darkhelm/notifications-api
1
0
Fork 0
mirror of https://github.com/GSA/notifications-api.git synced 2025-12-22 16:31:15 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
23cc37e2d18bfe79525b844cce0647abcdeb40c5
notifications-api/tests/app/authentication/test_authentication.py

286 lines
13 KiB
Python
Raw Normal View History

refactor authentication code moved api_key secret manipulation (generating and getting) into authentiation/utils, and added a property on the model, to facilitate easier matching of authenticated requests and the api keys they used
2016-06-29 14:15:32 +01:00
from datetime import datetime
attach api_key to app we previously attached the service id and the key's secret also more refactoring of auth.py
2016-06-29 16:33:02 +01:00
import pytest
remove unused import
2016-04-15 10:59:00 +01:00
from flask import json, current_app
Fix bug with expired token error response
2016-07-22 15:10:37 +01:00
from freezegun import freeze_time
attach api_key to app we previously attached the service id and the key's secret also more refactoring of auth.py
2016-06-29 16:33:02 +01:00
from notifications_python_client.authentication import create_jwt_token
from app import api_user
Refactor the api_key_dao. The only update we should be doing to an api key is to expire/revoke the api key. Removed the update_dict from the the save method. Added an expire_api_key method that only updates the api key with an expiry date.
2016-06-22 15:27:28 +01:00
from app.dao.api_key_dao import get_unsigned_secrets, save_model_api_key, get_unsigned_secret, expire_api_key
Fix bug with expired token error response
2016-07-22 15:10:37 +01:00
from app.models import ApiKey, KEY_TYPE_NORMAL
Added the before_request so that all calls must have a valid token. Next is to get all the rest tests to pass again.
2016-01-14 17:45:30 +00:00
def test_should_not_allow_request_with_no_token(notify_api):
with notify_api.test_request_context():
with notify_api.test_client() as client:
Fix all other dependant classes that are affected by the DAO / Service / Model changes
2016-02-19 15:54:11 +00:00
response = client.get('/service')
Added the before_request so that all calls must have a valid token. Next is to get all the rest tests to pass again.
2016-01-14 17:45:30 +00:00
assert response.status_code == 401
data = json.loads(response.get_data())
Update auth module to return consistently formed error messages. We are trying to get all the error messages to return in the following format: {result: error, message: ['what caused error': 'reason for error'] }
2016-06-17 14:22:58 +01:00
assert data['message'] == {"token": ['Unauthorized, authentication token must be provided']}
Added the before_request so that all calls must have a valid token. Next is to get all the rest tests to pass again.
2016-01-14 17:45:30 +00:00
def test_should_not_allow_request_with_incorrect_header(notify_api):
with notify_api.test_request_context():
with notify_api.test_client() as client:
Fix all other dependant classes that are affected by the DAO / Service / Model changes
2016-02-19 15:54:11 +00:00
response = client.get(
'/service',
headers={'Authorization': 'Basic 1234'})
Added the before_request so that all calls must have a valid token. Next is to get all the rest tests to pass again.
2016-01-14 17:45:30 +00:00
assert response.status_code == 401
data = json.loads(response.get_data())
Update auth module to return consistently formed error messages. We are trying to get all the error messages to return in the following format: {result: error, message: ['what caused error': 'reason for error'] }
2016-06-17 14:22:58 +01:00
assert data['message'] == {"token": ['Unauthorized, authentication bearer scheme must be used']}
Added the before_request so that all calls must have a valid token. Next is to get all the rest tests to pass again.
2016-01-14 17:45:30 +00:00
Fix all other dependant classes that are affected by the DAO / Service / Model changes
2016-02-19 15:54:11 +00:00
def test_should_not_allow_request_with_incorrect_token(notify_api, sample_user):
Added the before_request so that all calls must have a valid token. Next is to get all the rest tests to pass again.
2016-01-14 17:45:30 +00:00
with notify_api.test_request_context():
with notify_api.test_client() as client:
Fix all other dependant classes that are affected by the DAO / Service / Model changes
2016-02-19 15:54:11 +00:00
response = client.get(
'/service',
headers={'Authorization': 'Bearer 1234'})
Added the before_request so that all calls must have a valid token. Next is to get all the rest tests to pass again.
