def verify(request): form = BrowserIDForm(data=request.POST) if form.is_valid(): url = settings.BROWSERID_VERIFICATION_URL audience = get_audience(request) extra_params = {'experimental_forceIssuer': settings.BROWSERID_UNVERIFIED_ISSUER, 'experimental_allowUnverified': 'true'} assertion = form.cleaned_data['assertion'] log.info('verifying Persona assertion. url: %s, audience: %s, ' 'extra_params: %s, assertion: %s' % (url, audience, extra_params, assertion)) result = verify_assertion(assertion, audience, extra_params) if result: log.info('Persona assertion ok: %s' % result) email = result.get('unverified-email', result.get('email')) user_hash = set_user(request, email) redirect_url = check_pin_status(request) return { 'needs_redirect': redirect_url is not None, 'redirect_url': redirect_url, 'user_hash': user_hash } log.error('Persona assertion failed.') request.session.flush() return http.HttpResponseBadRequest()
def verify(request): form = BrowserIDForm(data=request.POST) if form.is_valid(): url = settings.BROWSERID_VERIFICATION_URL audience = get_audience(request) extra_params = { 'experimental_forceIssuer': settings.BROWSERID_UNVERIFIED_ISSUER, 'experimental_allowUnverified': 'true' } assertion = form.cleaned_data['assertion'] log.info('verifying Persona assertion. url: %s, audience: %s, ' 'extra_params: %s, assertion: %s' % (url, audience, extra_params, assertion)) result = verify_assertion(assertion, audience, extra_params) if result: log.info('Persona assertion ok: %s' % result) email = result.get('unverified-email', result.get('email')) store_mkt_permissions(request, email, assertion, audience) user_uuid = set_user(request, email) redirect_url = check_pin_status(request) return { 'needs_redirect': redirect_url is not None, 'redirect_url': redirect_url, 'user_hash': user_uuid } log.error('Persona assertion failed.') request.session.flush() return http.HttpResponseBadRequest()
def lobby(request): sess = request.session trans = None if request.GET.get('req'): # If it returns a response there was likely # an error and we should return it. res = process_pay_req(request) if isinstance(res, http.HttpResponse): return res elif settings.TEST_PIN_UI: # This won't get you very far but it lets you create/enter PINs # and stops a traceback after that. request.session['trans_id'] = trans_id() elif not sess.get('is_simulation', False): try: trans = solitude.get_transaction(request.session.get('trans_id')) except ObjectDoesNotExist: if request.session.get('trans_id'): log.info('Attempted to restart non-existent transaction {0}' .format(request.session.get('trans_id'))) return _error(request, msg='req is required') pin_form = VerifyPinForm() if sess.get('uuid'): auth_utils.update_session(request, sess.get('uuid')) # Before we continue with the buy flow, let's save some # time and get the transaction configured via Bango in the # background. log.info('configuring transaction {0} from lobby' .format(request.session.get('trans_id'))) tasks.configure_transaction(request, trans=trans) redirect_url = check_pin_status(request) if redirect_url is not None: return http.HttpResponseRedirect(redirect_url) # If the buyer closed the trusted UI during reset flow, we want to unset # the reset pin flag. They can hit the forgot pin button if they still # don't remember their pin. if sess.get('uuid_needs_pin_reset'): solitude.set_needs_pin_reset(sess['uuid'], False) sess['uuid_needs_pin_reset'] = False if sess.get('is_simulation', False): sim_req = sess['notes']['pay_request']['request']['simulate'] log.info('Starting simulate %s for %s' % (sim_req, sess['notes']['issuer_key'])) return render(request, 'pay/simulate.html', { 'simulate': sim_req }) return render(request, 'pay/lobby.html', { 'action': reverse('pin.verify'), 'form': pin_form, 'title': _('Enter Pin') })
