diff --git a/app/authentication/auth.py b/app/authentication/auth.py index e4e2a057a..d6c2399b3 100644 --- a/app/authentication/auth.py +++ b/app/authentication/auth.py @@ -46,7 +46,14 @@ def requires_auth(): def fetch_client(client): - return { - "client": client, - "secret": get_unsigned_secret(client) - } + from flask import current_app + if client == current_app.config.get('ADMIN_CLIENT_USER_NAME'): + return { + "client": client, + "secret": current_app.config.get('ADMIN_CLIENT_SECRET') + } + else: + return { + "client": client, + "secret": get_unsigned_secret(client) + } diff --git a/application.py b/application.py index a9395c573..741edd91e 100644 --- a/application.py +++ b/application.py @@ -22,29 +22,5 @@ def list_routes(): print("{:10} {}".format(", ".join(rule.methods - set(['OPTIONS', 'HEAD'])), rule.rule)) -@manager.command -def create_admin_user_service(): - """ - Convience method to create a admin user and service - :return: API secret for admin service - """ - from app.models import User, Service, ApiKey - from app.dao import api_key_dao, users_dao, services_dao - from flask import current_app - - user = User(**{'email_address': current_app.config['ADMIN_USER_EMAIL_ADDRESS']}) - users_dao.save_model_user(user) - - service = Service(**{'name': 'Notify Service Admin', - 'users': [user], - 'limit': 1000, - 'active': True, - 'restricted': True}) - services_dao.save_model_service(service) - api_key = ApiKey(**{'service_id': service.id, 'name': 'Admin API KEY (temporary)'}) - api_key_dao.save_model_api_key(api_key) - print('ApiKey: {}'.format(api_key_dao.get_unsigned_secret(service.id))) - - if __name__ == '__main__': manager.run() diff --git a/config.py b/config.py index ddc78e66d..eb71f545e 100644 --- a/config.py +++ b/config.py @@ -11,6 +11,8 @@ class Config(object): SQLALCHEMY_DATABASE_URI = 'postgresql://localhost/notification_api' NOTIFY_DATA_API_URL = os.getenv('NOTIFY_API_URL', "http://localhost:6001") NOTIFY_DATA_API_AUTH_TOKEN = os.getenv('NOTIFY_API_TOKEN', "dev-token") + ADMIN_CLIENT_USER_NAME = None + ADMIN_CLIENT_SECRET = None class Development(Config): @@ -18,6 +20,8 @@ class Development(Config): SECRET_KEY = 'secret-key' DANGEROUS_SALT = 'dangerous-salt' ADMIN_USER_EMAIL_ADDRESS = 'dev-notify-admin@digital.cabinet-office.gov.uk' + ADMIN_CLIENT_USER_NAME = 'dev-notify-admin' + ADMIN_CLIENT_SECRET = 'dev-notify-secret-key' class Test(Config): @@ -25,6 +29,8 @@ class Test(Config): SQLALCHEMY_DATABASE_URI = 'postgresql://localhost/test_notification_api' SECRET_KEY = 'secret-key' DANGEROUS_SALT = 'dangerous-salt' + ADMIN_CLIENT_USER_NAME = 'dev-notify-admin' + ADMIN_CLIENT_SECRET = 'dev-notify-secret-key' class Live(Config): diff --git a/tests/__init__.py b/tests/__init__.py index cb11a2f6a..b35e397d3 100644 --- a/tests/__init__.py +++ b/tests/__init__.py @@ -1,21 +1,29 @@ +from flask import current_app from client.authentication import create_jwt_token from app.dao.api_key_dao import get_unsigned_secret -def create_authorization_header(service_id, path, method, request_body=None): +def create_authorization_header(path, method, request_body=None, service_id=None): + if service_id: + client_id = service_id + secret = get_unsigned_secret(service_id) + else: + client_id = current_app.config.get('ADMIN_CLIENT_USER_NAME') + secret = current_app.config.get('ADMIN_CLIENT_SECRET') + if request_body: token = create_jwt_token( request_method=method, request_path=path, - secret=get_unsigned_secret(service_id), - client_id=service_id, + secret=secret, + client_id=client_id, request_body=request_body) else: token = create_jwt_token(request_method=method, request_path=path, - secret=get_unsigned_secret(service_id), - client_id=service_id) + secret=secret, + client_id=client_id) return 'Authorization', 'Bearer {}'.format(token)