🎨 flake8

This commit is contained in:
Emilien GUILMINEAU 2024-03-29 23:59:15 +01:00
parent 26b26f9c25
commit 04235c1edc
2 changed files with 109 additions and 102 deletions

View file

@ -102,6 +102,7 @@ def parse_token(token):
return storage_key, decryption_key return storage_key, decryption_key
def as_validation_problem(request, problem_type, problem_title, invalid_params): def as_validation_problem(request, problem_type, problem_title, invalid_params):
base_url = set_base_url(request) base_url = set_base_url(request)
@ -112,6 +113,7 @@ def as_validation_problem(request, problem_type, problem_title, invalid_params):
} }
return as_problem_response(problem) return as_problem_response(problem)
def as_not_found_problem(request, problem_type, problem_title, invalid_params): def as_not_found_problem(request, problem_type, problem_title, invalid_params):
base_url = set_base_url(request) base_url = set_base_url(request)
@ -248,6 +250,7 @@ def api_handle_password():
else: else:
abort(500) abort(500)
@app.route('/api/v2/passwords', methods=['POST']) @app.route('/api/v2/passwords', methods=['POST'])
def api_v2_set_password(): def api_v2_set_password():
password = request.json.get('password') password = request.json.get('password')
@ -269,10 +272,15 @@ def api_v2_set_password():
if len(invalid_params) > 0: if len(invalid_params) > 0:
# Return a ProblemDetails expliciting issue with Password and/or TTL # Return a ProblemDetails expliciting issue with Password and/or TTL
return as_validation_problem(request, "set-password-validation-error", "The password and/or the TTL are invalid.", invalid_params) return as_validation_problem(
request,
"set-password-validation-error",
"The password and/or the TTL are invalid.",
invalid_params
)
token = set_password(password, ttl) token = set_password(password, ttl)
url_token= quote_plus(token) url_token = quote_plus(token)
base_url = set_base_url(request) base_url = set_base_url(request)
link = urljoin(base_url, request.path + "/" + url_token) link = urljoin(base_url, request.path + "/" + url_token)
response_content = { response_content = {
@ -285,6 +293,7 @@ def api_v2_set_password():
} }
return jsonify(response_content) return jsonify(response_content)
@app.route('/api/v2/passwords/<token>', methods=['HEAD']) @app.route('/api/v2/passwords/<token>', methods=['HEAD'])
def api_v2_check_password(token): def api_v2_check_password(token):
token = unquote_plus(token) token = unquote_plus(token)
@ -295,13 +304,19 @@ def api_v2_check_password(token):
# Return OK, to indicate that password still exists # Return OK, to indicate that password still exists
return ('', 200) return ('', 200)
@app.route('/api/v2/passwords/<token>', methods=['GET']) @app.route('/api/v2/passwords/<token>', methods=['GET'])
def api_v2_retrieve_password(token): def api_v2_retrieve_password(token):
token = unquote_plus(token) token = unquote_plus(token)
password = get_password(token) password = get_password(token)
if not password: if not password:
# Return NotFound, to indicate that password does not exists (anymore or at all) # Return NotFound, to indicate that password does not exists (anymore or at all)
return as_not_found_problem(request, "get-password-error", "The password doesn't exist.", [{ "name": "token"}]) return as_not_found_problem(
request,
"get-password-error",
"The password doesn't exist.",
[{"name": "token"}]
)
else: else:
# Return OK and the password in JSON message # Return OK and the password in JSON message
return jsonify(password=password) return jsonify(password=password)

