connect-id/conftest.py at main · dimagi/connect-id · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
import base64
from datetime import timedelta

import pytest
from django.utils.timezone import now
from oauth2_provider.models import Application
from rest_framework.test import APIClient

from users.auth import SessionTokenAuthentication
from users.factories import (
    ConfigurationSessionFactory,
    FCMDeviceFactory,
    IssuingAuthorityFactory,
    RecoveryStatusFactory,
    ServerKeysFactory,
    UserFactory,
)


@pytest.fixture
def user(db):
    return UserFactory()


@pytest.fixture
def locked_user(db):
    return UserFactory(is_active=False, is_locked=True)


@pytest.fixture
def fcm_device(user):
    return FCMDeviceFactory(user=user)


@pytest.fixture
def api_client():
    return APIClient()


@pytest.fixture
def auth_device(user, api_client):
    """
    Create the Basic Authentication credentials for the test user.
    """
    credentials = f"{user.username}:testpass".encode()
    base64_credentials = base64.b64encode(credentials).decode("utf-8")
    cred = f"Basic {base64_credentials}"
    api_client.credentials(HTTP_AUTHORIZATION=cred)
    return api_client


@pytest.fixture
def oauth_app(db):
    application = Application(
        name="Test Application HQ",
        redirect_uris="http://localhost",
        client_type=Application.CLIENT_CONFIDENTIAL,
        authorization_grant_type=Application.GRANT_CLIENT_CREDENTIALS,
    )
    application.raw_client_secret = application.client_secret
    application.save()
    return application


@pytest.fixture
def authed_client(api_client, oauth_app):
    auth = f"{oauth_app.client_id}:{oauth_app.raw_client_secret}".encode()
    credentials = base64.b64encode(auth).decode("utf-8")
    api_client.defaults["HTTP_AUTHORIZATION"] = "Basic " + credentials
    return api_client


@pytest.fixture
def credential_issuing_authority():
    issuing_credentials_auth = ServerKeysFactory()
    credential_issuing_authority = IssuingAuthorityFactory(server_credentials=issuing_credentials_auth)
    return credential_issuing_authority


@pytest.fixture
def credential_issuing_client(api_client, credential_issuing_authority):
    auth = (
        f"{credential_issuing_authority.server_credentials.client_id}:"
        f"{credential_issuing_authority.server_credentials.secret_key}"
    ).encode()
    credentials = base64.b64encode(auth).decode("utf-8")
    api_client.defaults["HTTP_AUTHORIZATION"] = "Basic " + credentials
    return api_client


@pytest.fixture
def authed_client_token(authed_client, valid_token):
    authed_client.defaults["HTTP_AUTHORIZATION"] = f"Bearer {valid_token.key}"
    return authed_client


@pytest.fixture
def recovery_status():
    return RecoveryStatusFactory()


@pytest.fixture
def recovery_status_with_expired_token_user():
    status = RecoveryStatusFactory()
    status.user.deactivation_token_valid_until = now() - timedelta(days=1)
    status.user.save()
    return status


@pytest.fixture
def token_auth():
    return SessionTokenAuthentication()


@pytest.fixture
def valid_token(user):
    return ConfigurationSessionFactory(
        phone_number=user.phone_number,
        is_phone_validated=True,
        invited_user=True,
    )


@pytest.fixture
def expired_token():
    expires = now() - timedelta(days=2)
    return ConfigurationSessionFactory(expires=expires)