def test_verify_facebook_invalid_code():
auth_url = 'https://graph.facebook.com/v2.12/oauth/access_token' + \
'?client_id=facebook-client-id' + \
'&client_secret=facebook-client-secret' + \
'&redirect_uri=https%3A%2F%2Ftesthost.com%2Fredirects%2Ffacebook%2F' + \
'&code=bananas'
responses.add(
responses.GET,
auth_url,
json={'error': 'invalid'},
status=403
)
args = {
'eth_address': '0x112234455C3a32FD11230C42E7Bccd4A84e02010',
'code': 'bananas'
}
with pytest.raises(FacebookVerificationError) as service_err:
VerificationService.verify_facebook(**args)
assert str(service_err.value) == 'The code you provided is invalid.'
# Verify attestation not stored
attestations = Attestation.query.all()
assert(len(attestations)) == 0
def test_verify_twitter_invalid_verifier(mock_session, app):
responses.add(
responses.POST,
twitter_access_token_url,
status=401
)
args = {
'eth_address': '0x112234455C3a32FD11230C42E7Bccd4A84e02010',
'oauth_verifier': 'pineapples'
}
session_dict = {
'request_token': {
'oauth_token': '1234',
'oauth_token_secret': '5678'
}
}
with mock.patch('logic.attestation_service.session', session_dict):
with pytest.raises(TwitterVerificationError) as service_err:
with app.test_request_context():
VerificationService.verify_twitter(**args)
assert str(service_err.value) == 'The verifier you provided is invalid.'
# Verify attestation not stored
attestations = Attestation.query.all()
assert(len(attestations)) == 0
def test_verify_email_invalid_code(mock_session):
session_dict = {
'email_attestation': {
'email': generate_password_hash('*****@*****.**'),
'code': '12345',
'expiry': datetime.datetime.utcnow() + datetime.timedelta(minutes=30)
}
}
args = {
'eth_address': str_eth(sample_eth_address),
'email': '*****@*****.**',
'code': '54321'
}
with mock.patch('logic.attestation_service.session', session_dict):
with pytest.raises(ValidationError) as validation_err:
VerificationService.verify_email(**args)
assert(validation_err.value.messages[0]
) == 'Verification code is incorrect.'
assert(validation_err.value.field_names[0]) == 'code'
# Verify attestation not stored
attestations = Attestation.query.all()
assert(len(attestations)) == 0
def test_verify_email_invalid_email():
session_dict = {
'email_attestation': {
'email': generate_password_hash('*****@*****.**'),
'code': '12345',
'expiry': datetime.datetime.utcnow() + datetime.timedelta(minutes=30)
}
}
args = {
'eth_address': str_eth(sample_eth_address),
'email': '*****@*****.**',
'code': '54321'
}
with mock.patch('logic.attestation_service.session', session_dict):
with pytest.raises(EmailVerificationError) as verification_err:
VerificationService.verify_email(**args)
assert(verification_err.value.message) == \
'No verification code was found for that email.'
# Verify attestation not stored
attestations = Attestation.query.all()
assert(len(attestations)) == 0
def test_verify_airbnb_verification_code_internal_server_error(
mock_urllib_request):
with pytest.raises(AirbnbVerificationError) as service_err:
VerificationService.verify_airbnb(
'0x112234455C3a32FD11230C42E7Bccd4A84e02010', "123")
assert str(service_err.value) == "Can not fetch user's Airbnb profile."
def test_generate_airbnb_verification_code_incorrect_user_id_format():
with pytest.raises(ValidationError) as validation_error:
VerificationService.generate_airbnb_verification_code(
'0x112234455C3a32FD11230C42E7Bccd4A84e02010',
'12a34'
)
assert str(validation_error.value) == 'AirbnbUserId should be a number.'
def test_generate_phone_verification_code_twilio_exception(
mock_send_sms_exception, session, mock_normalize_number):
phone = '5551231212'
with pytest.raises(PhoneVerificationError) as service_err:
VerificationService.generate_phone_verification_code(phone)
assert str(service_err.value) == 'Could not send verification code.'
