def __init__(self, sequence_number=None):
self.connection_object = connect.AWS()
self.identity_vault_client = None
self.config = common.get_config()
if sequence_number is not None:
self.sequence_number = str(sequence_number)
else:
self.sequence_number = str(uuid.uuid4().int)
def setup(self):
self.dynalite_port = str(random.randint(32000, 34000))
os.environ["CIS_CONFIG_INI"] = "tests/mozilla-cis.ini"
os.environ["AWS_XRAY_SDK_ENABLED"] = "false"
os.environ["CIS_ENVIRONMENT"] = "local"
os.environ["CIS_DYNALITE_PORT"] = self.dynalite_port
os.environ["CIS_REGION_NAME"] = "us-west-2"
os.environ["AWS_ACCESS_KEY_ID"] = "foo"
os.environ["AWS_SECRET_ACCESS_KEY"] = "bar"
from cis_identity_vault import vault
from cis_change_service.common import get_config
self.patcher_salt = mock.patch(
"cis_crypto.secret.AWSParameterstoreProvider.uuid_salt")
self.mock_salt = self.patcher_salt.start()
config = get_config()
os.environ["CIS_DYNALITE_PORT"] = str(random.randint(32000, 34000))
self.dynalite_port = config("dynalite_port", namespace="cis")
self.dynaliteprocess = subprocess.Popen(
[
"/usr/sbin/java",
"-Djava.library.path=/opt/dynamodb_local/DynamoDBLocal_lib",
"-jar",
"/opt/dynamodb_local/DynamoDBLocal.jar",
"-inMemory",
"-port",
self.dynalite_port,
],
preexec_fn=os.setsid,
)
v = vault.IdentityVault()
v.connect()
v.create()
user_profile = FakeUser(config=FakeProfileConfig().minimal())
self.user_profile = user_profile.as_json()
from cis_change_service import api
api.app.testing = True
self.app = api.app.test_client()
self.publisher_rules = common.WellKnown().get_publisher_rules()
self.complex_structures = get_complex_structures()
def __init__(self, sequence_number=None, profile_json=None, **kwargs):
self.connection_object = connect.AWS()
self.identity_vault_client = None
self.config = common.get_config()
self.condition = "unknown"
self.user_id = kwargs.get("user_id")
self.user_uuid = kwargs.get("user_uuid")
self.primary_email = kwargs.get("primary_email")
self.primary_username = kwargs.get("primary_username")
if self.user_id is None:
logger.info("No user_id arg was passed for the payload. This is a new user or batch.")
tmp_user = User(user_structure_json=profile_json)
self.user_id = tmp_user.user_id.value
self.condition = "create"
if sequence_number is not None:
self.sequence_number = str(sequence_number)
else:
self.sequence_number = str(uuid.uuid4().int)
def setup(self):
from cis_change_service.common import get_config
os.environ["CIS_ENVIRONMENT"] = "local"
name = "local-identity-vault"
os.environ["CIS_CONFIG_INI"] = "tests/mozilla-cis.ini"
config = get_config()
self.kinesalite_port = config("kinesalite_port", namespace="cis")
self.kinesalite_host = config("kinesalite_host", namespace="cis")
self.dynalite_port = config("dynalite_port", namespace="cis")
self.dynaliteprocess = subprocess.Popen(
["dynalite", "--port", self.dynalite_port], preexec_fn=os.setsid)
self.kinesaliteprocess = subprocess.Popen(
["kinesalite", "--port", self.kinesalite_port],
preexec_fn=os.setsid)
conn = boto3.client(
"dynamodb",
region_name="us-west-2",
aws_access_key_id="ak",
aws_secret_access_key="sk",
endpoint_url="http://localhost:{}".format(self.dynalite_port),
)
# XXX TBD this will eventually be replaced by logic from the vault module
# The vault module will have the authoritative definitions for Attributes and GSI
try:
conn.create_table(
TableName=name,
KeySchema=[{
"AttributeName": "id",