2016-01-14 17:45:30 +00:00
assert response.status_code == 403
data = json.loads(response.get_data())
Update auth module to return consistently formed error messages. We are trying to get all the error messages to return in the following format: {result: error, message: ['what caused error': 'reason for error'] }
2016-06-17 14:22:58 +01:00
assert data['message'] == {"token": ['Invalid token: signature']}
Added the before_request so that all calls must have a valid token. Next is to get all the rest tests to pass again.
2016-01-14 17:45:30 +00:00
Fix all other dependant classes that are affected by the DAO / Service / Model changes
2016-02-19 15:54:11 +00:00
def test_should_not_allow_invalid_secret(notify_api, sample_api_key):
Added the before_request so that all calls must have a valid token. Next is to get all the rest tests to pass again.
2016-01-14 17:45:30 +00:00
with notify_api.test_request_context():
with notify_api.test_client() as client:
Fix all other dependant classes that are affected by the DAO / Service / Model changes
2016-02-19 15:54:11 +00:00
token = create_jwt_token(
secret="not-so-secret",
client_id=str(sample_api_key.service_id))
response = client.get(
'/service',
headers={'Authorization': "Bearer {}".format(token)}
)
Added the before_request so that all calls must have a valid token. Next is to get all the rest tests to pass again.
2016-01-14 17:45:30 +00:00
assert response.status_code == 403
data = json.loads(response.get_data())
Improve the error message when the service id is not the right data type. Improve the error message is the api key is not valid.
2016-09-23 11:07:49 +01:00
assert data['message'] == {"token": ['Invalid token: signature, api token is not valid']}
Added the before_request so that all calls must have a valid token. Next is to get all the rest tests to pass again.
2016-01-14 17:45:30 +00:00
Make bearer prefix on auth header case insensitive From a support ticket: > the "Bearer" prefix on the auth header is case sensitive. Can this be > made case-insensitive? Sure can 🙃
2016-11-07 10:45:18 +00:00
@pytest.mark.parametrize('scheme', ['bearer', 'Bearer'])
def test_should_allow_valid_token(notify_api, sample_api_key, scheme):
Added the before_request so that all calls must have a valid token. Next is to get all the rest tests to pass again.
2016-01-14 17:45:30 +00:00
with notify_api.test_request_context():
with notify_api.test_client() as client:
Change Tokens to ApiKey Added name to ApiKey model
2016-01-19 12:07:00 +00:00
token = __create_get_token(sample_api_key.service_id)
Fix all other dependant classes that are affected by the DAO / Service / Model changes
2016-02-19 15:54:11 +00:00
response = client.get(
'/service/{}'.format(str(sample_api_key.service_id)),
Make bearer prefix on auth header case insensitive From a support ticket: > the "Bearer" prefix on the auth header is case sensitive. Can this be > made case-insensitive? Sure can 🙃
2016-11-07 10:45:18 +00:00
headers={'Authorization': '{} {}'.format(scheme, token)}
Fix all other dependant classes that are affected by the DAO / Service / Model changes
2016-02-19 15:54:11 +00:00
)
Fix the user url. Add test for authentication to test paths with path params
2016-01-22 09:59:02 +00:00
assert response.status_code == 200
Improve the error message when the service id is not the right data type. Improve the error message is the api key is not valid.
