def test_verify_facebook_invalid_code(): auth_url = 'https://graph.facebook.com/v2.12/oauth/access_token' + \ '?client_id=facebook-client-id' + \ '&client_secret=facebook-client-secret' + \ '&redirect_uri=https%3A%2F%2Ftesthost.com%2Fredirects%2Ffacebook%2F' + \ '&code=bananas' responses.add( responses.GET, auth_url, json={'error': 'invalid'}, status=403 ) args = { 'eth_address': '0x112234455C3a32FD11230C42E7Bccd4A84e02010', 'code': 'bananas' } with pytest.raises(FacebookVerificationError) as service_err: VerificationService.verify_facebook(**args) assert str(service_err.value) == 'The code you provided is invalid.' # Verify attestation not stored attestations = Attestation.query.all() assert(len(attestations)) == 0
def test_verify_twitter_invalid_verifier(mock_session, app): responses.add( responses.POST, twitter_access_token_url, status=401 ) args = { 'eth_address': '0x112234455C3a32FD11230C42E7Bccd4A84e02010', 'oauth_verifier': 'pineapples' } session_dict = { 'request_token': { 'oauth_token': '1234', 'oauth_token_secret': '5678' } } with mock.patch('logic.attestation_service.session', session_dict): with pytest.raises(TwitterVerificationError) as service_err: with app.test_request_context(): VerificationService.verify_twitter(**args) assert str(service_err.value) == 'The verifier you provided is invalid.' # Verify attestation not stored attestations = Attestation.query.all() assert(len(attestations)) == 0
def test_verify_email_invalid_code(mock_session): session_dict = { 'email_attestation': { 'email': generate_password_hash('*****@*****.**'), 'code': '12345', 'expiry': datetime.datetime.utcnow() + datetime.timedelta(minutes=30) } } args = { 'eth_address': str_eth(sample_eth_address), 'email': '*****@*****.**', 'code': '54321' } with mock.patch('logic.attestation_service.session', session_dict): with pytest.raises(ValidationError) as validation_err: VerificationService.verify_email(**args) assert(validation_err.value.messages[0] ) == 'Verification code is incorrect.' assert(validation_err.value.field_names[0]) == 'code' # Verify attestation not stored attestations = Attestation.query.all() assert(len(attestations)) == 0
def test_verify_email_invalid_email(): session_dict = { 'email_attestation': { 'email': generate_password_hash('*****@*****.**'), 'code': '12345', 'expiry': datetime.datetime.utcnow() + datetime.timedelta(minutes=30) } } args = { 'eth_address': str_eth(sample_eth_address), 'email': '*****@*****.**', 'code': '54321' } with mock.patch('logic.attestation_service.session', session_dict): with pytest.raises(EmailVerificationError) as verification_err: VerificationService.verify_email(**args) assert(verification_err.value.message) == \ 'No verification code was found for that email.' # Verify attestation not stored attestations = Attestation.query.all() assert(len(attestations)) == 0
def test_verify_airbnb_verification_code_internal_server_error( mock_urllib_request): with pytest.raises(AirbnbVerificationError) as service_err: VerificationService.verify_airbnb( '0x112234455C3a32FD11230C42E7Bccd4A84e02010', "123") assert str(service_err.value) == "Can not fetch user's Airbnb profile."
def test_generate_airbnb_verification_code_incorrect_user_id_format(): with pytest.raises(ValidationError) as validation_error: VerificationService.generate_airbnb_verification_code( '0x112234455C3a32FD11230C42E7Bccd4A84e02010', '12a34' ) assert str(validation_error.value) == 'AirbnbUserId should be a number.'
