2022-06-29 17:39:46 +00:00
|
|
|
# pylint: disable=redefined-outer-name
|
|
|
|
# pylint: disable=unused-argument
|
|
|
|
# pylint: disable=missing-function-docstring
|
2023-01-04 16:58:27 +00:00
|
|
|
from tests.common import (
|
|
|
|
RECOVERY_KEY_VALIDATION_DATETIME,
|
|
|
|
DEVICE_KEY_VALIDATION_DATETIME,
|
|
|
|
NearFuture,
|
|
|
|
generate_api_query
|
|
|
|
)
|
2023-01-04 12:31:24 +00:00
|
|
|
from tests.conftest import DEVICE_WE_AUTH_TESTS_WITH, TOKENS_FILE_CONTENTS
|
2022-06-29 17:39:46 +00:00
|
|
|
|
2023-01-04 13:18:38 +00:00
|
|
|
ORIGINAL_DEVICES = TOKENS_FILE_CONTENTS["tokens"]
|
|
|
|
|
2022-06-29 17:39:46 +00:00
|
|
|
API_DEVICES_QUERY = """
|
|
|
|
devices {
|
|
|
|
creationDate
|
|
|
|
isCaller
|
|
|
|
name
|
|
|
|
}
|
|
|
|
"""
|
|
|
|
|
2022-07-07 13:53:19 +00:00
|
|
|
|
2023-01-04 13:18:38 +00:00
|
|
|
def graphql_get_devices(client):
|
2023-01-04 12:31:24 +00:00
|
|
|
response = client.post(
|
2022-06-29 17:39:46 +00:00
|
|
|
"/graphql",
|
2022-07-07 13:53:19 +00:00
|
|
|
json={"query": generate_api_query([API_DEVICES_QUERY])},
|
2022-06-29 17:39:46 +00:00
|
|
|
)
|
2023-01-04 14:22:14 +00:00
|
|
|
data = assert_data(response)
|
|
|
|
devices = data["api"]["devices"]
|
2023-01-04 12:31:24 +00:00
|
|
|
assert devices is not None
|
2023-01-04 13:18:38 +00:00
|
|
|
return devices
|
|
|
|
|
|
|
|
|
2023-01-04 15:37:48 +00:00
|
|
|
def graphql_get_caller_token_info(client):
|
|
|
|
devices = graphql_get_devices(client)
|
|
|
|
for device in devices:
|
|
|
|
if device["isCaller"] is True:
|
|
|
|
return device
|
|
|
|
|
|
|
|
|
2023-01-04 13:18:38 +00:00
|
|
|
def assert_same(graphql_devices, abstract_devices):
|
|
|
|
"""Orderless comparison"""
|
|
|
|
assert len(graphql_devices) == len(abstract_devices)
|
|
|
|
for original_device in abstract_devices:
|
|
|
|
assert original_device["name"] in [device["name"] for device in graphql_devices]
|
|
|
|
for device in graphql_devices:
|
2023-01-04 12:31:24 +00:00
|
|
|
if device["name"] == original_device["name"]:
|
|
|
|
assert device["creationDate"] == original_device["date"].isoformat()
|
|
|
|
|
|
|
|
|
2023-01-04 13:18:38 +00:00
|
|
|
def assert_original(client):
|
|
|
|
devices = graphql_get_devices(client)
|
|
|
|
assert_same(devices, ORIGINAL_DEVICES)
|
|
|
|
|
|
|
|
for device in devices:
|
|
|
|
if device["name"] == DEVICE_WE_AUTH_TESTS_WITH["name"]:
|
|
|
|
assert device["isCaller"] is True
|
|
|
|
else:
|
|
|
|
assert device["isCaller"] is False
|
|
|
|
|
|
|
|
|
2023-01-04 14:01:23 +00:00
|
|
|
def assert_ok(response, request):
|
2023-01-04 14:22:14 +00:00
|
|
|
data = assert_data(response)
|
|
