def test_if_user_get_called_with_osm_id(self, mock_user_get):
# Arrange
osm_response = get_canned_osm_user_details()
# Act
AuthenticationService.login_user(osm_response, '/test/redirect')
# Assert
mock_user_get.assert_called_with(7777777)
def test_if_user_create_called_if_user_not_found(self, mock_user_get,
mock_user_register,
mock_message):
# Arrange
osm_response = get_canned_osm_user_details()
mock_user_get.side_effect = NotFound()
# Act
AuthenticationService.login_user(osm_response, '/test/redirect')
# Assert
mock_user_register.assert_called_with(7777777, 'Thinkwhere Test', 16)
def get(self):
"""
Authenticates user owns email address
---
tags:
- authentication
produces:
- application/json
parameters:
- in: query
name: username
type: string
default: thinkwhere
- in: query
name: token
type: string
default: 1234dvsdf
responses:
301:
description: Will redirect to email validation page
500:
description: Internal Server Error
"""
try:
username = request.args.get('username')
token = request.args.get('token')
redirect_url = AuthenticationService.authenticate_email_token(
username, token)
return redirect(redirect_url)
except Exception as e:
error_msg = f'User GET - unhandled error: {str(e)}'
current_app.logger.critical(error_msg)
return {"error": error_msg}, 500
def test_get_authentication_failed_url_returns_expected_url(self):
# Act
auth_failed_url = AuthenticationService.get_authentication_failed_url()
# Assert
parsed_url = urlparse(auth_failed_url)
self.assertEqual(parsed_url.path, '/auth-failed')
def post(self):
"""
Validates users credentials and returns token and relevant user details
---
tags:
- authentication
produces:
- application/json
parameters:
- in: header
name: Authorization
description: Base64 encoded user password
required: true
type: string
responses:
200:
description: Login Successful
401:
description: Unauthorized, credentials are invalid
500:
description: Internal Server Error
"""
try:
session = AuthenticationService.login_user(
dmis.authenticated_user_id)
return session.to_primitive(), 200
except Exception as e:
current_app.logger.critical(
'Unhandled exception when attempting to login, exception: {0}'.
format(str(e)))
return {'Error': 'Unhandled'}, 500
def test_unable_to_find_user_in_osm_response_raises_error(self):
# Arrange
osm_response = get_canned_osm_user_details()
# Act / Assert
with self.assertRaises(AuthServiceError):
AuthenticationService().login_user(osm_response, '/test/redirect',
'wont-find')
def get(self):
"""
Handles the OSM OAuth callback
---
tags:
- authentication
produces:
- application/json
responses:
302:
description: Redirects to login page, or login failed page
500:
description: A problem occurred authenticating the user
502:
description: A problem occurred negotiating with the OSM API
"""
osm_resp = osm.authorized_response()
if osm_resp is None:
current_app.logger.critical('No response from OSM')
return redirect(
AuthenticationService.get_authentication_failed_url())
else:
session[
'osm_oauth'] = osm_resp # Set OAuth details in the session temporarily
osm_response = osm.request(
'user/details') # Get details for the authenticating user
if osm_response.status != 200:
current_app.logger.critical('Error response from OSM')
return redirect(
AuthenticationService.get_authentication_failed_url())
try:
redirect_to = request.args.get('redirect_to')
authorized_url = AuthenticationService.login_user(
osm_response.data, redirect_to)
return redirect(
authorized_url
) # Redirect to Authentication page on successful authorization :)
except AuthServiceError as e:
return {"Error": str(e)}, 500
def check_token(token: str):
valid_token = ApplicationService.get_token(token)
if not valid_token:
return False
valid_token, user_id = AuthenticationService.is_valid_token(token, 86400*30)
if not valid_token:
return False
return True
def test_valid_auth_request_gets_token(self, mock_user_get):
# Arrange
osm_response = get_canned_osm_user_details()
# Act
redirect_url = AuthenticationService.login_user(
osm_response, '/test/redirect')
# Assert
parsed_url = urlparse(redirect_url)
query = parse_qs(parsed_url.query)
self.assertEqual(query['username'][0], 'Thinkwhere Test')
self.assertTrue(query['session_token'][0])
self.assertEqual(query['redirect_to'][0], '/test/redirect')
def test_can_parse_email_verification_token(self):
# Arrange - Generate valid email verification url
test_email = '*****@*****.**'
auth_url = SMTPService._generate_email_verification_url(
test_email, 'mrtest')
parsed_url = urlparse(auth_url)
query = parse_qs(parsed_url.query)
# Arrange
is_valid, email_address = AuthenticationService.is_valid_token(
query['token'][0], 86400)
# Assert
self.assertTrue(is_valid)
self.assertEqual(email_address, test_email)
def test_unknown_user_creates_user_in_db(self):
if self.skip_tests:
return
# Arrange
osm_response = get_canned_osm_user_details()
# Act
redirect_url = AuthenticationService().login_user(osm_response, '/test/redirect')
# Assert
parsed_url = urlparse(redirect_url)
query = parse_qs(parsed_url.query)
self.assertEqual(query['username'][0], 'Thinkwhere Test')
self.assertTrue(query['session_token'][0])
self.assertEqual(query['redirect_to'][0], '/test/redirect')
def gen_token(user_id):
""" Helper method for generating valid base64 encoded session tokens """
token = AuthenticationService.generate_session_token_for_user(user_id)
print(f'Raw token is: {token}')
b64_token = base64.b64encode(token.encode())
print(f'Your base64 encoded session token: {b64_token}')
def generate_application_key(self, user_id):
"""
Creates a key for use with an application.
"""
token = AuthenticationService.generate_session_token_for_user(user_id)
return token