def test_error_get_token(self): matrix_registration.config.config = Config(BAD_CONFIG2) with self.app.app_context(): matrix_registration.tokens.tokens = matrix_registration.tokens.Tokens() test_token = matrix_registration.tokens.tokens.new(max_usage=True) secret = matrix_registration.config.config.admin_api_shared_secret headers = {"Authorization": "SharedSecret %s" % secret} rv = self.client.get( "/api/token/" + "nice_meme", content_type="application/json", headers=headers, ) self.assertEqual(rv.status_code, 404) token_data = json.loads(rv.data.decode("utf8")) self.assertEqual(token_data["errcode"], "MR_TOKEN_NOT_FOUND") self.assertEqual(token_data["error"], "token does not exist") matrix_registration.config.config = Config(BAD_CONFIG2) secret = matrix_registration.config.config.admin_api_shared_secret headers = {"Authorization": "SharedSecret %s" % secret} matrix_registration.config.config = Config(GOOD_CONFIG) rv = self.client.patch( "/api/token/" + test_token.name, data=json.dumps(dict(disabled=True)), content_type="application/json", headers=headers, ) self.assertEqual(rv.status_code, 401) token_data = json.loads(rv.data.decode("utf8").replace("'", '"')) self.assertEqual(token_data["errcode"], "MR_BAD_SECRET") self.assertEqual(token_data["error"], "wrong shared secret")
def test_error_post_token(self): matrix_registration.config.config = Config(BAD_CONFIG2) with self.app.app_context(): matrix_registration.tokens.tokens = matrix_registration.tokens.Tokens() test_token = matrix_registration.tokens.tokens.new(ex_date=None, one_time=True) secret = matrix_registration.config.config.admin_secret matrix_registration.config.config = Config(GOOD_CONFIG) headers = {'Authorization': 'SharedSecret %s' % secret} rv = self.client.post('/token', data=json.dumps(dict(ex_date='24.12.2020', one_time=False)), content_type='application/json', headers=headers) self.assertEqual(rv.status_code, 401) token_data = json.loads(rv.data.decode('utf8').replace("'", '"')) self.assertEqual(token_data['errcode'], 'MR_BAD_SECRET') self.assertEqual(token_data['error'], 'wrong shared secret') secret = matrix_registration.config.config.admin_secret headers = {'Authorization': 'SharedSecret %s' % secret} rv = self.client.post('/token', data=json.dumps(dict(ex_date='2020-24-12', one_time=False)), content_type='application/json', headers=headers) self.assertEqual(rv.status_code, 400) token_data = json.loads(rv.data.decode('utf8')) self.assertEqual(token_data['errcode'], 'MR_BAD_DATE_FORMAT') self.assertEqual(token_data['error'], "date wasn't YYYY-MM-DD format")
def test_error_get_token(self): matrix_registration.config.config = Config(BAD_CONFIG2) with self.app.app_context(): matrix_registration.tokens.tokens = matrix_registration.tokens.Tokens() test_token = matrix_registration.tokens.tokens.new(one_time=True) secret = matrix_registration.config.config.admin_secret headers = {'Authorization': 'SharedSecret %s' % secret} rv = self.client.get('/token/' + 'nice_meme', content_type='application/json', headers=headers) self.assertEqual(rv.status_code, 404) token_data = json.loads(rv.data.decode('utf8')) self.assertEqual(token_data['errcode'], 'MR_TOKEN_NOT_FOUND') self.assertEqual(token_data['error'], 'token does not exist') matrix_registration.config.config = Config(BAD_CONFIG2) secret = matrix_registration.config.config.admin_secret headers = {'Authorization': 'SharedSecret %s' % secret} matrix_registration.config.config = Config(GOOD_CONFIG) rv = self.client.put('/token/' + test_token.name, data=json.dumps(dict(disable=True)), content_type='application/json', headers=headers) self.assertEqual(rv.status_code, 401) token_data = json.loads(rv.data.decode('utf8').replace("'", '"')) self.assertEqual(token_data['errcode'], 'MR_BAD_SECRET') self.assertEqual(token_data['error'], 'wrong shared secret')
def test_config_path(self): BAD_CONFIG1_path = "x" good_config_path = "tests/test_config.yaml" with self.assertRaises(SystemExit) as cm: matrix_registration.config.config = Config(BAD_CONFIG1_path) with open(good_config_path, 'w') as outfile: yaml.dump(GOOD_CONFIG, outfile, default_flow_style=False) matrix_registration.config.config = Config(good_config_path) self.assertIsNotNone(matrix_registration.config.config) os.remove(good_config_path)
