")) decrypted_credentials = cipher.decrypt(request.cookies["oeci_token"]) login_result = (decrypted_credentials["oeci_username"] == "username" and decrypted_credentials["oeci_password"] == "password") if login_result is False: error(401, "Attempted login to OECI failed") record = build_record() response_data = {"data": {"record": record}} current_app.json_encoder = ExpungeModelEncoder return response_data # Json-encoding happens automatically here
def _oeci_login_params(request): cipher = DataCipher(key=current_app.config.get("SECRET_KEY")) if not "oeci_token" in request.cookies.keys(): error(401, "Missing login credentials to OECI.") decrypted_credentials = cipher.decrypt(request.cookies["oeci_token"]) return decrypted_credentials["oeci_username"], decrypted_credentials[ "oeci_password"]
def post(self): request_data = request.get_json() if request_data is None or not request_data.get("aliases"): error(400, "No json data in request body") check_data_fields(request_data, ["aliases"]) for alias in request_data["aliases"]: check_data_fields( alias, ["first_name", "last_name", "middle_name", "birth_date"]) cipher = DataCipher(key=current_app.config.get("SECRET_KEY")) if not "oeci_token" in request.cookies.keys(): error(401, "Missing login credentials to OECI.") decrypted_credentials = cipher.decrypt(request.cookies["oeci_token"]) username, password = decrypted_credentials[ "oeci_username"], decrypted_credentials["oeci_password"] record, ambiguous_record, questions = RecordCreator.build_record( username, password, request_data["aliases"]) if questions: session["ambiguous_record"] = pickle.dumps(ambiguous_record) try: save_result(request_data, record) except Exception as ex: logging.error("Saving search result failed with exception: %s" % ex, stack_info=True) record_summary = RecordSummarizer.summarize(record, questions) response_data = {"data": {"record": record_summary}} encoded_response = json.dumps(response_data, cls=ExpungeModelEncoder) return encoded_response
def post(self): request_data = request.get_json() if request_data is None or not request_data.get("names"): error(400, "No json data in request body") for alias in request_data["names"]: check_data_fields( alias, ["first_name", "last_name", "middle_name", "birth_date"]) cipher = DataCipher(key=current_app.config.get("SECRET_KEY")) if not "oeci_token" in request.cookies.keys(): error(401, "Missing login credentials to OECI.") decrypted_credentials = cipher.decrypt(request.cookies["oeci_token"]) crawler = Crawler() login_result = crawler.login(decrypted_credentials["oeci_username"], decrypted_credentials["oeci_password"], close_session=False) if login_result is False: error(401, "Attempted login to OECI failed") cases: List[Case] = [] for alias in request_data["names"]: cases += crawler.search( alias["first_name"], alias["last_name"], alias["middle_name"], alias["birth_date"], ).cases cases_with_unique_case_number = [ list(group)[0] for key, group in groupby(cases, lambda case: case.case_number) ] record = Record(cases_with_unique_case_number) expunger = Expunger(record) expunger.run() try: save_result(request_data, record) except Exception as ex: logging.error("Saving search result failed with exception: %s" % ex, stack_info=True) record_summary = RecordSummarizer.summarize(record) response_data = {"data": {"record": record_summary}} current_app.json_encoder = ExpungeModelEncoder return response_data # Json-encoding happens automatically here
class TestOeciLogin(EndpointShared): def setUp(self): EndpointShared.setUp(self) self.crawler_login = oeci_login.Crawler.login with self.app.app_context(): self.cipher = DataCipher(key=current_app.config.get("SECRET_KEY")) def tearDown(self): oeci_login.Crawler.login = self.crawler_login def mock_login(self, value): return lambda s, username, password, close_session: value def test_oeci_login_success(self): self.login(self.user_data["user1"]["email"], self.user_data["user1"]["password"]) oeci_login.Crawler.login = self.mock_login(True) self.client.post("/api/oeci_login", json={ "oeci_username": "******", "oeci_password": "******" }) credentials_cookie_string = self.client.cookie_jar._cookies[ "localhost.local"]["/"]["oeci_token"].value creds = self.cipher.decrypt(credentials_cookie_string) assert creds["oeci_username"] == "correctname" assert creds["oeci_password"] == "correctpwd" def test_oeci_login_invalid_credentials(self): self.login(self.user_data["user1"]["email"], self.user_data["user1"]["password"]) oeci_login.Crawler.login = self.mock_login(False) response = self.client.post("/api/oeci_login", json={ "oeci_username": "******", "oeci_password": "******" }) assert (response.status_code == 401)