|
|
data[request]["success"] is True
|
|
|
|
data[request]["message"] is not None
|
|
|
|
data[request]["code"] == 200
|
2023-01-04 14:01:23 +00:00
|
|
|
|
|
|
|
|
|
|
|
def assert_errorcode(response, request, code):
|
2023-01-04 14:22:14 +00:00
|
|
|
data = assert_data(response)
|
|
|
|
data[request]["success"] is False
|
|
|
|
data[request]["message"] is not None
|
|
|
|
data[request]["code"] == code
|
2023-01-04 14:01:23 +00:00
|
|
|
|
|
|
|
|
2023-01-04 14:15:12 +00:00
|
|
|
def assert_empty(response):
|
|
|
|
assert response.status_code == 200
|
|
|
|
assert response.json().get("data") is None
|
|
|
|
|
|
|
|
|
2023-01-04 14:22:14 +00:00
|
|
|
def assert_data(response):
|
|
|
|
assert response.status_code == 200
|
|
|
|
data = response.json().get("data")
|
|
|
|
assert data is not None
|
|
|
|
return data
|
|
|
|
|
|
|
|
|
2023-01-04 15:37:48 +00:00
|
|
|
def set_client_token(client, token):
|
|
|
|
client.headers.update({"Authorization": "Bearer " + token})
|
|
|
|
|
|
|
|
|
|
|
|
def assert_token_valid(client, token):
|
|
|
|
set_client_token(client, token)
|
|
|
|
assert graphql_get_devices(client) is not None
|
|
|
|
|
|
|
|
|
2023-01-04 16:08:40 +00:00
|
|
|
def graphql_get_new_device_key(authorized_client) -> str:
|
|
|
|
response = authorized_client.post(
|
|
|
|
"/graphql",
|
|
|
|
json={"query": NEW_DEVICE_KEY_MUTATION},
|
|
|
|
)
|
|
|
|
assert_ok(response, "getNewDeviceApiKey")
|
|
|
|
|
|
|
|
key = response.json()["data"]["getNewDeviceApiKey"]["key"]
|
|
|
|
assert key.split(" ").__len__() == 12
|
|
|
|
return key
|
|
|
|
|
|
|
|
|
|
|
|
def graphql_try_auth_new_device(client, mnemonic_key, device_name):
|
|
|
|
return client.post(
|
|
|
|
"/graphql",
|
|
|
|
json={
|
|
|
|
"query": AUTHORIZE_WITH_NEW_DEVICE_KEY_MUTATION,
|
|
|
|
"variables": {
|
|
|
|
"input": {
|
|
|
|
"key": mnemonic_key,
|
|
|
|
"deviceName": device_name,
|
|
|
|
}
|
|
|
|
},
|
|
|
|
},
|
|
|
|
)
|
|
|
|
|
|
|
|
|
2023-01-04 16:26:59 +00:00
|
|
|
def graphql_authorize_new_device(client, mnemonic_key, device_name) -> str:
|
|
|
|
response = graphql_try_auth_new_device(client, mnemonic_key, "new_device")
|
|
|
|
assert_ok(response, "authorizeWithNewDeviceApiKey")
|
|
|
|
token = response.json()["data"]["authorizeWithNewDeviceApiKey"]["token"]
|
|
|
|
assert_token_valid(client, token)
|
|
|
|
|
|
|
|
|
2023-01-04 12:31:24 +00:00
|
|
|
def test_graphql_tokens_info(authorized_client, tokens_file):
|
|
|
|
assert_original(authorized_client)
|
2022-06-29 17:39:46 +00:00
|
|
|
|
2022-07-07 13:53:19 +00:00
|
|
|
|
2022-06-29 17:39:46 +00:00
|
|
|
def test_graphql_tokens_info_unauthorized(client, tokens_file):
