def _execute_requests(self, reqs): admin = User.objects.get(username="******") user = User.objects.get(id=USER_ID) user.token = "password-token" user.email_token = "email-token" user.new_email = "*****@*****.**" user.save() user_token = get_token_for_user(user, "authentication") admin_token = get_token_for_user(admin, "authentication") os.environ["AUTH_TOKEN"] = user_token os.environ["ADMIN_AUTH_TOKEN"] = admin_token host = "http://*****:*****@")) fd.write("\n----\n") curl_cmd = curl_cmd.replace( "$$INCLUDE_FILE$$", "@{}/".format(os.path.dirname(__file__))) output_path = os.path.join("output", key + "-output.adoc") result = subprocess.run(curl_cmd + " -f", shell=True, stdout=subprocess.PIPE) print(key) if result.returncode != 0: result = subprocess.run(curl_cmd, shell=True, stdout=subprocess.PIPE) print("ERROR on key: ", key) print(result) if result.stdout == b'': continue with open(output_path, "w") as fd: fd.write("[source,json]\n") fd.write("----\n") if req.get('index', None) is not None: json.dump(json.loads( result.stdout.decode('utf-8'))[req['index']], fd, sort_keys=True, indent=4) else: json.dump(json.loads(result.stdout.decode('utf-8')), fd, sort_keys=True, indent=4) fd.write("\n----\n")
def _execute_requests(self, reqs): admin = User.objects.get(username="******") user = User.objects.get(id=USER_ID) user.token = "password-token" user.email_token = "email-token" user.new_email = "*****@*****.**" user.save() user_token = get_token_for_user(user, "authentication") admin_token = get_token_for_user(admin, "authentication") os.environ["AUTH_TOKEN"] = user_token os.environ["ADMIN_AUTH_TOKEN"] = admin_token host = "http://*****:*****@")) fd.write("\n----\n") if req['method'] == "DELETE": continue curl_cmd = curl_cmd.replace("$$INCLUDE_FILE$$", "@{}/".format(os.path.dirname(__file__))) output_path = os.path.join("output", key + "-output.adoc") if "response" in req: response_data = req['response'] else: result = subprocess.run(curl_cmd + " -f", shell=True, stdout=subprocess.PIPE) if result.returncode != 0: result = subprocess.run(curl_cmd, shell=True, stdout=subprocess.PIPE) print("ERROR on key: ", key) print(result) if result.stdout == b'': response_data = None else: response_data = json.loads(result.stdout.decode('utf-8')) if req.get('index', None) is not None: response_data = response_data[req['index']] if not response_data: continue with open(output_path, "w") as fd: fd.write("[source,json]\n") fd.write("----\n") json.dump(response_data, fd, sort_keys=True, indent=4) fd.write("\n----\n")
def test_cancel_self_user_with_valid_token(client): user = f.UserFactory.create() url = reverse('users-cancel') cancel_token = get_token_for_user(user, "cancel_account") data = {"cancel_token": cancel_token} client.login(user) response = client.post(url, json.dumps(data), content_type="application/json") assert response.status_code == 204 user = models.User.objects.get(pk=user.id) assert user.full_name == "Deleted user"
def test_response_200_in_public_registration(client, settings): settings.PUBLIC_REGISTER_ENABLED = True form = { "type": "public", "username": "******", "full_name": "martin seamus mcfly", "email": "*****@*****.**", "password": "******", } response = client.post(reverse("auth-register"), form) assert response.status_code == 201 assert response.data["username"] == "mmcfly" assert response.data["email"] == "*****@*****.**" assert response.data["full_name"] == "martin seamus mcfly" assert len(mail.outbox) == 1 assert mail.outbox[0].subject == "You've been Taigatized!" user = models.User.objects.get(username="******") cancel_token = get_token_for_user(user, "cancel_account") cancel_url = resolve_front_url("cancel-account", cancel_token) assert mail.outbox[0].body.index(cancel_url) > 0
def save(self, *args, **kwargs): get_token_for_user(self, "cancel_account") super().save(*args, **kwargs)
def test_invalid_token_scope(): user = f.UserFactory.create(email="*****@*****.**") token = get_token_for_user(user, "testing_scope") user_from_token = get_user_for_token(token, "testing_invalid_scope")
def test_valid_token(): user = f.UserFactory.create(email="*****@*****.**") token = get_token_for_user(user, "testing_scope") user_from_token = get_user_for_token(token, "testing_scope") assert user.id == user_from_token.id
