🎨 flake8
This commit is contained in:
parent
26b26f9c25
commit
04235c1edc
2 changed files with 109 additions and 102 deletions
|
@ -102,6 +102,7 @@ def parse_token(token):
|
||||||
|
|
||||||
return storage_key, decryption_key
|
return storage_key, decryption_key
|
||||||
|
|
||||||
|
|
||||||
def as_validation_problem(request, problem_type, problem_title, invalid_params):
|
def as_validation_problem(request, problem_type, problem_title, invalid_params):
|
||||||
base_url = set_base_url(request)
|
base_url = set_base_url(request)
|
||||||
|
|
||||||
|
@ -112,6 +113,7 @@ def as_validation_problem(request, problem_type, problem_title, invalid_params):
|
||||||
}
|
}
|
||||||
return as_problem_response(problem)
|
return as_problem_response(problem)
|
||||||
|
|
||||||
|
|
||||||
def as_not_found_problem(request, problem_type, problem_title, invalid_params):
|
def as_not_found_problem(request, problem_type, problem_title, invalid_params):
|
||||||
base_url = set_base_url(request)
|
base_url = set_base_url(request)
|
||||||
|
|
||||||
|
@ -248,6 +250,7 @@ def api_handle_password():
|
||||||
else:
|
else:
|
||||||
abort(500)
|
abort(500)
|
||||||
|
|
||||||
|
|
||||||
@app.route('/api/v2/passwords', methods=['POST'])
|
@app.route('/api/v2/passwords', methods=['POST'])
|
||||||
def api_v2_set_password():
|
def api_v2_set_password():
|
||||||
password = request.json.get('password')
|
password = request.json.get('password')
|
||||||
|
@ -269,10 +272,15 @@ def api_v2_set_password():
|
||||||
|
|
||||||
if len(invalid_params) > 0:
|
if len(invalid_params) > 0:
|
||||||
# Return a ProblemDetails expliciting issue with Password and/or TTL
|
# Return a ProblemDetails expliciting issue with Password and/or TTL
|
||||||
return as_validation_problem(request, "set-password-validation-error", "The password and/or the TTL are invalid.", invalid_params)
|
return as_validation_problem(
|
||||||
|
request,
|
||||||
|
"set-password-validation-error",
|
||||||
|
"The password and/or the TTL are invalid.",
|
||||||
|
invalid_params
|
||||||
|
)
|
||||||
|
|
||||||
token = set_password(password, ttl)
|
token = set_password(password, ttl)
|
||||||
url_token= quote_plus(token)
|
url_token = quote_plus(token)
|
||||||
base_url = set_base_url(request)
|
base_url = set_base_url(request)
|
||||||
link = urljoin(base_url, request.path + "/" + url_token)
|
link = urljoin(base_url, request.path + "/" + url_token)
|
||||||
response_content = {
|
response_content = {
|
||||||
|
@ -285,6 +293,7 @@ def api_v2_set_password():
|
||||||
}
|
}
|
||||||
return jsonify(response_content)
|
return jsonify(response_content)
|
||||||
|
|
||||||
|
|
||||||
@app.route('/api/v2/passwords/<token>', methods=['HEAD'])
|
@app.route('/api/v2/passwords/<token>', methods=['HEAD'])
|
||||||
def api_v2_check_password(token):
|
def api_v2_check_password(token):
|
||||||
token = unquote_plus(token)
|
token = unquote_plus(token)
|
||||||
|
@ -295,13 +304,19 @@ def api_v2_check_password(token):
|
||||||
# Return OK, to indicate that password still exists
|
# Return OK, to indicate that password still exists
|
||||||
return ('', 200)
|
return ('', 200)
|
||||||
|
|
||||||
|
|
||||||
@app.route('/api/v2/passwords/<token>', methods=['GET'])
|
@app.route('/api/v2/passwords/<token>', methods=['GET'])
|
||||||
def api_v2_retrieve_password(token):
|
def api_v2_retrieve_password(token):
|
||||||
token = unquote_plus(token)
|
token = unquote_plus(token)
|
||||||
password = get_password(token)
|
password = get_password(token)
