Commit Graph

14648 Commits

Author SHA1 Message Date
Pea Tyczynska
ac757b0fc1 Merge pull request #3904 from alphagov/platform-admin-reply-to
Let platform admins add or update service reply to email address without the need for verification.
2021-06-02 10:46:05 +01:00
Katie Smith
d9fd37a485 add test for succesfully logging in with security key
this is a bit complex, but essentially we're using the test variables
defined in the duolabs py_webauthn library [1]. We're already using
their test variables in tests/app/models/test_webauthn_credential.py and
in the webauthn_credential fixture in conftest.py. By using sample
signature, authenticatordata and clientdatajson from the same key we can
test that the library correctly verifies the signed challenge matches
the original.

We needed to transform some of this data as the yubico/fido2 library we
use has a slightly different way of formatting the fields for the
request body, which is why we're doing things like base64 decoding and
converting from hex to bytes in the post data.

The pytest fixture has changed - before it was incomplete/corrupted and
would error when trying to verify the signature. We took the
credential_data from the pytest fixture, converted it to an
AttestedCredentialData using WebauthnCredential.to_credential_data,
modified the public_key private dictionary to add `public_key[-1]: 1`,
and then called `AttestedCredentialData.create` to re-CBOR-encode the
blob.

The `-1: 1` is the numeric ID of the "SECP256R1" elliptic curve
algorithm. The py_webauthn library forces this particular algorithm,
which differs from the sample creds we took from the fido2 lib tests,
which is why we've had to update our data.

[1] https://github.com/duo-labs/py_webauthn/blob/master/tests/test_webauthn.py#L13-L32
2021-06-01 19:22:54 +01:00
Katie Smith
28ee2a1f9a Add tests for GET webauthn_begin_authentication 2021-06-01 19:08:58 +01:00
Leo Hemsted
a753e32c8d only let platform admins with webauthn access the sign in pages 2021-06-01 19:08:58 +01:00
Leo Hemsted
c26a596839 allow sign in via webauthn credentials
The flow of the code is roughly as follows:

  user clicks button on webauthn page
  js sends GET request
  python reads GET request, sets up login challenge
  python returns login challenge in response
  js reads GET response, passes login challenge to browser
  browser asks user to touch yubikey
  browser returns yubikey challenge response data to js
  js sends POST request with yubikey challenge response data
  python reads yubikey challenge and compares with users creds from db
  if its a match, python signs user in

The login challenge is a PublicKeyCredentialRequestOptions: [1]
The browser function we call is navigator.credentials.get(): [2]
The response to the challenge from the browser is a PublicKeyCredential: [3]

The python server does all the work setting those up and tearing them
back down again (and checking them against the values we have stored in
the database), but we need to do work to convert them to-and-from CBOR.

[1] https://developer.mozilla.org/en-US/docs/Web/API/PublicKeyCredentialRequestOptions
[2] https://developer.mozilla.org/en-US/docs/Web/API/CredentialsContainer/get
[3] https://developer.mozilla.org/en-US/docs/Web/API/PublicKeyCredential
2021-06-01 19:08:57 +01:00
Leo Hemsted
c203f624ca rename two_factor to two_factor_sms
it's a bit confusing now that there are three endpoints. the other two
are already renamed two_factor_email and two_factor_webauthn
2021-06-01 19:08:57 +01:00
Leo Hemsted
907a7dc363 create webauthn 2fa page
if user has `webauthn_auth` as their auth type, then redirect them to an
interstitial that prompts them to click on a button which right now just
logs to the JS console, but in a future commit will open up the webauthn
browser prompt

content is unsurprisingly not final.
2021-06-01 18:44:54 +01:00
Chris Hill-Scott
bd19806ebf Remove ‘(all networks)’ from settings label
I don’t think we need to say (all networks) in the header. The real
benefit of this change is forcing the platform admin person making the
change to explicitly give their choice of network.