2016-09-23 11:07:49 +01:00
def test_should_not_allow_service_id_that_is_not_the_wrong_data_type(notify_api, sample_api_key):
with notify_api.test_request_context():
with notify_api.test_client() as client:
token = create_jwt_token(secret=get_unsigned_secrets(sample_api_key.service_id)[0],
client_id=str('not-a-valid-id'))
response = client.get(
'/service',
headers={'Authorization': "Bearer {}".format(token)}
)
assert response.status_code == 403
data = json.loads(response.get_data())
assert data['message'] == {"token": ['Invalid token: service id is not the right data type']}
Fix all other dependant classes that are affected by the DAO / Service / Model changes
2016-02-19 15:54:11 +00:00
def test_should_allow_valid_token_for_request_with_path_params(notify_api, sample_api_key):
Fix the user url. Add test for authentication to test paths with path params
2016-01-22 09:59:02 +00:00
with notify_api.test_request_context():
with notify_api.test_client() as client:
token = __create_get_token(sample_api_key.service_id)
Fix all other dependant classes that are affected by the DAO / Service / Model changes
2016-02-19 15:54:11 +00:00
response = client.get(
'/service/{}'.format(str(sample_api_key.service_id)),
headers={'Authorization': 'Bearer {}'.format(token)})
Added the before_request so that all calls must have a valid token. Next is to get all the rest tests to pass again.
2016-01-14 17:45:30 +00:00
assert response.status_code == 200
Fix all other dependant classes that are affected by the DAO / Service / Model changes
2016-02-19 15:54:11 +00:00
def test_should_allow_valid_token_when_service_has_multiple_keys(notify_api, sample_api_key):
Allow for multiple api keys for a service.
2016-01-19 18:25:21 +00:00
with notify_api.test_request_context():
with notify_api.test_client() as client:
Added version history to api keys. This needed a bit of change to create history to handle foreign keys better. There may yet be a better way of doing this that I have not found yet in sqlalchemy docs.
2016-04-20 17:25:20 +01:00
data = {'service': sample_api_key.service,
'name': 'some key name',
add new key_type table * single-column static data table that currently contains two types: 'normal' and 'team' * key_type foreign-keyed from api_keys - must be not null - existing rows set to 'normal' * key_type foreign-keyed from notifications - nullable - existing rows set to null * api_key foreign-keyed from notifications - nullable - existing rows set to null
2016-06-23 16:45:20 +01:00
'created_by': sample_api_key.created_by,
'key_type': KEY_TYPE_NORMAL
Added version history to api keys. This needed a bit of change to create history to handle foreign keys better. There may yet be a better way of doing this that I have not found yet in sqlalchemy docs.
2016-04-20 17:25:20 +01:00
}
Allow for multiple api keys for a service.
2016-01-19 18:25:21 +00:00
api_key = ApiKey(**data)
save_model_api_key(api_key)
token = __create_get_token(sample_api_key.service_id)
Fix all other dependant classes that are affected by the DAO / Service / Model changes
2016-02-19 15:54:11 +00:00
response = client.get(
'/service/{}'.format(str(sample_api_key.service_id)),
headers={'Authorization': 'Bearer {}'.format(token)})
Allow for multiple api keys for a service.
2016-01-19 18:25:21 +00:00
assert response.status_code == 200
Allow services to have multiple api keys. /service/<service_id>/api-key/renew has been renamed to /service/<service_id>/api-key /service/<service_id>/api-key now creates a token and no longer expires the existing api key. Moved test for this endpoint to it's own file.
2016-01-20 10:57:46 +00:00
def test_authentication_passes_admin_client_token(notify_api,
sample_api_key):
with notify_api.test_request_context():
with notify_api.test_client() as client:
Fix all other dependant classes that are affected by the DAO / Service / Model changes
2016-02-19 15:54:11 +00:00
token = create_jwt_token(
secret=current_app.config.get('ADMIN_CLIENT_SECRET'),
client_id=current_app.config.get('ADMIN_CLIENT_USER_NAME'))
response = client.get(
'/service',
headers={'Authorization': 'Bearer {}'.format(token)})
Allow services to have multiple api keys. /service/<service_id>/api-key/renew has been renamed to /service/<service_id>/api-key /service/<service_id>/api-key now creates a token and no longer expires the existing api key. Moved test for this endpoint to it's own file.
2016-01-20 10:57:46 +00:00
assert response.status_code == 200
Fix all other dependant classes that are affected by the DAO / Service / Model changes
2016-02-19 15:54:11 +00:00
def test_authentication_passes_when_service_has_multiple_keys_some_expired(
notify_api,
notify_db,
notify_db_session,
sample_api_key):
Allow services to have multiple api keys. /service/<service_id>/api-key/renew has been renamed to /service/<service_id>/api-key /service/<service_id>/api-key now creates a token and no longer expires the existing api key. Moved test for this endpoint to it's own file.
