mirror of
https://git.selfprivacy.org/SelfPrivacy/selfprivacy-rest-api.git
synced 2024-11-26 05:51:29 +00:00
test(auth): fix future expiring too fast
This commit is contained in:
parent
3deaeb28c5
commit
a66ee2d3e5
|
@ -6,10 +6,21 @@ from mnemonic import Mnemonic
|
||||||
RECOVERY_KEY_VALIDATION_DATETIME = "selfprivacy_api.models.tokens.time.datetime"
|
RECOVERY_KEY_VALIDATION_DATETIME = "selfprivacy_api.models.tokens.time.datetime"
|
||||||
DEVICE_KEY_VALIDATION_DATETIME = RECOVERY_KEY_VALIDATION_DATETIME
|
DEVICE_KEY_VALIDATION_DATETIME = RECOVERY_KEY_VALIDATION_DATETIME
|
||||||
|
|
||||||
FIVE_MINUTES_INTO_FUTURE_NAIVE = datetime.now() + timedelta(minutes=5)
|
|
||||||
FIVE_MINUTES_INTO_FUTURE = datetime.now(timezone.utc) + timedelta(minutes=5)
|
def five_minutes_into_future_naive():
|
||||||
FIVE_MINUTES_INTO_PAST_NAIVE = datetime.now() - timedelta(minutes=5)
|
return datetime.now() + timedelta(minutes=5)
|
||||||
FIVE_MINUTES_INTO_PAST = datetime.now(timezone.utc) - timedelta(minutes=5)
|
|
||||||
|
|
||||||
|
def five_minutes_into_future():
|
||||||
|
return datetime.now(timezone.utc) + timedelta(minutes=5)
|
||||||
|
|
||||||
|
|
||||||
|
def five_minutes_into_past_naive():
|
||||||
|
return datetime.now() - timedelta(minutes=5)
|
||||||
|
|
||||||
|
|
||||||
|
def five_minutes_into_past():
|
||||||
|
return datetime.now(timezone.utc) - timedelta(minutes=5)
|
||||||
|
|
||||||
|
|
||||||
class NearFuture(datetime):
|
class NearFuture(datetime):
|
||||||
|
|
|
@ -10,8 +10,8 @@ from tests.common import (
|
||||||
)
|
)
|
||||||
|
|
||||||
# Graphql API's output should be timezone-naive
|
# Graphql API's output should be timezone-naive
|
||||||
from tests.common import FIVE_MINUTES_INTO_FUTURE_NAIVE as FIVE_MINUTES_INTO_FUTURE
|
from tests.common import five_minutes_into_future_naive as five_minutes_into_future
|
||||||
from tests.common import FIVE_MINUTES_INTO_PAST_NAIVE as FIVE_MINUTES_INTO_PAST
|
from tests.common import five_minutes_into_past_naive as five_minutes_into_past
|
||||||
|
|
||||||
from tests.test_graphql.api_common import (
|
from tests.test_graphql.api_common import (
|
||||||
assert_empty,
|
assert_empty,
|
||||||
|
@ -161,7 +161,7 @@ def test_graphql_generate_recovery_key(client, authorized_client, tokens_file):
|
||||||
def test_graphql_generate_recovery_key_with_expiration_date(
|
def test_graphql_generate_recovery_key_with_expiration_date(
|
||||||
client, authorized_client, tokens_file
|
client, authorized_client, tokens_file
|
||||||
):
|
):
|
||||||
expiration_date = FIVE_MINUTES_INTO_FUTURE
|
expiration_date = five_minutes_into_future()
|
||||||
key = graphql_make_new_recovery_key(authorized_client, expires_at=expiration_date)
|
key = graphql_make_new_recovery_key(authorized_client, expires_at=expiration_date)
|
||||||
|
|
||||||
status = graphql_recovery_status(authorized_client)
|
status = graphql_recovery_status(authorized_client)
|
||||||
|
@ -179,7 +179,7 @@ def test_graphql_generate_recovery_key_with_expiration_date(
|
||||||
def test_graphql_use_recovery_key_after_expiration(
|
def test_graphql_use_recovery_key_after_expiration(
|
||||||
client, authorized_client, tokens_file, mocker
|
client, authorized_client, tokens_file, mocker
|
||||||
):
|
):
|
||||||
expiration_date = FIVE_MINUTES_INTO_FUTURE
|
expiration_date = five_minutes_into_future()
|
||||||
key = graphql_make_new_recovery_key(authorized_client, expires_at=expiration_date)
|
key = graphql_make_new_recovery_key(authorized_client, expires_at=expiration_date)
|
||||||
|
|
||||||
# Timewarp to after it expires
|
# Timewarp to after it expires
|
||||||
|
@ -201,7 +201,7 @@ def test_graphql_use_recovery_key_after_expiration(
|
||||||
def test_graphql_generate_recovery_key_with_expiration_in_the_past(
|
def test_graphql_generate_recovery_key_with_expiration_in_the_past(
|
||||||
authorized_client, tokens_file
|
authorized_client, tokens_file
|
||||||
):
|
):
|
||||||
expiration_date = FIVE_MINUTES_INTO_PAST
|
expiration_date = five_minutes_into_past()
|
||||||
response = request_make_new_recovery_key(
|
response = request_make_new_recovery_key(
|
||||||
authorized_client, expires_at=expiration_date
|
authorized_client, expires_at=expiration_date
|
||||||
)
|
)
|
||||||
|
|
|
@ -27,7 +27,7 @@ from selfprivacy_api.repositories.tokens.abstract_tokens_repository import (
|
||||||
AbstractTokensRepository,
|
AbstractTokensRepository,
