def test_lookup_patron_affiliation_id(
self, _, subject, expected_affiliation_id, affiliation_attributes=None
):
# Arrange
credential_manager = ProQuestCredentialManager()
patron = self._patron()
if subject:
expected_token = json.dumps(subject, cls=SAMLSubjectJSONEncoder)
data_source = DataSource.lookup(
self._db,
BaseSAMLAuthenticationProvider.TOKEN_DATA_SOURCE_NAME,
autocreate=True,
)
Credential.temporary_token_create(
self._db,
data_source,
BaseSAMLAuthenticationProvider.TOKEN_TYPE,
patron,
datetime.timedelta(hours=1),
expected_token,
)
# Act
if affiliation_attributes:
token = credential_manager.lookup_patron_affiliation_id(
self._db, patron, affiliation_attributes
)
else:
token = credential_manager.lookup_patron_affiliation_id(self._db, patron)
# Assert
assert expected_affiliation_id == token
def test_authdata_lookup_failure_wrong_token(self):
temp_token, ignore = Credential.temporary_token_create(
self._db, self.data_source, self.model.TEMPORARY_TOKEN_TYPE,
self.bob_patron, datetime.timedelta(seconds=60))
urn, label = self.model.authdata_lookup("nosuchauthdata")
eq_(None, urn)
eq_(None, label)
def _create_token(self, db, patron, subject, cm_session_lifetime=None):
"""Create a Credential object that ties the given patron to the
given provider token.
:param db: Database session
:type db: sqlalchemy.orm.session.Session
:param patron: Patron object
:type patron: Patron
:param subject: SAML subject
:type subject: api.saml.metadata.model.SAMLSubject
:param cm_session_lifetime: (Optional) Circulation Manager's session lifetime expressed in days
:type cm_session_lifetime: Optional[int]
:return: Credential object
:rtype: Credential
"""
session_lifetime = subject.valid_till
if cm_session_lifetime:
session_lifetime = datetime.timedelta(
days=int(cm_session_lifetime))
token = self._create_token_value(subject)
data_source, ignore = self._get_token_data_source(db)
return Credential.temporary_token_create(db, data_source,
self.TOKEN_TYPE, patron,
session_lifetime, token)
def test_lookup_proquest_token_returns_token(self):
# Arrange
credential_manager = ProQuestCredentialManager()
patron = self._patron()
expected_token = "12345"
Credential.temporary_token_create(
self._db,
self._data_source,
ProQuestCredentialType.PROQUEST_JWT_TOKEN.value,
patron,
datetime.timedelta(hours=1),
expected_token,
)
# Act
token = credential_manager.lookup_proquest_token(self._db, patron)
# Assert
assert True == isinstance(token, Credential)
assert expected_token == token.credential
def save_proquest_token(self, db, patron, duration, token):
"""Save a ProQuest JWT bearer token for later use.
:param db: Database session
:type db: sqlalchemy.orm.session.Session
:param patron: Patron object
:type patron: core.model.patron.Patron
:param duration: How long this token can be valid
:type duration: datetime.timedelta
:param token: ProQuest JWT bearer token
:type token: str
:return: Credential object containing a new ProQuest JWT bearer token
:rtype: Optional[core.model.credential.Credential]
"""
if not is_session(db):
raise ValueError('"db" argument must be a valid SQLAlchemy session')
if not isinstance(patron, Patron):
raise ValueError('"patron" argument must be an instance of Patron class')
if not isinstance(duration, datetime.timedelta):
raise ValueError(
'"duration" argument must be an instance of datetime.timedelta class'
)
if not isinstance(token, str) or not token:
raise ValueError('"token" argument must be a non-empty string')
self._logger.debug(
"Started saving a ProQuest JWT bearer token {0}".format(token)
)
data_source = DataSource.lookup(
db, DataSourceConstants.PROQUEST, autocreate=True
)
credential, is_new = Credential.temporary_token_create(
db,
data_source,
ProQuestCredentialType.PROQUEST_JWT_TOKEN.value,
patron,
duration,
token,
)
self._logger.debug(
"Finished saving a ProQuest JWT bearer token {0}: {1} (new = {2})".format(
token, credential, is_new
)
)
return credential
def test_authdata_lookup_success(self):
now = datetime.datetime.utcnow()
temp_token, ignore = Credential.temporary_token_create(
self._db, self.data_source, self.model.TEMPORARY_TOKEN_TYPE,
self.bob_patron, datetime.timedelta(seconds=60))
old_expires = temp_token.expires
assert temp_token.expires > now
urn, label = self.model.authdata_lookup(temp_token.credential)
# There is now a UUID associated with Bob's patron account,
# and that's the UUID returned by standard_lookup().
bob_uuid = Credential.lookup(
self._db, self.data_source, self.model.VENDOR_ID_UUID_TOKEN_TYPE,
self.bob_patron, None)
eq_(urn, bob_uuid.credential)
eq_("Card number 5", label)
# Having been used once, the temporary token has been expired.
assert temp_token.expires < now
def _create_token(self, db, patron, token, valid_till):
"""Creates a Credential object that ties the given patron to the
given provider token.
:param db: Database session
:type db: sqlalchemy.orm.session.Session
:param patron: Patron object
:type patron: Patron
:param token: Token containing SAML subject's metadata
:type token: Dict
:param valid_till: The time till which the SAML subject is valid
:type valid_till: datetime.timedelta
:return: Credential object
:rtype: Credential
"""
data_source, ignore = self._get_token_data_source(db)
return Credential.temporary_token_create(db, data_source,
self.TOKEN_TYPE, patron,
valid_till, token)
def create_authdata(self, patron):
credential, is_new = Credential.temporary_token_create(
self._db, self.data_source, self.TEMPORARY_TOKEN_TYPE,
patron, self.temporary_token_duration)
return credential