def lobby(request): sess = request.session trans = None if request.GET.get('req'): # If it returns a response there was likely # an error and we should return it. res = process_pay_req(request) if isinstance(res, http.HttpResponse): return res elif settings.TEST_PIN_UI: # This won't get you very far but it lets you create/enter PINs # and stops a traceback after that. sess['trans_id'] = trans_id() elif not sess.get('is_simulation', False): try: trans = solitude.get_transaction(sess.get('trans_id')) except ObjectDoesNotExist: if sess.get('trans_id'): log.info( 'Attempted to restart non-existent transaction {0}'.format( sess.get('trans_id'))) return _error(request, msg='req is required') pin_form = VerifyPinForm() if sess.get('uuid'): auth_utils.update_session(request, sess.get('uuid'), False) # Before we continue with the buy flow, let's save some # time and get the transaction configured via Bango in the # background. log.info('configuring transaction {0} from lobby'.format( sess.get('trans_id'))) tasks.configure_transaction(request, trans=trans) redirect_url = check_pin_status(request) if redirect_url is not None: return http.HttpResponseRedirect('{0}?next={1}'.format( reverse('pay.bounce'), redirect_url)) # If the buyer closed the trusted UI during reset flow, we want to unset # the reset pin flag. They can hit the forgot pin button if they still # don't remember their pin. if sess.get('uuid_needs_pin_reset'): solitude.set_needs_pin_reset(sess['uuid'], False) sess['uuid_needs_pin_reset'] = False if sess.get('is_simulation', False): sim_req = sess['notes']['pay_request']['request']['simulate'] log.info('Starting simulate %s for %s' % (sim_req, sess['notes']['issuer_key'])) return render(request, 'pay/simulate.html', {'simulate': sim_req}) return render(request, 'pay/lobby.html', { 'action': reverse('pin.verify'), 'form': pin_form, 'title': _('Enter Pin') })
def lobby(request): sess = request.session have_jwt = bool(request.GET.get('req')) log.info('starting from JWT? {have_jwt}'.format(have_jwt=have_jwt)) if have_jwt: # If it returns a response there was likely # an error and we should return it. res = process_pay_req(request) if isinstance(res, http.HttpResponse): return res elif settings.TEST_PIN_UI: # This won't get you very far but it lets you create/enter PINs # and stops a traceback after that. sess['trans_id'] = trans_id() pin_form = VerifyPinForm() if sess.get('uuid'): auth_utils.update_session(request, sess.get('uuid'), False, request.session.get('logged_in_user', None)) redirect_url = check_pin_status(request) if redirect_url is not None: return http.HttpResponseRedirect( '{0}?next={1}'.format(reverse('pay.bounce'), redirect_url) ) # If the buyer closed the trusted UI during reset flow, we want to unset # the reset pin flag. They can hit the forgot pin button if they still # don't remember their pin. if sess.get('uuid_needs_pin_reset'): try: solitude.set_needs_pin_reset(sess['uuid'], False) except ResourceModified: return system_error(request, code=msg.RESOURCE_MODIFIED) sess['uuid_needs_pin_reset'] = False if sess.get('is_simulation', False): sim_req = sess['notes']['pay_request']['request']['simulate'] log.info('Starting simulate %s for %s' % (sim_req, sess['notes']['issuer_key'])) return render(request, 'pay/simulate.html', { 'simulate': sim_req }) return render(request, 'pay/lobby.html', { 'action': reverse('pin.verify'), 'form': pin_form, 'title': _('Enter Pin'), 'track_cancel': { 'action': 'pin cancel', 'label': 'Pin Entry Page', }, })
def lobby(request): sess = request.session have_jwt = bool(request.GET.get('req')) log.info('starting from JWT? {have_jwt}'.format(have_jwt=have_jwt)) if have_jwt: # If it returns a response there was likely # an error and we should return it. res = process_pay_req(request) if isinstance(res, http.HttpResponse): return res elif settings.TEST_PIN_UI: # This won't get you very far but it lets you create/enter PINs # and stops a traceback after that. sess['trans_id'] = trans_id() pin_form = VerifyPinForm() if sess.get('uuid'): auth_utils.update_session(request, sess.get('uuid'), False) redirect_url = check_pin_status(request) if redirect_url is not None: return http.HttpResponseRedirect('{0}?next={1}'.format( reverse('pay.bounce'), redirect_url)) # If the buyer closed the trusted UI during reset flow, we want to unset # the reset pin flag. They