def test_generate_phone_verification_code_twilio_exception( mock_send_sms_exception, session, mock_normalize_number): phone = '5551231212' with pytest.raises(PhoneVerificationError) as service_err: VerificationService.generate_phone_verification_code(phone) assert str(service_err.value) == 'Could not send verification code.' db_code = VC.query.filter(VC.phone == phone).first() assert db_code is None
def test_verify_airbnb_verification_code_internal_server_error( mock_urllib_request, mock_ipfs): mock_ipfs.return_value.add_json.return_value = \ 'QmYpVLAyQ2SV7NLATdN3xnHTewoQ3LYN85LAcvN1pr2k3z' with pytest.raises(AirbnbVerificationError) as service_err: VerificationService.verify_airbnb( '0x112234455C3a32FD11230C42E7Bccd4A84e02010', "123") assert str(service_err.value) == "Can not fetch user's Airbnb profile."
def test_send_email_verification_sendgrid_error( mock_send_email_using_sendgrid): mock_send_email_using_sendgrid.side_effect = AttributeError with mock.patch('logic.attestation_service.session', dict()): with pytest.raises(EmailVerificationError) as service_err: VerificationService.send_email_verification('*****@*****.**') assert(str(service_err.value)) == \ 'Could not send verification code. Please try again shortly.'
def test_verify_twitter_invalid_session(mock_session, mock_requests): args = { 'eth_address': '0x112234455C3a32FD11230C42E7Bccd4A84e02010', 'oauth_verifier': 'pineapples' } with pytest.raises(TwitterVerificationError) as service_err: VerificationService.verify_twitter(**args) assert str(service_err.value) == 'Session not found.'
def test_generate_phone_verification_rate_limit_exceeded( session, mock_normalize_number): vc_obj = VerificationCodeFactory.build() vc_obj.updated_at = utcnow() + datetime.timedelta(seconds=9) session.add(vc_obj) session.commit() phone = vc_obj.phone with pytest.raises(PhoneVerificationError) as service_err: VerificationService.generate_phone_verification_code(phone) assert str(service_err.value) == ('Please wait briefly before requesting a' ' new verification code.')
def test_verify_airbnb_verification_code_non_existing_user( mock_urllib_request): with pytest.raises(AirbnbVerificationError) as service_err: VerificationService.verify_airbnb( '0x112234455C3a32FD11230C42E7Bccd4A84e02010', "99999999999999999") assert str( service_err.value) == 'Airbnb user id: 99999999999999999 not found.' # Verify attestation not stored attestations = Attestation.query.all() assert (len(attestations)) == 0
def test_verify_twitter_invalid_verifier(mock_session, mock_requests): dict = {'request_token': 'bar'} mock_session.__contains__.side_effect = dict.__contains__ mock_requests.post().status_code = 401 args = { 'eth_address': '0x112234455C3a32FD11230C42E7Bccd4A84e02010', 'oauth_verifier': 'pineapples' } with pytest.raises(TwitterVerificationError) as service_err: VerificationService.verify_twitter(**args) assert str(service_err.value) == 'The verifier you provided is invalid.'
def test_verify_airbnb_verification_code_non_existing_user( mock_urllib_request, mock_ipfs): mock_ipfs.return_value.add_json.return_value = \ 'QmYpVLAyQ2SV7NLATdN3xnHTewoQ3LYN85LAcvN1pr2k3z' with pytest.raises(AirbnbVerificationError) as service_err: VerificationService.verify_airbnb( '0x112234455C3a32FD11230C42E7Bccd4A84e02010', "99999999999999999") assert str( service_err.value) == 'Airbnb user id: 99999999999999999 not found.' # Verify attestation not stored attestations = Attestation.query.all() assert (len(attestations)) == 0
def test_verify_phone_wrong_code(session, mock_normalize_number): vc_obj = VerificationCodeFactory.build() session.add(vc_obj) session.commit() args = { 'eth_address': str_eth(sample_eth_address), 'phone': vc_obj.phone, 'code': 'garbage' } with pytest.raises(PhoneVerificationError) as service_err: VerificationService.verify_phone(**args) assert str(service_err.value) == 'The code you provided is invalid.'
