def test_default_provision_user(): user_id = '10' auth.provision_user(user_id) auth_user = auth.load_user(user_id) assert auth_user.user_id == '10' assert len(auth_user.secret) == auth.SECRET_KEY_BYTES assert auth_user.key_length == 6 assert auth_user.hash_algorithm == 'SHA256'
def test_default_provision_user(): user_id = "10" auth.provision_user(user_id) auth_user = auth.load_user(user_id) assert auth_user.user_id == "10" assert len(auth_user.secret) == auth.SECRET_KEY_BYTES assert auth_user.key_length == 6 assert auth_user.hash_algorithm == "SHA256"
def test_consume_recovery_code_success(): user_id = '18' auth_user = auth.provision_user(user_id) recovery_code = auth_user.recovery_codes[0] auth.consume_recovery_code(user_id, recovery_code.code) assert recovery_code.used is True
def test_consume_recovery_code_success(): user_id = "18" auth_user = auth.provision_user(user_id) recovery_code = auth_user.recovery_codes[0] auth.consume_recovery_code(user_id, recovery_code.code) assert recovery_code.used is True
def test_consume_recovery_code_already_consumed(): user_id = "20" auth_user = auth.provision_user(user_id) recovery_code = auth_user.recovery_codes[0] auth.consume_recovery_code(user_id, recovery_code.code) with pytest.raises(auth.RecoveryCodeConsumptionError): auth.consume_recovery_code(user_id, recovery_code.code)
def test_consume_recovery_code_already_consumed(): user_id = '20' auth_user = auth.provision_user(user_id) recovery_code = auth_user.recovery_codes[0] auth.consume_recovery_code(user_id, recovery_code.code) with pytest.raises(auth.RecoveryCodeConsumptionError): auth.consume_recovery_code(user_id, recovery_code.code)
def test_authorize_user(): user_id = "14" user = auth.provision_user(user_id) totp = auth.get_totp(user.secret, user.key_length, user.hash_algorithm, 30) code_to_validate = totp.generate(time.time()) assert auth.authorize_user(user_id, code_to_validate)
def test_authorize_user(): user_id = '14' user = auth.provision_user(user_id) totp = auth.get_totp(user.secret, user.key_length, user.hash_algorithm, 30) code_to_validate = totp.generate(time.time()) assert auth.authorize_user(user_id, code_to_validate)
def test_consume_recovery_code_wrong_user(): user_id = "19" auth_user = auth.provision_user(user_id) recovery_code = auth_user.recovery_codes[0] with pytest.raises(auth.RecoveryCodeConsumptionError): auth.consume_recovery_code(18, recovery_code.code) assert recovery_code.used is False
def test_consume_recovery_code_wrong_user(): user_id = '19' auth_user = auth.provision_user(user_id) recovery_code = auth_user.recovery_codes[0] with pytest.raises(auth.RecoveryCodeConsumptionError): auth.consume_recovery_code(18, recovery_code.code) assert recovery_code.used is False
def test_regenerate_user_recovery_codes(): user_id = "17" auth_user = auth.provision_user(user_id) current_recovery_codes = set(recovery_code.code for recovery_code in auth_user.recovery_codes) auth.regenerate_user_recovery_codes(user_id) new_recovery_codes = set(recovery_code.code for recovery_code in auth_user.recovery_codes) assert current_recovery_codes != new_recovery_codes assert len(new_recovery_codes) == auth.RECOVERY_CODE_COUNT
def test_regenerate_user_recovery_codes(): user_id = '17' auth_user = auth.provision_user(user_id) current_recovery_codes = set(recovery_code.code for recovery_code in auth_user.recovery_codes) auth.regenerate_user_recovery_codes(user_id) new_recovery_codes = set(recovery_code.code for recovery_code in auth_user.recovery_codes) assert current_recovery_codes != new_recovery_codes assert len(new_recovery_codes) == auth.RECOVERY_CODE_COUNT
def user_provision(): data = request.get_json(force=True) try: validate(data, USER_PROVISION_SCHEMA) except ValidationError as e: return jsonify(error_message=str(e), error_code='INVALID_PARAMS'), 400 try: auth_user = auth.provision_user(**data) except auth.UserCreationException as e: return jsonify(error_message=str(e), error_code='USER_PROVISION_FAILURE'), 400 return format_auth_user_response(auth_user)