|
||||||
if not password:
|
if not password:
|
||||||
# Return NotFound, to indicate that password does not exists (anymore or at all)
|
# Return NotFound, to indicate that password does not exists (anymore or at all)
|
||||||
return as_not_found_problem(request, "get-password-error", "The password doesn't exist.", [{ "name": "token"}])
|
return as_not_found_problem(
|
||||||
|
request,
|
||||||
|
"get-password-error",
|
||||||
|
"The password doesn't exist.",
|
||||||
|
[{"name": "token"}]
|
||||||
|
)
|
||||||
else:
|
else:
|
||||||
# Return OK and the password in JSON message
|
# Return OK and the password in JSON message
|
||||||
return jsonify(password=password)
|
return jsonify(password=password)
|
||||||
|
|
190
tests.py
190
tests.py
|
@ -239,126 +239,118 @@ class SnapPassRoutesTestCase(TestCase):
|
||||||
self.assertIsNone(snappass.get_password(key))
|
self.assertIsNone(snappass.get_password(key))
|
||||||
|
|
||||||
def test_set_password_api_v2_no_password(self):
|
def test_set_password_api_v2_no_password(self):
|
||||||
with freeze_time("2020-05-08 12:00:00") as frozen_time:
|
rv = self.app.post(
|
||||||
rv = self.app.post(
|
'/api/v2/passwords',
|
||||||
'/api/v2/passwords',
|
headers={'Accept': 'application/json'},
|
||||||
headers={'Accept': 'application/json'},
|
json={'password': ''},
|
||||||
json={'password': ''},
|
)
|
||||||
)
|
|
||||||
|
|
||||||
self.assertEqual(rv.status_code, 400)
|
self.assertEqual(rv.status_code, 400)
|
||||||
|
|
||||||
|
json_content = rv.get_json()
|
||||||
|
invalid_params = json_content['invalid-params']
|
||||||
|
self.assertEqual(len(invalid_params), 1)
|
||||||
|
bad_password = invalid_params[0]
|
||||||
|
self.assertEqual(bad_password['name'], 'password')
|
||||||
|
|
||||||
json_content = rv.get_json()
|
|
||||||
invalid_params = json_content['invalid-params']
|
|
||||||
self.assertEqual(len(invalid_params), 1)
|
|
||||||
bad_password = invalid_params[0]
|
|
||||||
self.assertEqual(bad_password['name'], 'password')
|
|
||||||
|
|
||||||
def test_set_password_api_v2_too_big_ttl(self):
|
def test_set_password_api_v2_too_big_ttl(self):
|
||||||
with freeze_time("2020-05-08 12:00:00") as frozen_time:
|
password = 'my name is my passport. verify me.'
|
||||||
password = 'my name is my passport. verify me.'
|
rv = self.app.post(
|
||||||
rv = self.app.post(
|
'/api/v2/passwords',
|
||||||
'/api/v2/passwords',
|
headers={'Accept': 'application/json'},
|
||||||
headers={'Accept': 'application/json'},
|
json={'password': password, 'ttl': '1209600000'},
|
||||||
json={'password': password, 'ttl': '1209600000'},
|
)
|
||||||
)
|
|
||||||
|
|
||||||
self.assertEqual(rv.status_code, 400)
|
self.assertEqual(rv.status_code, 400)
|
||||||
|
|
||||||
|
json_content = rv.get_json()
|
||||||
|
invalid_params = json_content['invalid-params']
|
||||||
|
self.assertEqual(len(invalid_params), 1)
|
||||||
|
bad_ttl = invalid_params[0]
|
||||||
|
self.assertEqual(bad_ttl['name'], 'ttl')
|
||||||
|
|
||||||
json_content = rv.get_json()
|
|
||||||
invalid_params = json_content['invalid-params']
|
|
||||||
self.assertEqual(len(invalid_params), 1)
|
|
||||||
bad_ttl = invalid_params[0]
|
|
||||||
self.assertEqual(bad_ttl['name'], 'ttl')
|
|
||||||
|
|
||||||
def test_set_password_api_v2_no_password_and_too_big_ttl(self):
|
def test_set_password_api_v2_no_password_and_too_big_ttl(self):
|
||||||
with freeze_time("2020-05-08 12:00:00") as frozen_time:
|
rv = self.app.post(
|
||||||
password = 'my name is my passport. verify me.'
