def test_token_auth(self):
response = self.execute({
self.user.USERNAME_FIELD:
self.user.get_username(),
'password':
'******',
})
data = response.data['tokenAuth']
payload = get_payload(data['token'])
refresh_token = get_refresh_token(data['refreshToken'])
self.assertUsernameIn(payload)
self.assertEqual(refresh_token.user, self.user)
def test_token_auth(self):
with catch_signal(token_issued) as token_issued_handler:
response = self.execute({
self.user.USERNAME_FIELD:
self.user.get_username(),
'password':
'******',
})
data = response.data['tokenAuth']
refresh_token = get_refresh_token(data['refreshToken'])
self.assertEqual(token_issued_handler.call_count, 1)
self.assertIsNone(response.errors)
self.assertUsernameIn(data['payload'])
self.assertEqual(refresh_token.user, self.user)
def test_refresh_token(self):
with back_to_the_future(seconds=1):
response = self.execute({
'refreshToken': self.refresh_token.token,
})
data = response.data['refreshToken']
token = data['token']
refresh_token = get_refresh_token(data['refreshToken'])
payload = get_payload(token)
self.assertNotEqual(token, self.token)
self.assertGreater(payload['exp'], self.payload['exp'])
self.assertNotEqual(refresh_token.token, self.refresh_token.token)
self.assertEqual(refresh_token.user, self.user)
self.assertGreater(refresh_token.created, self.refresh_token.created)
def test_reuse_refresh_token(self):
with catch_signal(refresh_token_rotated) as \
refresh_token_rotated_handler, back_to_the_future(seconds=1):
response = self.execute({
'refreshToken': self.refresh_token.token,
})
data = response.data['refreshToken']
token = data['token']
refresh_token = get_refresh_token(data['refreshToken'])
payload = data['payload']
self.assertIsNone(response.errors)
self.assertEqual(refresh_token_rotated_handler.call_count, 1)
self.assertUsernameIn(payload)
self.assertNotEqual(token, self.token)
self.assertNotEqual(refresh_token.token, self.refresh_token.token)
def mutate(self, info: ResolveInfo, refresh_token: str):
user = get_user_by_context(info.context)
tkn = shortcuts.get_refresh_token(refresh_token, info.context)
tkn.revoke()
if(user is None):
raise exceptions.ObjectDoesNotExist("User doesn't exist for computed payload")
if user.hashed_pwd.startswith(crypto.UNUSABLE_PASSWORD_PREFIX):
raise exceptions.SuspiciousOperation("User's password is marked as unusable, it's kinda sus")
payload = jwt_utils.decode_token(
info.context.headers['Authorization'].replace('Bearer ','')
)
user.jtis.filter(value=payload['jti']).delete()
user.jwt_salt = crypto.create_jwt_id()
user.save(update_fields=["jwt_salt"])
return LogoutUser(success=True)
def update_secret(secret_name: str, old_version: str) -> Tuple:
"""Update secret from refresh_token in old_secret and return complete message"""
# secret_name = data[
# 'secret_name']
# 'mm-gateway-token' "saleor-mirror-token-for-mm-apigateway-dev"
# version = data['version']
secret_client.disable_secret_version(
name=
f"projects/983956931553/secrets/{secret_name}/versions/{old_version}")
old_secret = read_secret(secret_name, old_version)
refresh_token = get_refresh_token(old_secret['refresh_token'])
new_secret = get_renew_token(refresh_token)
refresh_token.revoke()
response = secret_client.add_secret_version(
parent=secret_name,
payload={"data": json.dumps(new_secret).encode('utf-8')})
# complete_message = {"secret_name": secret_name,
# "version": response.name.split('/')[-1]}
old_version = response.name.split('/')[-1]
return secret_name, old_version
def test_refresh_token(self):
with catch_signal(
refresh_token_rotated
) as refresh_token_rotated_handler, back_to_the_future(seconds=1):
response = self.execute({
"refreshToken": self.refresh_token.token,
})
data = response.data["refreshToken"]
token = data["token"]
refresh_token = get_refresh_token(data["refreshToken"])
payload = data["payload"]
self.assertIsNone(response.errors)
self.assertEqual(refresh_token_rotated_handler.call_count, 1)
self.assertUsernameIn(payload)
self.assertNotEqual(token, self.token)
self.assertGreater(payload["exp"], self.payload["exp"])
self.assertNotEqual(refresh_token.token, self.refresh_token.token)
self.assertEqual(refresh_token.user, self.user)
self.assertGreater(refresh_token.created, self.refresh_token.created)
def test_get_refresh_token(self):
refresh_token = shortcuts.create_refresh_token(self.user)
user = shortcuts.get_refresh_token(refresh_token).user
self.assertEqual(user, self.user)
def test_get_refresh_token_error(self):
with self.assertRaises(JSONWebTokenError):
shortcuts.get_refresh_token("invalid")
