test(auth): fix future expiring too fast

This commit is contained in:
Houkime 2023-11-01 16:46:36 +00:00
parent 3deaeb28c5
commit a66ee2d3e5
4 changed files with 30 additions and 17 deletions

View file

@ -6,10 +6,21 @@ from mnemonic import Mnemonic
RECOVERY_KEY_VALIDATION_DATETIME = "selfprivacy_api.models.tokens.time.datetime" RECOVERY_KEY_VALIDATION_DATETIME = "selfprivacy_api.models.tokens.time.datetime"
DEVICE_KEY_VALIDATION_DATETIME = RECOVERY_KEY_VALIDATION_DATETIME DEVICE_KEY_VALIDATION_DATETIME = RECOVERY_KEY_VALIDATION_DATETIME
FIVE_MINUTES_INTO_FUTURE_NAIVE = datetime.now() + timedelta(minutes=5)
FIVE_MINUTES_INTO_FUTURE = datetime.now(timezone.utc) + timedelta(minutes=5) def five_minutes_into_future_naive():
FIVE_MINUTES_INTO_PAST_NAIVE = datetime.now() - timedelta(minutes=5) return datetime.now() + timedelta(minutes=5)
FIVE_MINUTES_INTO_PAST = datetime.now(timezone.utc) - timedelta(minutes=5)
def five_minutes_into_future():
return datetime.now(timezone.utc) + timedelta(minutes=5)
def five_minutes_into_past_naive():
return datetime.now() - timedelta(minutes=5)
def five_minutes_into_past():
return datetime.now(timezone.utc) - timedelta(minutes=5)
class NearFuture(datetime): class NearFuture(datetime):

View file

@ -10,8 +10,8 @@ from tests.common import (
) )
# Graphql API's output should be timezone-naive # Graphql API's output should be timezone-naive
from tests.common import FIVE_MINUTES_INTO_FUTURE_NAIVE as FIVE_MINUTES_INTO_FUTURE from tests.common import five_minutes_into_future_naive as five_minutes_into_future
from tests.common import FIVE_MINUTES_INTO_PAST_NAIVE as FIVE_MINUTES_INTO_PAST from tests.common import five_minutes_into_past_naive as five_minutes_into_past
from tests.test_graphql.api_common import ( from tests.test_graphql.api_common import (
assert_empty, assert_empty,
@ -161,7 +161,7 @@ def test_graphql_generate_recovery_key(client, authorized_client, tokens_file):
def test_graphql_generate_recovery_key_with_expiration_date( def test_graphql_generate_recovery_key_with_expiration_date(
client, authorized_client, tokens_file client, authorized_client, tokens_file
): ):
expiration_date = FIVE_MINUTES_INTO_FUTURE expiration_date = five_minutes_into_future()
key = graphql_make_new_recovery_key(authorized_client, expires_at=expiration_date) key = graphql_make_new_recovery_key(authorized_client, expires_at=expiration_date)
status = graphql_recovery_status(authorized_client) status = graphql_recovery_status(authorized_client)
@ -179,7 +179,7 @@ def test_graphql_generate_recovery_key_with_expiration_date(
def test_graphql_use_recovery_key_after_expiration( def test_graphql_use_recovery_key_after_expiration(
client, authorized_client, tokens_file, mocker client, authorized_client, tokens_file, mocker
): ):
expiration_date = FIVE_MINUTES_INTO_FUTURE expiration_date = five_minutes_into_future()
key = graphql_make_new_recovery_key(authorized_client, expires_at=expiration_date) key = graphql_make_new_recovery_key(authorized_client, expires_at=expiration_date)
# Timewarp to after it expires # Timewarp to after it expires
@ -201,7 +201,7 @@ def test_graphql_use_recovery_key_after_expiration(
def test_graphql_generate_recovery_key_with_expiration_in_the_past( def test_graphql_generate_recovery_key_with_expiration_in_the_past(
authorized_client, tokens_file authorized_client, tokens_file
): ):
expiration_date = FIVE_MINUTES_INTO_PAST expiration_date = five_minutes_into_past()
response = request_make_new_recovery_key( response = request_make_new_recovery_key(
authorized_client, expires_at=expiration_date authorized_client, expires_at=expiration_date
) )

