def test_account_req_resp_pubkeyexists():
db_conn = get_db()
# create user with a pubkey that is already in use by another user
u = user.User('Saul3', SK1.pubkey)
req = SignedMessage.sign(account.AccountReq(u.nick, u.pk), SK1)
resp = server.handle_account_request(db_conn, req)
assert resp.cred is None
assert resp.err == account.AuthRespErr.PubkeyExists
def test_account_req_resp_db_inserted():
db_conn = get_db()
sk = crypto.Seckey((333).to_bytes(32, byteorder='big'))
req = SignedMessage.sign(account.AccountReq('Saul3', sk.pubkey), sk)
server.handle_account_request(db_conn, req)
u_out = db.user_with_pk(db_conn, sk.pubkey)
assert u_out.rowid
assert u_out.nick == 'Saul3'
assert u_out.pk == sk.pubkey
def test_account_req_resp_badsig():
db_conn = get_db()
sk = crypto.Seckey((333).to_bytes(32, byteorder='big'))
u = user.User('Saul3', sk.pubkey)
req = SignedMessage.sign(account.AccountReq(u.nick, u.pk), sk)
# change message after it has been signed so that it won't verify
req.msg_bytes = b'foo'
resp = server.handle_account_request(db_conn, req)
assert resp.cred is None
assert resp.err is account.AuthRespErr.BadSig
def test_account_req_resp_wrongpubkey():
db_conn = get_db()
sk_wrong = crypto.Seckey((420).to_bytes(32, byteorder='big'))
sk = crypto.Seckey((333).to_bytes(32, byteorder='big'))
u = user.User('Saul3', sk.pubkey)
# sign the request with the wrong seckey so it can't verify with the
# correct pubkey
req = SignedMessage.sign(account.AccountReq(u.nick, u.pk), sk_wrong)
resp = server.handle_account_request(db_conn, req)
assert resp.cred is None
assert resp.err == account.AuthRespErr.WrongPubkey
def test_account_req_resp_happy():
db_conn = get_db()
sk = crypto.Seckey((333).to_bytes(32, byteorder='big'))
req = SignedMessage.sign(account.AccountReq('Saul3', sk.pubkey), sk)
resp = server.handle_account_request(db_conn, req)
assert resp.err is None
assert isinstance(resp.cred, EncryptedMessage)
assert isinstance(resp.cred.dec(server.ENCKEY), SignedMessage)
cred, pk_used = resp.cred.dec(server.ENCKEY).unwrap()
assert isinstance(cred, account.AccountCred)
assert pk_used == server.IDKEY.pubkey
def test_account_create_happy(client):
sk = crypto.Seckey((333).to_bytes(32, byteorder='big'))
req = SignedMessage.sign(account.AccountReq('Saul3', sk.pubkey), sk)
rv = client.post(
'/account/create',
json=req.to_dict(),
)
resp = Message.from_dict(rv.json)
assert isinstance(resp, account.AuthResp)
assert resp.err is None
assert resp.cred is not None
user_db = db.user_with_pk(flask.g.db, sk.pubkey)
assert user_db.nick == 'Saul3'
assert user_db.pk == sk.pubkey
valid_cred, _ = server.validate_credchal(resp.cred, user_db)
assert valid_cred
def test_accountreq_str():
s = 'AccountReq<%s %s>' % (U.nick, U.pk)
ar = account.AccountReq(U.nick, U.pk)
assert str(ar) == s
def test_accountreq_to_dict():
ar = account.AccountReq(U.nick, U.pk)
d = ar.to_dict()
assert d['nick'] == U.nick
assert Pubkey(b64decode(d['pk'])) == U.pk
def test_accountreq_dict_identity():
first = account.AccountReq(U.nick, U.pk)
second = Message.from_dict(first.to_dict())
assert first == second