190
tests.py
View file

@ -239,126 +239,118 @@ class SnapPassRoutesTestCase(TestCase):
self.assertIsNone(snappass.get_password(key)) self.assertIsNone(snappass.get_password(key))
def test_set_password_api_v2_no_password(self): def test_set_password_api_v2_no_password(self):
with freeze_time("2020-05-08 12:00:00") as frozen_time: rv = self.app.post(
rv = self.app.post( '/api/v2/passwords',
'/api/v2/passwords', headers={'Accept': 'application/json'},
headers={'Accept': 'application/json'}, json={'password': ''},
json={'password': ''}, )
)
self.assertEqual(rv.status_code, 400) self.assertEqual(rv.status_code, 400)
json_content = rv.get_json()
invalid_params = json_content['invalid-params']
self.assertEqual(len(invalid_params), 1)
bad_password = invalid_params[0]
self.assertEqual(bad_password['name'], 'password')
json_content = rv.get_json()
invalid_params = json_content['invalid-params']
self.assertEqual(len(invalid_params), 1)
bad_password = invalid_params[0]
self.assertEqual(bad_password['name'], 'password')
def test_set_password_api_v2_too_big_ttl(self): def test_set_password_api_v2_too_big_ttl(self):
with freeze_time("2020-05-08 12:00:00") as frozen_time: password = 'my name is my passport. verify me.'
password = 'my name is my passport. verify me.' rv = self.app.post(
rv = self.app.post( '/api/v2/passwords',
'/api/v2/passwords', headers={'Accept': 'application/json'},
headers={'Accept': 'application/json'}, json={'password': password, 'ttl': '1209600000'},
json={'password': password, 'ttl': '1209600000'}, )
)
self.assertEqual(rv.status_code, 400) self.assertEqual(rv.status_code, 400)
json_content = rv.get_json()
invalid_params = json_content['invalid-params']
self.assertEqual(len(invalid_params), 1)
bad_ttl = invalid_params[0]
self.assertEqual(bad_ttl['name'], 'ttl')
json_content = rv.get_json()
invalid_params = json_content['invalid-params']
self.assertEqual(len(invalid_params), 1)
bad_ttl = invalid_params[0]
self.assertEqual(bad_ttl['name'], 'ttl')
def test_set_password_api_v2_no_password_and_too_big_ttl(self): def test_set_password_api_v2_no_password_and_too_big_ttl(self):
with freeze_time("2020-05-08 12:00:00") as frozen_time: rv = self.app.post(
password = 'my name is my passport. verify me.' '/api/v2/passwords',
rv = self.app.post( headers={'Accept': 'application/json'},
'/api/v2/passwords', json={'password': '', 'ttl': '1209600000'},
headers={'Accept': 'application/json'}, )
json={'password': '', 'ttl': '1209600000'},
)
self.assertEqual(rv.status_code, 400) self.assertEqual(rv.status_code, 400)
json_content = rv.get_json() json_content = rv.get_json()
invalid_params = json_content['invalid-params'] invalid_params = json_content['invalid-params']
self.assertEqual(len(invalid_params), 2) self.assertEqual(len(invalid_params), 2)
bad_password = invalid_params[0] bad_password = invalid_params[0]
self.assertEqual(bad_password['name'], 'password') self.assertEqual(bad_password['name'], 'password')
bad_ttl = invalid_params[1] bad_ttl = invalid_params[1]
self.assertEqual(bad_ttl['name'], 'ttl') self.assertEqual(bad_ttl['name'], 'ttl')
def test_check_password_api_v2(self): def test_check_password_api_v2(self):
with freeze_time("2020-05-08 12:00:00") as frozen_time: password = 'my name is my passport. verify me.'
password = 'my name is my passport. verify me.' rv = self.app.post(
rv = self.app.post( '/api/v2/passwords',
'/api/v2/passwords', headers={'Accept': 'application/json'},
headers={'Accept': 'application/json'}, json={'password': password},
json={'password': password}, )
)
json_content = rv.get_json() json_content = rv.get_json()
key = unquote(json_content['token']) key = unquote(json_content['token'])
rvc = self.app.head('/api/v2/passwords/' + quote(key)) rvc = self.app.head('/api/v2/passwords/' + quote(key))
self.assertEqual(rv.status_code, 200) self.assertEqual(rvc.status_code, 200)
def test_check_password_api_v2_bad_keys(self): def test_check_password_api_v2_bad_keys(self):
with freeze_time("2020-05-08 12:00:00") as frozen_time: password = 'my name is my passport. verify me.'
password = 'my name is my passport. verify me.' rv = self.app.post(
rv = self.app.post( '/api/v2/passwords',
'/api/v2/passwords', headers={'Accept': 'application/json'},
headers={'Accept': 'application/json'}, json={'password': password},
json={'password': password}, )
)
json_content = rv.get_json() json_content = rv.get_json()
key = unquote(json_content['token']) key = unquote(json_content['token'])
rvc = self.app.head('/api/v2/passwords/' + quote(key[::-1])) rvc = self.app.head('/api/v2/passwords/' + quote(key[::-1]))
self.assertEqual(rvc.status_code, 404) self.assertEqual(rvc.status_code, 404)
def test_retrieve_password_api_v2(self): def test_retrieve_password_api_v2(self):
with freeze_time("2020-05-08 12:00:00") as frozen_time: password = 'my name is my passport. verify me.'
password = 'my name is my passport. verify me.' rv = self.app.post(
rv = self.app.post( '/api/v2/passwords',
'/api/v2/passwords', headers={'Accept': 'application/json'},
headers={'Accept': 'application/json'}, json={'password': password},
json={'password': password}, )
)
json_content = rv.get_json() json_content = rv.get_json()
key = unquote(json_content['token']) key = unquote(json_content['token'])
rvc = self.app.get('/api/v2/passwords/' + quote(key))
self.assertEqual(rv.status_code, 200)
json_content_retrieved = rvc.get_json() rvc = self.app.get('/api/v2/passwords/' + quote(key))
retrieved_password = json_content_retrieved['password'] self.assertEqual(rv.status_code, 200)
self.assertEqual(retrieved_password, password)
json_content_retrieved = rvc.get_json()
retrieved_password = json_content_retrieved['password']
self.assertEqual(retrieved_password, password)
def test_retrieve_password_api_v2_bad_keys(self): def test_retrieve_password_api_v2_bad_keys(self):
with freeze_time("2020-05-08 12:00:00") as frozen_time: password = 'my name is my passport. verify me.'
password = 'my name is my passport. verify me.' rv = self.app.post(
rv = self.app.post( '/api/v2/passwords',
'/api/v2/passwords', headers={'Accept': 'application/json'},
headers={'Accept': 'application/json'}, json={'password': password},
json={'password': password}, )
)
json_content = rv.get_json() json_content = rv.get_json()
key = unquote(json_content['token']) key = unquote(json_content['token'])
rvc = self.app.get('/api/v2/passwords/' + quote(key[::-1])) rvc = self.app.get('/api/v2/passwords/' + quote(key[::-1]))
self.assertEqual(rvc.status_code, 404) self.assertEqual(rvc.status_code, 404)
json_content_retrieved = rvc.get_json() json_content_retrieved = rvc.get_json()
invalid_params = json_content_retrieved['invalid-params'] invalid_params = json_content_retrieved['invalid-params']
self.assertEqual(len(invalid_params), 1) self.assertEqual(len(invalid_params), 1)
bad_token = invalid_params[0] bad_token = invalid_params[0]
self.assertEqual(bad_token['name'], 'token') self.assertEqual(bad_token['name'], 'token')
if __name__ == '__main__': if __name__ == '__main__':