def test_base(self):
# Setup Test
user_key = AuthUserEntity(username="******").put()
user_id = get_resource_id_from_key(user_key)
login_key = AuthUserMethodEntity(key=AuthUserMethodEntity.generate_key(
user_key, 'basic', user_id),
auth_type='basic',
auth_key=user_id,
auth_data='hashed_password:salt',
user_key=user_key).put()
user_data = {
'id': user_id,
'login_key': user_id,
'login_type': 'basic',
'version': 1
}
access_token = access_tokens_api.create_access_token(user_data)
# Run Code To Test
result = access_tokens_api.get_user_and_login_from_access_token(
access_token)
# Check results
self.assertEquals(len(result), 2)
self.assertTrue(isinstance(result[0], AuthUser))
self.assertEquals(result[0].id, get_resource_id_from_key(user_key))
self.assertTrue(isinstance(result[1], AuthUserMethodEntity))
self.assertEquals(result[1].key, login_key)
def create_login(user_resource_id, auth_type, auth_key, auth_data=None):
"""
"""
# Note: Do this in a more api friendly manner....
# TODO: Try/catch this stuff....
user_key = get_key_from_resource_id(user_resource_id)
user = user_key.get()
if not auth_type == 'basic':
raise Exception('unsupported provider: %s' % auth_type)
# Wrap this in a service
auth_type, auth_key, auth_data = basic.get_login_properties(user, auth_key, auth_data)
key = AuthUserMethodEntity.generate_key(user.key, auth_type, auth_key)
login_entity = AuthUserMethodEntity(key=key)
login_entity.auth_type = auth_type
login_entity.auth_key = auth_key
login_entity.auth_data = auth_data
login_entity.user_key = user.key # TODO: Eventually it's just resource_id
login_entity.put()
login_model = _populate_model(login_entity)
return login_model
def _populate_entity(login_model):
"""
TODO: WE may no longer need this...
"""
if not login_model:
return None
login_entity = AuthUserMethodEntity(key=get_key_from_resource_id(login_model.id))
login_entity.auth_type = login_model.auth_type
login_entity.auth_key = login_model.auth_key
login_entity.auth_data = login_model.auth_data
raise Exception(login_model)
return login_entity
def update_login(login_resource_id, auth_type, auth_key, auth_data=None):
"""
"""
login_entity = _get_entity_by_id(login_resource_id)
if not login_entity:
raise Exception('TODO: THROW DOES NOT EXIST')
if not auth_type == 'basic':
raise Exception('unsupported provider: %s' % auth_type)
# Generate new password
user = login_entity.user_key.get()
auth_type, auth_key, auth_data = basic.get_login_properties(user, auth_key, auth_data)
# For kicks, does this yeild the same keyname for the entity?
new_key = AuthUserMethodEntity.generate_key(user.key, auth_type, auth_key)
if not login_entity.key == new_key:
raise Exception("Bad Value Error or Bad Request --- key is different!!?!?!")