db_code = VC.query.filter(VC.phone == phone).first()
assert db_code is None
def test_verify_airbnb_verification_code_internal_server_error(
mock_urllib_request, mock_ipfs):
mock_ipfs.return_value.add_json.return_value = \
'QmYpVLAyQ2SV7NLATdN3xnHTewoQ3LYN85LAcvN1pr2k3z'
with pytest.raises(AirbnbVerificationError) as service_err:
VerificationService.verify_airbnb(
'0x112234455C3a32FD11230C42E7Bccd4A84e02010', "123")
assert str(service_err.value) == "Can not fetch user's Airbnb profile."
def test_send_email_verification_sendgrid_error(
mock_send_email_using_sendgrid):
mock_send_email_using_sendgrid.side_effect = AttributeError
with mock.patch('logic.attestation_service.session', dict()):
with pytest.raises(EmailVerificationError) as service_err:
VerificationService.send_email_verification('*****@*****.**')
assert(str(service_err.value)) == \
'Could not send verification code. Please try again shortly.'
def test_verify_twitter_invalid_session(mock_session, mock_requests):
args = {
'eth_address': '0x112234455C3a32FD11230C42E7Bccd4A84e02010',
'oauth_verifier': 'pineapples'
}
with pytest.raises(TwitterVerificationError) as service_err:
VerificationService.verify_twitter(**args)
assert str(service_err.value) == 'Session not found.'
def test_generate_phone_verification_rate_limit_exceeded(
session, mock_normalize_number):
vc_obj = VerificationCodeFactory.build()
vc_obj.updated_at = utcnow() + datetime.timedelta(seconds=9)
session.add(vc_obj)
session.commit()
phone = vc_obj.phone
with pytest.raises(PhoneVerificationError) as service_err:
VerificationService.generate_phone_verification_code(phone)
assert str(service_err.value) == ('Please wait briefly before requesting a'
' new verification code.')
def test_verify_airbnb_verification_code_non_existing_user(
mock_urllib_request):
with pytest.raises(AirbnbVerificationError) as service_err:
VerificationService.verify_airbnb(
'0x112234455C3a32FD11230C42E7Bccd4A84e02010', "99999999999999999")
assert str(
service_err.value) == 'Airbnb user id: 99999999999999999 not found.'
# Verify attestation not stored
attestations = Attestation.query.all()
assert (len(attestations)) == 0
def test_verify_twitter_invalid_verifier(mock_session, mock_requests):
dict = {'request_token': 'bar'}
mock_session.__contains__.side_effect = dict.__contains__
mock_requests.post().status_code = 401
args = {
'eth_address': '0x112234455C3a32FD11230C42E7Bccd4A84e02010',
'oauth_verifier': 'pineapples'
}
with pytest.raises(TwitterVerificationError) as service_err:
VerificationService.verify_twitter(**args)
assert str(service_err.value) == 'The verifier you provided is invalid.'
def test_verify_airbnb_verification_code_non_existing_user(
mock_urllib_request, mock_ipfs):
mock_ipfs.return_value.add_json.return_value = \
'QmYpVLAyQ2SV7NLATdN3xnHTewoQ3LYN85LAcvN1pr2k3z'
with pytest.raises(AirbnbVerificationError) as service_err:
VerificationService.verify_airbnb(
'0x112234455C3a32FD11230C42E7Bccd4A84e02010', "99999999999999999")
assert str(
service_err.value) == 'Airbnb user id: 99999999999999999 not found.'
