🎨 flake8
This commit is contained in:
parent
26b26f9c25
commit
04235c1edc
2 changed files with 109 additions and 102 deletions
|
@ -102,6 +102,7 @@ def parse_token(token):
|
|||
|
||||
return storage_key, decryption_key
|
||||
|
||||
|
||||
def as_validation_problem(request, problem_type, problem_title, invalid_params):
|
||||
base_url = set_base_url(request)
|
||||
|
||||
|
@ -112,6 +113,7 @@ def as_validation_problem(request, problem_type, problem_title, invalid_params):
|
|||
}
|
||||
return as_problem_response(problem)
|
||||
|
||||
|
||||
def as_not_found_problem(request, problem_type, problem_title, invalid_params):
|
||||
base_url = set_base_url(request)
|
||||
|
||||
|
@ -248,6 +250,7 @@ def api_handle_password():
|
|||
else:
|
||||
abort(500)
|
||||
|
||||
|
||||
@app.route('/api/v2/passwords', methods=['POST'])
|
||||
def api_v2_set_password():
|
||||
password = request.json.get('password')
|
||||
|
@ -269,10 +272,15 @@ def api_v2_set_password():
|
|||
|
||||
if len(invalid_params) > 0:
|
||||
# Return a ProblemDetails expliciting issue with Password and/or TTL
|
||||
return as_validation_problem(request, "set-password-validation-error", "The password and/or the TTL are invalid.", invalid_params)
|
||||
return as_validation_problem(
|
||||
request,
|
||||
"set-password-validation-error",
|
||||
"The password and/or the TTL are invalid.",
|
||||
invalid_params
|
||||
)
|
||||
|
||||
token = set_password(password, ttl)
|
||||
url_token= quote_plus(token)
|
||||
url_token = quote_plus(token)
|
||||
base_url = set_base_url(request)
|
||||
link = urljoin(base_url, request.path + "/" + url_token)
|
||||
response_content = {
|
||||
|
@ -285,6 +293,7 @@ def api_v2_set_password():
|
|||
}
|
||||
return jsonify(response_content)
|
||||
|
||||
|
||||
@app.route('/api/v2/passwords/<token>', methods=['HEAD'])
|
||||
def api_v2_check_password(token):
|
||||
token = unquote_plus(token)
|
||||
|
@ -295,13 +304,19 @@ def api_v2_check_password(token):
|
|||
# Return OK, to indicate that password still exists
|
||||
return ('', 200)
|
||||
|
||||
|
||||
@app.route('/api/v2/passwords/<token>', methods=['GET'])
|
||||
def api_v2_retrieve_password(token):
|
||||
token = unquote_plus(token)
|
||||
password = get_password(token)
|
||||
if not password:
|
||||
# Return NotFound, to indicate that password does not exists (anymore or at all)
|
||||
return as_not_found_problem(request, "get-password-error", "The password doesn't exist.", [{ "name": "token"}])
|
||||
return as_not_found_problem(
|
||||
request,
|
||||
"get-password-error",
|
||||
"The password doesn't exist.",
|
||||
[{"name": "token"}]
|
||||
)
|
||||
else:
|
||||
# Return OK and the password in JSON message
|
||||
return jsonify(password=password)
|
||||
|
|
176
tests.py
176
tests.py
|
@ -239,126 +239,118 @@ class SnapPassRoutesTestCase(TestCase):
|
|||
self.assertIsNone(snappass.get_password(key))
|
||||
|
||||
def test_set_password_api_v2_no_password(self):
|
||||
with freeze_time("2020-05-08 12:00:00") as frozen_time:
|
||||
rv = self.app.post(
|
||||
'/api/v2/passwords',
|
||||
headers={'Accept': 'application/json'},
|
||||
json={'password': ''},
|
||||
)
|
||||
rv = self.app.post(
|
||||
'/api/v2/passwords',
|
||||
headers={'Accept': 'application/json'},
|
||||
json={'password': ''},
|
||||
)
|
||||
|
||||
self.assertEqual(rv.status_code, 400)
|
||||
self.assertEqual(rv.status_code, 400)
|
||||
|
||||
json_content = rv.get_json()
|
||||
invalid_params = json_content['invalid-params']
|
||||
self.assertEqual(len(invalid_params), 1)
|
||||
bad_password = invalid_params[0]
|
||||
self.assertEqual(bad_password['name'], 'password')
|
||||
json_content = rv.get_json()
|
||||
invalid_params = json_content['invalid-params']
|
||||
self.assertEqual(len(invalid_params), 1)
|
||||
bad_password = invalid_params[0]
|
||||
self.assertEqual(bad_password['name'], 'password')
|
||||
|
||||
def test_set_password_api_v2_too_big_ttl(self):
|
||||
with freeze_time("2020-05-08 12:00:00") as frozen_time:
|
||||
password = 'my name is my passport. verify me.'
