def test_response_id_for_missing_metadata(metadata,
fake_business_metadata_runner):
fake_business_metadata_runner["schema_name"] = "schema_name"
del fake_business_metadata_runner["response_id"]
del fake_business_metadata_runner[metadata]
with pytest.raises(ValidationError):
validate_runner_claims(fake_business_metadata_runner)
def test_response_id_for_empty_value(fake_business_metadata_runner):
expected = (f"{fake_business_metadata_runner['ru_ref']}"
f"{fake_business_metadata_runner['collection_exercise_sid']}"
f"{fake_business_metadata_runner['eq_id']}"
f"{fake_business_metadata_runner['form_type']}")
fake_business_metadata_runner["response_id"] = ""
claims = validate_runner_claims(fake_business_metadata_runner)
assert claims["response_id"] == expected
def test_when_response_id_is_missing(fake_business_metadata_runner):
expected = (f"{fake_business_metadata_runner['ru_ref']}"
f"{fake_business_metadata_runner['collection_exercise_sid']}"
f"{fake_business_metadata_runner['eq_id']}"
f"{fake_business_metadata_runner['form_type']}")
del fake_business_metadata_runner["response_id"]
claims = validate_runner_claims(fake_business_metadata_runner)
assert claims["response_id"] == expected
def login():
"""
Initial url processing - expects a token parameter and then will authenticate this token. Once authenticated
it will be placed in the users session
:return: a 302 redirect to the next location for the user
"""
# logging in again clears any session state
if cookie_session:
cookie_session.clear()
decrypted_token = decrypt_token(request.args.get("token"))
validate_jti(decrypted_token)
try:
runner_claims = validate_runner_claims(decrypted_token)
except ValidationError as e:
raise InvalidTokenException("Invalid runner claims") from e
# pylint: disable=assigning-non-slot
g.schema = load_schema_from_metadata(runner_claims)
schema_metadata = g.schema.json["metadata"]
try:
questionnaire_claims = validate_questionnaire_claims(
decrypted_token, schema_metadata
)
except ValidationError as e:
raise InvalidTokenException("Invalid questionnaire claims") from e
claims = {**runner_claims, **questionnaire_claims}
schema_name = claims["schema_name"]
tx_id = claims["tx_id"]
ru_ref = claims["ru_ref"]
case_id = claims["case_id"]
logger.bind(
schema_name=schema_name,
tx_id=tx_id,
ru_ref=ru_ref,
case_id=case_id,
)
logger.info("decrypted token and parsed metadata")
store_session(claims)
cookie_session["theme"] = g.schema.json["theme"]
cookie_session["survey_title"] = g.schema.json["title"]
cookie_session["expires_in"] = get_session_timeout_in_seconds(g.schema)
if account_service_url := claims.get("account_service_url"):
cookie_session["account_service_base_url"] = account_service_url
def parse_metadata(claims, schema_metadata):
runner_claims = validate_runner_claims(claims)
questionnaire_claims = validate_questionnaire_claims(
claims, schema_metadata)
return {**runner_claims, **questionnaire_claims}
def test_when_response_id_is_present(fake_business_metadata_runner):
claims = validate_runner_claims(fake_business_metadata_runner)
assert claims["response_id"] == fake_business_metadata_runner[
"response_id"]
def test_empty_strings_are_not_valid(fake_metadata_runner):
fake_metadata_runner["schema_name"] = ""
with pytest.raises(ValidationError):
validate_runner_claims(fake_metadata_runner)
def test_business_params_without_schema_name(fake_business_metadata_runner):
claims = validate_runner_claims(fake_business_metadata_runner)
assert claims["schema_name"] == "mbs_0253"
def test_deserialisation_iso_8601_datetime_bad_datetime_raises_ValidationError(
fake_metadata_runner, ):
fake_metadata_runner["response_expires_at"] = "2021-11-22"
with pytest.raises(ValidationError):
validate_runner_claims(fake_metadata_runner)
def test_deserialisation_iso_8601_datetime_past_datetime_raises_ValidationError(
fake_metadata_runner, ):
fake_metadata_runner["response_expires_at"] = "1900-11-22T15:34:54+00:00"
with pytest.raises(ValidationError):
validate_runner_claims(fake_metadata_runner)
def test_deserialisation_iso_8601_date(date_string, fake_metadata_runner):
fake_metadata_runner["response_expires_at"] = date_string
claims = validate_runner_claims(fake_metadata_runner)
assert claims["response_expires_at"] == "2021-11-22T15:34:54+00:00"
def test_minimum_length_on_runner_metadata(fake_metadata_runner):
validate_runner_claims(fake_metadata_runner)
fake_metadata_runner["schema_name"] = ""
with pytest.raises(ValidationError):
validate_runner_claims(fake_metadata_runner)
def test_unknown_claims_are_not_deserialized(fake_metadata_runner):
fake_metadata_runner["unknown_key"] = "some value"
claims = validate_runner_claims(fake_metadata_runner)
assert "unknown_key" not in claims
def test_uuid_deserialisation(fake_metadata_runner):
claims = validate_runner_claims(fake_metadata_runner)
assert isinstance(claims["tx_id"], str)
def test_spaces_are_stripped_from_string_fields(fake_metadata_runner):
fake_metadata_runner["collection_exercise_sid"] = " stripped "
output = validate_runner_claims(fake_metadata_runner)
assert output["collection_exercise_sid"] == "stripped"