# Verify attestation not stored
attestations = Attestation.query.all()
assert (len(attestations)) == 0
def test_verify_phone_wrong_code(session, mock_normalize_number):
vc_obj = VerificationCodeFactory.build()
session.add(vc_obj)
session.commit()
args = {
'eth_address': str_eth(sample_eth_address),
'phone': vc_obj.phone,
'code': 'garbage'
}
with pytest.raises(PhoneVerificationError) as service_err:
VerificationService.verify_phone(**args)
assert str(service_err.value) == 'The code you provided is invalid.'
def test_verify_phone_phone_not_found(session, mock_normalize_number):
vc_obj = VerificationCodeFactory.build()
session.add(vc_obj)
session.commit()
args = {
'eth_address': str_eth(sample_eth_address),
'phone': 'garbage',
'code': vc_obj.code
}
with pytest.raises(PhoneVerificationError) as service_err:
VerificationService.verify_phone(**args)
assert str(service_err.value) == 'The given phone number was not found.'
def test_verify_phone_expired_code(session, mock_normalize_number):
vc_obj = VerificationCodeFactory.build()
vc_obj.expires_at = utcnow() - datetime.timedelta(days=1)
session.add(vc_obj)
session.commit()
args = {
'eth_address': str_eth(sample_eth_address),
'phone': vc_obj.phone,
'code': vc_obj.code
}
with pytest.raises(PhoneVerificationError) as service_err:
VerificationService.verify_phone(**args)
assert str(service_err.value) == 'The code you provided has expired.'
def test_verify_email_wrong_code(mock_now, session):
vc_obj = VerificationCodeFactory.build()
session.add(vc_obj)
session.commit()
req = {
'eth_address': str_eth(sample_eth_address),
'email': vc_obj.email,
'code': 'garbage'
}
mock_now.return_value = vc_obj.expires_at - datetime.timedelta(minutes=1)
with pytest.raises(EmailVerificationError) as service_err:
VerificationService.verify_email(**req)
assert str(service_err.value) == 'The code you provided is invalid.'
def test_verify_email_email_not_found(mock_now, session):
vc_obj = VerificationCodeFactory.build()
session.add(vc_obj)
session.commit()
args = {
'eth_address': str_eth(sample_eth_address),
'email': 'garbage',
'code': vc_obj.code
}
mock_now.return_value = vc_obj.expires_at - datetime.timedelta(minutes=1)
with pytest.raises(EmailVerificationError) as service_err:
VerificationService.verify_email(**args)
assert str(service_err.value) == 'The given email was not found.'
def test_verify_facebook_valid_code(MockHttpConnection):
mock_http_conn = mock.Mock()
mock_get_response = mock.Mock()
mock_get_response.read.return_value = '{"access_token": "foo"}'
mock_http_conn.getresponse.return_value = mock_get_response
MockHttpConnection.return_value = mock_http_conn
args = {
'eth_address': '0x112234455C3a32FD11230C42E7Bccd4A84e02010',
'code': 'abcde12345'
}
resp = VerificationService.verify_facebook(**args)
assert isinstance(resp, VerificationServiceResponse)
resp_data = resp.data
mock_http_conn.request.assert_called_once_with(
'GET',
'/v2.12/oauth/access_token?client_id=facebook-client-id&' +
'client_secret=facebook-client-secret&redirect_uri=' +
'https://testhost.com/redirects/facebook/&code=abcde12345')
assert len(resp_data['signature']) == SIGNATURE_LENGTH
assert resp_data['claim_type'] == CLAIM_TYPES['facebook']
assert resp_data['data'] == 'facebook verified'
# Verify attestation stored in database
attestations = Attestation.query.all()
assert(len(attestations)) == 1
assert(attestations[0].method) == AttestationTypes.FACEBOOK
def test_facebook_auth_url():
resp = VerificationService.facebook_auth_url()
resp_data = resp.data
assert resp_data['url'] == (
'https://www.facebook.com/v2.12/dialog/oauth?client_id'
'=facebook-client-id&redirect_uri'
'=https://testhost.com/redirects/facebook/')
def test_verify_facebook_valid_code(app):
auth_url = 'https://graph.facebook.com/v2.12/oauth/access_token' + \
'?client_id=facebook-client-id' + \
'&client_secret=facebook-client-secret' + \