And by not putting it in the label we don’t have future users from other
organisations wondering if there’s some option other than ‘all networks’
they need to think about.
2021-06-01 17:55:17 +01:00
Chris Hill-Scott
37b51099d1 Merge pull request #3903 from alphagov/optional-text-field-send-files
Use optional text field for send files setting
2021-06-01 15:11:18 +01:00
Chris Hill-Scott
fbf77a7482 Merge pull request #3902 from alphagov/webauthn-image
Designerise the pages for adding a security key
2021-06-01 15:10:52 +01:00
Chris Hill-Scott
77ea7af909 Fix double back link 2021-05-28 16:20:35 +01:00
Chris Hill-Scott
3f7124b04e Remove uneeded clearfix 2021-05-28 16:20:35 +01:00
Chris Hill-Scott
597846f657 Refactor error button and error messages into variable 2021-05-28 16:20:34 +01:00
Chris Hill-Scott
268a7d1881 Make image display smaller on mobile 2021-05-28 16:20:34 +01:00
Ben Thorner
68d923568c Merge pull request #3901 from alphagov/prevent-admin-auth-change
Prevent switching auth type for Platform Admins
2021-05-28 16:07:11 +01:00
Pea Tyczynska
4b3e826ec8 Let platform admins add or update service reply to email address
without the need for verification.

This is for when the email takes too long to arrive and the service
users cannot update it as a result.

A more streamlined solution has been proposed where we could send
a link in the verification email to the users and clicking that
link would add/update reply-email-to address.
That would require a bit more work so right now I am proposing this
as a quick stop gap so that we don't have to go to the database
manually to add the reply-to email address.
2021-05-28 15:06:31 +01:00
Chris Hill-Scott
68e7d2916e Fix nesting of if statement 2021-05-28 13:52:05 +01:00
Chris Hill-Scott
551b4ba8dc Use optional text field for send files setting
This follows the convention for if you have an empty setting, it is
greyed-out.
2021-05-28 09:48:14 +01:00
Chris Hill-Scott
7f88aa6759 Make listing of keys on user profile a bit nicer
We can use the `optional_text_field` macro to grey out the text when
nothing is set up. And adding ‘registered’ makes the language consistent
through to the next page.
2021-05-27 18:14:20 +01:00
Chris Hill-Scott
88e2cc93df Add image of security key
When referring to something that’s not part of the Notify system, like a
spreadsheet or a paper letter or a security key we’ve found it’s helpful
to give people a visual representation of it. This commit does the same
for security keys.
2021-05-27 18:14:20 +01:00
Rebecca Law
24f4b3f3eb Merge pull request #3899 from alphagov/bump-utils-new-invalid-address-char
Bump utils version for new invalid address character
2021-05-27 13:53:38 +01:00
Rebecca Law
9a4b6de37d Bump utils version for new invalid address character 2021-05-27 13:04:46 +01:00
Ben Thorner
71cbc00a3d Localise and simplify fixture to invite tests
This isn't used anywhere else.
2021-05-25 17:55:52 +01:00
Ben Thorner
754f4e3753 Use mock_check_invite_token consistently
In some tests the mock was already used, and then overridden but
without any change to the behaviour.
2021-05-25 17:54:37 +01:00
Ben Thorner
eb343e4937 Simplify test for API error with existing user
This is now covered since we use 'mock_no_users_for_service'.
2021-05-25 17:51:09 +01:00
Ben Thorner
c696693785 Simplify mocking and asserting the existing user
Previously we made surprising changed to the invited user as part
of the mock, and then surprising assertions that its ID matched
USER_ONE_ID. This simplifies the mock to do what it says, so that
we can test for the original ID of the existing user.*

*this does still differ from the ID of the sample_invite, which is
also hard-coded to USER_ONE_ID. However, this isn't relevant in
any of the tests, so doesn't seem to much of an issue.
2021-05-25 17:51:08 +01:00
Ben Thorner
ef2996d56a Localise fixture to the only test that uses it 2021-05-25 17:51:07 +01:00
Ben Thorner
1dcfd5ba95 Refactor accept invite test to avoid override
This replaces the original fixture with a more explicit one, noting
that none of the tests rely on this fixture as part of testing the
scenarios when a user is already a member of the service.
2021-05-25 17:51:05 +01:00
Ben Thorner
6d0d9d46f7 Prevent switching auth type for Platform Admins
This closes a security loophole, where the auth type of a Platform
Admin could be unwittingly changed when they accept an invite, or
by an admin of a service they are a member of.
2021-05-25 16:01:25 +01:00
Pea Tyczynska
a10304d9c6 Merge pull request #3892 from alphagov/update-remove-webauthn-cred
Let admin user update and delete their security key
2021-05-25 14:33:00 +01:00
Pea Tyczynska
04d1d97d4c Refactor loop to separate function and use user model
when getting a list of security keys

Also test separately that we are correctly choosing key out of list
of security keys. Previously we have done it as a part
of testing pages where where we were calling API to get a list
of keys, but then choosing one of those keys based on id.

