def unregistered_user_can_register_with_facebook_in_the_middle_of_login_procedure_of_a_served_application(self): if config.skipFacebookTests: return driver = self.driver self._gotoOauthPage(driver) self.switchToTab('registration') driver.find_element_by_id("Facebook_registration_button").click() time.sleep(1) self.master = driver.current_window_handle timeCount = 1; while (len(driver.window_handles) == 1 ): time timeCount += 1 if ( timeCount > 50 ): break; for handle in driver.window_handles: if handle!=self.master: driver.switch_to.window(handle) driver.find_element_by_id("pass").clear() driver.find_element_by_id("pass").send_keys(config.fbpassword2) driver.find_element_by_id("email").clear() driver.find_element_by_id("email").send_keys(config.fbuser2) driver.find_element_by_id("u_0_2").click() driver.switch_to.window(self.master) time.sleep(5) self.assertTrue(driver.current_url.startswith(self.redirect_uri.lower())) self.user = User.getByEmail(config.fbuser2) Credential.getByUser(self.user, "facebook").rm() self.user.rm()
def you_can_login_using_facebook(self): if config.skipFacebookTests: return self.user = self.createUserWithCredentials("facebook", config.fbuserid, None, config.fbuser) self.user.activate() driver = self.driver driver.get(self.base_url+"/static/login.html") self.switchToTab("login") driver.find_element_by_id("Facebook_login_button").click() time.sleep(1) self._switchWindow(driver) driver.find_element_by_id("pass").clear() driver.find_element_by_id("pass").send_keys(config.fbpassword) driver.find_element_by_id("email").clear() driver.find_element_by_id("email").send_keys(config.fbuser) driver.find_element_by_id("u_0_2").click() driver.switch_to.window(self.master) time.sleep(1) self.assertEqual(self.base_url + "/static/login.html", driver.current_url) body = driver.find_element_by_id("message").text self.assertEqual("", body) body = driver.find_element_by_id("userdata").text self.assertTrue("*****@*****.**"in body) Credential.getByUser(self.user, "facebook").rm() self.user.rm()
def test_password_reset_creates_password_if_it_does_not_exists(self): form = self.createPasswordResetFormWithSecret() user = User.getByEmail(self.userCreationEmail) passcred = Credential.getByUser(user, "password") passcred.rm() self.controller.doPasswordReset(form) newPassCred = Credential.getByUser(user, "password") self.assertEqual(newPassCred.secret, CredentialManager.protect_secret(self.newPassword))
def doConfirmChangeEmail(self, secret=None, confirm=True, useverifysecret=False): self.controller.emailChangeInit(self.newEmailAddress, self.user) if secret is None: if useverifysecret: secret = Credential.getByUser(self.user, 'changeemailandverify').secret else: secret = Credential.getByUser(self.user, 'changeemail').secret return self.controller.confirmEmailChange(FakeForm(dict(confirm=confirm, secret=secret)))
def removeFbuser(self,user=None): if user is None: user = config.facebookUser2 self.user = User.getByEmail(user.email) if self.user: Credential.getByUser(self.user, "facebook").rm() for appMap in AppMap.getForUser(self.user): appMap.rm() self.user.rm()
def your_credentials_are_deleted_in_deregistration(self): with app.test_client() as c: self.login(c) user = User.getByEmail(self.usercreation_email) creds = Credential.getByUser(user) self.assertTrue(len(creds) > 0) data = dict( csrf_token = self.getCSRF(c), credentialType= "password", identifier= self.usercreation_userid, secret = self.usercreation_password ) c.post(config.base_url+'/deregister', data=data) user = User.getByEmail(self.usercreation_email) creds = Credential.getByUser(user) self.assertTrue(len(creds) == 0)
