class TestEncryption(unittest.TestCase):
def setUp(self):
secret_key = os.urandom(32)
self.cipher = DataCipher(secret_key)
def test_it_encrypts_and_decrypts(self):
secret = {"to_happiness": "money"}
encrypted = self.cipher.encrypt(secret)
assert type(encrypted) == bytes
decrypted = self.cipher.decrypt(encrypted)
assert decrypted["to_happiness"] == secret["to_happiness"]
def test_other_data_types(self):
a = [1, 2, 3, 4, 5, 6]
assert a == self.cipher.decrypt(self.cipher.encrypt(a))
b = 123456.78
assert b == self.cipher.decrypt(self.cipher.encrypt(b))
c = "a secret message"
assert c == self.cipher.decrypt(self.cipher.encrypt(c))
def post(self):
request_data = request.get_json()
if request_data is None:
error(400, "No json data in request body")
check_data_fields(
request_data,
["first_name", "last_name", "middle_name", "birth_date"])
cipher = DataCipher(key=current_app.config.get("SECRET_KEY"))
decrypted_credentials = cipher.decrypt(request.cookies["oeci_token"])
login_result = (decrypted_credentials["oeci_username"] == "username"
and decrypted_credentials["oeci_password"]
== "password")
if login_result is False:
error(401, "Attempted login to OECI failed")
record = build_record()
response_data = {"data": {"record": record}}
current_app.json_encoder = ExpungeModelEncoder
return response_data # Json-encoding happens automatically here
def _oeci_login_params(request):
cipher = DataCipher(key=current_app.config.get("SECRET_KEY"))
if not "oeci_token" in request.cookies.keys():
error(401, "Missing login credentials to OECI.")
decrypted_credentials = cipher.decrypt(request.cookies["oeci_token"])
return decrypted_credentials["oeci_username"], decrypted_credentials[
"oeci_password"]
def post(self):
request_data = request.get_json()
if request_data is None or not request_data.get("aliases"):
error(400, "No json data in request body")
check_data_fields(request_data, ["aliases"])
for alias in request_data["aliases"]:
check_data_fields(
alias,
["first_name", "last_name", "middle_name", "birth_date"])
cipher = DataCipher(key=current_app.config.get("SECRET_KEY"))
if not "oeci_token" in request.cookies.keys():
error(401, "Missing login credentials to OECI.")
decrypted_credentials = cipher.decrypt(request.cookies["oeci_token"])
username, password = decrypted_credentials[
"oeci_username"], decrypted_credentials["oeci_password"]
record, ambiguous_record, questions = RecordCreator.build_record(
username, password, request_data["aliases"])
if questions:
session["ambiguous_record"] = pickle.dumps(ambiguous_record)
try:
save_result(request_data, record)
except Exception as ex:
logging.error("Saving search result failed with exception: %s" %
ex,
stack_info=True)
record_summary = RecordSummarizer.summarize(record, questions)
response_data = {"data": {"record": record_summary}}
encoded_response = json.dumps(response_data, cls=ExpungeModelEncoder)
return encoded_response
def post(self):
request_data = request.get_json()
if request_data is None or not request_data.get("names"):
error(400, "No json data in request body")
for alias in request_data["names"]:
check_data_fields(
alias,
["first_name", "last_name", "middle_name", "birth_date"])
cipher = DataCipher(key=current_app.config.get("SECRET_KEY"))
if not "oeci_token" in request.cookies.keys():
error(401, "Missing login credentials to OECI.")
decrypted_credentials = cipher.decrypt(request.cookies["oeci_token"])
crawler = Crawler()
login_result = crawler.login(decrypted_credentials["oeci_username"],
decrypted_credentials["oeci_password"],
close_session=False)
if login_result is False:
error(401, "Attempted login to OECI failed")
cases: List[Case] = []
for alias in request_data["names"]:
cases += crawler.search(
alias["first_name"],
alias["last_name"],
alias["middle_name"],
alias["birth_date"],
).cases
cases_with_unique_case_number = [
list(group)[0]
for key, group in groupby(cases, lambda case: case.case_number)
]
record = Record(cases_with_unique_case_number)
expunger = Expunger(record)
expunger.run()
try:
save_result(request_data, record)
except Exception as ex:
logging.error("Saving search result failed with exception: %s" %
ex,
stack_info=True)
record_summary = RecordSummarizer.summarize(record)
response_data = {"data": {"record": record_summary}}
current_app.json_encoder = ExpungeModelEncoder
return response_data # Json-encoding happens automatically here
class TestOeciLogin(EndpointShared):
def setUp(self):
EndpointShared.setUp(self)
self.crawler_login = oeci_login.Crawler.login
with self.app.app_context():
self.cipher = DataCipher(key=current_app.config.get("SECRET_KEY"))
def tearDown(self):
oeci_login.Crawler.login = self.crawler_login
def mock_login(self, value):
return lambda s, username, password, close_session: value
def test_oeci_login_success(self):
self.login(self.user_data["user1"]["email"],
self.user_data["user1"]["password"])
oeci_login.Crawler.login = self.mock_login(True)
self.client.post("/api/oeci_login",
json={
"oeci_username": "******",
"oeci_password": "******"
})
credentials_cookie_string = self.client.cookie_jar._cookies[
"localhost.local"]["/"]["oeci_token"].value
creds = self.cipher.decrypt(credentials_cookie_string)
assert creds["oeci_username"] == "correctname"
assert creds["oeci_password"] == "correctpwd"
def test_oeci_login_invalid_credentials(self):
self.login(self.user_data["user1"]["email"],
self.user_data["user1"]["password"])
oeci_login.Crawler.login = self.mock_login(False)
response = self.client.post("/api/oeci_login",
json={
"oeci_username": "******",
"oeci_password": "******"
})
assert (response.status_code == 401)
def post(self):
request_data = request.get_json()
if request_data is None:
error(400, "No json data in request body")
check_data_fields(
request_data,
["first_name", "last_name", "middle_name", "birth_date"])
cipher = DataCipher(key=current_app.config.get("SECRET_KEY"))
if not "oeci_token" in request.cookies.keys():
error(401, "Missing login credentials to OECI.")