def post(self): request_data = request.get_json() if request_data is None: error(400, "No json data in request body") check_data_fields( request_data, ["first_name", "last_name", "middle_name", "birth_date"]) cipher = DataCipher(key=current_app.config.get("SECRET_KEY")) if not "oeci_token" in request.cookies.keys(): error(401, "Missing login credentials to OECI.") decrypted_credentials = cipher.decrypt(request.cookies["oeci_token"]) crawler = Crawler() login_result = crawler.login(decrypted_credentials["oeci_username"], decrypted_credentials["oeci_password"], close_session=False) if login_result is False: error(401, "Attempted login to OECI failed") record = crawler.search(request_data["first_name"], request_data["last_name"], request_data["middle_name"], request_data["birth_date"]) expunger = Expunger(record) expunger.run() try: save_result(request_data, record) except Exception as ex: logging.error("Saving search result failed with exception: %s" % ex, stack_info=True) response_data = {"data": {"record": record}} current_app.json_encoder = ExpungeModelEncoder return response_data #Json-encoding happens automatically here
def post(self): request_data = request.get_json() if request_data is None: error(400, "No json data in request body") check_data_fields(request_data, ["first_name", "last_name", "middle_name", "birth_date"]) cipher = DataCipher( key=current_app.config.get("JWT_SECRET_KEY")) decrypted_credentials = cipher.decrypt(request.cookies["oeci_token"]) crawler = Crawler() login_result = crawler.login( decrypted_credentials["oeci_username"], decrypted_credentials["oeci_password"], close_session=False) if login_result is False: error(401, "Attempted login to OECI failed") record = crawler.search( request_data["first_name"], request_data["last_name"], request_data["middle_name"], request_data["birth_date"]) expunger = Expunger(record) expunger.run() response_data = { "data": { "record": record } } current_app.json_encoder = ExpungeModelEncoder return response_data #Json-encoding happens automatically here
def post(self): request_data = request.get_json() if request_data is None: error(400, "No json data in request body") check_data_fields( request_data, ["first_name", "last_name", "middle_name", "birth_date"]) cipher = DataCipher(key=current_app.config.get("JWT_SECRET_KEY")) decrypted_credentials = cipher.decrypt(request.cookies["oeci_token"]) crawler = Crawler() login_result = (decrypted_credentials["oeci_username"] == "username" and decrypted_credentials["oeci_password"] == "password") if login_result is False: error(401, "Attempted login to OECI failed") response_data = json.loads("""{"data": {"record": { "total_balance_due": 4550.4, "cases": [ { "name": "Doe, John D", "birth_year": 1943, "case_number": "X0001", "citation_number": "C0001", "location": "Multnomah", "date": "Sat, 23 Mar 1963 00:00:00 GMT", "violation_type": "Offense Misdemeanor", "current_status": "Closed", "charges": [ { "name": "Driving Uninsured", "statute": "806010", "level": "Class B Felony", "date": "Sun, 12 Mar 2017 00:00:00 GMT", "disposition": { "date": "Mon, 12 Jun 2017 00:00:00 GMT", "ruling": "Convicted - Failure to Appear" }, "expungement_result": { "type_eligibility": false, "type_eligibility_reason": "Ineligible under 137.225(5)", "time_eligibility": null, "time_eligibility_reason": null, "date_of_eligibility": null } }, { "name": "Violation Driving While Suspended or Revoked", "statute": "811175", "level": "Class B Felony", "date": "Sun, 12 Mar 2017 00:00:00 GMT", "disposition": { "date": "Mon, 12 Jun 2017 00:00:00 