"KeyType": "HASH"
}],
AttributeDefinitions=[
{
"AttributeName": "id",
"AttributeType": "S"
},
{
"AttributeName": "uuid",
"AttributeType": "S"
},
{
"AttributeName": "sequence_number",
"AttributeType": "S"
},
{
"AttributeName": "primary_email",
"AttributeType": "S"
},
{
"AttributeName": "primary_username",
"AttributeType": "S"
},
],
ProvisionedThroughput={
"ReadCapacityUnits": 5,
"WriteCapacityUnits": 5
},
GlobalSecondaryIndexes=[
{
"IndexName":
"{}-sequence_number".format(name),
"KeySchema": [{
"AttributeName": "sequence_number",
"KeyType": "HASH"
}],
"Projection": {
"ProjectionType": "ALL"
},
"ProvisionedThroughput": {
"ReadCapacityUnits": 5,
"WriteCapacityUnits": 5
},
},
{
"IndexName":
"{}-primary_email".format(name),
"KeySchema": [{
"AttributeName": "primary_email",
"KeyType": "HASH"
}],
"Projection": {
"ProjectionType": "ALL"
},
"ProvisionedThroughput": {
"ReadCapacityUnits": 5,
"WriteCapacityUnits": 5
},
},
{
"IndexName":
"{}-primary_username".format(name),
"KeySchema": [{
"AttributeName": "primary_username",
"KeyType": "HASH"
}],
"Projection": {
"ProjectionType": "ALL"
},
"ProvisionedThroughput": {
"ReadCapacityUnits": 5,
"WriteCapacityUnits": 5
},
},
{
"IndexName": "{}-uuid".format(name),
"KeySchema": [{
"AttributeName": "uuid",
"KeyType": "HASH"
}],
"Projection": {
"ProjectionType": "ALL"
},
"ProvisionedThroughput": {
"ReadCapacityUnits": 5,
"WriteCapacityUnits": 5
},
},
],
)
except Exception as e:
logger.error("Table error: {}".format(e))
conn = Stubber(
boto3.session.Session(region_name="us-west-2")).client.client(
"kinesis",
endpoint_url="http://{}:{}".format(self.kinesalite_host,
self.kinesalite_port))
try:
name = "local-stream"
conn.create_stream(StreamName=name, ShardCount=1)
except Exception as e:
logger.error("Stream creation error: {}".format(e))
# This just means we tried too many tests too fast.
pass
waiter = conn.get_waiter("stream_exists")
waiter.wait(StreamName=name,
Limit=100,
WaiterConfig={
"Delay": 1,
"MaxAttempts": 5
})
tags_1 = {"Key": "cis_environment", "Value": "local"}
tags_2 = {"Key": "application", "Value": "change-stream"}
conn.add_tags_to_stream(StreamName=name, Tags=tags_1)
conn.add_tags_to_stream(StreamName=name, Tags=tags_2)
self.user_profile = FakeUser().as_json()
import json
import logging
from functools import wraps
from flask import request
from flask import _request_ctx_stack
from six.moves.urllib.request import urlopen
from jose import jwt
from cis_change_service.common import get_config
from cis_change_service.exceptions import AuthError
logger = logging.getLogger(__name__)
CONFIG = get_config()
AUTH0_DOMAIN = CONFIG("auth0_domain", namespace="change_service", default="auth-dev.mozilla.auth0.com")
API_IDENTIFIER = CONFIG("api_identifier", namespace="change_service", default="https://change.sso.allizom.org")
ALGORITHMS = CONFIG("algorithms", namespace="change_service", default="RS256")
# Format error response and append status code
def get_token_auth_header():
"""Obtains the Access Token from the Authorization Header
"""
auth = request.headers.get("Authorization", None)
if not auth:
raise AuthError(
{"code": "authorization_header_missing", "description": "Authorization header is expected"}, 401
)
from flask import Flask
from flask import jsonify
from flask import request
from flask_cors import CORS
from flask_cors import cross_origin
from cis_aws import connect
from cis_change_service.common import get_config