def test_post_token(self, expiration_date, max_usage, parsed_date): matrix_registration.config.config = Config(GOOD_CONFIG) with self.app.app_context(): matrix_registration.tokens.tokens = matrix_registration.tokens.Tokens() test_token = matrix_registration.tokens.tokens.new( expiration_date=None, max_usage=True ) secret = matrix_registration.config.config.admin_api_shared_secret headers = {"Authorization": "SharedSecret %s" % secret} rv = self.client.post( "/api/token", data=json.dumps( dict(expiration_date=expiration_date, max_usage=max_usage) ), content_type="application/json", headers=headers, ) self.assertEqual(rv.status_code, 200) token_data = json.loads(rv.data.decode("utf8").replace("'", '"')) self.assertEqual(token_data["expiration_date"], parsed_date) self.assertEqual(token_data["max_usage"], max_usage) self.assertTrue(token_data["name"] is not None)
def test_register( self, username, password, confirm, token, status, mock_get, mock_nonce ): matrix_registration.config.config = Config(GOOD_CONFIG) with self.app.app_context(): matrix_registration.tokens.tokens = matrix_registration.tokens.Tokens() test_token = matrix_registration.tokens.tokens.new( expiration_date=None, max_usage=True ) # replace matrix with in config set hs domain = urlparse( matrix_registration.config.config.server_location ).hostname if username: username = username.replace("matrix.org", domain) if not token: test_token.name = "" rv = self.client.post( "/register", data=dict( username=username, password=password, confirm=confirm, token=test_token.name, ), ) if rv.status_code == 200: account_data = json.loads(rv.data.decode("utf8").replace("'", '"')) # print(account_data) self.assertEqual(rv.status_code, status)
def test_error_get_tokens(self): matrix_registration.config.config = Config(BAD_CONFIG2) with self.app.app_context(): matrix_registration.tokens.tokens = matrix_registration.tokens.Tokens() test_token = matrix_registration.tokens.tokens.new(ex_date=None, one_time=True) secret = matrix_registration.config.config.admin_secret matrix_registration.config.config = Config(GOOD_CONFIG) headers = {'Authorization': 'SharedSecret %s' % secret} rv = self.client.get('/token', headers=headers) self.assertEqual(rv.status_code, 401) token_data = json.loads(rv.data.decode('utf8').replace("'", '"')) self.assertEqual(token_data['errcode'], 'MR_BAD_SECRET') self.assertEqual(token_data['error'], 'wrong shared secret')
def test_error_get_tokens(self): matrix_registration.config.config = Config(BAD_CONFIG2) with self.app.app_context(): matrix_registration.tokens.tokens = matrix_registration.tokens.Tokens() test_token = matrix_registration.tokens.tokens.new( expiration_date=None, max_usage=True ) secret = matrix_registration.config.config.admin_api_shared_secret matrix_registration.config.config = Config(GOOD_CONFIG) headers = {"Authorization": "SharedSecret %s" % secret} rv = self.client.get("/api/token", headers=headers) self.assertEqual(rv.status_code, 401) token_data = json.loads(rv.data.decode("utf8").replace("'", '"')) self.assertEqual(token_data["errcode"], "MR_BAD_SECRET") self.assertEqual(token_data["error"], "wrong shared secret")
def setUp(self): matrix_registration.config.config = Config(GOOD_CONFIG) app = create_app(testing=True) with app.app_context(): app.config.from_mapping( SQLALCHEMY_DATABASE_URI=matrix_registration.config.config.db, SQLALCHEMY_TRACK_MODIFICATIONS=False) db.init_app(app) db.create_all() self.client = app.test_client() self.app = app
def test_config_update(self): matrix_registration.config.config = Config(GOOD_CONFIG) self.assertEqual(matrix_registration.config.config.port, GOOD_CONFIG['port']) self.assertEqual(matrix_registration.config.config.server_location, GOOD_CONFIG['server_location']) matrix_registration.config.config.update(BAD_CONFIG1) self.assertEqual(matrix_registration.config.config.port, BAD_CONFIG1['port']) self.assertEqual(matrix_registration.config.config.server_location, BAD_CONFIG1['server_location'])