can hit the forgot pin button if they still # don't remember their pin. if sess.get('uuid_needs_pin_reset'): try: solitude.set_needs_pin_reset(sess['uuid'], False) except ResourceModified: return system_error(request, code=msg.RESOURCE_MODIFIED) sess['uuid_needs_pin_reset'] = False if sess.get('is_simulation', False): sim_req = sess['notes']['pay_request']['request']['simulate'] log.info('Starting simulate %s for %s' % (sim_req, sess['notes']['issuer_key'])) return render(request, 'pay/simulate.html', {'simulate': sim_req}) return render( request, 'pay/lobby.html', { 'action': reverse('pin.verify'), 'form': pin_form, 'title': _('Enter Pin'), 'track_cancel': { 'action': 'pin cancel', 'label': 'Pin Entry Page', }, })
def lobby(request): sess = request.session have_jwt = bool(request.GET.get("req")) log.info("starting from JWT? {have_jwt}".format(have_jwt=have_jwt)) if have_jwt: # If it returns a response there was likely # an error and we should return it. res = process_pay_req(request) if isinstance(res, http.HttpResponse): return res elif settings.TEST_PIN_UI: # This won't get you very far but it lets you create/enter PINs # and stops a traceback after that. sess["trans_id"] = trans_id() pin_form = VerifyPinForm() if sess.get("uuid"): auth_utils.update_session(request, sess.get("uuid"), False) redirect_url = check_pin_status(request) if redirect_url is not None: return http.HttpResponseRedirect("{0}?next={1}".format(reverse("pay.bounce"), redirect_url)) # If the buyer closed the trusted UI during reset flow, we want to unset # the reset pin flag. They can hit the forgot pin button if they still # don't remember their pin. if sess.get("uuid_needs_pin_reset"): try: solitude.set_needs_pin_reset(sess["uuid"], False) except ResourceModified: return system_error(request, code=msg.RESOURCE_MODIFIED) sess["uuid_needs_pin_reset"] = False if sess.get("is_simulation", False): sim_req = sess["notes"]["pay_request"]["request"]["simulate"] log.info("Starting simulate %s for %s" % (sim_req, sess["notes"]["issuer_key"])) return render(request, "pay/simulate.html", {"simulate": sim_req}) return render( request, "pay/lobby.html", { "action": reverse("pin.verify"), "form": pin_form, "title": _("Enter Pin"), "track_cancel": {"action": "pin cancel", "label": "Pin Entry Page"}, }, )
def lobby(request): if request.GET.get('req'): # If it returns a response there was likely # an error and we should return it. res = process_pay_req(request) if isinstance(res, http.HttpResponse): return res elif settings.TEST_PIN_UI: # This won't get you very far but it lets you create/enter PINs # and stops a traceback after that. request.session['trans_id'] = uuid.uuid4() elif not 'notes' in request.session: # A JWT was not passed in and no JWT is in the session. return _error(request, msg='req is required') pin_form = VerifyPinForm() sess = request.session if sess.get('uuid'): auth_utils.update_session(request, sess.get('uuid')) redirect_url = check_pin_status(request) if redirect_url is not None: return http.HttpResponseRedirect(redirect_url) # If the buyer closed the trusted UI during reset flow, we want to unset # the reset pin flag. They can hit the forgot pin button if they still # don't remember their pin. if sess.get('uuid_needs_pin_reset'): solitude.set_needs_pin_reset(sess['uuid'], False) sess['uuid_needs_pin_reset'] = False if sess.get('is_simulation', False): sim_req = sess['notes']['pay_request']['request']['simulate'] log.info('Starting simulate %s for %s' % (sim_req, sess['notes']['issuer_key'])) return render(request, 'pay/simulate.html', {'simulate': sim_req}) return render(request, 'pay/lobby.html', { 'action': reverse('pin.verify'), 'form': pin_form, 'title': _('Enter Pin') })
def verify(request): audience = get_audience(request) assertion = request.POST.get('assertion') email = native_fxa_authenticate(audience, assertion) if email: store_mkt_permissions(request, email, assertion, audience) user_uuid = set_user(request, email) redirect_url = check_pin_status(request) return { 'needs_redirect': redirect_url is not None, 'redirect_url': redirect_url, 'user_hash': user_uuid } else: log.error('Native FxA assertion failed.') request.session.flush() return http.HttpResponseBadRequest()
