d9fd37a485
this is a bit complex, but essentially we're using the test variables defined in the duolabs py_webauthn library [1]. We're already using their test variables in tests/app/models/test_webauthn_credential.py and in the webauthn_credential fixture in conftest.py. By using sample signature, authenticatordata and clientdatajson from the same key we can test that the library correctly verifies the signed challenge matches the original. We needed to transform some of this data as the yubico/fido2 library we use has a slightly different way of formatting the fields for the request body, which is why we're doing things like base64 decoding and converting from hex to bytes in the post data. The pytest fixture has changed - before it was incomplete/corrupted and would error when trying to verify the signature. We took the credential_data from the pytest fixture, converted it to an AttestedCredentialData using WebauthnCredential.to_credential_data, modified the public_key private dictionary to add `public_key[-1]: 1`, and then called `AttestedCredentialData.create` to re-CBOR-encode the blob. The `-1: 1` is the numeric ID of the "SECP256R1" elliptic curve algorithm. The py_webauthn library forces this particular algorithm, which differs from the sample creds we took from the fido2 lib tests, which is why we've had to update our data. [1] https://github.com/duo-labs/py_webauthn/blob/master/tests/test_webauthn.py#L13-L32
notifications-admin
GOV.UK Notify admin application - https://www.notifications.service.gov.uk/
- Register and manage users
- Create and manage services
- Send batch emails and SMS by uploading a CSV
- Show history of notifications
Setting up
Python version
At the moment we run Python 3.6 in production.
NPM packages
brew install node
NPM is Node's package management tool. n is a tool for managing different versions of Node. The following installs n and uses the long term support (LTS) version of Node.
npm install -g n
n lts
environment.sh
In the root directory of the application, run:
echo "
export NOTIFY_ENVIRONMENT='development'
export FLASK_APP=application.py
export FLASK_ENV=development
export WERKZEUG_DEBUG_PIN=off
"> environment.sh
AWS credentials
To run parts of the app, such as uploading letters, you will need appropriate AWS credentials. See the Wiki for more details.
To run the application
# install dependencies, etc.
make bootstrap
# run the web app
make run-flask
Then visit localhost:6012.
Any Python code changes you make should be picked up automatically in development. If you're developing JavaScript code, run npm run watch to achieve the same.
To test the application
# install dependencies, etc.
make bootstrap
# run all the tests
make test
# continuously run js tests
npm run test-watch
To run a specific JavaScript test, you'll need to copy the full command from package.json.
To update application dependencies
requirements.txt is generated from the requirements.in in order to pin versions of all nested dependencies. If requirements.in has been changed, run make freeze-requirements to regenerate it.