|
2022-08-25 17:03:56 +00:00
|
|
|
response = client.post(
|
2022-06-29 17:39:46 +00:00
|
|
|
"/graphql",
|
2022-07-07 13:53:19 +00:00
|
|
|
json={"query": generate_api_query([API_DEVICES_QUERY])},
|
2022-06-29 17:39:46 +00:00
|
|
|
)
|
2023-01-04 14:15:12 +00:00
|
|
|
assert_empty(response)
|
2022-06-29 17:39:46 +00:00
|
|
|
|
2022-07-07 13:53:19 +00:00
|
|
|
|
2022-06-29 17:39:46 +00:00
|
|
|
DELETE_TOKEN_MUTATION = """
|
|
|
|
mutation DeleteToken($device: String!) {
|
|
|
|
deleteDeviceApiToken(device: $device) {
|
|
|
|
success
|
|
|
|
message
|
|
|
|
code
|
|
|
|
}
|
|
|
|
}
|
|
|
|
"""
|
|
|
|
|
2022-07-07 13:53:19 +00:00
|
|
|
|
2022-06-29 17:39:46 +00:00
|
|
|
def test_graphql_delete_token_unauthorized(client, tokens_file):
|
|
|
|
response = client.post(
|
|
|
|
"/graphql",
|
|
|
|
json={
|
|
|
|
"query": DELETE_TOKEN_MUTATION,
|
|
|
|
"variables": {
|
|
|
|
"device": "test_token",
|
|
|
|
},
|
|
|
|
},
|
|
|
|
)
|
2023-01-04 14:15:12 +00:00
|
|
|
assert_empty(response)
|
2022-06-29 17:39:46 +00:00
|
|
|
|
2022-07-07 13:53:19 +00:00
|
|
|
|
2022-06-29 17:39:46 +00:00
|
|
|
def test_graphql_delete_token(authorized_client, tokens_file):
|
2023-01-04 13:18:38 +00:00
|
|
|
test_devices = ORIGINAL_DEVICES.copy()
|
|
|
|
device_to_delete = test_devices.pop(1)
|
|
|
|
assert device_to_delete != DEVICE_WE_AUTH_TESTS_WITH
|
|
|
|
|
2022-06-29 17:39:46 +00:00
|
|
|
response = authorized_client.post(
|
|
|
|
"/graphql",
|
|
|
|
json={
|
|
|
|
"query": DELETE_TOKEN_MUTATION,
|
|
|
|
"variables": {
|
2023-01-04 13:18:38 +00:00
|
|
|
"device": device_to_delete["name"],
|
2022-06-29 17:39:46 +00:00
|
|
|
},
|
|
|
|
},
|
|
|
|
)
|
2023-01-04 14:01:23 +00:00
|
|
|
assert_ok(response, "deleteDeviceApiToken")
|
2023-01-04 13:18:38 +00:00
|
|
|
|
|
|
|
devices = graphql_get_devices(authorized_client)
|
|
|
|
assert_same(devices, test_devices)
|
2022-06-29 17:39:46 +00:00
|
|
|
|
2022-07-07 13:53:19 +00:00
|
|
|
|
2022-06-29 17:39:46 +00:00
|
|
|
def test_graphql_delete_self_token(authorized_client, tokens_file):
|
|
|
|
response = authorized_client.post(
|
|
|
|
"/graphql",
|
|
|
|
json={
|
|
|
|
"query": DELETE_TOKEN_MUTATION,
|
|
|
|
"variables": {
|
2023-01-04 15:08:15 +00:00
|
|
|
"device": DEVICE_WE_AUTH_TESTS_WITH["name"],
|
2022-06-29 17:39:46 +00:00
|
|
|
},
|
|
|
|
},
|
|
|
|
)
|
2023-01-04 14:01:23 +00:00
|
|
|
assert_errorcode(response, "deleteDeviceApiToken", 400)
|
2023-01-04 12:31:24 +00:00
|
|
|
assert_original(authorized_client)
|
2022-06-29 17:39:46 +00:00
|
|
|
|
2022-07-07 13:53:19 +00:00
|
|
|
|
2022-06-29 17:39:46 +00:00
|
|
|