GMT", "ruling": "Dismissed" }, "expungement_result": { "type_eligibility": true, "type_eligibility_reason": "Eligible under 137.225(1)(b)", "time_eligibility": null, "time_eligibility_reason": null, "date_of_eligibility": null } }, { "name": "Failure to Obey Traffic Control Device", "statute": "811265", "level": "Class B Felony", "date": "Sun, 12 Mar 2017 00:00:00 GMT", "disposition": { "date": "Mon, 12 Jun 2017 00:00:00 GMT", "ruling": "Dismissed" }, "expungement_result": { "type_eligibility": true, "type_eligibility_reason": "Eligible under 137.225(1)(b)", "time_eligibility": null, "time_eligibility_reason": null, "date_of_eligibility": null } } ], "balance_due": 1516.8, "case_detail_link": "https://publicaccess.courts.oregon.gov/PublicAccessLogin/CaseDetail.aspx?CaseID=X0001" }, { "name": "Doe, John D", "birth_year": 1943, "case_number": "X0002", "citation_number": "C0002", "location": "Multnomah", "date": "Thu, 11 Apr 1963 00:00:00 GMT", "violation_type": "Offense Felony", "current_status": "Closed", "charges": [ { "name": "Driving Uninsured", "statute": "806010", "level": "Class B Felony", "date": "Sun, 12 Mar 2017 00:00:00 GMT", "disposition": { "date": "Mon, 12 Jun 2017 00:00:00 GMT", "ruling": "Convicted - Failure to Appear" }, "expungement_result": { "type_eligibility": false, "type_eligibility_reason": "Ineligible under 137.225(5)", "time_eligibility": null, "time_eligibility_reason": null, "date_of_eligibility": null } }, { "name": "Violation Driving While Suspended or Revoked", "statute": "811175", "level": "Class B Felony", "date": "Sun, 12 Mar 2017 00:00:00 GMT", "disposition": { "date": "Mon, 12 Jun 2017 00:00:00 GMT", "ruling": "Dismissed" }, "expungement_result": { "type_eligibility": true, "type_eligibility_reason": "Eligible under 137.225(1)(b)", "time_eligibility": null, "time_eligibility_reason": null, "date_of_eligibility": null } }, { "name": "Failure to Obey Traffic Control Device", "statute": "811265", "level": "Class B Felony", "date": "Sun, 12 Mar 2017 00:00:00 GMT", "disposition": { "date": "Mon, 12 Jun 2017 00:00:00 GMT", "ruling": "Dismissed" }, "expungement_result": { "type_eligibility": true, "type_eligibility_reason": "Eligible under 137.225(1)(b)", "time_eligibility": null, "time_eligibility_reason": null, "date_of_eligibility": null } } ], "balance_due": 1516.8, "case_detail_link": "https://publicaccess.courts.oregon.gov/PublicAccessLogin/CaseDetail.aspx?CaseID=X0002" }, { "name": "Doe, John D", "birth_year": 1943, "case_number": "X0003", "citation_number": "", "location": "Multnomah", "date": "Sun, 01 Apr 2012 00:00:00 GMT", "violation_type": "Offense Misdemeanor", "current_status": "Closed", "charges": [ { "name": "Driving Uninsured", "statute": "806010", "level": "Class B Felony", "date": "Sun, 12 Mar 2017 00:00:00 GMT", "disposition": { "date": "Mon, 12 Jun 2017 00:00:00 GMT", "ruling": "Convicted - Failure to Appear" }, "expungement_result": { "type_eligibility": false, "type_eligibility_reason": "Ineligible under 137.225(5)", "time_eligibility": null, "time_eligibility_reason": null, "date_of_eligibility": null } }, { "name": "Violation Driving While Suspended or Revoked", "statute": "811175", "level": "Class B Felony", "date": "Sun, 12 Mar 2017 00:00:00 GMT", "disposition": { "date": "Mon, 12 Jun 2017 00:00:00 GMT", "ruling": "Dismissed" }, "expungement_result": { "type_eligibility": true, "type_eligibility_reason": "Eligible under 137.225(1)(b)", "time_eligibility": null, "time_eligibility_reason": null, "date_of_eligibility": null } }, { "name": "Failure to Obey Traffic Control Device", "statute": "811265", "level": "Class B Felony", "date": "Sun, 12 Mar 2017 00:00:00 GMT", "disposition": { "date": "Mon, 12 Jun 2017 00:00:00 GMT", "ruling": "Dismissed" }, "expungement_result": { "type_eligibility": true, "type_eligibility_reason": "Eligible under 137.225(1)(b)", "time_eligibility": null, "time_eligibility_reason": null, "date_of_eligibility": null } } ], "balance_due": 1516.8, "case_detail_link": "https://publicaccess.courts.oregon.gov/PublicAccessLogin/CaseDetail.aspx?CaseID=X0003" } ], "errors": [] } }}""") return response_data #Json-encoding happens automatically here