def verify(request): form = BrowserIDForm(data=request.POST) if form.is_valid(): url = settings.BROWSERID_VERIFICATION_URL audience = get_audience(request) extra_params = { 'experimental_forceIssuer': settings.BROWSERID_UNVERIFIED_ISSUER, 'experimental_allowUnverified': 'true' } assertion = form.cleaned_data['assertion'] log.info('verifying Persona assertion. url: %s, audience: %s, ' 'extra_params: %s, assertion: %s' % (url, audience, extra_params, assertion)) result = verify_assertion(assertion, audience, extra_params) if result: log.info('Persona assertion ok: %s' % result) email = result.get('unverified-email', result.get('email')) store_mkt_permissions(request, email, assertion, audience) user_uuid = set_user(request, email) redirect_url = check_pin_status(request) # Before we verify the user's PIN let's save some # time and get the transaction configured via Bango in the # background. log.info('configuring transaction {0} from auth' .format(request.session.get('trans_id'))) if not pay_tasks.configure_transaction(request): log.error('Configuring transaction failed.') return { 'needs_redirect': redirect_url is not None, 'redirect_url': redirect_url, 'user_hash': user_uuid } log.error('Persona assertion failed.') request.session.flush() return http.HttpResponseBadRequest()
def verify(request): form = BrowserIDForm(data=request.POST) if form.is_valid(): url = settings.BROWSERID_VERIFICATION_URL audience = get_audience(request) extra_params = { 'experimental_forceIssuer': settings.BROWSERID_UNVERIFIED_ISSUER, 'experimental_allowUnverified': 'true' } assertion = form.cleaned_data['assertion'] log.info('verifying Persona assertion. url: %s, audience: %s, ' 'extra_params: %s, assertion: %s' % (url, audience, extra_params, assertion)) result = verify_assertion(assertion, audience, extra_params) if result: log.info('Persona assertion ok: %s' % result) email = result.get('unverified-email', result.get('email')) store_mkt_permissions(request, email, assertion, audience) user_uuid = set_user(request, email) redirect_url = check_pin_status(request) # Before we verify the user's PIN let's save some # time and get the transaction configured via Bango in the # background. log.info('configuring transaction {0} from auth'.format( request.session.get('trans_id'))) pay_tasks.configure_transaction(request) return { 'needs_redirect': redirect_url is not None, 'redirect_url': redirect_url, 'user_hash': user_uuid } log.error('Persona assertion failed.') request.session.flush() return http.HttpResponseBadRequest()
def verify(request): form = BrowserIDForm(data=request.POST) if form.is_valid(): url = settings.BROWSERID_VERIFICATION_URL audience = get_audience(request) extra_params = { "experimental_forceIssuer": settings.BROWSERID_UNVERIFIED_ISSUER, "experimental_allowUnverified": "true", } assertion = form.cleaned_data["assertion"] log.info( "verifying Persona assertion. url: %s, audience: %s, " "extra_params: %s, assertion: %s" % (url, audience, extra_params, assertion) ) result = verify_assertion(assertion, audience, extra_params) if result: log.info("Persona assertion ok: %s" % result) email = result.get("unverified-email", result.get("email")) store_mkt_permissions(request, email, assertion, audience) user_uuid = set_user(request, email) redirect_url = check_pin_status(request) # Before we verify the user's PIN let's save some # time and get the transaction configured via Bango in the # background. log.info("configuring transaction {0} from auth".format(request.session.get("trans_id"))) if not pay_tasks.configure_transaction(request): log.error("Configuring transaction failed.") return {"needs_redirect": redirect_url is not None, "redirect_url": redirect_url, "user_hash": user_uuid} log.error("Persona assertion failed.") request.session.flush() return http.HttpResponseBadRequest()
def test_pin_is_locked(self): self.request.session['uuid_pin_is_locked'] = True eq_(utils.check_pin_status(self.request), reverse('pin.is_locked'))
