Exemplo n.º 1
0
 def test_failover_strategy_throw(self):
     options = {'user_id': '1234'}
     client = Client(request(), options)
     configuration.failover_strategy = 'throw'
     with self.assertRaises(Exception):
         client.failover(options, Exception())
     configuration.failover_strategy = 'allow'
Exemplo n.º 2
0
 def test_track_tracked_true(self):
     response_text = 'track'
     responses.add(responses.POST,
                   'https://api.castle.io/v1/track',
                   json=response_text,
                   status=200)
     client = Client(request(), {})
     options = {'event': '$login.authenticate', 'user_id': '1234'}
     self.assertEqual(client.track(options), response_text)
Exemplo n.º 3
0
 def test_failover_strategy_not_throw(self):
     options = {'user_id': '1234'}
     client = Client(request(), options)
     self.assertEqual(
         client.failover(options, Exception()), {
             'action': 'allow',
             'user_id': '1234',
             'failover': True,
             'failover_reason': 'Exception'
         })
Exemplo n.º 4
0
 def test_authenticate_tracked_true(self):
     response_text = {'action': 'allow', 'user_id': '1234'}
     responses.add(responses.POST,
                   'https://api.castle.io/v1/authenticate',
                   json=response_text,
                   status=200)
     client = Client(request(), {})
     options = {'event': '$login.authenticate', 'user_id': '1234'}
     response_text.update(failover=False, failover_reason=None)
     self.assertEqual(client.authenticate(options), response_text)
Exemplo n.º 5
0
 def test_authenticate_tracked_false(self):
     response_text = {
         'action': 'allow',
         'user_id': '1234',
         'failover': True,
         'failover_reason': 'Castle set to do not track.'
     }
     client = Client(request(), {})
     client.disable_tracking()
     options = {'event': '$login.authenticate', 'user_id': '1234'}
     self.assertEqual(client.authenticate(options), response_text)
Exemplo n.º 6
0
 def test_authenticate_tracked_true_status_500(self):
     response_text = {
         'action': 'allow',
         'user_id': '1234',
         'failover': True,
         'failover_reason': 'InternalServerError'
     }
     responses.add(responses.POST,
                   'https://api.castle.io/v1/authenticate',
                   json='authenticate',
                   status=500)
     client = Client(request(), {})
     options = {'event': '$login.authenticate', 'user_id': '1234'}
     self.assertEqual(client.authenticate(options), response_text)
Exemplo n.º 7
0
def evaluate_new_password():

    print(request.json)

    client_id = request.json["client_id"]
    password = request.json["password"]

    # check validity of username + password combo
    if password == os.getenv("valid_password"):
        castle_event = "$password_reset.failed"
    else:
        castle_event = "$password_reset.succeeded"

    payload_to_castle = {
        'event': castle_event,
        'user_id': os.getenv("valid_user_id"),
        'user_traits': {
            'email': os.getenv("valid_username"),
            'registered_at': registered_at
        },
        'context': {
            'client_id': client_id
        }
    }

    castle = Client.from_request(request)

    r = {
        "api_endpoint": "track",
        "payload_to_castle": payload_to_castle,
        "castle_event": castle_event
    }

    return r, 200, {'ContentType': 'application/json'}
Exemplo n.º 8
0
def update_device():

    print(request.json)

    if request.json["user_verdict"] == "report":
        event = '$review.escalated'
        return_msg = "report"
    else:
        event = '$challenge.succeeded'
        return_msg = "approve"

    castle = Client.from_request(request)

    payload = {
        'event': event,
        'device_token': request.json["device_token"],
        'context': {}
    }

    payload["context"]["client_id"] = request.json["client_id"]

    result = castle.track(payload)

    print(result)