def test_invalid_token_scope(): user = f.UserFactory.create(email="*****@*****.**") token = get_token_for_user(user, "testing_scope") get_user_for_token(token, "testing_invalid_scope")
def test_invalid_token_expiration(): user = f.UserFactory.create(email="*****@*****.**") token = get_token_for_user(user, "testing_scope") get_user_for_token(token, "testing_scope", max_age=1)
def callback(req): t = Token() try: user, _ = t.authenticate(req) if user: login(req, user) except NotAuthenticated: pass data = req.GET.get('signedAttempt') if not data: return JsonResponse( { "_error_message": "one or more parameter values were missing (signedAttempt)", "_error_type": "" }, status=400) data = json.loads(data) username = data['doubleName'] if not username: return JsonResponse( { "_error_message": "Bad request, some params are missing", "_error_type": "" }, status=400) res = requests.get( settings.THREEBOT_URL + '/api/users/{0}'.format(username), {'Content-Type': 'application/json'}) if res.status_code != 200: return JsonResponse( { "_error_message": "Error getting user pub key", "_error_type": "" }, status=400) user_pub_key = nacl.signing.VerifyKey(res.json()['publicKey'], encoder=nacl.encoding.Base64Encoder) pk = res.json()["publicKey"] # verify data signedData = data['signedAttempt'] if not signedData: return JsonResponse( { "_error_message": "Bad request, some params are missing", "_error_type": "" }, status=400) verifiedData = user_pub_key.verify(base64.b64decode(signedData)).decode() data = json.loads(verifiedData) if not data: return JsonResponse( { "_error_message": "Bad request, some params are missing", "_error_type": "" }, status=400) if data['doubleName'] != username: return JsonResponse( { "_error_message": "Bad request, some params are missing", "_error_type": "" }, status=400) # verify state state = data['signedState'] if not state or state != req.session.get("state"): return JsonResponse( { "_error_message": "Invalid state", "_error_type": "" }, status=400) nonce = base64.b64decode(data['data']['nonce']) ciphertext = base64.b64decode(data['data']['ciphertext']) private_key = nacl.signing.SigningKey(settings.PRIVATE_KEY, encoder=nacl.encoding.Base64Encoder) box = Box(private_key.to_curve25519_private_key(), user_pub_key.to_curve25519_public_key()) try: decrypted = box.decrypt(ciphertext, nonce) result = json.loads(decrypted) email = result["email"]["email"] sei = result['email']['sei'] res = requests.post(settings.OPEN_KYC_URL, headers={'Content-Type': 'application/json'}, json={'signedEmailIdentifier': sei}) if res.status_code != 200: return JsonResponse( { "_error_message": "Email not verified", "_error_type": "" }, status=400) user_model = get_user_model() users_with_email = user_model.objects.filter(email=email) if users_with_email: user_with_email = users_with_email[0] else: user_with_email = None # Link user to 3bot login account if req.user.is_authenticated(): user = user_model.objects.filter(id=req.user.id)[0] if user_with_email and user_with_email.id != req.user.id: return JsonResponse( { "_error_message": "Email address is linked with another active account", "_error_type": "" }, status=400) # user already linked with 3 bot login if user.public_key: # user linking another account if user.public_key != pk: user.email = email user.public_key = pk user.threebot_name = username.replace('.3bot', '') user.save() else: # user linking their account for first time user.email = email user.public_key = pk user.threebot_name = username.replace('.3bot', '') user.save() else: users = user_model.objects.filter( Q(email=email) | Q(public_key=pk)) if len(users) == 0: # new user username = username.replace('.3bot', '') user = user_model(username=username, email=email, full_name=username, public_key=pk) user.is_active = True user.public_key = pk user.threebot_name = username user.save() else: # email or public key exists user = users[0] if user.public_key != pk: user.public_key = pk user.threebot_name = username.replace('.3bot', '') user.save() elif user.email != email: user.email = email user.threebot_name = username.replace('.3bot', '') user.save() login(req, user) except: raise serializer = UserAdminSerializer(user) data = dict(serializer.data) data["auth_token"] = get_token_for_user(user, "authentication") data['public_key'] = pk data['email'] = email data['threebot_name'] = username.replace('.3bot', '') data['roles'] = [role for role in data['roles']] return JsonResponse(data)