def test_verify_phone_phone_not_found(session, mock_normalize_number): vc_obj = VerificationCodeFactory.build() session.add(vc_obj) session.commit() args = { 'eth_address': str_eth(sample_eth_address), 'phone': 'garbage', 'code': vc_obj.code } with pytest.raises(PhoneVerificationError) as service_err: VerificationService.verify_phone(**args) assert str(service_err.value) == 'The given phone number was not found.'
def test_verify_phone_expired_code(session, mock_normalize_number): vc_obj = VerificationCodeFactory.build() vc_obj.expires_at = utcnow() - datetime.timedelta(days=1) session.add(vc_obj) session.commit() args = { 'eth_address': str_eth(sample_eth_address), 'phone': vc_obj.phone, 'code': vc_obj.code } with pytest.raises(PhoneVerificationError) as service_err: VerificationService.verify_phone(**args) assert str(service_err.value) == 'The code you provided has expired.'
def test_verify_email_wrong_code(mock_now, session): vc_obj = VerificationCodeFactory.build() session.add(vc_obj) session.commit() req = { 'eth_address': str_eth(sample_eth_address), 'email': vc_obj.email, 'code': 'garbage' } mock_now.return_value = vc_obj.expires_at - datetime.timedelta(minutes=1) with pytest.raises(EmailVerificationError) as service_err: VerificationService.verify_email(**req) assert str(service_err.value) == 'The code you provided is invalid.'
def test_verify_email_email_not_found(mock_now, session): vc_obj = VerificationCodeFactory.build() session.add(vc_obj) session.commit() args = { 'eth_address': str_eth(sample_eth_address), 'email': 'garbage', 'code': vc_obj.code } mock_now.return_value = vc_obj.expires_at - datetime.timedelta(minutes=1) with pytest.raises(EmailVerificationError) as service_err: VerificationService.verify_email(**args) assert str(service_err.value) == 'The given email was not found.'
def test_verify_facebook_valid_code(MockHttpConnection): mock_http_conn = mock.Mock() mock_get_response = mock.Mock() mock_get_response.read.return_value = '{"access_token": "foo"}' mock_http_conn.getresponse.return_value = mock_get_response MockHttpConnection.return_value = mock_http_conn args = { 'eth_address': '0x112234455C3a32FD11230C42E7Bccd4A84e02010', 'code': 'abcde12345' } resp = VerificationService.verify_facebook(**args) assert isinstance(resp, VerificationServiceResponse) resp_data = resp.data mock_http_conn.request.assert_called_once_with( 'GET', '/v2.12/oauth/access_token?client_id=facebook-client-id&' + 'client_secret=facebook-client-secret&redirect_uri=' + 'https://testhost.com/redirects/facebook/&code=abcde12345') assert len(resp_data['signature']) == SIGNATURE_LENGTH assert resp_data['claim_type'] == CLAIM_TYPES['facebook'] assert resp_data['data'] == 'facebook verified' # Verify attestation stored in database attestations = Attestation.query.all() assert(len(attestations)) == 1 assert(attestations[0].method) == AttestationTypes.FACEBOOK
def test_facebook_auth_url(): resp = VerificationService.facebook_auth_url() resp_data = resp.data assert resp_data['url'] == ( 'https://www.facebook.com/v2.12/dialog/oauth?client_id' '=facebook-client-id&redirect_uri' '=https://testhost.com/redirects/facebook/')
def test_verify_facebook_valid_code(app): auth_url = 'https://graph.facebook.com/v2.12/oauth/access_token' + \ '?client_id=facebook-client-id' + \ '&client_secret=facebook-client-secret' + \ '&redirect_uri=https%3A%2F%2Ftesthost.com%2Fredirects%2Ffacebook%2F' + \ '&code=abcde12345' verify_url = 'https://graph.facebook.com/me?access_token=12345' responses.add(responses.GET, auth_url, json={'access_token': 12345}, status=200) responses.add(responses.GET, verify_url, json={'name': 'Origin Protocol'}, status=200) args = { 'eth_address': '0x112234455C3a32FD11230C42E7Bccd4A84e02010', 