    r = {"api_endpoint": "track", "castle_event": event, "payload": payload}

    return r, 200, {'ContentType': 'application/json'}
Exemplo n.º 9
0
 def test_setup_context(self):
     context = {
         'active': True,
         'client_id': '1234',
         'headers': {
             'X-Forwarded-For': '217.144.192.112'
         },
         'ip': '217.144.192.112',
         'library': {
             'name': 'castle-python',
             'version': VERSION
         },
         'origin': 'web'
     }
     client = Client(request(), {})
     self.assertEqual(client.setup_context(request()), context)
Exemplo n.º 10
0
 def test_failover_strategy_not_throw(self):
     options = {'user_id': '1234'}
     self.assertEqual(
         Client.failover_response_or_raise(options, Exception()), {
             'action': 'allow',
             'user_id': '1234',
             'failover': True,
             'failover_reason': 'Exception'
         })
Exemplo n.º 11
0
 def test_impersonate(self):
     response_text = 'impersonate'
     responses.add(responses.POST,
                   'https://api.castle.io/v1/impersonate',
                   json=response_text,
                   status=200)
     client = Client.from_request(request(), {})
     options = {'impersonator': 'admin', 'user_id': '1234'}
     self.assertEqual(client.impersonate(options), response_text)
Exemplo n.º 12
0
 def test_end_impersonation(self):
     response_text = {'success': True}
     responses.add(responses.DELETE,
                   'https://api.castle.io/v1/impersonate',
                   json=response_text,
                   status=200)
     client = Client.from_request(request(), {})
     options = {'properties': {'impersonator': 'admin'}, 'user_id': '1234'}
     self.assertEqual(client.end_impersonation(options), response_text)
Exemplo n.º 13
0
 def test_end_impersonation_failed(self):
     response_text = {}
     responses.add(responses.DELETE,
                   'https://api.castle.io/v1/impersonate',
                   json=response_text,
                   status=200)
     client = Client.from_request(request(), {})
     options = {'properties': {'impersonator': 'admin'}, 'user_id': '1234'}
     with self.assertRaises(ImpersonationFailed):
         client.end_impersonation(options)
Exemplo n.º 14
0
 def test_failover_strategy_not_throw(self):
     options = {'user_id': '1234'}
     self.assertEqual(
         Client.failover_response_or_raise(options.get('user_id'),
                                           Exception()),
         {
             'action': Verdict.ALLOW.value,
             'user_id': '1234',
             'failover': True,
             'failover_reason': 'Exception'
         })
Exemplo n.º 15
0
 def test_log_tracked_true(self):
     response_text = 'log'
     responses.add(responses.POST,
                   'https://api.castle.io/v1/log',
                   json=response_text,
                   status=200)
     client = Client.from_request(request(), {})
     options = {
         'request_token':
         '7e51335b-f4bc-4bc7-875d-b713fb61eb23-bf021a3022a1a302',
         'event': '$login',
         'status': '$succeeded',
         'user': {
             'id': '1234'
         }
     }
     self.assertEqual(client.log(options), response_text)
Exemplo n.º 16
0
 def test_to_context(self):
     context = {
         'active': True,
         'client_id': '1234',
         'headers': {
             'User-Agent': 'test',
             'X-Forwarded-For': '217.144.192.112'
         },
         'ip': '217.144.192.112',
         'library': {
             'name': 'castle-python',
             'version': VERSION
         },
         'origin': 'web',
         'user_agent': 'test'
     }
     result_context = Client.to_context(request(), {})
     self.assertEqual(result_context, context)
Exemplo n.º 17
0
 def test_risk_tracked_true(self):
     response_text = {'action': Verdict.ALLOW.value, 'user_id': '1234'}
     responses.add(responses.POST,
                   'https://api.castle.io/v1/risk',
                   json=response_text,
                   status=200)
     client = Client.from_request(request(), {})
     options = {
         'request_token':
         '7e51335b-f4bc-4bc7-875d-b713fb61eb23-bf021a3022a1a302',
         'event': '$login',
         'status': '$succeeded',
         'user': {
             'id': '1234'
         }
     }
     response_text.update(failover=False, failover_reason=None)
     self.assertEqual(client.risk(options), response_text)
Exemplo n.º 18
0
 def test_init(self):
     context = {
         'active': True,
         'client_id': '1234',
         'headers': {
             'X-Forwarded-For': '217.144.192.112'
         },
         'ip': '217.144.192.112',
         'library': {
             'name': 'castle-python',
             'version': VERSION
         },
         'origin': 'web'
     }
     client = Client(request(), {})
     self.assertEqual(client.options, {})
     self.assertEqual(client.do_not_track, False)
     self.assertEqual(client.context, context)
     self.assertIsInstance(client.api, Api)
Exemplo n.º 19
0
 def test_risk_tracked_false(self):
     response_text = {
         'action': Verdict.ALLOW.value,
         'user_id': '1234',
         'failover': True,
         'failover_reason': 'Castle set to do not track.'
     }
     client = Client.from_request(request(), {})
     client.disable_tracking()
     options = {
         'request_token':
         '7e51335b-f4bc-4bc7-875d-b713fb61eb23-bf021a3022a1a302',
         'event': '$login',
         'status': '$succeeded',
         'user': {
             'id': '1234'
         }
     }
     self.assertEqual(client.risk(options), response_text)
Exemplo n.º 20
0
 def test_init(self):
     context = {
         'active': True,
         'client_id': '1234',
         'headers': {
             'User-Agent': 'test',
             'X-Forwarded-For': '217.144.192.112',
             'X-Castle-Client-Id': '1234'
         },
         'ip': '217.144.192.112',
         'library': {
             'name': 'castle-python',
             'version': VERSION
         },
         'user_agent': 'test'
     }
     client = Client.from_request(request(), {})
     self.assertEqual(client.do_not_track, False)
     self.assertEqual(client.context, context)
     self.assertIsInstance(client.api, APIRequest)
Exemplo n.º 21
0
 def test_risk_tracked_true_status_500(self):
     response_text = {
         'action': Verdict.ALLOW.value,
         'user_id': '1234',
         'failover': True,
         'failover_reason': 'InternalServerError'
     }
     responses.add(responses.POST,
                   'https://api.castle.io/v1/risk',
                   json='risk',
                   status=500)
     client = Client.from_request(request(), {})
     options = {
         'request_token':
         '7e51335b-f4bc-4bc7-875d-b713fb61eb23-bf021a3022a1a302',
         'event': '$login',
         'status': '$succeeded',
         'user': {
             'id': '1234'
         }
     }
     self.assertEqual(client.risk(options), response_text)
Exemplo n.º 22
0
 def test_init(self):
     client = Client.from_request(request(), {})
     client2 = Client.from_request(request(), {})
     self.assertNotEqual(client.api.request, client2.api.request)
     self.assertEqual(client.api.req.session.get(),
                      client2.api.req.session.get())
Exemplo n.º 23
0
def evaluate_login():