2016-01-20 10:57:46 +00:00
with notify_api.test_request_context():
with notify_api.test_client() as client:
Added version history to api keys. This needed a bit of change to create history to handle foreign keys better. There may yet be a better way of doing this that I have not found yet in sqlalchemy docs.
2016-04-20 17:25:20 +01:00
expired_key_data = {'service': sample_api_key.service,
'name': 'expired_key',
Update now to utcnow. All tests passing.
2016-05-11 10:56:24 +01:00
'expiry_date': datetime.utcnow(),
add new key_type table * single-column static data table that currently contains two types: 'normal' and 'team' * key_type foreign-keyed from api_keys - must be not null - existing rows set to 'normal' * key_type foreign-keyed from notifications - nullable - existing rows set to null * api_key foreign-keyed from notifications - nullable - existing rows set to null
2016-06-23 16:45:20 +01:00
'created_by': sample_api_key.created_by,
'key_type': KEY_TYPE_NORMAL
Added version history to api keys. This needed a bit of change to create history to handle foreign keys better. There may yet be a better way of doing this that I have not found yet in sqlalchemy docs.
2016-04-20 17:25:20 +01:00
}
expired_key = ApiKey(**expired_key_data)
save_model_api_key(expired_key)
another_key = {'service': sample_api_key.service,
'name': 'another_key',
add new key_type table * single-column static data table that currently contains two types: 'normal' and 'team' * key_type foreign-keyed from api_keys - must be not null - existing rows set to 'normal' * key_type foreign-keyed from notifications - nullable - existing rows set to null * api_key foreign-keyed from notifications - nullable - existing rows set to null
2016-06-23 16:45:20 +01:00
'created_by': sample_api_key.created_by,
'key_type': KEY_TYPE_NORMAL
Added version history to api keys. This needed a bit of change to create history to handle foreign keys better. There may yet be a better way of doing this that I have not found yet in sqlalchemy docs.
2016-04-20 17:25:20 +01:00
}
Allow services to have multiple api keys. /service/<service_id>/api-key/renew has been renamed to /service/<service_id>/api-key /service/<service_id>/api-key now creates a token and no longer expires the existing api key. Moved test for this endpoint to it's own file.
2016-01-20 10:57:46 +00:00
api_key = ApiKey(**another_key)
save_model_api_key(api_key)
Fix all other dependant classes that are affected by the DAO / Service / Model changes
2016-02-19 15:54:11 +00:00
token = create_jwt_token(
secret=get_unsigned_secret(api_key.id),
client_id=str(sample_api_key.service_id))
response = client.get(
'/service',
headers={'Authorization': 'Bearer {}'.format(token)})
Allow services to have multiple api keys. /service/<service_id>/api-key/renew has been renamed to /service/<service_id>/api-key /service/<service_id>/api-key now creates a token and no longer expires the existing api key. Moved test for this endpoint to it's own file.
2016-01-20 10:57:46 +00:00
assert response.status_code == 200
def test_authentication_returns_token_expired_when_service_uses_expired_key_and_has_multiple_keys(notify_api,
notify_db,
notify_db_session,
sample_api_key):
with notify_api.test_request_context():
with notify_api.test_client() as client:
Added version history to api keys. This needed a bit of change to create history to handle foreign keys better. There may yet be a better way of doing this that I have not found yet in sqlalchemy docs.
2016-04-20 17:25:20 +01:00
expired_key = {'service': sample_api_key.service,
'name': 'expired_key',
add new key_type table * single-column static data table that currently contains two types: 'normal' and 'team' * key_type foreign-keyed from api_keys - must be not null - existing rows set to 'normal' * key_type foreign-keyed from notifications - nullable - existing rows set to null * api_key foreign-keyed from notifications - nullable - existing rows set to null
2016-06-23 16:45:20 +01:00
'created_by': sample_api_key.created_by,
'key_type': KEY_TYPE_NORMAL
Added version history to api keys. This needed a bit of change to create history to handle foreign keys better. There may yet be a better way of doing this that I have not found yet in sqlalchemy docs.