def test_auth_uri(): user_id = "15" user = auth.provision_user(user_id) auth_uri = urlparse(auth.user_auth_uri(user_id, "*****@*****.**", "someissuer")) assert auth_uri.scheme == "otpauth" assert auth_uri.netloc == "totp" assert auth_uri.path == "/someissuer:ausername%40example.org" query = parse_qs(auth_uri.query) assert query["algorithm"] == ["SHA256"] assert query["period"] == [str(user.key_valid_duration)] assert query["issuer"] == ["someissuer"] assert query["secret"] == [b32encode(user.secret).decode("ASCII")] assert query["digits"] == [str(user.key_length)]
def user_provision(): data = request.get_json(force=True) try: validate(data, USER_PROVISION_SCHEMA) except ValidationError as e: return jsonify(error_message=str(e), error_code='INVALID_PARAMS'), 400 try: auth_user = auth.provision_user(**data) except auth.UserCreationException as e: return jsonify( error_message=str(e), error_code='USER_PROVISION_FAILURE' ), 400 return format_auth_user_response(auth_user)
def test_auth_uri(): user_id = '15' user = auth.provision_user(user_id) auth_uri = urlparse( auth.user_auth_uri(user_id, '*****@*****.**', 'someissuer'), ) assert auth_uri.scheme == 'otpauth' assert auth_uri.netloc == 'totp' assert auth_uri.path == '/someissuer:ausername%40example.org' query = parse_qs(auth_uri.query) assert query['algorithm'] == ['SHA256'] assert query['period'] == [str(user.key_valid_duration)] assert query['issuer'] == ['someissuer'] assert query['secret'] == [b32encode(user.secret).decode('ASCII')] assert query['digits'] == [str(user.key_length)]
def test_user_exists(): user_id = '13' auth.provision_user(user_id) with pytest.raises(auth.UserCreationException): auth.provision_user(user_id)
def test_provision_user_unsupported_hash_algorithm(): with pytest.raises(auth.UserCreationException): auth.provision_user(1, hash_algorithm='MD5')
def test_provision_user_alternate_algorithm(): user_id = '12' auth.provision_user(user_id, hash_algorithm='SHA1') auth_user = auth.load_user(user_id) assert auth_user.hash_algorithm == 'SHA1'
def test_unsupported_key_length(): with pytest.raises(auth.UserCreationException): auth.provision_user(1, key_length=10)
def test_consume_recovery_code_wrong_code(): auth.provision_user(21) with pytest.raises(auth.RecoveryCodeConsumptionError): auth.consume_recovery_code(21, 'foobar')
def test_provision_user_alternate_key_length(): user_id = "11" auth.provision_user(user_id, key_length=8) auth_user = auth.load_user(user_id) assert auth_user.key_length == 8
def test_provision_user_generates_recovery_codes(): user_id = "16" auth_user = auth.provision_user(user_id) assert len(auth_user.recovery_codes) == 10
def test_consume_recovery_code_wrong_code(): auth.provision_user(21) with pytest.raises(auth.RecoveryCodeConsumptionError): auth.consume_recovery_code(21, "foobar")
def test_provision_user_generates_recovery_codes(): user_id = '16' auth_user = auth.provision_user(user_id) assert len(auth_user.recovery_codes) == 10
def test_provision_user_alternate_key_length(): user_id = '11' auth.provision_user(user_id, key_length=8) auth_user = auth.load_user(user_id) assert auth_user.key_length == 8
def test_provision_user_alternate_algorithm(): user_id = "12" auth.provision_user(user_id, hash_algorithm="SHA1") auth_user = auth.load_user(user_id) assert auth_user.hash_algorithm == "SHA1"
def test_provision_user_unsupported_hash_algorithm(): with pytest.raises(auth.UserCreationException): auth.provision_user(1, hash_algorithm="MD5")
def test_user_exists(): user_id = "13" auth.provision_user(user_id) with pytest.raises(auth.UserCreationException): auth.provision_user(user_id)