    global registered_at

    print(request.json)

    client_id = request.json["client_id"]
    email = request.json["email"]
    password = request.json["password"]

    # check validity of username + password combo
    if email == os.getenv("valid_username"):

        user_id = os.getenv("valid_user_id")

        if password == os.getenv("valid_password"):
            castle_event = "$login.succeeded"
            castle_api_endpoint = "authenticate"
        else:
            castle_api_endpoint = "track"
            castle_event = "$login.failed"
    else:
        castle_api_endpoint = "track"
        castle_event = "$login.failed"
        user_id = None
        registered_at = None

    payload_to_castle = {
        'event': castle_event,
        'user_id': user_id,
        'user_traits': {
            'email': email
        },
        'context': {
            'client_id': client_id
        }
    }

    if registered_at:
        payload_to_castle["user_traits"]["registered_at"] = registered_at

    castle = Client.from_request(request)

    if castle_api_endpoint == "authenticate":
        verdict = castle.authenticate(payload_to_castle)

    elif castle_api_endpoint == "track":
        verdict = castle.track(payload_to_castle)

    print("verdict:")
    print(verdict)

    r = {
        "api_endpoint": castle_api_endpoint,
        "payload_to_castle": payload_to_castle,
        "result": verdict,
        "castle_event": castle_event
    }

    if "device_token" in verdict:
        r["device_token"] = verdict["device_token"]

    if "action" in verdict:
        r["action"] = verdict["action"]

    return r, 200, {'ContentType': 'application/json'}
Exemplo n.º 24
0
 def test_identify_tracked_false(self):
     client = Client.from_request(request(), {})
     client.disable_tracking()
     self.assertEqual(client.identify({}), None)
Exemplo n.º 25
0
 def test_failover_strategy_throw(self):
     options = {'user_id': '1234'}
     configuration.failover_strategy = 'throw'
     with self.assertRaises(Exception):
         Client.failover_response_or_raise(options, Exception())
     configuration.failover_strategy = 'allow'
Exemplo n.º 26
0
 def test_to_options(self):
     options = Client.to_options({'foo': 'bar'})
     self.assertEqual(options, {
         'foo': 'bar',
         'timestamp': '2018-01-02T03:04:05.678'
     })
Exemplo n.º 27
0
 def test_setup_client_id_from_cookies(self):
     cookies = {'__cid': '1234'}
     options = {'cookies': cookies}
     result_context = Client.to_context(request(), options)
     self.assertEqual(result_context['client_id'], '1234')
Exemplo n.º 28
0
 def test_tracked_when_do_not_track_true(self):
     client = Client.from_request(request(), {'do_not_track': True})
     self.assertEqual(client.tracked(), False)
Exemplo n.º 29
0
 def test_tracked_when_do_not_track_false(self):
     client = Client.from_request(request(), {})
     self.assertEqual(client.tracked(), True)
Exemplo n.º 30
0
 def test_enable_tracking(self):
     client = Client.from_request(request(), {})
     client.disable_tracking()
     self.assertEqual(client.do_not_track, True)
     client.enable_tracking()
     self.assertEqual(client.do_not_track, False)