'&redirect_uri=https%3A%2F%2Ftesthost.com%2Fredirects%2Ffacebook%2F' + \
'&code=abcde12345'
verify_url = 'https://graph.facebook.com/me?access_token=12345'
responses.add(responses.GET,
auth_url,
json={'access_token': 12345},
status=200)
responses.add(responses.GET,
verify_url,
json={'name': 'Origin Protocol'},
status=200)
args = {
'eth_address': '0x112234455C3a32FD11230C42E7Bccd4A84e02010',
'code': 'abcde12345'
}
with app.test_request_context():
verification_response = VerificationService.verify_facebook(**args)
assert isinstance(verification_response, VerificationServiceResponse)
assert len(verification_response.data['signature']) == SIGNATURE_LENGTH
assert verification_response.data['claim_type'] == TOPICS['facebook']
assert verification_response.data['data'] == 'facebook verified'
# Verify attestation stored in database
attestations = Attestation.query.all()
assert (len(attestations)) == 1
assert (attestations[0].method) == AttestationTypes.FACEBOOK
assert (attestations[0].value) == 'Origin Protocol'
def test_generate_airbnb_verification_code():
resp = VerificationService.generate_airbnb_verification_code(
'0x112234455C3a32FD11230C42E7Bccd4A84e02010', '123456')
assert isinstance(resp, VerificationServiceResponse)
assert resp.data[
'code'] == "art brick aspect accident brass betray antenna"
def test_verify_email_valid_code(mock_session):
session_dict = {
'email_attestation': {
'email': generate_password_hash('*****@*****.**'),
'code': '12345',
'expiry': datetime.datetime.utcnow() + datetime.timedelta(minutes=30)
}
}
args = {
'eth_address': str_eth(sample_eth_address),
'email': '*****@*****.**',
'code': '12345'
}
with mock.patch('logic.attestation_service.session', session_dict):
response = VerificationService.verify_email(**args)
assert isinstance(response, VerificationServiceResponse)
assert len(response.data['signature']) == SIGNATURE_LENGTH
assert response.data['claim_type'] == CLAIM_TYPES['email']
assert response.data['data'] == 'email verified'
# Verify attestation stored in database
attestations = Attestation.query.all()
assert(len(attestations)) == 1
assert(attestations[0].method) == AttestationTypes.EMAIL
assert(attestations[0].value) == "*****@*****.**"
def test_verify_airbnb(mock_urllib_request, mock_ipfs, app):
mock_urllib_request.return_value.read.return_value = """
<html><div>
Airbnb profile description
Origin verification code: art brick aspect accident brass betray antenna
some more profile description
</div></html>""".encode('utf-8')
mock_ipfs.return_value.add_json.return_value = \
'QmYpVLAyQ2SV7NLATdN3xnHTewoQ3LYN85LAcvN1pr2k3z'
airbnbUserId = "123456"
with app.test_request_context():
verification_response = VerificationService.verify_airbnb(
'0x112234455C3a32FD11230C42E7Bccd4A84e02010', airbnbUserId)
assert isinstance(verification_response, VerificationServiceResponse)
assert len(verification_response.data['signature']) == SIGNATURE_LENGTH
assert verification_response.data['claim_type'] == TOPICS['airbnb']
assert verification_response.data['data'] \
== 'QmYpVLAyQ2SV7NLATdN3xnHTewoQ3LYN85LAcvN1pr2k3z'
# Verify attestation stored in database
attestations = Attestation.query.all()
assert (len(attestations)) == 1
assert (attestations[0].method) == AttestationTypes.AIRBNB
assert (attestations[0].value) == "123456"
def test_verify_phone_valid_code():
responses.add(
responses.GET,
'https://api.authy.com/protected/json/phones/verification/check',
json={
'message': 'Verification code is correct.',
'success': True
}
)
args = {
'eth_address': str_eth(sample_eth_address),
'country_calling_code': '1',
'phone': '12341234',
'code': '123456'
}
response = VerificationService.verify_phone(**args)
assert isinstance(response, VerificationServiceResponse)
assert len(response.data['signature']) == SIGNATURE_LENGTH
assert response.data['claim_type'] == CLAIM_TYPES['phone']
assert response.data['data'] == 'phone verified'
attestations = Attestation.query.all()