2016-04-20 17:25:20 +01:00
}
Allow services to have multiple api keys. /service/<service_id>/api-key/renew has been renamed to /service/<service_id>/api-key /service/<service_id>/api-key now creates a token and no longer expires the existing api key. Moved test for this endpoint to it's own file.
2016-01-20 10:57:46 +00:00
expired_api_key = ApiKey(**expired_key)
save_model_api_key(expired_api_key)
Added version history to api keys. This needed a bit of change to create history to handle foreign keys better. There may yet be a better way of doing this that I have not found yet in sqlalchemy docs.
2016-04-20 17:25:20 +01:00
another_key = {'service': sample_api_key.service,
'name': 'another_key',
add new key_type table * single-column static data table that currently contains two types: 'normal' and 'team' * key_type foreign-keyed from api_keys - must be not null - existing rows set to 'normal' * key_type foreign-keyed from notifications - nullable - existing rows set to null * api_key foreign-keyed from notifications - nullable - existing rows set to null
2016-06-23 16:45:20 +01:00
'created_by': sample_api_key.created_by,
'key_type': KEY_TYPE_NORMAL
Added version history to api keys. This needed a bit of change to create history to handle foreign keys better. There may yet be a better way of doing this that I have not found yet in sqlalchemy docs.
2016-04-20 17:25:20 +01:00
}
Allow services to have multiple api keys. /service/<service_id>/api-key/renew has been renamed to /service/<service_id>/api-key /service/<service_id>/api-key now creates a token and no longer expires the existing api key. Moved test for this endpoint to it's own file.
2016-01-20 10:57:46 +00:00
api_key = ApiKey(**another_key)
save_model_api_key(api_key)
Fix all other dependant classes that are affected by the DAO / Service / Model changes
2016-02-19 15:54:11 +00:00
token = create_jwt_token(
secret=get_unsigned_secret(expired_api_key.id),
client_id=str(sample_api_key.service_id))
Refactor the api_key_dao. The only update we should be doing to an api key is to expire/revoke the api key. Removed the update_dict from the the save method. Added an expire_api_key method that only updates the api key with an expiry date.
2016-06-22 15:27:28 +01:00
expire_api_key(service_id=sample_api_key.service_id, api_key_id=expired_api_key.id)
Fix all other dependant classes that are affected by the DAO / Service / Model changes
2016-02-19 15:54:11 +00:00
response = client.get(
'/service',
headers={'Authorization': 'Bearer {}'.format(token)})
Allow services to have multiple api keys. /service/<service_id>/api-key/renew has been renamed to /service/<service_id>/api-key /service/<service_id>/api-key now creates a token and no longer expires the existing api key. Moved test for this endpoint to it's own file.
2016-01-20 10:57:46 +00:00
assert response.status_code == 403
data = json.loads(response.get_data())
Rewrite authentication error messages more English
2016-09-16 08:45:48 +01:00
assert data['message'] == {"token": ['Invalid token: API key revoked']}
Allow services to have multiple api keys. /service/<service_id>/api-key/renew has been renamed to /service/<service_id>/api-key /service/<service_id>/api-key now creates a token and no longer expires the existing api key. Moved test for this endpoint to it's own file.
2016-01-20 10:57:46 +00:00
refactored the requires_auth handler to raise exceptions hopefully cleans up code flow and readability [a tiny bit]. raise an AuthException in auth.py, and catch it in errors.py to save on returning error_repsonse values throughout the function
2016-06-29 17:37:20 +01:00
def test_authentication_returns_error_when_admin_client_has_no_secrets(notify_api,
Improve the error message when the service id is not the right data type. Improve the error message is the api key is not valid.