'code': 'abcde12345' } with app.test_request_context(): verification_response = VerificationService.verify_facebook(**args) assert isinstance(verification_response, VerificationServiceResponse) assert len(verification_response.data['signature']) == SIGNATURE_LENGTH assert verification_response.data['claim_type'] == TOPICS['facebook'] assert verification_response.data['data'] == 'facebook verified' # Verify attestation stored in database attestations = Attestation.query.all() assert (len(attestations)) == 1 assert (attestations[0].method) == AttestationTypes.FACEBOOK assert (attestations[0].value) == 'Origin Protocol'
def test_generate_airbnb_verification_code(): resp = VerificationService.generate_airbnb_verification_code( '0x112234455C3a32FD11230C42E7Bccd4A84e02010', '123456') assert isinstance(resp, VerificationServiceResponse) assert resp.data[ 'code'] == "art brick aspect accident brass betray antenna"
def test_verify_email_valid_code(mock_session): session_dict = { 'email_attestation': { 'email': generate_password_hash('*****@*****.**'), 'code': '12345', 'expiry': datetime.datetime.utcnow() + datetime.timedelta(minutes=30) } } args = { 'eth_address': str_eth(sample_eth_address), 'email': '*****@*****.**', 'code': '12345' } with mock.patch('logic.attestation_service.session', session_dict): response = VerificationService.verify_email(**args) assert isinstance(response, VerificationServiceResponse) assert len(response.data['signature']) == SIGNATURE_LENGTH assert response.data['claim_type'] == CLAIM_TYPES['email'] assert response.data['data'] == 'email verified' # Verify attestation stored in database attestations = Attestation.query.all() assert(len(attestations)) == 1 assert(attestations[0].method) == AttestationTypes.EMAIL assert(attestations[0].value) == "*****@*****.**"
def test_verify_airbnb(mock_urllib_request, mock_ipfs, app): mock_urllib_request.return_value.read.return_value = """ <html><div> Airbnb profile description Origin verification code: art brick aspect accident brass betray antenna some more profile description </div></html>""".encode('utf-8') mock_ipfs.return_value.add_json.return_value = \ 'QmYpVLAyQ2SV7NLATdN3xnHTewoQ3LYN85LAcvN1pr2k3z' airbnbUserId = "123456" with app.test_request_context(): verification_response = VerificationService.verify_airbnb( '0x112234455C3a32FD11230C42E7Bccd4A84e02010', airbnbUserId) assert isinstance(verification_response, VerificationServiceResponse) assert len(verification_response.data['signature']) == SIGNATURE_LENGTH assert verification_response.data['claim_type'] == TOPICS['airbnb'] assert verification_response.data['data'] \ == 'QmYpVLAyQ2SV7NLATdN3xnHTewoQ3LYN85LAcvN1pr2k3z' # Verify attestation stored in database attestations = Attestation.query.all() assert (len(attestations)) == 1 assert (attestations[0].method) == AttestationTypes.AIRBNB assert (attestations[0].value) == "123456"
def test_verify_phone_valid_code(): responses.add( responses.GET, 'https://api.authy.com/protected/json/phones/verification/check', json={ 'message': 'Verification code is correct.', 'success': True } ) args = { 'eth_address': str_eth(sample_eth_address), 'country_calling_code': '1', 'phone': '12341234', 'code': '123456' } response = VerificationService.verify_phone(**args) assert isinstance(response, VerificationServiceResponse) assert len(response.data['signature']) == SIGNATURE_LENGTH assert response.data['claim_type'] == CLAIM_TYPES['phone'] assert response.data['data'] == 'phone verified' attestations = Attestation.query.all() assert(len(attestations)) == 1 assert(attestations[0].method) == AttestationTypes.PHONE assert(attestations[0].value) == "1 12341234"