assert(len(attestations)) == 1
assert(attestations[0].method) == AttestationTypes.PHONE
assert(attestations[0].value) == "1 12341234"
def test_verify_twitter_valid_code(mock_session, app):
responses.add(
responses.POST,
twitter_access_token_url,
body=b'screen_name=originprotocol',
status=200
)
args = {
'eth_address': '0x112234455C3a32FD11230C42E7Bccd4A84e02010',
'oauth_verifier': 'blueberries'
}
session_dict = {
'request_token': {
'oauth_token': '1234',
'oauth_token_secret': '5678'
}
}
with mock.patch('logic.attestation_service.session', session_dict):
with app.test_request_context():
verification_response = VerificationService.verify_twitter(**args)
assert isinstance(verification_response, VerificationServiceResponse)
assert len(verification_response.data['signature']) == SIGNATURE_LENGTH
assert verification_response.data['claim_type'] == CLAIM_TYPES['twitter']
assert verification_response.data['data'] == 'twitter verified'
# Verify attestation stored in database
attestations = Attestation.query.all()
assert(len(attestations)) == 1
assert(attestations[0].method) == AttestationTypes.TWITTER
assert(attestations[0].value) == 'originprotocol'
def test_verify_airbnb_verification_code_missing(mock_urllib_request):
mock_urllib_request.return_value.read.return_value = """
<html><div>
Airbnb profile description some more profile description
</div></html>""".encode('utf-8')
with pytest.raises(AirbnbVerificationError) as service_err:
VerificationService.verify_airbnb(
'0x112234455C3a32FD11230C42E7Bccd4A84e02010', "123456")
assert str(service_err.value) == "Origin verification code: art brick aspect " \
+ "accident brass betray antenna has not been found in user's Airbnb profile."
# Verify attestation not stored
attestations = Attestation.query.all()
assert (len(attestations)) == 0
def test_verify_airbnb(mock_urllib_request):
mock_urllib_request.return_value.read.return_value = """
<html><div>
Airbnb profile description
Origin verification code: art brick aspect accident brass betray antenna
some more profile description
</div></html>""".encode('utf-8')
airbnbUserId = "123456"
resp = VerificationService.verify_airbnb(
'0x112234455C3a32FD11230C42E7Bccd4A84e02010',
airbnbUserId
)
assert isinstance(resp, VerificationServiceResponse)
resp_data = resp.data
assert len(resp_data['signature']) == SIGNATURE_LENGTH
assert resp_data['claim_type'] == CLAIM_TYPES['airbnb']
assert resp_data['data'] == 'airbnbUserId:' + airbnbUserId
# Verify attestation stored in database
attestations = Attestation.query.all()
assert(len(attestations)) == 1
assert(attestations[0].method) == AttestationTypes.AIRBNB
assert(attestations[0].value) == "123456"
def test_verify_airbnb(mock_urllib_request, app):
mock_urllib_request.return_value.read.return_value = """
<html><div>
Airbnb profile description
Origin verification code: art brick aspect accident brass betray antenna
some more profile description
</div></html>""".encode('utf-8')
airbnbUserId = "123456"
with app.test_request_context():
response = VerificationService.verify_airbnb(
'0x112234455C3a32FD11230C42E7Bccd4A84e02010', airbnbUserId)
assert isinstance(response, VerificationServiceResponse)
assert len(response.data['signature']['bytes']) == SIGNATURE_LENGTH
assert response.data[
'schemaId'] == 'https://schema.originprotocol.com/attestation_1.0.0.json'
validate_issuer(response.data['data']['issuer'])
assert response.data['data']['issueDate']
assert response.data['data']['attestation']['verificationMethod'][
'pubAuditableUrl'] == {}
assert response.data['data']['attestation']['site'][
'siteName'] == 'airbnb.com'
assert response.data['data']['attestation']['site']['userId'][
'raw'] == '123456'
# Verify attestation stored in database
attestations = Attestation.query.all()
assert (len(attestations)) == 1
assert (attestations[0].method) == AttestationTypes.AIRBNB
assert (attestations[0].value) == "123456"