2016-09-23 11:07:49 +01:00
sample_service):
Added a test for the case when there is no secret for the api client. Fix codestyle
2016-02-08 11:29:53 +00:00
with notify_api.test_request_context():
with notify_api.test_client() as client:
api_secret = notify_api.config.get('ADMIN_CLIENT_SECRET')
Fix all other dependant classes that are affected by the DAO / Service / Model changes
2016-02-19 15:54:11 +00:00
token = create_jwt_token(
secret=api_secret,
client_id=notify_api.config.get('ADMIN_CLIENT_USER_NAME')
)
Added a test for the case when there is no secret for the api client. Fix codestyle
2016-02-08 11:29:53 +00:00
notify_api.config['ADMIN_CLIENT_SECRET'] = ''
Fix all other dependant classes that are affected by the DAO / Service / Model changes
2016-02-19 15:54:11 +00:00
response = client.get(
'/service',
headers={'Authorization': 'Bearer {}'.format(token)})
Added a test for the case when there is no secret for the api client. Fix codestyle
2016-02-08 11:29:53 +00:00
assert response.status_code == 403
error_message = json.loads(response.get_data())
Update auth module to return consistently formed error messages. We are trying to get all the error messages to return in the following format: {result: error, message: ['what caused error': 'reason for error'] }
2016-06-17 14:22:58 +01:00
assert error_message['message'] == {"token": ['Invalid token: signature']}
Added a test for the case when there is no secret for the api client. Fix codestyle
2016-02-08 11:29:53 +00:00
notify_api.config['ADMIN_CLIENT_SECRET'] = api_secret
Add a test for auth-ing with non-existant service If you create a token signed with a service ID that doesn’t exist, you will get an error (as you should). However we didn’t have a test that explicitly checks for this. This commit adds one.
2016-09-16 08:36:44 +01:00
def test_authentication_returns_error_when_service_doesnt_exit(
notify_api,
Improve the error message when the service id is not the right data type. Improve the error message is the api key is not valid.
2016-09-23 11:07:49 +01:00
sample_api_key
Add a test for auth-ing with non-existant service If you create a token signed with a service ID that doesn’t exist, you will get an error (as you should). However we didn’t have a test that explicitly checks for this. This commit adds one.
2016-09-16 08:36:44 +01:00
):
with notify_api.test_request_context(), notify_api.test_client() as client:
# get service ID and secret the wrong way around
token = create_jwt_token(
Improve the error message when the service id is not the right data type. Improve the error message is the api key is not valid.
2016-09-23 11:07:49 +01:00
secret=str(sample_api_key.service_id),
client_id=str(sample_api_key.id))
Add a test for auth-ing with non-existant service If you create a token signed with a service ID that doesn’t exist, you will get an error (as you should). However we didn’t have a test that explicitly checks for this. This commit adds one.
2016-09-16 08:36:44 +01:00
response = client.get(
'/service',
headers={'Authorization': 'Bearer {}'.format(token)}
)
assert response.status_code == 403
error_message = json.loads(response.get_data())
Give specifc error when service doesn’t exist If you sign a token with a service ID that doesn’t exist (say, for example, that you get service ID and API key mixed up) then you get an error saying that “no API keys exist for the service”. This is wrong because the service doesn’t even exist. This commit adds: - code to check if the service does exist - a specific error message for this case The check does mean an extra database call to look up the service. However this only happens _after_ looping through all the API keys. So it shouldn’t have a performance implication for anyone using a valid API key.
2016-09-16 08:44:08 +01:00
assert error_message['message'] == {'token': ['Invalid token: service not found']}
Add a test for auth-ing with non-existant service If you create a token signed with a service ID that doesn’t exist, you will get an error (as you should). However we didn’t have a test that explicitly checks for this. This commit adds one.
2016-09-16 08:36:44 +01:00
This pull request fixes a bug in authentication. If the service does not have any api keys, there would be an error but it was not formed well.
2016-04-29 09:54:40 +01:00
def test_authentication_returns_error_when_service_has_no_secrets(notify_api,
Update to test as per review comments. However, I am curious if there is evidence that using fake_uuid over creating one in the test is actually faster.
2016-04-29 14:36:10 +01:00
sample_service,
fake_uuid):
This pull request fixes a bug in authentication. If the service does not have any api keys, there would be an error but it was not formed well.