View file

@ -27,7 +27,7 @@ from selfprivacy_api.repositories.tokens.abstract_tokens_repository import (
AbstractTokensRepository, AbstractTokensRepository,
) )
from tests.common import FIVE_MINUTES_INTO_PAST, FIVE_MINUTES_INTO_FUTURE from tests.common import five_minutes_into_past, five_minutes_into_future
ORIGINAL_DEVICE_NAMES = [ ORIGINAL_DEVICE_NAMES = [
@ -363,7 +363,7 @@ def test_use_mnemonic_expired_recovery_key(
some_tokens_repo, some_tokens_repo,
): ):
repo = some_tokens_repo repo = some_tokens_repo
expiration = FIVE_MINUTES_INTO_PAST expiration = five_minutes_into_past()
assert repo.create_recovery_key(uses_left=2, expiration=expiration) is not None assert repo.create_recovery_key(uses_left=2, expiration=expiration) is not None
recovery_key = repo.get_recovery_key() recovery_key = repo.get_recovery_key()
# TODO: do not ignore timezone once json backend is deleted # TODO: do not ignore timezone once json backend is deleted
@ -543,7 +543,7 @@ def test_use_mnemonic_expired_new_device_key(
some_tokens_repo, some_tokens_repo,
): ):
repo = some_tokens_repo repo = some_tokens_repo
expiration = FIVE_MINUTES_INTO_PAST expiration = five_minutes_into_past()
key = repo.get_new_device_key() key = repo.get_new_device_key()
assert key is not None assert key is not None
@ -601,5 +601,5 @@ def test_clone_json_to_redis_full(some_tokens_repo):
repo = some_tokens_repo repo = some_tokens_repo
if isinstance(repo, JsonTokensRepository): if isinstance(repo, JsonTokensRepository):
repo.get_new_device_key() repo.get_new_device_key()
repo.create_recovery_key(FIVE_MINUTES_INTO_FUTURE, 2) repo.create_recovery_key(five_minutes_into_future(), 2)
clone_to_redis(repo) clone_to_redis(repo)

View file

@ -11,8 +11,8 @@ from tests.common import (
NearFuture, NearFuture,
assert_recovery_recent, assert_recovery_recent,
) )
from tests.common import FIVE_MINUTES_INTO_FUTURE_NAIVE as FIVE_MINUTES_INTO_FUTURE from tests.common import five_minutes_into_future_naive as five_minutes_into_future
from tests.common import FIVE_MINUTES_INTO_PAST_NAIVE as FIVE_MINUTES_INTO_PAST from tests.common import five_minutes_into_past_naive as five_minutes_into_past
DATE_FORMATS = [ DATE_FORMATS = [
"%Y-%m-%dT%H:%M:%S.%fZ", "%Y-%m-%dT%H:%M:%S.%fZ",
@ -76,6 +76,8 @@ def rest_make_recovery_token(client, expires_at=None, timeformat=None, uses=None
json=json, json=json,
) )
if not response.status_code == 200:
raise ValueError(response.reason, response.text, response.json()["detail"])
assert response.status_code == 200 assert response.status_code == 200
assert "token" in response.json() assert "token" in response.json()
return response.json()["token"] return response.json()["token"]
@ -323,7 +325,7 @@ def test_generate_recovery_token_with_expiration_date(
): ):
# Generate token with expiration date # Generate token with expiration date
# Generate expiration date in the future # Generate expiration date in the future
expiration_date = FIVE_MINUTES_INTO_FUTURE expiration_date = five_minutes_into_future()
mnemonic_token = rest_make_recovery_token( mnemonic_token = rest_make_recovery_token(
authorized_client, expires_at=expiration_date, timeformat=timeformat authorized_client, expires_at=expiration_date, timeformat=timeformat
) )
@ -362,7 +364,7 @@ def test_generate_recovery_token_with_expiration_in_the_past(
authorized_client, tokens_file, timeformat authorized_client, tokens_file, timeformat
): ):
# Server must return 400 if expiration date is in the past # Server must return 400 if expiration date is in the past
expiration_date = FIVE_MINUTES_INTO_PAST expiration_date = five_minutes_into_past()
expiration_date_str = expiration_date.strftime(timeformat) expiration_date_str = expiration_date.strftime(timeformat)
response = authorized_client.post( response = authorized_client.post(
"/auth/recovery_token", "/auth/recovery_token",