def test_error_put_token(self): matrix_registration.config.config = Config(BAD_CONFIG2) matrix_registration.tokens.tokens = matrix_registration.tokens.Tokens() test_token = matrix_registration.tokens.tokens.new(one_time=True) secret = matrix_registration.config.config.shared_secret headers = {'Authorization': 'SharedSecret %s' % secret} matrix_registration.config.config = Config(GOOD_CONFIG) rv = self.app.put('/token/' + test_token.name, data=json.dumps(dict(disable=True)), content_type='application/json', headers=headers) self.assertEqual(rv.status_code, 401) token_data = json.loads(rv.data.decode('utf8').replace("'", '"')) self.assertEqual(token_data['errcode'], 'MR_BAD_SECRET') self.assertEqual(token_data['error'], 'wrong shared secret') secret = matrix_registration.config.config.shared_secret headers = {'Authorization': 'SharedSecret %s' % secret} rv = self.app.put('/token/' + test_token.name, data=json.dumps(dict(disable=False)), content_type='application/json', headers=headers) self.assertEqual(rv.status_code, 400) token_data = json.loads(rv.data.decode('utf8')) self.assertEqual(token_data['errcode'], 'MR_BAD_USER_REQUEST') self.assertEqual(token_data['error'], 'PUT only allows "disable": true') rv = self.app.put('/token/' + "nicememe", data=json.dumps(dict(disable=True)), content_type='application/json', headers=headers) self.assertEqual(rv.status_code, 404) token_data = json.loads(rv.data.decode('utf8')) self.assertEqual(token_data['errcode'], 'MR_TOKEN_NOT_FOUND') self.assertEqual(token_data['error'], 'token does not exist or is already disabled')
def test_register_wrong_secret(self, mock_get): matrix_registration.config.config = Config(BAD_CONFIG2) matrix_registration.tokens.tokens = matrix_registration.tokens.Tokens() test_token = matrix_registration.tokens.tokens.new(ex_date=None, one_time=True) rv = self.app.post('/register', data=dict( username='******', password='******', confirm='password', token=test_token.name )) self.assertEqual(rv.status_code, 500)
def test_error_post_token(self): matrix_registration.config.config = Config(BAD_CONFIG2) with self.app.app_context(): matrix_registration.tokens.tokens = matrix_registration.tokens.Tokens() test_token = matrix_registration.tokens.tokens.new( expiration_date=None, max_usage=True ) secret = matrix_registration.config.config.admin_api_shared_secret matrix_registration.config.config = Config(GOOD_CONFIG) headers = {"Authorization": "SharedSecret %s" % secret} rv = self.client.post( "/api/token", data=json.dumps(dict(expiration_date="24.12.2020", max_usage=False)), content_type="application/json", headers=headers, ) self.assertEqual(rv.status_code, 401) token_data = json.loads(rv.data.decode("utf8").replace("'", '"')) self.assertEqual(token_data["errcode"], "MR_BAD_SECRET") self.assertEqual(token_data["error"], "wrong shared secret") secret = matrix_registration.config.config.admin_api_shared_secret headers = {"Authorization": "SharedSecret %s" % secret} rv = self.client.post( "/api/token", data=json.dumps(dict(expiration_date="2020-24-12", max_usage=False)), content_type="application/json", headers=headers, ) self.assertEqual(rv.status_code, 400) token_data = json.loads(rv.data.decode("utf8")) self.assertEqual(token_data["errcode"], "MR_BAD_DATE_FORMAT") self.assertEqual(token_data["error"], "date wasn't in YYYY-MM-DD format")
def test_get_token(self, ex_date, one_time, parsed_date): matrix_registration.config.config = Config(BAD_CONFIG2) matrix_registration.tokens.tokens = matrix_registration.tokens.Tokens() test_token = matrix_registration.tokens.tokens.new(ex_date=ex_date, one_time=one_time) secret = matrix_registration.config.config.shared_secret headers = {'Authorization': 'SharedSecret %s' % secret} rv = self.app.get('/token/' + test_token.name, content_type='application/json', headers=headers) self.assertEqual(rv.status_code, 200) token_data = json.loads(rv.data.decode('utf8')) self.assertEqual(token_data['ex_date'], parsed_date) self.assertEqual(token_data['one_time'], one_time)
def test_get_tokens(self): matrix_registration.config.config = Config(GOOD_CONFIG) with self.app.app_context(): matrix_registration.tokens.tokens = matrix_registration.tokens.Tokens() test_token = matrix_registration.tokens.tokens.new(ex_date=None, one_time=True) secret = matrix_registration.config.config.admin_secret headers = {'Authorization': 'SharedSecret %s' % secret} rv = self.client.get('/token', headers=headers) self.assertEqual(rv.status_code, 200) token_data = json.loads(rv.data.decode('utf8').replace("'", '"')) self.assertEqual(token_data[0]['ex_date'], None) self.assertEqual(token_data[0]['one_time'], True)