decrypted_credentials = cipher.decrypt(request.cookies["oeci_token"])
crawler = Crawler()
login_result = crawler.login(decrypted_credentials["oeci_username"],
decrypted_credentials["oeci_password"],
close_session=False)
if login_result is False:
error(401, "Attempted login to OECI failed")
record = crawler.search(request_data["first_name"],
request_data["last_name"],
request_data["middle_name"],
request_data["birth_date"])
expunger = Expunger(record)
expunger.run()
try:
save_result(request_data, record)
except Exception as ex:
logging.error("Saving search result failed with exception: %s" %
ex,
stack_info=True)
response_data = {"data": {"record": record}}
current_app.json_encoder = ExpungeModelEncoder
return response_data #Json-encoding happens automatically here
def post(self):
request_data = request.get_json()
if request_data is None:
error(400, "No json data in request body")
check_data_fields(request_data, ["first_name", "last_name",
"middle_name", "birth_date"])
cipher = DataCipher(
key=current_app.config.get("JWT_SECRET_KEY"))
decrypted_credentials = cipher.decrypt(request.cookies["oeci_token"])
crawler = Crawler()
login_result = crawler.login(
decrypted_credentials["oeci_username"],
decrypted_credentials["oeci_password"],
close_session=False)
if login_result is False:
error(401, "Attempted login to OECI failed")
record = crawler.search(
request_data["first_name"],
request_data["last_name"],
request_data["middle_name"],
request_data["birth_date"])
expunger = Expunger(record)
expunger.run()
response_data = {
"data": {
"record": record
}
}
current_app.json_encoder = ExpungeModelEncoder
return response_data #Json-encoding happens automatically here
def post(self):
request_data = request.get_json()
if request_data is None:
error(400, "No json data in request body")
check_data_fields(
request_data,
["first_name", "last_name", "middle_name", "birth_date"])
cipher = DataCipher(key=current_app.config.get("JWT_SECRET_KEY"))
decrypted_credentials = cipher.decrypt(request.cookies["oeci_token"])
crawler = Crawler()
login_result = (decrypted_credentials["oeci_username"] == "username"
and decrypted_credentials["oeci_password"]
== "password")
if login_result is False:
error(401, "Attempted login to OECI failed")
response_data = json.loads("""{"data": {"record": {
"total_balance_due": 4550.4,
"cases": [
{
"name": "Doe, John D",
"birth_year": 1943,
"case_number": "X0001",
"citation_number": "C0001",
"location": "Multnomah",
"date": "Sat, 23 Mar 1963 00:00:00 GMT",
"violation_type": "Offense Misdemeanor",
"current_status": "Closed",
"charges": [
{
"name": "Driving Uninsured",
"statute": "806010",
"level": "Class B Felony",
"date": "Sun, 12 Mar 2017 00:00:00 GMT",
"disposition": {
"date": "Mon, 12 Jun 2017 00:00:00 GMT",
"ruling": "Convicted - Failure to Appear"
},
"expungement_result": {
"type_eligibility": false,
"type_eligibility_reason": "Ineligible under 137.225(5)",
"time_eligibility": null,
"time_eligibility_reason": null,
"date_of_eligibility": null
}
},
{
"name": "Violation Driving While Suspended or Revoked",
"statute": "811175",
"level": "Class B Felony",
"date": "Sun, 12 Mar 2017 00:00:00 GMT",
"disposition": {
"date": "Mon, 12 Jun 2017 00:00:00 GMT",
"ruling": "Dismissed"
},
"expungement_result": {
"type_eligibility": true,
"type_eligibility_reason": "Eligible under 137.225(1)(b)",
"time_eligibility": null,
"time_eligibility_reason": null,
"date_of_eligibility": null
}
},
{
"name": "Failure to Obey Traffic Control Device",
"statute": "811265",
"level": "Class B Felony",
"date": "Sun, 12 Mar 2017 00:00:00 GMT",
"disposition": {
"date": "Mon, 12 Jun 2017 00:00:00 GMT",
"ruling": "Dismissed"
},
"expungement_result": {
"type_eligibility": true,