def test_verify_twitter_valid_code(mock_session, app): responses.add( responses.POST, twitter_access_token_url, body=b'screen_name=originprotocol', status=200 ) args = { 'eth_address': '0x112234455C3a32FD11230C42E7Bccd4A84e02010', 'oauth_verifier': 'blueberries' } session_dict = { 'request_token': { 'oauth_token': '1234', 'oauth_token_secret': '5678' } } with mock.patch('logic.attestation_service.session', session_dict): with app.test_request_context(): verification_response = VerificationService.verify_twitter(**args) assert isinstance(verification_response, VerificationServiceResponse) assert len(verification_response.data['signature']) == SIGNATURE_LENGTH assert verification_response.data['claim_type'] == CLAIM_TYPES['twitter'] assert verification_response.data['data'] == 'twitter verified' # Verify attestation stored in database attestations = Attestation.query.all() assert(len(attestations)) == 1 assert(attestations[0].method) == AttestationTypes.TWITTER assert(attestations[0].value) == 'originprotocol'
def test_verify_airbnb_verification_code_missing(mock_urllib_request): mock_urllib_request.return_value.read.return_value = """ <html><div> Airbnb profile description some more profile description </div></html>""".encode('utf-8') with pytest.raises(AirbnbVerificationError) as service_err: VerificationService.verify_airbnb( '0x112234455C3a32FD11230C42E7Bccd4A84e02010', "123456") assert str(service_err.value) == "Origin verification code: art brick aspect " \ + "accident brass betray antenna has not been found in user's Airbnb profile." # Verify attestation not stored attestations = Attestation.query.all() assert (len(attestations)) == 0
def test_verify_airbnb(mock_urllib_request): mock_urllib_request.return_value.read.return_value = """ <html><div> Airbnb profile description Origin verification code: art brick aspect accident brass betray antenna some more profile description </div></html>""".encode('utf-8') airbnbUserId = "123456" resp = VerificationService.verify_airbnb( '0x112234455C3a32FD11230C42E7Bccd4A84e02010', airbnbUserId ) assert isinstance(resp, VerificationServiceResponse) resp_data = resp.data assert len(resp_data['signature']) == SIGNATURE_LENGTH assert resp_data['claim_type'] == CLAIM_TYPES['airbnb'] assert resp_data['data'] == 'airbnbUserId:' + airbnbUserId # Verify attestation stored in database attestations = Attestation.query.all() assert(len(attestations)) == 1 assert(attestations[0].method) == AttestationTypes.AIRBNB assert(attestations[0].value) == "123456"
def test_verify_airbnb(mock_urllib_request, app): mock_urllib_request.return_value.read.return_value = """ <html><div> Airbnb profile description Origin verification code: art brick aspect accident brass betray antenna some more profile description </div></html>""".encode('utf-8') airbnbUserId = "123456" with app.test_request_context(): response = VerificationService.verify_airbnb( '0x112234455C3a32FD11230C42E7Bccd4A84e02010', airbnbUserId) assert isinstance(response, VerificationServiceResponse) assert len(response.data['signature']['bytes']) == SIGNATURE_LENGTH assert response.data[ 'schemaId'] == 'https://schema.originprotocol.com/attestation_1.0.0.json' validate_issuer(response.data['data']['issuer']) assert response.data['data']['issueDate'] assert response.data['data']['attestation']['verificationMethod'][ 'pubAuditableUrl'] == {} assert response.data['data']['attestation']['site'][ 'siteName'] == 'airbnb.com' assert response.data['data']['attestation']['site']['userId'][ 'raw'] == '123456' # Verify attestation stored in database attestations = Attestation.query.all() assert (len(attestations)) == 1 assert (attestations[0].method) == AttestationTypes.AIRBNB assert (attestations[0].value) == "123456"