Also remove redundant second test credential after PR review

Also remove redundant return value from mocks in update name tests
2021-05-25 14:17:58 +01:00
Pea Tyczynska
8501aa4ad6 Change name of the form and form field for consistency
Following PR review.

Also update function name for update name of security key in
user api client to be more specific.
2021-05-25 11:55:48 +01:00
Pea Tyczynska
e384d3e0a1 Test all manage security keys pages against unauthorised access 2021-05-25 11:55:47 +01:00
Pea Tyczynska
724e345089 Do not call API if key name did not change
To avoid unnecessary calls to API.
2021-05-25 11:55:47 +01:00
Pea Tyczynska
a907f261a5 Catch last credential error from API
When we are unable to delete security key because it's the last
one for that user, API throws an error. Here we catch that error
and display useful message to the user.

Use security key instead of webauthn credential

in user facing message - for consistency and readability.

We use security key term in user facing stuff and webauthn
credential in the code.
2021-05-25 11:55:37 +01:00
Pea Tyczynska
a946ad6ec2 Let admin user delete their security key
Show confiem delete dialogue first to confirm if key should be deleted.
2021-05-25 11:40:42 +01:00
Pea Tyczynska
00c022eba5 Let admin user update their security key name 2021-05-25 11:40:41 +01:00
Pea Tyczynska
56eac279df Show manage security key page with name change form 2021-05-25 11:40:41 +01:00
Pea Tyczynska
c33465e7cf Add link and placeholder view for managing a security key 2021-05-25 11:40:33 +01:00
David McDonald
9d2f495df8 Merge pull request #3900 from alphagov/make-help
Add help text for new make steps
2021-05-25 11:31:39 +01:00
David McDonald
f4dc9e15e1 Add help text for new make steps
Helpful for when you run `make` as you've forgotten what the command is
and you don't want to go find the readme
2021-05-25 11:21:39 +01:00
Ben Thorner
66ffc0e29b Run tests directly from the Makefile
Depends on: https://github.com/alphagov/notifications-aws/pull/905

Previously this would print some custom text with each step, and
as optionally loading a virtual environment. This moves the actual
test commands to the Makefile. While this no longer prints custom
text, it does print the command that was run:

Before (skipping other output):

  ./scripts/run_tests.sh
  Code style check passed
  Import order check passed
  ...
  JavaScript tests have passed
  ...
  Unit tests have passed

After (skipping other output):

  flake8 .
  isort --check-only ./app ./tests
  npm test
  ...
  py.test -n auto --maxfail=10 tests/
  ...

I think it's more useful to see the command being run, rather than
having to wait until it succeeds to know what was happening. Having
the command also makes it easier to run it again if it fails, rather
than having to go and find it in a script.
2021-05-24 15:39:36 +01:00
Chris Hill-Scott
2d2c82ca87 Merge pull request #3885 from alphagov/live-broadcast-tour
Add a version of the tour for live services
2021-05-24 10:58:45 +01:00
Andrew White
438b7457cd Merge pull request #3895 from alphagov/disable-statistics-check
Disable the remaining messages check for uploads
2021-05-22 07:34:08 +01:00
Andrew White
00c3943222 Disable the remaining messages check for uploads
The HTTP request for the statistics is taking more 30 seconds which leads to 504 errors from CloudFront.
2021-05-22 07:25:07 +01:00
Ben Thorner
c5196fbf07 Allow setting provider for any channel
Previously we could only select a provider when using the test
channel, but this is also required for others channels when we
do tests on the production network with individual MNOs.

In order to reduce duplication and improve consistency, I've reused
the new broadcast_service_name_tag macro to show the setting.
2021-05-20 14:46:04 +01:00
Ben Thorner
658e40b6c5 Merge pull request #3883 from alphagov/rename-app_-2
Rename "app_" fixture to "notify_admin"
2021-05-19 11:53:09 +01:00
Chris Hill-Scott
5de1c4f6ca Redirect newly-created users to broadcast tour 2021-05-19 11:48:59 +01:00
Chris Hill-Scott
7697cdb2b3 Combine tests using parametrize 2021-05-19 11:48:59 +01:00
Chris Hill-Scott
016f38db9b Refactor service name code to reduce duplication
This makes the code shareable between:
- the broadcast tour pages
- the broadcast settings platform admin page
- the regular service navigation

On the training mode tour pages we don’t want to confuse people with the
organisation name or _Switch service_ links, so those are omitted and
the code is therefore slightly different.
2021-05-19 11:48:59 +01:00