def test_it_checks_settings(self, settings): """Test that each required key is required individually""" # Leave out URL settings.AUTOGRAPH_URL = None settings.AUTOGRAPH_HAWK_ID = 'hawk id' settings.AUTOGRAPH_HAWK_SECRET_KEY = 'hawk secret key' with pytest.raises(ImproperlyConfigured) as exc: Autographer() assert 'AUTOGRAPH_URL' in str(exc) # Leave out HAWK_ID settings.AUTOGRAPH_URL = 'https://autograph.example.com' settings.AUTOGRAPH_HAWK_ID = None settings.AUTOGRAPH_HAWK_SECRET_KEY = 'hawk secret key' with pytest.raises(ImproperlyConfigured) as exc: Autographer() assert 'AUTOGRAPH_HAWK_ID' in str(exc) # Leave out HAWK_SECRET_KEY settings.AUTOGRAPH_URL = 'https://autograph.example.com' settings.AUTOGRAPH_HAWK_ID = 'hawk id' settings.AUTOGRAPH_HAWK_SECRET_KEY = None with pytest.raises(ImproperlyConfigured) as exc: Autographer() assert 'AUTOGRAPH_HAWK_SECRET_KEY' in str(exc) # Include everything settings.AUTOGRAPH_URL = 'https://autograph.example.com' settings.AUTOGRAPH_HAWK_ID = 'hawk id' settings.AUTOGRAPH_HAWK_SECRET_KEY = 'hawk secret key' # assert doesn't raise Autographer()
def update_signatures(self): """ Update the signatures on all Recipes in the queryset. """ # Convert to a list because order must be preserved recipes = list(self) try: autographer = Autographer() except ImproperlyConfigured: for recipe in recipes: recipe.signature = None recipe.save() return recipe_ids = [r.id for r in recipes] logger.info( f'Requesting signatures for recipes with ids [{recipe_ids}] from Autograph', extra={ 'code': INFO_REQUESTING_RECIPE_SIGNATURES, 'recipe_ids': recipe_ids }) canonical_jsons = [r.canonical_json() for r in recipes] signatures_data = autographer.sign_data(canonical_jsons) for recipe, sig_data in zip(recipes, signatures_data): signature = Signature(**sig_data) signature.save() recipe.signature = signature recipe.save()
def test_it_interacts_with_autograph_correctly(self, settings): settings.AUTOGRAPH_URL = 'https://autograph.example.com' settings.AUTOGRAPH_HAWK_ID = 'hawk id' settings.AUTOGRAPH_HAWK_SECRET_KEY = 'hawk secret key' autographer = Autographer() autographer.session = MagicMock() autographer.session.post.return_value.json.return_value = [ { 'content-signature': ( 'x5u="https://example.com/fake_x5u_1";p384ecdsa=fake_signature_1' ), 'x5u': 'https://example.com/fake_x5u_1', 'hash_algorithm': 'sha384', 'ref': 'fake_ref_1', 'signature': 'fake_signature_1', 'public_key': 'fake_pubkey_1', }, { 'content-signature': ( 'x5u="https://example.com/fake_x5u_2";p384ecdsa=fake_signature_2' ), 'x5u': 'https://example.com/fake_x5u_2', 'hash_algorithm': 'sha384', 'ref': 'fake_ref_2', 'signature': 'fake_signature_2', 'public_key': 'fake_pubkey_2', } ] url = self.test_settings['URL'] + 'sign/data' foo_base64 = base64.b64encode(b'foo').decode('utf8') bar_base64 = base64.b64encode(b'bar').decode('utf8') # Assert the correct data is returned assert autographer.sign_data([b'foo', b'bar']) == [ { 'timestamp': Whatever(), 'signature': 'fake_signature_1', 'x5u': 'https://example.com/fake_x5u_1', 'public_key': 'fake_pubkey_1', }, { 'timestamp': Whatever(), 'signature': 'fake_signature_2', 'x5u': 'https://example.com/fake_x5u_2', 'public_key': 'fake_pubkey_2', } ] # Assert the correct request was made assert autographer.session.post.called_once_with( [url, [ {'template': 'content-signature', 'input': foo_base64}, {'template': 'content-signature', 'input': bar_base64}, ]] )
def update_signature(self): autographer = Autographer() logger.info( 'Requesting signatures for recipes with ids [%s] from Autograph', self.id, extra={'recipe_ids': [self.id]}) signature_data = autographer.sign_data([self.canonical_json()])[0] signature = Signature(**signature_data) signature.save() self.signature = signature
def update_signature(self): autographer = Autographer() logger.info( f'Requesting signatures for recipes with ids [{self.id}] from Autograph', extra={'code': INFO_REQUESTING_RECIPE_SIGNATURES, 'recipe_ids': [self.id]} ) signature_data = autographer.sign_data([self.canonical_json()])[0] signature = Signature(**signature_data) signature.save() self.signature = signature
def update_signatures(self): """ Update the signatures on all Recipes in the queryset. """ autographer = Autographer() # Convert to a list because order must be preserved recipes = list(self) recipe_ids = [r.id for r in recipes] logger.info( 'Requesting signatures for recipes with ids [%s] from Autograph', (recipe_ids, ), extra={'recipe_ids': recipe_ids}) canonical_jsons = [r.canonical_json() for r in recipes] signatures_data = autographer.sign_data(canonical_jsons) for recipe, sig_data in zip(recipes, signatures_data): signature = Signature(**sig_data) signature.save() recipe.signature = signature recipe.save()
def test_it_interacts_with_autograph_correctly(self, settings, mock_logger): settings.AUTOGRAPH_URL = 'https://autograph.example.com' settings.AUTOGRAPH_HAWK_ID = 'hawk id' settings.AUTOGRAPH_HAWK_SECRET_KEY = 'hawk secret key' autographer = Autographer() autographer.session = MagicMock() autographer.session.post.return_value.json.return_value = [{ 'content-signature': ('x5u="https://example.com/fake_x5u_1";p384ecdsa=fake_signature_1' ), 'x5u': 'https://example.com/fake_x5u_1', 'hash_algorithm': 'sha384', 'ref': 'fake_ref_1', 'signature': 'fake_signature_1', 'public_key': 'fake_pubkey_1', }, { 'content-signature': ('x5u="https://example.com/fake_x5u_2";p384ecdsa=fake_signature_2' ), 'x5u': 'https://example.com/fake_x5u_2', 'hash_algorithm': 'sha384', 'ref': 'fake_ref_2', 'signature': 'fake_signature_2', 'public_key': 'fake_pubkey_2', }] url = self.test_settings['URL'] + 'sign/data' foo_base64 = base64.b64encode(b'foo').decode('utf8') bar_base64 = base64.b64encode(b'bar').decode('utf8') # Assert the correct data is returned assert autographer.sign_data([b'foo', b'bar']) == [{ 'timestamp': Whatever(), 'signature': 'fake_signature_1', 'x5u': 'https://example.com/fake_x5u_1', 'public_key': 'fake_pubkey_1', }, { 'timestamp': Whatever(), 'signature': 'fake_signature_2', 'x5u': 'https://example.com/fake_x5u_2', 'public_key': 'fake_pubkey_2', }] # Assert that logging happened mock_logger.info.assert_called_with( Whatever.contains('2'), extra={'code': INFO_RECEIVED_SIGNATURES}) # Assert the correct request was made assert autographer.session.post.called_once_with([ url, [ { 'template': 'content-signature', 'input': foo_base64 }, { 'template': 'content-signature', 'input': bar_base64 }, ] ])