|
||||||
)
|
)
|
||||||
|
|
||||||
from tests.common import FIVE_MINUTES_INTO_PAST, FIVE_MINUTES_INTO_FUTURE
|
from tests.common import five_minutes_into_past, five_minutes_into_future
|
||||||
|
|
||||||
|
|
||||||
ORIGINAL_DEVICE_NAMES = [
|
ORIGINAL_DEVICE_NAMES = [
|
||||||
|
@ -363,7 +363,7 @@ def test_use_mnemonic_expired_recovery_key(
|
||||||
some_tokens_repo,
|
some_tokens_repo,
|
||||||
):
|
):
|
||||||
repo = some_tokens_repo
|
repo = some_tokens_repo
|
||||||
expiration = FIVE_MINUTES_INTO_PAST
|
expiration = five_minutes_into_past()
|
||||||
assert repo.create_recovery_key(uses_left=2, expiration=expiration) is not None
|
assert repo.create_recovery_key(uses_left=2, expiration=expiration) is not None
|
||||||
recovery_key = repo.get_recovery_key()
|
recovery_key = repo.get_recovery_key()
|
||||||
# TODO: do not ignore timezone once json backend is deleted
|
# TODO: do not ignore timezone once json backend is deleted
|
||||||
|
@ -543,7 +543,7 @@ def test_use_mnemonic_expired_new_device_key(
|
||||||
some_tokens_repo,
|
some_tokens_repo,
|
||||||
):
|
):
|
||||||
repo = some_tokens_repo
|
repo = some_tokens_repo
|
||||||
expiration = FIVE_MINUTES_INTO_PAST
|
expiration = five_minutes_into_past()
|
||||||
|
|
||||||
key = repo.get_new_device_key()
|
key = repo.get_new_device_key()
|
||||||
assert key is not None
|
assert key is not None
|
||||||
|
@ -601,5 +601,5 @@ def test_clone_json_to_redis_full(some_tokens_repo):
|
||||||
repo = some_tokens_repo
|
repo = some_tokens_repo
|
||||||
if isinstance(repo, JsonTokensRepository):
|
if isinstance(repo, JsonTokensRepository):
|
||||||
repo.get_new_device_key()
|
repo.get_new_device_key()
|
||||||
repo.create_recovery_key(FIVE_MINUTES_INTO_FUTURE, 2)
|
repo.create_recovery_key(five_minutes_into_future(), 2)
|
||||||
clone_to_redis(repo)
|
clone_to_redis(repo)
|
||||||
|
|
|
@ -11,8 +11,8 @@ from tests.common import (
|
||||||
NearFuture,
|
NearFuture,
|
||||||
assert_recovery_recent,
|
assert_recovery_recent,
|
||||||
)
|
)
|
||||||
from tests.common import FIVE_MINUTES_INTO_FUTURE_NAIVE as FIVE_MINUTES_INTO_FUTURE
|
from tests.common import five_minutes_into_future_naive as five_minutes_into_future
|
||||||
from tests.common import FIVE_MINUTES_INTO_PAST_NAIVE as FIVE_MINUTES_INTO_PAST
|
from tests.common import five_minutes_into_past_naive as five_minutes_into_past
|
||||||
|
|
||||||
DATE_FORMATS = [
|
DATE_FORMATS = [
|
||||||
"%Y-%m-%dT%H:%M:%S.%fZ",
|
"%Y-%m-%dT%H:%M:%S.%fZ",
|
||||||
|
@ -76,6 +76,8 @@ def rest_make_recovery_token(client, expires_at=None, timeformat=None, uses=None
|
||||||
json=json,
|
json=json,
|
||||||
)
|
)
|
||||||
|
|
||||||
|
if not response.status_code == 200:
|
||||||
|
raise ValueError(response.reason, response.text, response.json()["detail"])
|
||||||
assert response.status_code == 200
|
assert response.status_code == 200
|
||||||
assert "token" in response.json()
|
assert "token" in response.json()
|
||||||
return response.json()["token"]
|
return response.json()["token"]
|
||||||
|
@ -323,7 +325,7 @@ def test_generate_recovery_token_with_expiration_date(
|
||||||
):
|
):
|
||||||
# Generate token with expiration date
|
# Generate token with expiration date
|
||||||
# Generate expiration date in the future
|
# Generate expiration date in the future
|
||||||
expiration_date = FIVE_MINUTES_INTO_FUTURE
|
expiration_date = five_minutes_into_future()
|
||||||
mnemonic_token = rest_make_recovery_token(
|
mnemonic_token = rest_make_recovery_token(
|
||||||
authorized_client, expires_at=expiration_date, timeformat=timeformat
|
authorized_client, expires_at=expiration_date, timeformat=timeformat
|
||||||
)
|
)
|
||||||
|
@ -362,7 +364,7 @@ def test_generate_recovery_token_with_expiration_in_the_past(
|
||||||
authorized_client, tokens_file, timeformat
|
authorized_client, tokens_file, timeformat
|
||||||
):
|
):
|
||||||
# Server must return 400 if expiration date is in the past
|
# Server must return 400 if expiration date is in the past
|
||||||
expiration_date = FIVE_MINUTES_INTO_PAST
|
expiration_date = five_minutes_into_past()
|
||||||
expiration_date_str = expiration_date.strftime(timeformat)
|
expiration_date_str = expiration_date.strftime(timeformat)
|
||||||
response = authorized_client.post(
|
response = authorized_client.post(
|
||||||
"/auth/recovery_token",
|
"/auth/recovery_token",
|
||||||
|
|
Loading…
Reference in a new issue