|
'/api/v2/passwords',
|
||||||
rv = self.app.post(
|
headers={'Accept': 'application/json'},
|
||||||
'/api/v2/passwords',
|
json={'password': '', 'ttl': '1209600000'},
|
||||||
headers={'Accept': 'application/json'},
|
)
|
||||||
json={'password': '', 'ttl': '1209600000'},
|
|
||||||
)
|
|
||||||
|
|
||||||
self.assertEqual(rv.status_code, 400)
|
self.assertEqual(rv.status_code, 400)
|
||||||
|
|
||||||
json_content = rv.get_json()
|
json_content = rv.get_json()
|
||||||
invalid_params = json_content['invalid-params']
|
invalid_params = json_content['invalid-params']
|
||||||
self.assertEqual(len(invalid_params), 2)
|
self.assertEqual(len(invalid_params), 2)
|
||||||
bad_password = invalid_params[0]
|
bad_password = invalid_params[0]
|
||||||
self.assertEqual(bad_password['name'], 'password')
|
self.assertEqual(bad_password['name'], 'password')
|
||||||
bad_ttl = invalid_params[1]
|
bad_ttl = invalid_params[1]
|
||||||
self.assertEqual(bad_ttl['name'], 'ttl')
|
self.assertEqual(bad_ttl['name'], 'ttl')
|
||||||
|
|
||||||
def test_check_password_api_v2(self):
|
def test_check_password_api_v2(self):
|
||||||
with freeze_time("2020-05-08 12:00:00") as frozen_time:
|
password = 'my name is my passport. verify me.'
|
||||||
password = 'my name is my passport. verify me.'
|
rv = self.app.post(
|
||||||
rv = self.app.post(
|
'/api/v2/passwords',
|
||||||
'/api/v2/passwords',
|
headers={'Accept': 'application/json'},
|
||||||
headers={'Accept': 'application/json'},
|
json={'password': password},
|
||||||
json={'password': password},
|
)
|
||||||
)
|
|
||||||
|
|
||||||
json_content = rv.get_json()
|
json_content = rv.get_json()
|
||||||
key = unquote(json_content['token'])
|
key = unquote(json_content['token'])
|
||||||
|
|
||||||
rvc = self.app.head('/api/v2/passwords/' + quote(key))
|
rvc = self.app.head('/api/v2/passwords/' + quote(key))
|
||||||
self.assertEqual(rv.status_code, 200)
|
self.assertEqual(rvc.status_code, 200)
|
||||||
|
|
||||||
def test_check_password_api_v2_bad_keys(self):
|
def test_check_password_api_v2_bad_keys(self):
|
||||||
with freeze_time("2020-05-08 12:00:00") as frozen_time:
|
password = 'my name is my passport. verify me.'
|
||||||
password = 'my name is my passport. verify me.'