# Update the various props
login_entity.auth_type = auth_type
login_entity.auth_key = auth_key
login_entity.auth_data = auth_data
login_entity.put()
return _populate_model(login_entity)
def test_invalid_password(self):
# Create a User
user_key = AuthUserEntity(username="******").put()
# Create a password
pwhash, pwsalt = basic.encode_password('jive')
user_id = get_resource_id_from_key(user_key)
AuthUserMethodEntity(key=AuthUserMethodEntity.generate_key(user_key, 'basic', user_id),
auth_type='basic',
auth_key=user_id,
auth_data="%s:%s" % (pwhash, pwsalt),
user_key=user_key).put()
# Create credential token
credential_token = base64.b64encode('testUser1:nojive')
self.assertRaises(AuthenticationError, basic.get_user_by_token, credential_token)
def test_invalid_login(self):
user_key = AuthUserEntity(username="******").put()
user_id = get_resource_id_from_key(user_key)
login_key = AuthUserMethodEntity(key=AuthUserMethodEntity.generate_key(
user_key, 'basic', user_id),
auth_type='basic',
auth_key=user_id,
auth_data='hashed_password:salt',
user_key=user_key).put()
user_data = {
'id': user_id,
'login_key': user_id,
'login_type': 'invalid_type',
'version': 1
}
access_token = access_tokens_api.create_access_token(user_data)
access_tokens_api.get_user_and_login_from_access_token(access_token)
def get_login_by_auth_data(user, auth_type, auth_key, auth_data):
"""
"""
if not auth_type == 'basic':
raise Exception('unsupported provider: %s' % auth_type)
user_key = get_key_from_resource_id(user.id)
login_key = AuthUserMethodEntity.generate_key(user_key, auth_type, auth_key=user.id) # basic
return _populate_model(login_key.get())
def test_success(self):
# Create a User
user_key = AuthUserEntity(username="******").put()
# Create a password
pwhash, pwsalt = basic.encode_password('jive')
user_id = get_resource_id_from_key(user_key)
login_key = AuthUserMethodEntity(key=AuthUserMethodEntity.generate_key(user_key, 'basic', user_id),
auth_type='basic',
auth_key=user_id,
auth_data="%s:%s" % (pwhash, pwsalt),
user_key=user_key).put()
# Create credential token
credential_token = base64.b64encode('testUser1:jive')
user, login = basic.get_user_by_token(credential_token)
self.assertEquals(user_key, user.key)
self.assertEquals(login_key, login.key)
def get_logins_for_user(user_resource_id):
# TODO: Switch this to strictly use user_resource_id
user_key = get_key_from_resource_id(user_resource_id)
login_entities = AuthUserMethodEntity.query(AuthUserMethodEntity.user_key==user_key).fetch(1000)
login_models = []
for login_entity in login_entities:
login_models.append(_populate_model(login_entity))
return login_models
def test_base(self):
# Setup Test
user_key = AuthUserEntity(username="******").put()
user_id = get_resource_id_from_key(user_key)
login_key = AuthUserMethodEntity(key=AuthUserMethodEntity.generate_key(
user_key, 'basic', user_id),
auth_type='basic',
auth_key=user_id,
auth_data='hashed_password:salt',
user_key=user_key).put()
# Run Code to Test
result = access_tokens_api.make_token_user_data_dict(user_key.get(),
login_key.get(),
version=1)
# Check Results
self.assertDictEqual(
result, {
'login_type': u'basic',
'version': 1,
'login_key': user_id,
'id': user_id
})
def create_login(user, auth_type, auth_key, auth_data=None):
"""
TODO: Replace this with auth_core.api.logins.create_login
"""
if not auth_type == 'basic':
raise Exception('unsupported provider')
auth_type, auth_key, auth_data = basic.get_login_properties(
user, auth_key, auth_data)
key = AuthUserMethodEntity.generate_key(user.key, auth_type, auth_key)
login = AuthUserMethodEntity(key=key)
login.auth_type = auth_type
login.auth_key = auth_key
login.auth_data = auth_data
login.user_key = user.key
login.put()
return login
decoded_token = base64.b64decode(token)
except TypeError, e:
raise AuthenticationError(e)
try:
un, pw = decoded_token.split(':')
except ValueError, e:
raise AuthenticationError(e)
# TODO: Replace with internal.api.users.get_by_username
user = AuthUserEntity.query(AuthUserEntity.username == un).get()
if not user:
raise AuthenticationError('Username is invalid')
# TODO: Reduce this to an api method
l_key = AuthUserMethodEntity.generate_key(
user.key, 'basic', get_resource_id_from_key(user.key))
login = l_key.get()
if not login:
raise AuthenticationError("Could not find login for user")
pwhash, pwsalt = login.auth_data.split(":")
if not validate_password(pw, pwhash, pwsalt):
raise AuthenticationError('Password is invalid')
return user, login
def encode_password(raw_password):
"""
Encrypt a raw password using PBKDF2 with a random salt