From 72a2cf554af3a02496bdd450569399ccb96862d0 Mon Sep 17 00:00:00 2001 From: Kenneth Kehl <@kkehl@flexion.us> Date: Fri, 15 Dec 2023 07:18:47 -0800 Subject: [PATCH 1/4] add debugging statement --- app/main/views/sign_in.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/app/main/views/sign_in.py b/app/main/views/sign_in.py index c0c4b7650..d6130f67a 100644 --- a/app/main/views/sign_in.py +++ b/app/main/views/sign_in.py @@ -22,7 +22,7 @@ from app.main import main from app.main.forms import LoginForm from app.main.views.verify import activate_user from app.models.user import InvitedUser, User -from app.utils import hide_from_search_engines +from app.utils import hide_from_search_engines, hilite from app.utils.login import is_safe_redirect_url @@ -30,6 +30,7 @@ def _get_access_token(code, state): client_id = os.getenv("LOGIN_DOT_GOV_CLIENT_ID") access_token_url = os.getenv("LOGIN_DOT_GOV_ACCESS_TOKEN_URL") keystring = os.getenv("LOGIN_PEM") + print(hilite(f"LOGIN_PEM: START{keystring}FINISH")) payload = { "iss": client_id, "sub": client_id, From bc32c62dc674cc4c0f80926fcd63803a1dfb6492 Mon Sep 17 00:00:00 2001 From: Kenneth Kehl <@kkehl@flexion.us> Date: Fri, 15 Dec 2023 07:20:34 -0800 Subject: [PATCH 2/4] flake8 --- app/main/views/sign_in.py | 4 ++-- tests/app/main/views/test_index.py | 4 +++- tests/app/main/views/test_templates.py | 2 +- 3 files changed, 6 insertions(+), 4 deletions(-) diff --git a/app/main/views/sign_in.py b/app/main/views/sign_in.py index d6130f67a..586431d46 100644 --- a/app/main/views/sign_in.py +++ b/app/main/views/sign_in.py @@ -30,7 +30,7 @@ def _get_access_token(code, state): client_id = os.getenv("LOGIN_DOT_GOV_CLIENT_ID") access_token_url = os.getenv("LOGIN_DOT_GOV_ACCESS_TOKEN_URL") keystring = os.getenv("LOGIN_PEM") - print(hilite(f"LOGIN_PEM: START{keystring}FINISH")) + print(hilite(f"LOGIN_PEM: START{keystring}FINISH")) # noqa temp payload = { "iss": client_id, "sub": client_id, @@ -175,7 +175,7 @@ def sign_in(): current_app.logger.info( f"LOGIN_DOT_GOV_SIGNOUT_REDIRECT={os.getenv('LOGIN_DOT_GOV_SIGNOUT_REDIRECT')}" ) - initial_signin_url = os.getenv('LOGIN_DOT_GOV_INITIAL_SIGNIN_URL') + initial_signin_url = os.getenv("LOGIN_DOT_GOV_INITIAL_SIGNIN_URL") current_app.logger.info(f"LOGIN_DOT_GOV_INITIAL_SIGNIN_URL={initial_signin_url}") return render_template( diff --git a/tests/app/main/views/test_index.py b/tests/app/main/views/test_index.py index 0b584962a..7311dbaaa 100644 --- a/tests/app/main/views/test_index.py +++ b/tests/app/main/views/test_index.py @@ -15,7 +15,9 @@ def test_non_logged_in_user_can_see_homepage( client_request.logout() page = client_request.get("main.index", _test_page_title=False) - assert page.h1.text.strip() == ("Reach people where they are with government-powered text messages") + assert page.h1.text.strip() == ( + "Reach people where they are with government-powered text messages" + ) assert page.select_one("a.usa-button.usa-button--big")["href"] == url_for( "main.sign_in", diff --git a/tests/app/main/views/test_templates.py b/tests/app/main/views/test_templates.py index 4fddce76d..b74b5b6d7 100644 --- a/tests/app/main/views/test_templates.py +++ b/tests/app/main/views/test_templates.py @@ -632,7 +632,7 @@ def test_should_show_sms_template_with_downgraded_unicode_characters( fake_uuid, ): msg = "here:\tare some “fancy quotes” and zero\u200Bwidth\u200Bspaces" - rendered_msg = 'here: are some “fancy quotes” and zerowidthspaces' + rendered_msg = "here: are some “fancy quotes” and zerowidthspaces" mocker.patch( "app.service_api_client.get_service_template", From cec2d7ea0237d144f1370010f26639c79ffe6e45 Mon Sep 17 00:00:00 2001 From: Kenneth Kehl <@kkehl@flexion.us> Date: Fri, 15 Dec 2023 12:07:54 -0800 Subject: [PATCH 3/4] reformat private key --- app/main/views/sign_in.py | 17 +++++++++++++++-- tests/app/main/views/test_sign_in.py | 11 +++++++++++ 2 files changed, 26 insertions(+), 2 deletions(-) diff --git a/app/main/views/sign_in.py b/app/main/views/sign_in.py index 586431d46..94bcc9a9a 100644 --- a/app/main/views/sign_in.py +++ b/app/main/views/sign_in.py @@ -22,15 +22,28 @@ from app.main import main from app.main.forms