def test_get_tokens(self): matrix_registration.config.config = Config(GOOD_CONFIG) with self.app.app_context(): matrix_registration.tokens.tokens = matrix_registration.tokens.Tokens() test_token = matrix_registration.tokens.tokens.new( expiration_date=None, max_usage=True ) secret = matrix_registration.config.config.admin_api_shared_secret headers = {"Authorization": "SharedSecret %s" % secret} rv = self.client.get("/api/token", headers=headers) self.assertEqual(rv.status_code, 200) token_data = json.loads(rv.data.decode("utf8").replace("'", '"')) self.assertEqual(token_data[0]["expiration_date"], None) self.assertEqual(token_data[0]["max_usage"], True)
def test_put_token(self): matrix_registration.config.config = Config(GOOD_CONFIG) matrix_registration.tokens.tokens = matrix_registration.tokens.Tokens() test_token = matrix_registration.tokens.tokens.new(one_time=True) secret = matrix_registration.config.config.shared_secret headers = {'Authorization': 'SharedSecret %s' % secret} rv = self.app.put('/token/' + test_token.name, data=json.dumps(dict(disable=True)), content_type='application/json', headers=headers) self.assertEqual(rv.status_code, 200) token_data = json.loads(rv.data.decode('utf8').replace("'", '"')) self.assertEqual(token_data['valid'], False) self.assertEqual(token_data['one_time'], True) self.assertEqual(token_data['name'], test_token.name)
def test_register_wrong_secret(self, mock_get, mock_nonce): matrix_registration.config.config = Config(BAD_CONFIG3) with self.app.app_context(): matrix_registration.tokens.tokens = matrix_registration.tokens.Tokens() test_token = matrix_registration.tokens.tokens.new( expiration_date=None, max_usage=True ) rv = self.client.post( "/register", data=dict( username="******", password="******", confirm="password", token=test_token.name, ), ) self.assertEqual(rv.status_code, 500)
def test_post_token(self, ex_date, one_time, parsed_date): matrix_registration.config.config = Config(GOOD_CONFIG) matrix_registration.tokens.tokens = matrix_registration.tokens.Tokens() test_token = matrix_registration.tokens.tokens.new(ex_date=None, one_time=True) secret = matrix_registration.config.config.shared_secret headers = {'Authorization': 'SharedSecret %s' % secret} rv = self.app.post('/token', data=json.dumps(dict(ex_date=ex_date, one_time=one_time)), content_type='application/json', headers=headers) self.assertEqual(rv.status_code, 200) token_data = json.loads(rv.data.decode('utf8').replace("'", '"')) self.assertEqual(token_data['ex_date'], parsed_date) self.assertEqual(token_data['one_time'], one_time) self.assertTrue(token_data['name'] is not None)
def test_get_token(self, expiration_date, max_usage, parsed_date): matrix_registration.config.config = Config(BAD_CONFIG2) with self.app.app_context(): matrix_registration.tokens.tokens = matrix_registration.tokens.Tokens() test_token = matrix_registration.tokens.tokens.new( expiration_date=expiration_date, max_usage=max_usage ) secret = matrix_registration.config.config.admin_api_shared_secret headers = {"Authorization": "SharedSecret %s" % secret} rv = self.client.get( "/api/token/" + test_token.name, content_type="application/json", headers=headers, ) self.assertEqual(rv.status_code, 200) token_data = json.loads(rv.data.decode("utf8")) self.assertEqual(token_data["expiration_date"], parsed_date) self.assertEqual(token_data["max_usage"], max_usage)
def test_patch_token(self): matrix_registration.config.config = Config(GOOD_CONFIG) with self.app.app_context(): matrix_registration.tokens.tokens = matrix_registration.tokens.Tokens() test_token = matrix_registration.tokens.tokens.new(max_usage=True) secret = matrix_registration.config.config.admin_api_shared_secret headers = {"Authorization": "SharedSecret %s" % secret} rv = self.client.patch( "/api/token/" + test_token.name, data=json.dumps(dict(disabled=True)), content_type="application/json", headers=headers, ) self.assertEqual(rv.status_code, 200) token_data = json.loads(rv.data.decode("utf8").replace("'", '"')) self.assertEqual(token_data["active"], False) self.assertEqual(token_data["max_usage"], True) self.assertEqual(token_data["name"], test_token.name)
def setUpClass(): matrix_registration.config.config = Config(GOOD_CONFIG)
def setUp(self): api.app.testing = True self.app = api.app.test_client() matrix_registration.config.config = Config(GOOD_CONFIG)