def doPasswordResetWithNewPassword(self, password): self.goToLoginPage() emailAddress = TE.assurerUser.email # @UndefinedVariable self.initiatePasswordReset(emailAddress) cred = Credential.getByUser(TE.assurerUser, "email_for_password_reset") passwordResetLink = TE.pwresetUrl + "?secret=" + cred.secret self.clickPasswordResetLink(password, passwordResetLink)
def test_the_emailcheck_secret_is_not_shown_in_the_registration_answer(self): form = self.prepareLoginForm() resp = self.controller.doRegistration(form) text = self.getResponseText(resp) current_user = self.controller.getCurrentUser() cred = Credential.getByUser(current_user, 'emailcheck') self.assertTrue(not cred.secret in text)
def facebook_login_needs_facebook_credentials_as_registered(self): cred = Credential.getByUser(self.user, "facebook") cred.rm() with self.assertRaises(ReportedError) as e: self.controller.do_login(self.request_data) self.assertEqual(e.exception.status, 403) self.assertEqual(e.exception.descriptor,["You have to register first"])
def test_registration_email_contains_registration_uri_with_secret(self): msg = self._registerAndGetEmail() self.assertTrue(msg) current_user = self.controller.getCurrentUser() cred = Credential.getByUser(current_user, 'emailcheck') base_url = self.controller.getConfig('BASE_URL') uri = "{0}/v1/verify_email/{1}".format(base_url,cred.secret) self.assertEmailContains(uri, msg)
def test_email_validation_gives_emailverification_assurance(self): self.setupRandom() with app.test_client(): email = self.registerAndObtainValidationUri() self.assertTrue(self.validateUri.startswith(config.BASE_URL + "/v1/verify_email")) with app.test_client() as client: user = User.getByEmail(email) creds = Credential.getByUser(user) assurances = Assurance.getByUser(user) self.assertTrue(emailVerification not in assurances) resp = client.get(self.validateUri) self.assertEqual(resp.status_code, 200) self.assertEqual(user.email, email) newcreds = Credential.getByUser(user) self.assertEqual(len(creds) - 1 , len(newcreds)) assurances = Assurance.getByUser(user) self.assertTrue(assurances[emailVerification] is not None) user.rm()
def assertEmailChangeIsInitiated(self, resp): text = self.getResponseText(resp) self.assertEqual(200, resp.status_code) self.assertEqual(emailChangeEmailSent, json.loads(text)['message']) user = User.getByEmail(self.userCreationEmail) self.userid=user.userid tempCredential = Credential.getByUser(user, "changeemail") self.secret = tempCredential.secret self.assertEqual(self.newEmail, tempCredential.getAdditionalInfo())
def do_password_reset(self, form): cred = Credential.get(passwordResetCredentialType, form.secret.data) if cred is None or (float(cred.secret) < time.time()): Credential.deleteExpired(passwordResetCredentialType) raise ReportedError(['The secret has expired'], 404) passcred = Credential.getByUser(cred.user, 'password') passcred.secret = CredentialManager.protect_secret(form.password.data) cred.rm() return self.simple_response('Password successfully changed')
def _getDeregistrationSecret(self): self._loginAndDeregister() user = self.cred.user if self.addAppMapToUser==True: app = Application.query.first() # @UndefinedVariable AppMap.new(app, user) deregistrationCredential = Credential.getByUser(user, 'deregister') secret = deregistrationCredential.secret return secret
def doChangePassword(self, form): user = self.getCurrentUser() cred = Credential.getByUser(user, 'password') oldSecret = CredentialManager.protect_secret(form.oldPassword.data) if cred.secret != oldSecret: raise ReportedError([oldPasswordDoesNotMatch]) secret = CredentialManager.protect_secret(form.newPassword.data) cred.secret = secret cred.save() return self.simple_response(passwordChangedSuccessfully)
def successful_password_reset_sets_the_password(self): password = self.mkRandomPassword() secret = unicode(uuid4()) user = User.getByEmail(self.usercreation_email) Credential.new(user, 'email_for_password_reset', secret, time.time()+3600) with app.test_client() as c: data = dict(password=password, secret=secret) c.post("/v1/password_reset", data = data) cred = Credential.getByUser(user, "password") self.assertEquals(cred.secret, CredentialManager.protect_secret(password))