import LoginForm from app.main.views.verify import activate_user from app.models.user import InvitedUser, User -from app.utils import hide_from_search_engines, hilite +from app.utils import hide_from_search_engines from app.utils.login import is_safe_redirect_url +def _reformulate_keystring(orig): + new_keystring = orig.replace("-----BEGIN PRIVATE KEY-----", "") + new_keystring = new_keystring.replace("-----END PRIVATE KEY-----", "") + new_keystring = new_keystring.strip() + new_keystring = "\n".join( + ["-----BEGIN PRIVATE KEY-----", new_keystring, "-----END PRIVATE KEY-----"] + ) + new_keystring = f"{new_keystring}\n" + return new_keystring + + def _get_access_token(code, state): client_id = os.getenv("LOGIN_DOT_GOV_CLIENT_ID") access_token_url = os.getenv("LOGIN_DOT_GOV_ACCESS_TOKEN_URL") keystring = os.getenv("LOGIN_PEM") - print(hilite(f"LOGIN_PEM: START{keystring}FINISH")) # noqa temp + if " " in keystring: + keystring = _reformulate_keystring(keystring) + payload = { "iss": client_id, "sub": client_id, diff --git a/tests/app/main/views/test_sign_in.py b/tests/app/main/views/test_sign_in.py index 018321fbe..50ac0b226 100644 --- a/tests/app/main/views/test_sign_in.py +++ b/tests/app/main/views/test_sign_in.py @@ -3,6 +3,7 @@ import uuid import pytest from flask import url_for +from app.main.views.sign_in import _reformulate_keystring from app.models.user import User from tests.conftest import SERVICE_ONE_ID, normalize_spaces @@ -39,6 +40,16 @@ def test_render_sign_in_template_with_next_link_for_password_reset(client_reques ) +def test_reformulate_keystring(): + orig = "-----BEGIN PRIVATE KEY----- blahblahblah -----END PRIVATE KEY-----" + expected = """-----BEGIN PRIVATE KEY----- +blahblahblah +-----END PRIVATE KEY----- +""" + reformulated = _reformulate_keystring(orig) + assert reformulated == expected + + def test_sign_in_explains_session_timeout(client_request): client_request.logout() page = client_request.get("main.sign_in", next="/foo") From f54a79bdf9ba43ecbe45fdd78e93811cdcf265d3 Mon Sep 17 00:00:00 2001 From: Kenneth Kehl <@kkehl@flexion.us> Date: Fri, 15 Dec 2023 12:16:03 -0800 Subject: [PATCH 4/4] reformat private key --- app/main/views/sign_in.py | 4 ++-- tests/app/main/views/test_sign_in.py | 8 ++++---- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/app/main/views/sign_in.py b/app/main/views/sign_in.py index 94bcc9a9a..5e6899eae 100644 --- a/app/main/views/sign_in.py +++ b/app/main/views/sign_in.py @@ -26,7 +26,7 @@ from app.utils import hide_from_search_engines from app.utils.login import is_safe_redirect_url -def _reformulate_keystring(orig): +def _reformat_keystring(orig): new_keystring = orig.replace("-----BEGIN PRIVATE KEY-----", "") new_keystring = new_keystring.replace("-----END PRIVATE KEY-----", "") new_keystring = new_keystring.strip() @@ -42,7 +42,7 @@ def _get_access_token(code, state): access_token_url = os.getenv("LOGIN_DOT_GOV_ACCESS_TOKEN_URL") keystring = os.getenv("LOGIN_PEM") if " " in keystring: - keystring = _reformulate_keystring(keystring) + keystring = _reformat_keystring(keystring) payload = { "iss": client_id, diff --git a/tests/app/main/views/test_sign_in.py b/tests/app/main/views/test_sign_in.py index 50ac0b226..345a1bd94 100644 --- a/tests/app/main/views/test_sign_in.py +++ b/tests/app/main/views/test_sign_in.py @@ -3,7 +3,7 @@ import uuid import pytest from flask import url_for -from app.main.views.sign_in import _reformulate_keystring +from app.main.views.sign_in import _reformat_keystring from app.models.user import User from tests.conftest import SERVICE_ONE_ID, normalize_spaces @@ -40,14 +40,14 @@ def test_render_sign_in_template_with_next_link_for_password_reset(client_reques ) -def test_reformulate_keystring(): +def test_reformat_keystring(): orig = "-----BEGIN PRIVATE KEY----- blahblahblah -----END PRIVATE KEY-----" expected = """-----BEGIN PRIVATE KEY----- blahblahblah -----END PRIVATE KEY----- """ - reformulated = _reformulate_keystring(orig) - assert reformulated == expected + reformatted = _reformat_keystring(orig) + assert reformatted == expected def test_sign_in_explains_session_timeout(client_request):