def get(self, request): uuid = request.GET.get("uuid") if uuid: registration = Registration.objects.get(uuid=uuid) else: token = request.GET.get("token") if not token: return Response({"error": "No token or uuid given"}, status=400) action_id = verify_action_jwt(token, action_type="registration") if not action_id: return Response({"error": "Invalid token"}, status=400) registration = Registration.objects.select_related("state").get( action_id=action_id) return Response( { "uuid": registration.uuid, "state": registration.state_id, "action_id": registration.action_id, "custom_ovr_link": get_custom_ovr_link(registration), "allow_print_and_forward": registration.state.allow_print_and_forward if registration.state else None, }, status=200, )
def test_jwt_bad_secret(mocker): jwt, _ = make_action_jwt(action_id="someid", action_type="sometype", expiration=timedelta(hours=1)) mocker.patch("apikey.crypto.SECRET_KEY", "different") assert verify_action_jwt(jwt, action_type="sometype") == None
def test_jwt(freezer): freezer.move_to("2009-01-20T11:30:00Z") jwt, exp = make_action_jwt(action_id="someid", action_type="sometype", expiration=timedelta(hours=1)) assert exp == datetime(2009, 1, 20, 12, 30, 0, tzinfo=timezone.utc) assert verify_action_jwt(jwt, action_type="sometype") == "someid"
def test_jwt_unsigned(): jwt = force_str( jwtlib.encode( { "iss": JWT_ISSUER, "exp": datetime.now(tz=timezone.utc) + timedelta(hours=1), "action_type": "sometype", "action_id": "someid", }, None, algorithm=None, )) assert verify_action_jwt(jwt, action_type="sometype") == None
def test_jwt_bad_action_type(): jwt, _ = make_action_jwt(action_id="someid", action_type="sometype", expiration=timedelta(hours=1)) assert verify_action_jwt(jwt, action_type="different") == None
def test_jwt_expired(): jwt, _ = make_action_jwt(action_id="someid", action_type="sometype", expiration=timedelta(hours=-1)) assert verify_action_jwt(jwt, action_type="sometype") == None