2016-04-29 09:54:40 +01:00
with notify_api.test_request_context():
with notify_api.test_client() as client:
token = create_jwt_token(
Update to test as per review comments. However, I am curious if there is evidence that using fake_uuid over creating one in the test is actually faster.
2016-04-29 14:36:10 +01:00
secret=fake_uuid,
This pull request fixes a bug in authentication. If the service does not have any api keys, there would be an error but it was not formed well.
2016-04-29 09:54:40 +01:00
client_id=str(sample_service.id))
response = client.get(
'/service',
headers={'Authorization': 'Bearer {}'.format(token)})
assert response.status_code == 403
error_message = json.loads(response.get_data())
Rewrite authentication error messages more English
2016-09-16 08:45:48 +01:00
assert error_message['message'] == {'token': ['Invalid token: service has no API keys']}
This pull request fixes a bug in authentication. If the service does not have any api keys, there would be an error but it was not formed well.
2016-04-29 09:54:40 +01:00
Fix bug with expired token error response
2016-07-22 15:10:37 +01:00
def test_should_attach_the_current_api_key_to_current_app(notify_api, sample_service, sample_api_key):
with notify_api.test_request_context() as context, notify_api.test_client() as client:
with pytest.raises(AttributeError):
print(api_user)
token = __create_get_token(sample_api_key.service_id)
response = client.get(
'/service/{}'.format(str(sample_api_key.service_id)),
headers={'Authorization': 'Bearer {}'.format(token)}
)
assert response.status_code == 200
assert api_user == sample_api_key
def test_should_return_403_when_token_is_expired(notify_api,
sample_api_key):
with notify_api.test_request_context():
with notify_api.test_client() as client:
with freeze_time('2001-01-01T12:00:00'):
token = __create_get_token(sample_api_key.service_id)
with freeze_time('2001-01-01T12:00:40'):
response = client.get(
'/service',
headers={'Authorization': 'Bearer {}'.format(token)})
assert response.status_code == 403
error_message = json.loads(response.get_data())
assert error_message['message'] == {'token': ['Invalid token: expired']}
Added authorization headers for all requests
2016-01-15 16:22:03 +00:00
def __create_get_token(service_id):
Fix the user url. Add test for authentication to test paths with path params
2016-01-22 09:59:02 +00:00
if service_id:
Update python client to version 1.0.0. This version of the client removed the request method, path and body from the encode and decode methods. The biggest changes here is to the unit tests.
2016-05-04 16:08:23 +01:00
return create_jwt_token(secret=get_unsigned_secrets(service_id)[0],
Change services.id to a UUID Ideally all the primary keys in the db would be UUID in order to guarantee unique ids across distributed dbs. This updates the services.id to a UUID. All the tables with a foreign key to the services.id are also updated. The endpoints no longer state a data type of the <service_id> path param. All the tests are updated to reflect this update. The thing to pay attention to is the 0011_uuid_service_id.py migration script. This commit must go with a commit on the notifications_admin app to keep things working. There will be a small outage until both deploys have happened.
2016-02-02 14:16:08 +00:00
client_id=str(service_id))
Fix the user url. Add test for authentication to test paths with path params
2016-01-22 09:59:02 +00:00
else:
Update python client to version 1.0.0. This version of the client removed the request method, path and body from the encode and decode methods. The biggest changes here is to the unit tests.
2016-05-04 16:08:23 +01:00
return create_jwt_token(secret=get_unsigned_secrets(service_id)[0],
Fix the user url. Add test for authentication to test paths with path params
2016-01-22 09:59:02 +00:00
client_id=service_id)
Added authorization headers for all requests
2016-01-15 16:22:03 +00:00
def __create_post_token(service_id, request_body):
return create_jwt_token(
Allow for multiple api keys for a service.
2016-01-19 18:25:21 +00:00
secret=get_unsigned_secrets(service_id)[0],
Update python client to version 1.0.0. This version of the client removed the request method, path and body from the encode and decode methods. The biggest changes here is to the unit tests.
2016-05-04 16:08:23 +01:00
client_id=str(service_id)
Added authorization headers for all requests
2016-01-15 16:22:03 +00:00
)
Reference in New Issue Copy Permalink