def test_graphql_delete_nonexistent_token(authorized_client, tokens_file):
|
|
|
|
response = authorized_client.post(
|
|
|
|
"/graphql",
|
|
|
|
json={
|
|
|
|
"query": DELETE_TOKEN_MUTATION,
|
|
|
|
"variables": {
|
|
|
|
"device": "test_token3",
|
|
|
|
},
|
|
|
|
},
|
|
|
|
)
|
2023-01-04 15:05:01 +00:00
|
|
|
assert_errorcode(response, "deleteDeviceApiToken", 404)
|
|
|
|
|
2023-01-04 12:31:24 +00:00
|
|
|
assert_original(authorized_client)
|
2022-06-29 17:39:46 +00:00
|
|
|
|
2022-07-07 13:53:19 +00:00
|
|
|
|
2022-06-29 17:39:46 +00:00
|
|
|
REFRESH_TOKEN_MUTATION = """
|
|
|
|
mutation RefreshToken {
|
|
|
|
refreshDeviceApiToken {
|
|
|
|
success
|
|
|
|
message
|
|
|
|
code
|
2022-07-05 12:11:41 +00:00
|
|
|
token
|
2022-06-29 17:39:46 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
"""
|
|
|
|
|
2022-07-07 13:53:19 +00:00
|
|
|
|
2022-06-29 17:39:46 +00:00
|
|
|
def test_graphql_refresh_token_unauthorized(client, tokens_file):
|
|
|
|
response = client.post(
|
|
|
|
"/graphql",
|
2022-07-07 13:53:19 +00:00
|
|
|
json={"query": REFRESH_TOKEN_MUTATION},
|
2022-06-29 17:39:46 +00:00
|
|
|
)
|
2023-01-04 14:15:12 +00:00
|
|
|
assert_empty(response)
|
2022-06-29 17:39:46 +00:00
|
|
|
|
2022-07-07 13:53:19 +00:00
|
|
|
|
2023-01-04 15:37:48 +00:00
|
|
|
def test_graphql_refresh_token(authorized_client, client, tokens_file):
|
|
|
|
caller_name_and_date = graphql_get_caller_token_info(authorized_client)
|
2022-06-29 17:39:46 +00:00
|
|
|
response = authorized_client.post(
|
|
|
|
"/graphql",
|
2022-07-07 13:53:19 +00:00
|
|
|
json={"query": REFRESH_TOKEN_MUTATION},
|
2022-06-29 17:39:46 +00:00
|
|
|
)
|
2023-01-04 15:05:01 +00:00
|
|
|
assert_ok(response, "refreshDeviceApiToken")
|
|
|
|
|
2023-01-04 15:37:48 +00:00
|
|
|
new_token = response.json()["data"]["refreshDeviceApiToken"]["token"]
|
|
|
|
assert_token_valid(client, new_token)
|
|
|
|
|
|
|
|
set_client_token(client, new_token)
|
|
|
|
assert graphql_get_caller_token_info(client) == caller_name_and_date
|
2022-06-29 17:39:46 +00:00
|
|
|
|
2022-07-07 13:53:19 +00:00
|
|
|
|
2022-06-29 17:39:46 +00:00
|
|
|
NEW_DEVICE_KEY_MUTATION = """
|
|
|
|
mutation NewDeviceKey {
|
|
|
|
getNewDeviceApiKey {
|
|
|
|
success
|
|
|
|
message
|
|
|
|
code
|
|
|
|
key
|
|
|
|
}
|
|
|
|
}
|
|
|
|
"""
|
|
|
|
|
2022-07-07 13:53:19 +00:00
|
|
|
|
2022-06-29 17:39:46 +00:00
|
|
|
def test_graphql_get_new_device_auth_key_unauthorized(client, tokens_file):
|
|
|
|
response = client.post(
|
|
|
|
"/graphql",
|
2022-07-07 13:53:19 +00:00
|
|
|
json={"query": NEW_DEVICE_KEY_MUTATION},
|
2022-06-29 17:39:46 +00:00
|
|
|
)
|