def do_change_password(self, form): user = self.getCurrentUser() cred = Credential.getByUser(user, 'password') oldSecret = CredentialManager.protect_secret(form.oldPassword.data) if cred.secret != oldSecret: raise ReportedError(["old password does not match"]) secret = CredentialManager.protect_secret(form.newPassword.data) cred.secret = secret cred.save() return self.simple_response('password changed succesfully')
def test_email_verification_after_expiry_will_fail(self): self.setupRandom() email = self.registerAndObtainValidationUri() with app.test_client() as client: user = User.getByEmail(email) creds = Credential.getByUser(user) for cred in creds: if cred.credentialType == 'emailcheck': cred.identifier = str(time.time()- 1) resp = client.get(self.validateUri) self.assertEqual(400, resp.status_code) self.assertEqual('{"errors": ["expired token"]}', self.getResponseText(resp))
def email_validation_gives_emailverification_assurance(self): self.setupRandom() with app.test_client() as c: resp, outbox = self.register(c) email = self.registered_email logout_user() self.assertUserResponse(resp) self.validateUri=re.search('href="([^"]*)',outbox[0].body).group(1) self.assertTrue(self.validateUri.startswith(config.base_url + "/v1/verify_email/")) with app.test_client() as c: user = User.getByEmail(email) creds = Credential.getByUser(user) assurances = Assurance.getByUser(user) self.assertTrue(assurances.has_key(emailVerification) is False) resp = c.get(self.validateUri) self.assertEqual(user.email, email) newcreds = Credential.getByUser(user) self.assertEquals(len(creds) - 1 , len(newcreds)) assurances = Assurance.getByUser(user) self.assertTrue(assurances[emailVerification] is not None) user.rm()
def it_is_possible_to_register_with_facebook(self): if config.skipFacebookTests: return driver = self.driver driver.get(self.base_url+"/static/login.html") self.switchToTab('registration') driver.find_element_by_id("Facebook_registration_button").click() time.sleep(1) self._switchWindow(driver) driver.find_element_by_id("pass").clear() driver.find_element_by_id("pass").send_keys(config.fbpassword2) driver.find_element_by_id("email").clear() driver.find_element_by_id("email").send_keys(config.fbuser2) driver.find_element_by_id("u_0_2").click() driver.switch_to.window(self.master) self.assertEqual(self.base_url + "/static/login.html", driver.current_url) time.sleep(5) body = driver.find_element_by_id("userdata").text self.assertTrue("*****@*****.**"in body) self.user = User.getByEmail(config.fbuser2) Credential.getByUser(self.user, "facebook").rm() self.user.rm()
def do_deregister(self,form): if not self.isLoginCredentials(form): raise ReportedError(["You should use your login credentials to deregister"], 400) cred = Credential.get(form.credentialType.data, form.identifier.data) user = cred.user creds = Credential.getByUser(user) for cred in creds: cred.rm() assurances = Assurance.listByUser(user) for assurance in assurances: assurance.rm() user.rm() return self.simple_response('deregistered')
def getCredentialFromForm(cls, form): cred = Credential.get('password', form.identifier.data) if cred is None: user = User.getByEmail(form.identifier.data) if user is None: return None cred = Credential.getByUser(user, "password") if cred is None: return None hashed = cls.protect_secret(form.password.data) if cred.secret == hashed: return cred return None
