def test_asymmetric_backend(self, account):
""" Test jwt authentication backend with asymmetric alg"""
# Update the config settings
active_config.JWT_ALGORITHM = 'RS256'
active_config.JWT_PRIVATE_KEY = os.path.join(
base_dir, 'support/jwt_private_key.pem')
active_config.JWT_PUBLIC_KEY = os.path.join(
base_dir, 'support/jwt_public_key.pub')
# Run the login callback usecase
payload = {'account': Account.get(account.id)}
response = Tasklet.perform(Account, jwt.LoginCallbackUseCase,
LoginCallbackRequestObject, payload.copy())
assert response is not None
assert response.success is True
access_token = response.value.get('access_token')
assert access_token is not None
# Use the token for authentication
payload = {
'auth_scheme': 'Bearer',
'credentials': access_token,
}
response = Tasklet.perform(Account, jwt.AuthenticationUseCase,
jwt.AuthenticationRequestObject,
payload.copy())
assert response is not None
assert response.success is True
def test_logout_callback(self, account):
""" Test logout mechanism for the JWT Backend """
# Run the login callback usecase
payload = {'account': Account.get(account.id)}
response = Tasklet.perform(Account, jwt.LoginCallbackUseCase,
LoginCallbackRequestObject, payload.copy())
assert response is not None
assert response.success is True
access_token = response.value.get('access_token')
# Run the logout usecase
response = Tasklet.perform(Account, jwt.LogoutCallbackUseCase,
LogoutRequestObject, payload.copy())
assert response is not None
assert response.success is True
# Authentication must fail
# Use the token for authentication
payload = {
'auth_scheme': 'Bearer',
'credentials': access_token,
}
response = Tasklet.perform(Account, jwt.AuthenticationUseCase,
jwt.AuthenticationRequestObject,
payload.copy())
assert response is not None
assert response.success is False
assert response.value == {
'code': 401,
'message': {
'token': 'Invalid Token'
}
}
def test_create_account_usecase(self):
"""Test create account usecase of authentic"""
payload = {
'email': '*****@*****.**',
'username': '******',
'password': '******',
'confirm_password': '******',
'phone': '90080000800',
'roles': ['ADMIN']
}
response = Tasklet.perform(Account, CreateAccountUseCase,
CreateAccountRequestObject, payload.copy())
assert response is not None
assert response.success is True
assert response.value.username == 'dummy'
# Check for validation errors - 1
payload1 = {
'email': '*****@*****.**',
'username': '******',
'password': '******',
'confirm_password': '******',
'phone': '90080000800',
}
response = Tasklet.perform(Account, CreateAccountUseCase,
CreateAccountRequestObject, payload1)
assert response is not None
assert response.success is False
assert response.value == {
'code': 422,
'message': {
'confirm_password':
'******'
},
}
# Check for validation errors - 2
response = Tasklet.perform(Account, CreateAccountUseCase,
CreateAccountRequestObject, payload)
assert response is not None
assert response.success is False
assert response.value == {
'code': 422,
'message': {
'email': 'Email already exists'
}
}
def test_logout_usecase(self, account):
""" Test logout usecase of authentic """
payload = {'account': account}
response = Tasklet.perform(Account, LogoutUseCase, LogoutRequestObject,
payload.copy())
assert response is not None
assert response.success is True
assert response.value == {'message': 'success'}
def process_request(self, request_object):
""" Get the human and return the dogs owned by the human"""
human = Human.get(request_object.identifier)
# Get the dogs related to the human
payload = {'owner': human.name, 'order_by': ['age']}
response_object = Tasklet.perform(Dog,
ListUseCase,
ListRequestObject,
payload,
raise_error=True)
return response_object
def test_change_password_usecase(self, account):
"""Test change password usecase of authentic"""
payload = {
'identifier': account.id,
'data': {
'current_password': '******',
'new_password': '******',
'confirm_password': '******',
}
}
response = Tasklet.perform(Account, ChangeAccountPasswordUseCase,
ChangeAccountPasswordRequestObject,
payload.copy())
assert response is not None
assert response.success is True
# Try to update the password again
payload = {
'identifier': account.id,
'data': {
'current_password': '******',
'new_password': '******',
'confirm_password': '******',
}
}
response = Tasklet.perform(Account, ChangeAccountPasswordUseCase,
ChangeAccountPasswordRequestObject,
payload.copy())
assert response is not None
assert response.success is False
assert response.value == {
'code': 422,
'message': {
'new_password':
'******'
'used passwords'
}
}
def test_password_reset_usecase(self, account):
""" Test resetting a password using an email link """
payload = {
'email': '*****@*****.**',
}
response = Tasklet.perform(Account, SendResetPasswordEmailUsecase,
SendResetPasswordEmailRequestObject,
payload.copy())
assert response is not None
assert response.success is True
# Make sure that the verification token is set
account = Account.get(account.id)
assert account.verification_token is not None
# Make sure that the reset email was sent
assert email.outbox[-1].message() == (
"[email protected]\n"
"['*****@*****.**']\n"
"Password Reset Request\n"
f"Your reset secret token is {account.verification_token}")
