django-esi 8.1.0__py3-none-any.whl

esi/tests/jwt_factory.py

@@ -0,0 +1,135 @@
+"""Factory for generating Eve Onlie conformant JWTs for testing."""
+
+import datetime as dt
+
+from jose import jwt
+from pytz import utc
+
+_RSA_PRIVATE_KEY = """
+-----BEGIN PRIVATE KEY-----
+MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQC7VJTUt9Us8cKj
+MzEfYyjiWA4R4/M2bS1GB4t7NXp98C3SC6dVMvDuictGeurT8jNbvJZHtCSuYEvu
+NMoSfm76oqFvAp8Gy0iz5sxjZmSnXyCdPEovGhLa0VzMaQ8s+CLOyS56YyCFGeJZ
+qgtzJ6GR3eqoYSW9b9UMvkBpZODSctWSNGj3P7jRFDO5VoTwCQAWbFnOjDfH5Ulg
+p2PKSQnSJP3AJLQNFNe7br1XbrhV//eO+t51mIpGSDCUv3E0DDFcWDTH9cXDTTlR
+ZVEiR2BwpZOOkE/Z0/BVnhZYL71oZV34bKfWjQIt6V/isSMahdsAASACp4ZTGtwi
+VuNd9tybAgMBAAECggEBAKTmjaS6tkK8BlPXClTQ2vpz/N6uxDeS35mXpqasqskV
+laAidgg/sWqpjXDbXr93otIMLlWsM+X0CqMDgSXKejLS2jx4GDjI1ZTXg++0AMJ8
+sJ74pWzVDOfmCEQ/7wXs3+cbnXhKriO8Z036q92Qc1+N87SI38nkGa0ABH9CN83H
+mQqt4fB7UdHzuIRe/me2PGhIq5ZBzj6h3BpoPGzEP+x3l9YmK8t/1cN0pqI+dQwY
+dgfGjackLu/2qH80MCF7IyQaseZUOJyKrCLtSD/Iixv/hzDEUPfOCjFDgTpzf3cw
+ta8+oE4wHCo1iI1/4TlPkwmXx4qSXtmw4aQPz7IDQvECgYEA8KNThCO2gsC2I9PQ
+DM/8Cw0O983WCDY+oi+7JPiNAJwv5DYBqEZB1QYdj06YD16XlC/HAZMsMku1na2T
+N0driwenQQWzoev3g2S7gRDoS/FCJSI3jJ+kjgtaA7Qmzlgk1TxODN+G1H91HW7t
+0l7VnL27IWyYo2qRRK3jzxqUiPUCgYEAx0oQs2reBQGMVZnApD1jeq7n4MvNLcPv
+t8b/eU9iUv6Y4Mj0Suo/AU8lYZXm8ubbqAlwz2VSVunD2tOplHyMUrtCtObAfVDU
+AhCndKaA9gApgfb3xw1IKbuQ1u4IF1FJl3VtumfQn//LiH1B3rXhcdyo3/vIttEk
+48RakUKClU8CgYEAzV7W3COOlDDcQd935DdtKBFRAPRPAlspQUnzMi5eSHMD/ISL
+DY5IiQHbIH83D4bvXq0X7qQoSBSNP7Dvv3HYuqMhf0DaegrlBuJllFVVq9qPVRnK
+xt1Il2HgxOBvbhOT+9in1BzA+YJ99UzC85O0Qz06A+CmtHEy4aZ2kj5hHjECgYEA
+mNS4+A8Fkss8Js1RieK2LniBxMgmYml3pfVLKGnzmng7H2+cwPLhPIzIuwytXywh
+2bzbsYEfYx3EoEVgMEpPhoarQnYPukrJO4gwE2o5Te6T5mJSZGlQJQj9q4ZB2Dfz
+et6INsK0oG8XVGXSpQvQh3RUYekCZQkBBFcpqWpbIEsCgYAnM3DQf3FJoSnXaMhr
+VBIovic5l0xFkEHskAjFTevO86Fsz1C2aSeRKSqGFoOQ0tmJzBEs1R6KqnHInicD
+TQrKhArgLXX4v3CddjfTRJkFWDbE/CkvKZNOrcf1nhaGCPspRJj2KUkj1Fhl9Cnc
+dn/RsYEONbwQSjIfMPkvxF+8HQ==
+-----END PRIVATE KEY-----
+"""
+
+_RSA_PUBLIC_KEY = """
+-----BEGIN PUBLIC KEY-----
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu1SU1LfVLPHCozMxH2Mo
+4lgOEePzNm0tRgeLezV6ffAt0gunVTLw7onLRnrq0/IzW7yWR7QkrmBL7jTKEn5u
++qKhbwKfBstIs+bMY2Zkp18gnTxKLxoS2tFczGkPLPgizskuemMghRniWaoLcyeh
+kd3qqGElvW/VDL5AaWTg0nLVkjRo9z+40RQzuVaE8AkAFmxZzow3x+VJYKdjykkJ
+0iT9wCS0DRTXu269V264Vf/3jvredZiKRkgwlL9xNAwxXFg0x/XFw005UWVRIkdg
+cKWTjpBP2dPwVZ4WWC+9aGVd+Gyn1o0CLelf4rEjGoXbAAEgAqeGUxrcIlbjXfbc
+mwIDAQAB
+-----END PUBLIC KEY-----
+"""
+_JWK_PUBLIC_KEY = """u1SU1LfVLPHCozMxH2Mo4lgOEePzNm0tRgeLezV6ffAt0gunVTLw7onLRnrq0_IzW7yWR7QkrmBL7jTKEn5u-qKhbwKfBstIs-bMY2Zkp18gnTxKLxoS2tFczGkPLPgizskuemMghRniWaoLcyehkd3qqGElvW_VDL5AaWTg0nLVkjRo9z-40RQzuVaE8AkAFmxZzow3x-VJYKdjykkJ0iT9wCS0DRTXu269V264Vf_3jvredZiKRkgwlL9xNAwxXFg0x_XFw005UWVRIkdgcKWTjpBP2dPwVZ4WWC-9aGVd-Gyn1o0CLelf4rEjGoXbAAEgAqeGUxrcIlbjXfbcmw"""  # noqa: E501