"type_eligibility_reason": "Eligible under 137.225(1)(b)",
"time_eligibility": null,
"time_eligibility_reason": null,
"date_of_eligibility": null
}
}
],
"balance_due": 1516.8,
"case_detail_link": "https://publicaccess.courts.oregon.gov/PublicAccessLogin/CaseDetail.aspx?CaseID=X0001"
},
{
"name": "Doe, John D",
"birth_year": 1943,
"case_number": "X0002",
"citation_number": "C0002",
"location": "Multnomah",
"date": "Thu, 11 Apr 1963 00:00:00 GMT",
"violation_type": "Offense Felony",
"current_status": "Closed",
"charges": [
{
"name": "Driving Uninsured",
"statute": "806010",
"level": "Class B Felony",
"date": "Sun, 12 Mar 2017 00:00:00 GMT",
"disposition": {
"date": "Mon, 12 Jun 2017 00:00:00 GMT",
"ruling": "Convicted - Failure to Appear"
},
"expungement_result": {
"type_eligibility": false,
"type_eligibility_reason": "Ineligible under 137.225(5)",
"time_eligibility": null,
"time_eligibility_reason": null,
"date_of_eligibility": null
}
},
{
"name": "Violation Driving While Suspended or Revoked",
"statute": "811175",
"level": "Class B Felony",
"date": "Sun, 12 Mar 2017 00:00:00 GMT",
"disposition": {
"date": "Mon, 12 Jun 2017 00:00:00 GMT",
"ruling": "Dismissed"
},
"expungement_result": {
"type_eligibility": true,
"type_eligibility_reason": "Eligible under 137.225(1)(b)",
"time_eligibility": null,
"time_eligibility_reason": null,
"date_of_eligibility": null
}
},
{
"name": "Failure to Obey Traffic Control Device",
"statute": "811265",
"level": "Class B Felony",
"date": "Sun, 12 Mar 2017 00:00:00 GMT",
"disposition": {
"date": "Mon, 12 Jun 2017 00:00:00 GMT",
"ruling": "Dismissed"
},
"expungement_result": {
"type_eligibility": true,
"type_eligibility_reason": "Eligible under 137.225(1)(b)",
"time_eligibility": null,
"time_eligibility_reason": null,
"date_of_eligibility": null
}
}
],
"balance_due": 1516.8,
"case_detail_link": "https://publicaccess.courts.oregon.gov/PublicAccessLogin/CaseDetail.aspx?CaseID=X0002"
},
{
"name": "Doe, John D",
"birth_year": 1943,
"case_number": "X0003",
"citation_number": "",
"location": "Multnomah",
"date": "Sun, 01 Apr 2012 00:00:00 GMT",
"violation_type": "Offense Misdemeanor",
"current_status": "Closed",
"charges": [
{
"name": "Driving Uninsured",
"statute": "806010",
"level": "Class B Felony",
"date": "Sun, 12 Mar 2017 00:00:00 GMT",
"disposition": {
"date": "Mon, 12 Jun 2017 00:00:00 GMT",
"ruling": "Convicted - Failure to Appear"
},
"expungement_result": {
"type_eligibility": false,
"type_eligibility_reason": "Ineligible under 137.225(5)",
"time_eligibility": null,
"time_eligibility_reason": null,
"date_of_eligibility": null
}
},
{
"name": "Violation Driving While Suspended or Revoked",
"statute": "811175",
"level": "Class B Felony",
"date": "Sun, 12 Mar 2017 00:00:00 GMT",
"disposition": {
"date": "Mon, 12 Jun 2017 00:00:00 GMT",
"ruling": "Dismissed"
},
"expungement_result": {
"type_eligibility": true,
"type_eligibility_reason": "Eligible under 137.225(1)(b)",
"time_eligibility": null,
"time_eligibility_reason": null,
"date_of_eligibility": null
}
},
{
"name": "Failure to Obey Traffic Control Device",
"statute": "811265",
"level": "Class B Felony",
"date": "Sun, 12 Mar 2017 00:00:00 GMT",
"disposition": {
"date": "Mon, 12 Jun 2017 00:00:00 GMT",
"ruling": "Dismissed"
},
"expungement_result": {
"type_eligibility": true,
"type_eligibility_reason": "Eligible under 137.225(1)(b)",
"time_eligibility": null,
"time_eligibility_reason": null,
"date_of_eligibility": null
}
}
],
"balance_due": 1516.8,
"case_detail_link": "https://publicaccess.courts.oregon.gov/PublicAccessLogin/CaseDetail.aspx?CaseID=X0003"
}
],
"errors": []
}
}}""")
return response_data #Json-encoding happens automatically here