# Now reset the password with this token
payload = {
'token': account.verification_token,
'data': {
'new_password': '******',
'confirm_password': '******',
}
}
response = Tasklet.perform(Account, ResetPasswordUsecase,
ResetPasswordRequestObject, payload.copy())
assert response is not None
assert response.success is True
# Make sure that the password has been updated
account = Account.get(account.id)
assert len(account.password_history) == 1
def test_backend(self, account):
""" Test http basic authentication backend """
payload = {
'auth_scheme': 'Basic',
'credentials': base64.b64encode(b'[email protected]:dummy@789'),
}
response = Tasklet.perform(
Account, basic.AuthenticationUseCase,
basic.AuthenticationRequestObject, payload.copy())
assert response is not None
assert response.success is False
assert response.value == {
'code': 422, 'message': {'password': '******'}}
# Try again with the right password
payload['credentials'] = base64.b64encode(
b'[email protected]:duMmy@123')
response = Tasklet.perform(
Account, basic.AuthenticationUseCase,
basic.AuthenticationRequestObject, payload.copy())
assert response is not None
assert response.success is True
assert response.value.id is account.id
def test_backend(self, account):
""" Test jwt authentication backend """
# Run the login callback usecase
payload = {'account': Account.get(account.id)}
response = Tasklet.perform(Account, jwt.LoginCallbackUseCase,
LoginCallbackRequestObject, payload.copy())
assert response is not None
assert response.success is True
access_token = response.value.get('access_token')
assert access_token is not None
# Use the token for authentication
payload = {
'auth_scheme': 'Bearer',
'credentials': 'xxxxxxxxxxxxxxxxx',
}
response = Tasklet.perform(Account, jwt.AuthenticationUseCase,
jwt.AuthenticationRequestObject,
payload.copy())
assert response is not None
assert response.success is False
assert response.value == {
'code': 401,
'message': {
'credentials': 'Invalid JWT Token. Not enough segments'
}
}
# Try again with the correct token
payload['credentials'] = access_token
response = Tasklet.perform(Account, jwt.AuthenticationUseCase,
jwt.AuthenticationRequestObject,
payload.copy())
assert response is not None
assert response.success is True
def test_update_account_usecase(self, account):
"""Test update account usecase of authentic"""
payload = {
'identifier': account.id,
'data': {
'phone': '90070000700',
}
}
response = Tasklet.perform(Account, UpdateAccountUseCase,
UpdateAccountRequestObject, payload.copy())
assert response is not None
assert response.success is True
assert response.value.id == account.id
assert response.value.phone == '90070000700'
def test_login_usecase(self, account):
""" Test login usecase of authentic """
payload = {
'username_or_email': '*****@*****.**',
'password': '******',
}
response = Tasklet.perform(Account, LoginUseCase, LoginRequestObject,
payload.copy())
assert response is not None
assert response.success is False
assert response.value == {
'code': 422,
'message': {
'password': '******'
}
}
payload['password'] = '******'
response = Tasklet.perform(Account, LoginUseCase, LoginRequestObject,
payload.copy())
assert response is not None
assert response.success is True
assert response.value.id == account.id
assert response.value.email == '*****@*****.**'
def _process_request(self,
usecase_cls,
request_object_cls,
payload,
many=False,
no_serialization=False):
""" Process the request by running the Protean Tasklet """
# Get the schema class and derive resource name
entity_cls = self.get_entity_cls()
resource = inflection.underscore(entity_cls.__name__)
# Get the serializer for this class
serializer = None
if not no_serialization:
serializer = self.get_serializer(many=many)
# Run the use case and return the results
response_object = Tasklet.perform(entity_cls,
usecase_cls,
request_object_cls,
payload,
raise_error=True)
# If no serialization is set just return the response object
if no_serialization:
return response_object.value
# Return empty response for 204s
if response_object.code == Status.SUCCESS_WITH_NO_CONTENT:
return Response(None, response_object.code.value)
# Serialize the results and return the response
if many:
items = serializer.dump(response_object.value.items)
page = int(
response_object.value.offset / response_object.value.limit) + 1
result = {
INFLECTOR.plural(resource): items.data,
'total': response_object.value.total,
'page': page,
}
return result, response_object.code.value
else:
result = serializer.dump(response_object.value)
return {resource: result.data}, response_object.code.value
def perform_authentication():
""" Perform the authentication of the request """
# Get the authorization header and build payload
auth_header = request.headers.get('Authorization', '').split()
auth_payload = {}
if auth_header and len(auth_header) == 2:
auth_payload['auth_scheme'] = auth_header[0]
auth_payload['credentials'] = auth_header[1]
# Get the account entity and the current backend
account_entity = get_account_entity()
auth_backend = get_auth_backend()
# Perform the task and check the response
response = Tasklet.perform(account_entity,
auth_backend.AuthenticationUseCase,
auth_backend.AuthenticationRequestObject,
auth_payload)
return response