2023-01-04 14:15:12 +00:00
|
|
|
assert_empty(response)
|
2022-06-29 17:39:46 +00:00
|
|
|
|
2022-07-07 13:53:19 +00:00
|
|
|
|
2022-06-29 17:39:46 +00:00
|
|
|
INVALIDATE_NEW_DEVICE_KEY_MUTATION = """
|
|
|
|
mutation InvalidateNewDeviceKey {
|
|
|
|
invalidateNewDeviceApiKey {
|
|
|
|
success
|
|
|
|
message
|
|
|
|
code
|
|
|
|
}
|
|
|
|
}
|
|
|
|
"""
|
|
|
|
|
2022-07-07 13:53:19 +00:00
|
|
|
|
2022-06-29 17:39:46 +00:00
|
|
|
def test_graphql_invalidate_new_device_token_unauthorized(client, tokens_file):
|
|
|
|
response = client.post(
|
|
|
|
"/graphql",
|
|
|
|
json={
|
|
|
|
"query": DELETE_TOKEN_MUTATION,
|
|
|
|
"variables": {
|
|
|
|
"device": "test_token",
|
|
|
|
},
|
|
|
|
},
|
|
|
|
)
|
2023-01-04 14:15:12 +00:00
|
|
|
assert_empty(response)
|
2022-06-29 17:39:46 +00:00
|
|
|
|
2022-07-07 13:53:19 +00:00
|
|
|
|
2023-01-04 16:08:40 +00:00
|
|
|
def test_graphql_get_and_delete_new_device_key(client, authorized_client, tokens_file):
|
|
|
|
mnemonic_key = graphql_get_new_device_key(authorized_client)
|
2023-01-04 15:05:01 +00:00
|
|
|
|
2022-06-29 17:39:46 +00:00
|
|
|
response = authorized_client.post(
|
|
|
|
"/graphql",
|
2022-07-07 13:53:19 +00:00
|
|
|
json={"query": INVALIDATE_NEW_DEVICE_KEY_MUTATION},
|
2022-06-29 17:39:46 +00:00
|
|
|
)
|
2023-01-04 15:05:01 +00:00
|
|
|
assert_ok(response, "invalidateNewDeviceApiKey")
|
2023-01-04 16:08:40 +00:00
|
|
|
|
|
|
|
response = graphql_try_auth_new_device(client, mnemonic_key, "new_device")
|
|
|
|
assert_errorcode(response, "authorizeWithNewDeviceApiKey", 404)
|
2022-06-29 17:39:46 +00:00
|
|
|
|
2022-07-07 13:53:19 +00:00
|
|
|
|
2022-06-29 17:39:46 +00:00
|
|
|
AUTHORIZE_WITH_NEW_DEVICE_KEY_MUTATION = """
|
|
|
|
mutation AuthorizeWithNewDeviceKey($input: UseNewDeviceKeyInput!) {
|
2022-07-05 12:11:41 +00:00
|
|
|
authorizeWithNewDeviceApiKey(input: $input) {
|
2022-06-29 17:39:46 +00:00
|
|
|
success
|
|
|
|
message
|
|
|
|
code
|
|
|
|
token
|
|
|
|
}
|
|
|
|
}
|
|
|
|
"""
|
|
|
|
|
2022-07-07 13:53:19 +00:00
|
|
|
|
2022-06-29 17:39:46 +00:00
|
|
|
def test_graphql_get_and_authorize_new_device(client, authorized_client, tokens_file):
|
2023-01-04 16:26:59 +00:00
|
|
|
mnemonic_key = graphql_get_new_device_key(authorized_client)
|
|
|
|
old_devices = graphql_get_devices(authorized_client)
|
2023-01-04 15:05:01 +00:00
|
|
|
|
2023-01-04 16:26:59 +00:00
|
|
|
graphql_authorize_new_device(client, mnemonic_key, "new_device")
|
|
|
|
new_devices = graphql_get_devices(authorized_client)
|
2023-01-04 15:05:01 +00:00
|
|
|
|
2023-01-04 16:26:59 +00:00
|
|
|
assert len(new_devices) == len(old_devices) + 1
|
|
|
|