|
||||
rv = self.app.post(
|
||||
'/api/v2/passwords',
|
||||
headers={'Accept': 'application/json'},
|
||||
json={'password': password, 'ttl': '1209600000'},
|
||||
)
|
||||
password = 'my name is my passport. verify me.'
|
||||
rv = self.app.post(
|
||||
'/api/v2/passwords',
|
||||
headers={'Accept': 'application/json'},
|
||||
json={'password': password, 'ttl': '1209600000'},
|
||||
)
|
||||
|
||||
self.assertEqual(rv.status_code, 400)
|
||||
self.assertEqual(rv.status_code, 400)
|
||||
|
||||
json_content = rv.get_json()
|
||||
invalid_params = json_content['invalid-params']
|
||||
self.assertEqual(len(invalid_params), 1)
|
||||
bad_ttl = invalid_params[0]
|
||||
self.assertEqual(bad_ttl['name'], 'ttl')
|
||||
json_content = rv.get_json()
|
||||
invalid_params = json_content['invalid-params']
|
||||
self.assertEqual(len(invalid_params), 1)
|
||||
bad_ttl = invalid_params[0]
|
||||
self.assertEqual(bad_ttl['name'], 'ttl')
|
||||
|
||||
def test_set_password_api_v2_no_password_and_too_big_ttl(self):
|
||||
with freeze_time("2020-05-08 12:00:00") as frozen_time:
|
||||
password = 'my name is my passport. verify me.'
|
||||
rv = self.app.post(
|
||||
'/api/v2/passwords',
|
||||
headers={'Accept': 'application/json'},
|
||||
json={'password': '', 'ttl': '1209600000'},
|
||||
)
|
||||
rv = self.app.post(
|
||||
'/api/v2/passwords',
|
||||
headers={'Accept': 'application/json'},
|
||||
json={'password': '', 'ttl': '1209600000'},
|
||||
)
|
||||
|
||||
self.assertEqual(rv.status_code, 400)
|
||||
self.assertEqual(rv.status_code, 400)
|
||||
|
||||
json_content = rv.get_json()
|
||||
invalid_params = json_content['invalid-params']
|
||||
self.assertEqual(len(invalid_params), 2)
|
||||
bad_password = invalid_params[0]
|
||||
self.assertEqual(bad_password['name'], 'password')
|
||||
bad_ttl = invalid_params[1]
|
||||
self.assertEqual(bad_ttl['name'], 'ttl')
|
||||
json_content = rv.get_json()
|
||||
invalid_params = json_content['invalid-params']
|
||||
self.assertEqual(len(invalid_params), 2)
|
||||
bad_password = invalid_params[0]
|
||||
self.assertEqual(bad_password['name'], 'password')
|
||||
bad_ttl = invalid_params[1]
|
||||
self.assertEqual(bad_ttl['name'], 'ttl')
|
||||
|
||||
def test_check_password_api_v2(self):
|
||||
with freeze_time("2020-05-08 12:00:00") as frozen_time:
|
||||
password = 'my name is my passport. verify me.'
|
||||
rv = self.app.post(
|
||||
'/api/v2/passwords',
|
||||
headers={'Accept': 'application/json'},
|
||||
json={'password': password},
|
||||
)
|
||||
password = 'my name is my passport. verify me.'
|
||||
rv = self.app.post(
|
||||
'/api/v2/passwords',
|
||||
headers={'Accept': 'application/json'},
|
||||
json={'password': password},
|
||||
)
|
||||
|
||||
json_content = rv.get_json()
|
||||
key = unquote(json_content['token'])
|
||||
json_content = rv.get_json()
|
||||
key = unquote(json_content['token'])
|
||||
|
||||
rvc = self.app.head('/api/v2/passwords/' + quote(key))
|
||||
self.assertEqual(rv.status_code, 200)
|
||||
rvc = self.app.head('/api/v2/passwords/' + quote(key))
|
||||
self.assertEqual(rvc.status_code, 200)
|
||||
|
||||
def test_check_password_api_v2_bad_keys(self):
|
||||
with freeze_time("2020-05-08 12:00:00") as frozen_time:
|
||||
password = 'my name is my passport. verify me.'