|
rv = self.app.post(
|
||||||
rv = self.app.post(
|
'/api/v2/passwords',
|
||||||
'/api/v2/passwords',
|
headers={'Accept': 'application/json'},
|
||||||
headers={'Accept': 'application/json'},
|
json={'password': password},
|
||||||
json={'password': password},
|
)
|
||||||
)
|
|
||||||
|
|
||||||
json_content = rv.get_json()
|
json_content = rv.get_json()
|
||||||
key = unquote(json_content['token'])
|
key = unquote(json_content['token'])
|
||||||
|
|
||||||
rvc = self.app.head('/api/v2/passwords/' + quote(key[::-1]))
|
rvc = self.app.head('/api/v2/passwords/' + quote(key[::-1]))
|
||||||
self.assertEqual(rvc.status_code, 404)
|
self.assertEqual(rvc.status_code, 404)
|
||||||
|
|
||||||
def test_retrieve_password_api_v2(self):
|
def test_retrieve_password_api_v2(self):
|
||||||
with freeze_time("2020-05-08 12:00:00") as frozen_time:
|
password = 'my name is my passport. verify me.'
|
||||||
password = 'my name is my passport. verify me.'
|
rv = self.app.post(
|
||||||
rv = self.app.post(
|
'/api/v2/passwords',
|
||||||
'/api/v2/passwords',
|
headers={'Accept': 'application/json'},
|
||||||
headers={'Accept': 'application/json'},
|
json={'password': password},
|
||||||
json={'password': password},
|
)
|
||||||
)
|
|
||||||
|
|
||||||
json_content = rv.get_json()
|
json_content = rv.get_json()
|
||||||
key = unquote(json_content['token'])
|
key = unquote(json_content['token'])
|
||||||
|
|
||||||
rvc = self.app.get('/api/v2/passwords/' + quote(key))
|
|
||||||
self.assertEqual(rv.status_code, 200)
|
|
||||||
|
|
||||||
json_content_retrieved = rvc.get_json()
|
rvc = self.app.get('/api/v2/passwords/' + quote(key))
|
||||||
retrieved_password = json_content_retrieved['password']
|
self.assertEqual(rv.status_code, 200)
|
||||||
self.assertEqual(retrieved_password, password)
|
|
||||||
|
json_content_retrieved = rvc.get_json()
|
||||||
|
retrieved_password = json_content_retrieved['password']
|
||||||
|
self.assertEqual(retrieved_password, password)
|
||||||
|
|
||||||
def test_retrieve_password_api_v2_bad_keys(self):
|
def test_retrieve_password_api_v2_bad_keys(self):
|
||||||
with freeze_time("2020-05-08 12:00:00") as frozen_time:
|
password = 'my name is my passport. verify me.'
|
||||||
password = 'my name is my passport. verify me.'
|
rv = self.app.post(
|
||||||
rv = self.app.post(
|
'/api/v2/passwords',
|
||||||
'/api/v2/passwords',
|
headers={'Accept': 'application/json'},
|
||||||
headers={'Accept': 'application/json'},
|
json={'password': password},
|
||||||
json={'password': password},
|
)
|
||||||
)
|
|
||||||
|
|
||||||
json_content = rv.get_json()
|
json_content = rv.get_json()
|
||||||
key = unquote(json_content['token'])
|
key = unquote(json_content['token'])
|
||||||
|
|
||||||
rvc = self.app.get('/api/v2/passwords/' + quote(key[::-1]))
|
rvc = self.app.get('/api/v2/passwords/' + quote(key[::-1]))
|
||||||
self.assertEqual(rvc.status_code, 404)
|
self.assertEqual(rvc.status_code, 404)
|
||||||
|
|
||||||
json_content_retrieved = rvc.get_json()
|
json_content_retrieved = rvc.get_json()
|
||||||
invalid_params = json_content_retrieved['invalid-params']
|
invalid_params = json_content_retrieved['invalid-params']
|
||||||
self.assertEqual(len(invalid_params), 1)
|
self.assertEqual(len(invalid_params), 1)
|
||||||
bad_token = invalid_params[0]
|
bad_token = invalid_params[0]
|
||||||
self.assertEqual(bad_token['name'], 'token')
|
self.assertEqual(bad_token['name'], 'token')
|
||||||
|
|
||||||
|
|
||||||
if __name__ == '__main__':
|
if __name__ == '__main__':
|
||||||
|
|
Loading…
Reference in a new issue