def test_check_pin_status_is_confirmed(self, change_pin): self.request.session["uuid_has_pin"] = True self.request.session["uuid_has_confirmed_pin"] = True eq_(utils.check_pin_status(self.request), None) assert not change_pin.called
def test_check_pin_status_not_confirmed(self, change_pin): self.request.session["uuid_has_pin"] = True self.request.session["uuid_has_confirmed_pin"] = False eq_(utils.check_pin_status(self.request), reverse("pin.create")) assert change_pin.called assert not self.request.session["uuid_has_pin"]
def test_pin_entered_after_timeout(self): self.request.session["last_pin_success"] = datetime.now() - timedelta(seconds=settings.PIN_UNLOCK_LENGTH + 60) eq_(utils.check_pin_status(self.request), None)
def test_locked_out_but_pin_recently_entered_successfully(self): self.request.session["last_pin_success"] = datetime.now() self.request.session["uuid_pin_is_locked"] = True eq_(utils.check_pin_status(self.request), reverse("pin.is_locked"))
def test_pin_recently_entered_successfully(self): self.request.session["last_pin_success"] = datetime.now() eq_(utils.check_pin_status(self.request), get_wait_url(mock.Mock(session={})))
def test_pin_was_locked(self): self.request.session["uuid_pin_was_locked"] = True eq_(utils.check_pin_status(self.request), reverse("pin.was_locked"))
def test_pin_recently_entered_successfully(self): self.request.session['last_pin_success'] = datetime.now() eq_(utils.check_pin_status(self.request), get_payment_url())
def test_pin_recently_entered_successfully(self): self.request.session['last_pin_success'] = datetime.now() eq_(utils.check_pin_status(self.request), get_wait_url(mock.Mock(session={})))
.format(tx=sess.get('trans_id'))) pin_form = VerifyPinForm() if sess.get('uuid'): auth_utils.update_session(request, sess.get('uuid'), False) # Before we continue with the buy flow, let's save some # time and get the transaction configured via Bango in the # background. log.info('configuring transaction {0} from lobby' .format(sess.get('trans_id'))) if not tasks.configure_transaction(request, trans=trans): log.error('Configuring transaction failed.') redirect_url = check_pin_status(request) if redirect_url is not None: return http.HttpResponseRedirect( '{0}?next={1}'.format(reverse('pay.bounce'), redirect_url) ) # If the buyer closed the trusted UI during reset flow, we want to unset # the reset pin flag. They can hit the forgot pin button if they still # don't remember their pin. if sess.get('uuid_needs_pin_reset'): try: solitude.set_needs_pin_reset(sess['uuid'], False) except ResourceModified: return system_error(request, code=msg.RESOURCE_MODIFIED) sess['uuid_needs_pin_reset'] = False
def test_locked_out_but_pin_recently_entered_successfully(self): self.request.session['last_pin_success'] = datetime.now() self.request.session['uuid_pin_is_locked'] = True eq_(utils.check_pin_status(self.request), reverse('pin.is_locked'))
def test_pin_entered_after_timeout(self): self.request.session['last_pin_success'] = ( datetime.now() - timedelta(seconds=settings.PIN_UNLOCK_LENGTH + 60) ) eq_(utils.check_pin_status(self.request), None)
def test_check_pin_status_is_confirmed(self, change_pin): self.request.session['uuid_has_pin'] = True self.request.session['uuid_has_confirmed_pin'] = True eq_(utils.check_pin_status(self.request), None) assert not change_pin.called
def test_check_pin_status_not_confirmed(self, change_pin): self.request.session['uuid_has_pin'] = True self.request.session['uuid_has_confirmed_pin'] = False eq_(utils.check_pin_status(self.request), reverse('pin.create')) assert change_pin.called assert not self.request.session['uuid_has_pin']
def test_no_pin_not_confirmed(self, change_pin): self.request.session['uuid_has_pin'] = False self.request.session['uuid_has_confirmed_pin'] = False eq_(utils.check_pin_status(self.request), reverse('pin.create')) assert not change_pin.called
def test_pin_was_locked(self): self.request.session['uuid_pin_was_locked'] = True eq_(utils.check_pin_status(self.request), reverse('pin.was_locked'))