|
||||
rv = self.app.post(
|
||||
'/api/v2/passwords',
|
||||
headers={'Accept': 'application/json'},
|
||||
json={'password': password},
|
||||
)
|
||||
password = 'my name is my passport. verify me.'
|
||||
rv = self.app.post(
|
||||
'/api/v2/passwords',
|
||||
headers={'Accept': 'application/json'},
|
||||
json={'password': password},
|
||||
)
|
||||
|
||||
json_content = rv.get_json()
|
||||
key = unquote(json_content['token'])
|
||||
json_content = rv.get_json()
|
||||
key = unquote(json_content['token'])
|
||||
|
||||
rvc = self.app.head('/api/v2/passwords/' + quote(key[::-1]))
|
||||
self.assertEqual(rvc.status_code, 404)
|
||||
rvc = self.app.head('/api/v2/passwords/' + quote(key[::-1]))
|
||||
self.assertEqual(rvc.status_code, 404)
|
||||
|
||||
def test_retrieve_password_api_v2(self):
|
||||
with freeze_time("2020-05-08 12:00:00") as frozen_time:
|
||||
password = 'my name is my passport. verify me.'
|
||||
rv = self.app.post(
|
||||
'/api/v2/passwords',
|
||||
headers={'Accept': 'application/json'},
|
||||
json={'password': password},
|
||||
)
|
||||
password = 'my name is my passport. verify me.'
|
||||
rv = self.app.post(
|
||||
'/api/v2/passwords',
|
||||
headers={'Accept': 'application/json'},
|
||||
json={'password': password},
|
||||
)
|
||||
|
||||
json_content = rv.get_json()
|
||||
key = unquote(json_content['token'])
|
||||
json_content = rv.get_json()
|
||||
key = unquote(json_content['token'])
|
||||
|
||||
rvc = self.app.get('/api/v2/passwords/' + quote(key))
|
||||
self.assertEqual(rv.status_code, 200)
|
||||
rvc = self.app.get('/api/v2/passwords/' + quote(key))
|
||||
self.assertEqual(rv.status_code, 200)
|
||||
|
||||
json_content_retrieved = rvc.get_json()
|
||||
retrieved_password = json_content_retrieved['password']
|
||||
self.assertEqual(retrieved_password, password)
|
||||
json_content_retrieved = rvc.get_json()
|
||||
retrieved_password = json_content_retrieved['password']
|
||||
self.assertEqual(retrieved_password, password)
|
||||
|
||||
def test_retrieve_password_api_v2_bad_keys(self):
|
||||
with freeze_time("2020-05-08 12:00:00") as frozen_time:
|
||||
password = 'my name is my passport. verify me.'
|
||||
rv = self.app.post(
|
||||
'/api/v2/passwords',
|
||||
headers={'Accept': 'application/json'},
|
||||
json={'password': password},
|
||||
)
|
||||
password = 'my name is my passport. verify me.'
|
||||
rv = self.app.post(
|
||||
'/api/v2/passwords',
|
||||
headers={'Accept': 'application/json'},
|
||||
json={'password': password},
|
||||
)
|
||||
|
||||
json_content = rv.get_json()
|
||||
key = unquote(json_content['token'])
|
||||
json_content = rv.get_json()
|
||||
key = unquote(json_content['token'])
|
||||
|
||||
rvc = self.app.get('/api/v2/passwords/' + quote(key[::-1]))
|
||||
self.assertEqual(rvc.status_code, 404)
|
||||
rvc = self.app.get('/api/v2/passwords/' + quote(key[::-1]))
|
||||
self.assertEqual(rvc.status_code, 404)
|
||||
|
||||
json_content_retrieved = rvc.get_json()
|
||||
invalid_params = json_content_retrieved['invalid-params']
|
||||
self.assertEqual(len(invalid_params), 1)
|
||||
bad_token = invalid_params[0]
|
||||
self.assertEqual(bad_token['name'], 'token')
|
||||
json_content_retrieved = rvc.get_json()
|
||||
invalid_params = json_content_retrieved['invalid-params']
|
||||
self.assertEqual(len(invalid_params), 1)
|
||||
bad_token = invalid_params[0]
|
||||
self.assertEqual(bad_token['name'], 'token')
|
||||
|
||||
|
||||
if __name__ == '__main__':
|
||||
|
|
Loading…
Reference in a new issue