test(auth): fix future expiring too fast

This commit is contained in:
Houkime 2023-11-01 16:46:36 +00:00
parent 3deaeb28c5
commit a66ee2d3e5
4 changed files with 30 additions and 17 deletions

View file

@ -6,10 +6,21 @@ from mnemonic import Mnemonic
RECOVERY_KEY_VALIDATION_DATETIME = "selfprivacy_api.models.tokens.time.datetime"
DEVICE_KEY_VALIDATION_DATETIME = RECOVERY_KEY_VALIDATION_DATETIME
FIVE_MINUTES_INTO_FUTURE_NAIVE = datetime.now() + timedelta(minutes=5)
FIVE_MINUTES_INTO_FUTURE = datetime.now(timezone.utc) + timedelta(minutes=5)
FIVE_MINUTES_INTO_PAST_NAIVE = datetime.now() - timedelta(minutes=5)
FIVE_MINUTES_INTO_PAST = datetime.now(timezone.utc) - timedelta(minutes=5)
def five_minutes_into_future_naive():
return datetime.now() + timedelta(minutes=5)
def five_minutes_into_future():
return datetime.now(timezone.utc) + timedelta(minutes=5)
def five_minutes_into_past_naive():
return datetime.now() - timedelta(minutes=5)
def five_minutes_into_past():
return datetime.now(timezone.utc) - timedelta(minutes=5)
class NearFuture(datetime):

View file

@ -10,8 +10,8 @@ from tests.common import (
)
# Graphql API's output should be timezone-naive
from tests.common import FIVE_MINUTES_INTO_FUTURE_NAIVE as FIVE_MINUTES_INTO_FUTURE
from tests.common import FIVE_MINUTES_INTO_PAST_NAIVE as FIVE_MINUTES_INTO_PAST
from tests.common import five_minutes_into_future_naive as five_minutes_into_future
from tests.common import five_minutes_into_past_naive as five_minutes_into_past
from tests.test_graphql.api_common import (
assert_empty,
@ -161,7 +161,7 @@ def test_graphql_generate_recovery_key(client, authorized_client, tokens_file):
def test_graphql_generate_recovery_key_with_expiration_date(
client, authorized_client, tokens_file
):
expiration_date = FIVE_MINUTES_INTO_FUTURE
expiration_date = five_minutes_into_future()
key = graphql_make_new_recovery_key(authorized_client, expires_at=expiration_date)
status = graphql_recovery_status(authorized_client)
@ -179,7 +179,7 @@ def test_graphql_generate_recovery_key_with_expiration_date(
def test_graphql_use_recovery_key_after_expiration(
client, authorized_client, tokens_file, mocker
):
expiration_date = FIVE_MINUTES_INTO_FUTURE
expiration_date = five_minutes_into_future()
key = graphql_make_new_recovery_key(authorized_client, expires_at=expiration_date)
# Timewarp to after it expires
@ -201,7 +201,7 @@ def test_graphql_use_recovery_key_after_expiration(
def test_graphql_generate_recovery_key_with_expiration_in_the_past(
authorized_client, tokens_file
):
expiration_date = FIVE_MINUTES_INTO_PAST
expiration_date = five_minutes_into_past()
response = request_make_new_recovery_key(
authorized_client, expires_at=expiration_date
)

View file

@ -27,7 +27,7 @@ from selfprivacy_api.repositories.tokens.abstract_tokens_repository import (
AbstractTokensRepository,
)
from tests.common import FIVE_MINUTES_INTO_PAST, FIVE_MINUTES_INTO_FUTURE
from tests.common import five_minutes_into_past, five_minutes_into_future
ORIGINAL_DEVICE_NAMES = [
@ -363,7 +363,7 @@ def test_use_mnemonic_expired_recovery_key(
some_tokens_repo,
):
repo = some_tokens_repo
expiration = FIVE_MINUTES_INTO_PAST
expiration = five_minutes_into_past()
assert repo.create_recovery_key(uses_left=2, expiration=expiration) is not None
recovery_key = repo.get_recovery_key()
# TODO: do not ignore timezone once json backend is deleted
@ -543,7 +543,7 @@ def test_use_mnemonic_expired_new_device_key(
some_tokens_repo,
):
repo = some_tokens_repo
expiration = FIVE_MINUTES_INTO_PAST
expiration = five_minutes_into_past()
key = repo.get_new_device_key()
assert key is not None
@ -601,5 +601,5 @@ def test_clone_json_to_redis_full(some_tokens_repo):
repo = some_tokens_repo
if isinstance(repo, JsonTokensRepository):
repo.get_new_device_key()
repo.create_recovery_key(FIVE_MINUTES_INTO_FUTURE, 2)
repo.create_recovery_key(five_minutes_into_future(), 2)
clone_to_redis(repo)

View file

@ -11,8 +11,8 @@ from tests.common import (
NearFuture,
assert_recovery_recent,
)
from tests.common import FIVE_MINUTES_INTO_FUTURE_NAIVE as FIVE_MINUTES_INTO_FUTURE
from tests.common import FIVE_MINUTES_INTO_PAST_NAIVE as FIVE_MINUTES_INTO_PAST
from tests.common import five_minutes_into_future_naive as five_minutes_into_future
from tests.common import five_minutes_into_past_naive as five_minutes_into_past
DATE_FORMATS = [
"%Y-%m-%dT%H:%M:%S.%fZ",
@ -76,6 +76,8 @@ def rest_make_recovery_token(client, expires_at=None, timeformat=None, uses=None
json=json,
)
if not response.status_code == 200:
raise ValueError(response.reason, response.text, response.json()["detail"])
assert response.status_code == 200
assert "token" in response.json()
return response.json()["token"]
@ -323,7 +325,7 @@ def test_generate_recovery_token_with_expiration_date(
):
# Generate token with expiration date
# Generate expiration date in the future
expiration_date = FIVE_MINUTES_INTO_FUTURE
expiration_date = five_minutes_into_future()
mnemonic_token = rest_make_recovery_token(
authorized_client, expires_at=expiration_date, timeformat=timeformat
)
@ -362,7 +364,7 @@ def test_generate_recovery_token_with_expiration_in_the_past(
authorized_client, tokens_file, timeformat
):
# Server must return 400 if expiration date is in the past
expiration_date = FIVE_MINUTES_INTO_PAST
expiration_date = five_minutes_into_past()
expiration_date_str = expiration_date.strftime(timeformat)
response = authorized_client.post(
"/auth/recovery_token",