def test_missing_required_eq_id_in_token(self): metadata = { 'jti': str(uuid.uuid4()), 'user_id': '1', 'form_type': 'a', 'collection_exercise_sid': 'test-sid', 'period_id': '3', 'period_str': '2016-01-01', 'ref_p_start_date': '2016-02-02', 'ref_p_end_date': '2016-03-03', 'ru_ref': '2016-04-04', 'ru_name': 'Apple', 'return_by': '2016-07-07' } with self.assertRaises(InvalidTokenException) as ite_key: parse_runner_claims(metadata) self.assertEqual('Missing key/value for eq_id', str(ite_key.exception)) with self.assertRaises(InvalidTokenException) as ite_value: metadata['eq_id'] = '' parse_runner_claims(metadata) self.assertEqual('Missing key/value for eq_id', str(ite_value.exception))
def test_malformed_tx_id(self): metadata = { 'jti': str(uuid.uuid4()), 'user_id': '1', 'form_type': 'a', 'collection_exercise_sid': 'test-sid', 'eq_id': '2', 'period_id': '3', 'ru_ref': '2016-04-04', # one character short 'tx_id': '83a3db82-bea7-403c-a411-6357ff70f2f' } with self.assertRaises(InvalidTokenException) as ite: parse_runner_claims(metadata) self.assertEqual('incorrect data in token', str(ite.exception))
def test_invalid_tx_id(self): metadata = { 'jti': str(uuid.uuid4()), 'user_id': '1', 'form_type': 'a', 'collection_exercise_sid': 'test-sid', 'eq_id': '2', 'period_id': '3', 'ru_ref': '2016-04-04', # invalid 'tx_id': '12121' } with self.assertRaises(InvalidTokenException) as ite: parse_runner_claims(metadata) self.assertEqual('incorrect data in token', str(ite.exception))
def login(): """ Initial url processing - expects a token parameter and then will authenticate this token. Once authenticated it will be placed in the users session :return: a 302 redirect to the next location for the user """ # logging in again clears any session state if cookie_session: cookie_session.clear() decrypted_token = decrypt_token(request.args.get('token')) validate_jti(decrypted_token) claims = parse_runner_claims(decrypted_token) g.schema = load_schema_from_metadata(claims) schema_metadata = g.schema.json['metadata'] validate_metadata(claims, schema_metadata) eq_id = claims['eq_id'] form_type = claims['form_type'] tx_id = claims['tx_id'] ru_ref = claims['ru_ref'] logger.bind(eq_id=eq_id, form_type=form_type, tx_id=tx_id, ru_ref=ru_ref) logger.info('decrypted token and parsed metadata') store_session(claims) cookie_session['theme'] = g.schema.json['theme'] cookie_session['survey_title'] = g.schema.json['title'] cookie_session['expires_in'] = get_session_timeout_in_seconds(g.schema) if claims.get('account_service_url'): cookie_session['account_service_url'] = claims.get( 'account_service_url') if claims.get('account_service_log_out_url'): cookie_session['account_service_log_out_url'] = claims.get( 'account_service_log_out_url') routing_path = path_finder.get_full_routing_path() completeness = get_completeness(current_user) router = Router(g.schema, routing_path, completeness) next_location = router.get_next_location() return redirect(next_location.url(claims))
def test_generated_tx_id_format(self): metadata = { 'tx_id': str(uuid.uuid4()), 'jti': str(uuid.uuid4()), 'user_id': '1', 'form_type': 'a', 'collection_exercise_sid': 'test-sid', 'eq_id': '2', 'period_id': '3', 'ru_ref': '2016-04-04', } parsed = parse_runner_claims(metadata) tx_id = parsed['tx_id'] self.assertEqual(tx_id, str(uuid.UUID(tx_id)))
def parse_metadata(claims, schema_metadata): validated_claims = parse_runner_claims(claims) validate_metadata(validated_claims, schema_metadata) return validated_claims