def doPasswordReset(self, form): Credential.deleteExpired(self.passwordResetCredentialType) cred = Credential.getBySecret( self.passwordResetCredentialType, form.secret.data) if cred is None or (cred.getExpirationTime() < time.time()): raise ReportedError([theSecretHasExpired], 404) passcred = Credential.getByUser(cred.user, 'password') protectedSecret = CredentialManager.protect_secret(form.password.data) if not passcred: passcred = Credential.new(cred.user, "password", cred.user.email, protectedSecret) else: passcred.secret = protectedSecret cred.rm() return self.simple_response(passwordSuccessfullyChanged)
def email_verification_after_expiry_will_fail(self): self.setupRandom() with app.test_client() as c: resp, outbox = self.register(c) # @UnusedVariable email = self.registered_email logout_user() self.validateUri=re.search('href="([^"]*)',outbox[0].body).group(1) with app.test_client() as c: user = User.getByEmail(email) creds = Credential.getByUser(user) for cred in creds: if cred.credentialType == 'emailcheck': cred.identifier = unicode(time.time()- 1) resp = c.get(self.validateUri) self.assertEqual(400, resp.status_code) self.assertEqual('{"errors": ["expired token"]}', self.getResponseText(resp))
def test_password_reset_email_body_contains_secret(self): self.mailer.sendPasswordResetMail(self.user) cred = Credential.getByUser(self.user,"email_for_password_reset") self.assertGotAnEmailContaining(cred.secret)
def removeTemporaryEmailCredentials(self, cred): user = cred.user Credential.getByUser(user, "changeemail").rm() Credential.getByUser(user, "changeemailandverify").rm()
def test_your_credentials_are_deleted_in_deregistration(self): self._doDeregistrationDoit() user = User.getByEmail(self.userCreationEmail) creds = Credential.getByUser(user) self.assertTrue(len(creds) == 0)
def _assureHaveCredentialsAndAssurances(self, user): creds = Credential.getByUser(user) self.assertTrue(len(creds) > 0) assurances = Assurance.getByUser(user) self.assertTrue(len(assurances) > 0)
def test_password_reset_email_body_contains_secret(self): self.mailer.sendPasswordResetMail(self.user) cred = Credential.getByUser(self.user, "email_for_password_reset") self.assertGotAnEmailContaining(cred.secret)
def test_email_validation_email_can_be_resent(self): with app.test_client() as client: self.login(client) client.get(config.BASE_URL + "/v1/send_verify_email") user=User.get(self.userid) self.assertEqual(self.userCreationEmail, Credential.getByUser(user, "emailcheck").user.email)
def deleteUser(self, user): for cred in Credential.getByUser(user): cred.rm() user.rm()
def test_deregistration_email_body_contains_secret(self): self.mailer.sendDeregisterMail(self.user) cred = Credential.getByUser(self.user, "deregister") self.assertGotAnEmailContaining(cred.secret)
def removeCredentials(self, user): creds = Credential.getByUser(user) for cred in creds: cred.rm()
def test_password_verification_email_body_contains_secret(self): self.mailer.sendPasswordVerificationEmail(self.user) cred = Credential.getByUser(self.user,"emailcheck") self.assertGotAnEmailContaining(cred.secret)
def test_deregistration_email_body_contains_secret(self): self.mailer.sendDeregisterMail(self.user) cred = Credential.getByUser(self.user,"deregister") self.assertGotAnEmailContaining(cred.secret)
def test_password_verification_email_body_contains_secret(self): self.mailer.sendPasswordVerificationEmail(self.user) cred = Credential.getByUser(self.user, "emailcheck") self.assertGotAnEmailContaining(cred.secret)
def doPasswordReset(self): form = self.createPasswordResetFormWithSecret() self.controller.doPasswordReset(form) self.user = User.getByEmail(self.userCreationEmail) self.cred = Credential.getByUser(self.user, "password")
def test_on_registration_a_temporary_email_verification_credential_is_registered(self): form = self.prepareLoginForm() self.controller.doRegistration(form) current_user = self.controller.getCurrentUser() cred = Credential.getByUser(current_user, 'emailcheck') self.assertTrue(cred)