from cis_change_service import profile
from cis_change_service.exceptions import IntegrationError
from cis_change_service.exceptions import VerificationError
from cis_change_service.idp import requires_auth
from cis_change_service.idp import AuthError
from cis_change_service import __version__
app = Flask(__name__)
config = get_config()
logger = logging.getLogger(__name__)
cis_environment = config("environment", namespace="cis")
# Configure the X-Ray recorder to generate segments with our service name
xray_recorder.configure(
service="{}_profile_retrieval_service".format(cis_environment))
# Instrument the Flask application
XRayMiddleware(app, xray_recorder)
CORS(
app,
allow_headers=(
"x-requested-with",
"content-type",
def setup(self):
os.environ["CIS_CONFIG_INI"] = "tests/mozilla-cis.ini"
os.environ["AWS_XRAY_SDK_ENABLED"] = "false"
from cis_change_service.common import get_config
config = get_config()
os.environ["CIS_DYNALITE_PORT"] = str(random.randint(32000, 34000))
self.dynalite_port = config("dynalite_port", namespace="cis")
self.dynaliteprocess = subprocess.Popen(
["dynalite", "--port", self.dynalite_port], preexec_fn=os.setsid)
name = "local-identity-vault"
conn = boto3.client(
"dynamodb",
region_name="us-west-2",
aws_access_key_id="ak",
aws_secret_access_key="sk",
endpoint_url="http://localhost:{}".format(self.dynalite_port),
)
try:
conn.create_table(
TableName=name,
KeySchema=[{
"AttributeName": "id",
"KeyType": "HASH"
}],
AttributeDefinitions=[
{
"AttributeName": "id",
"AttributeType": "S"
},
{
"AttributeName": "user_uuid",
"AttributeType": "S"
},
{
"AttributeName": "sequence_number",
"AttributeType": "S"
},
{
"AttributeName": "primary_email",
"AttributeType": "S"
},
{
"AttributeName": "primary_username",
"AttributeType": "S"
},
{
"AttributeName": "profile",
"AttributeType": "S"
},
],
ProvisionedThroughput={
"ReadCapacityUnits": 5,
"WriteCapacityUnits": 5
},
GlobalSecondaryIndexes=[
{
"IndexName":
"{}-sequence_number".format(name),
"KeySchema": [{
"AttributeName": "sequence_number",
"KeyType": "HASH"
}],
"Projection": {
"ProjectionType": "ALL"
},
"ProvisionedThroughput": {
"ReadCapacityUnits": 5,
"WriteCapacityUnits": 5
},
},
{
"IndexName":
"{}-primary_email".format(name),
"KeySchema": [{
"AttributeName": "primary_email",
"KeyType": "HASH"
}],
"Projection": {
"ProjectionType": "ALL"
},
"ProvisionedThroughput": {
"ReadCapacityUnits": 5,
"WriteCapacityUnits": 5
},
},
{
"IndexName":
"{}-primary_username".format(name),
"KeySchema": [{
"AttributeName": "primary_username",
"KeyType": "HASH"
}],
"Projection": {
"ProjectionType": "ALL"
},
"ProvisionedThroughput": {
"ReadCapacityUnits": 5,
"WriteCapacityUnits": 5
},
},
{
"IndexName":
"{}-user_uuid".format(name),
"KeySchema": [{
"AttributeName": "user_uuid",
"KeyType": "HASH"
}],
"Projection": {
"ProjectionType": "ALL"
},
"ProvisionedThroughput": {
"ReadCapacityUnits": 5,
"WriteCapacityUnits": 5
},
},
],
)
waiter = conn.get_waiter("table_exists")
waiter.wait(TableName="local-identity-vault",
WaiterConfig={
"Delay": 1,
"MaxAttempts": 5
})
except Exception as e:
logger.error("Table error: {}".format(e))
user_profile = FakeUser(config=FakeProfileConfig().minimal())
self.user_profile = user_profile.as_json()
from cis_change_service import api
api.app.testing = True
self.app = api.app.test_client()
self.publisher_rules = common.WellKnown().get_publisher_rules()
self.complex_structures = get_complex_structures()