assert "new_device" in [device["name"] for device in new_devices]
|
2022-06-29 17:39:46 +00:00
|
|
|
|
2022-07-07 13:53:19 +00:00
|
|
|
|
2023-01-04 12:31:24 +00:00
|
|
|
def test_graphql_authorize_new_device_with_invalid_key(
|
|
|
|
client, authorized_client, tokens_file
|
|
|
|
):
|
2023-01-04 16:42:50 +00:00
|
|
|
response = graphql_try_auth_new_device(client, "invalid_token", "new_device")
|
2023-01-04 15:05:01 +00:00
|
|
|
assert_errorcode(response, "authorizeWithNewDeviceApiKey", 404)
|
2023-01-04 16:42:50 +00:00
|
|
|
|
2023-01-04 12:31:24 +00:00
|
|
|
assert_original(authorized_client)
|
2022-06-29 17:39:46 +00:00
|
|
|
|
2022-07-07 13:53:19 +00:00
|
|
|
|
2022-06-29 17:39:46 +00:00
|
|
|
def test_graphql_get_and_authorize_used_key(client, authorized_client, tokens_file):
|
2023-01-04 16:37:27 +00:00
|
|
|
mnemonic_key = graphql_get_new_device_key(authorized_client)
|
2023-01-04 15:05:01 +00:00
|
|
|
|
2023-01-04 16:37:27 +00:00
|
|
|
graphql_authorize_new_device(client, mnemonic_key, "new_device")
|
|
|
|
devices = graphql_get_devices(authorized_client)
|
2022-07-05 12:11:41 +00:00
|
|
|
|
2023-01-04 16:37:27 +00:00
|
|
|
response = graphql_try_auth_new_device(client, mnemonic_key, "new_device2")
|
2023-01-04 15:05:01 +00:00
|
|
|
assert_errorcode(response, "authorizeWithNewDeviceApiKey", 404)
|
2023-01-04 16:37:27 +00:00
|
|
|
|
|
|
|
assert graphql_get_devices(authorized_client) == devices
|
2022-06-29 17:39:46 +00:00
|
|
|
|
2022-07-07 13:53:19 +00:00
|
|
|
|
|
|
|
def test_graphql_get_and_authorize_key_after_12_minutes(
|
2023-01-04 16:58:27 +00:00
|
|
|
client, authorized_client, tokens_file, mocker
|
2022-07-07 13:53:19 +00:00
|
|
|
):
|
2023-01-04 16:58:27 +00:00
|
|
|
mnemonic_key = graphql_get_new_device_key(authorized_client)
|
|
|
|
mock = mocker.patch(DEVICE_KEY_VALIDATION_DATETIME, NearFuture)
|
2022-06-29 17:39:46 +00:00
|
|
|
|
2023-01-04 16:58:27 +00:00
|
|
|
response = graphql_try_auth_new_device(client, mnemonic_key, "new_device")
|
2023-01-04 15:05:01 +00:00
|
|
|
assert_errorcode(response, "authorizeWithNewDeviceApiKey", 404)
|
2022-06-29 17:39:46 +00:00
|
|
|
|
2022-07-07 13:53:19 +00:00
|
|
|
|
2022-06-29 17:39:46 +00:00
|
|
|
def test_graphql_authorize_without_token(client, tokens_file):
|
|
|
|
response = client.post(
|
|
|
|
"/graphql",
|
|
|
|
json={
|
|
|
|
"query": AUTHORIZE_WITH_NEW_DEVICE_KEY_MUTATION,
|
|
|
|
"variables": {
|
2022-07-05 12:11:41 +00:00
|
|
|
"input": {
|
2022-06-29 17:39:46 +00:00
|
|
|
"deviceName": "test_token",
|
|
|
|
}
|
|
|
|
},
|
|
|
|
},
|
|
|
|
)
|
2023-01-04 14:15:12 +00:00
|
|
|
assert_empty(response)
|