+_ALGORITHM = jwt.ALGORITHMS.RS256
+_AUDIENCE = "EVE Online"
+_HEADERS = {"alg": "RS256", "kid": "JWT-Signature-Key", "typ": "JWT"}
+_ISSUER = "login.eveonline.com"
+
+
+def generate_jwk():
+    return {
+        "alg": _ALGORITHM,
+        "e": "AQAB",
+        "kid": "JWT-Signature-Key",
+        "kty": "RSA",
+        "n": _JWK_PUBLIC_KEY,
+        "use": "sig",
+    }
+
+
+def _generate_claims(
+    issued_at: dt.datetime,
+    character_id: int,
+    character_name: str,
+    issuer=None,
+    audience=None,
+) -> dict:
+    if not issuer:
+        issuer = _ISSUER
+    expires_at = issued_at + dt.timedelta(minutes=20)
+    claims = {
+        "scp": "esi-characters.read_medals.v1",
+        "jti": "xxx",
+        "kid": "JWT-Signature-Key",
+        "sub": f"CHARACTER:EVE:{character_id}",
+        "azp": "yyy",
+        "tenant": "tranquility",
+        "tier": "live",
+        "region": "world",
+        "name": str(character_name),
+        "owner": "OWNER-HASH",
+        "exp": int(expires_at.timestamp()),
+        "iat": int(issued_at.timestamp()),
+        "iss": _ISSUER,
+    }
+    if audience is None:
+        audience = _AUDIENCE
+    if audience:
+        claims["aud"] = audience
+    return claims
+
+
+def generate_token(
+    character_id: int,
+    character_name: str,
+    issued_at: dt.datetime = None,
+    issuer=None,
+    audience=None,
+) -> tuple[str, dict]:
+    """Generate a JWT for Eve Online."""
+    if not issued_at:
+        issued_at = dt.datetime.now(tz=utc)
+    claims = _generate_claims(
+        issued_at=issued_at,
+        character_id=character_id,
+        character_name=character_name,
+        issuer=issuer,
+        audience=audience,
+    )
+    token_string = jwt.encode(
+        claims=claims, key=_RSA_PRIVATE_KEY, algorithm=_ALGORITHM, headers=_HEADERS
+    )
+    return token_string, claims
+
+
+def validate():
+    issued_at = dt.datetime.now(tz=utc)
+    token, claims = generate_token(
+        issued_at=issued_at, character_id=1001, character_name="Bruce Wayne"
+    )
+    new_claims = jwt.decode(
+        token=token, key=generate_jwk(), audience=_AUDIENCE, issuer=_ISSUER
+    )
+    print("Validate successful: ", claims == new_claims)
+
+
+if __name__ == "__main__":
+    validate()

esi/tests/test_checks.py

@@ -0,0 +1,48 @@
+"""unit tests for esi checks"""
+
+from django.conf import settings
+from django.test import TestCase, override_settings
+
+from ..checks import check_sso_application_settings
+
+
+class TestCheckSsoApplicationSettings(TestCase):
+
+    @override_settings(
+        ESI_SSO_CLIENT_ID='123', ESI_SSO_CLIENT_SECRET='abc', ESI_SSO_CALLBACK_URL='xyz'
+    )
+    def test_settings_ok(self):
+        errors = check_sso_application_settings()
+        self.assertEqual(len(errors), 0)
+
+    @override_settings(ESI_SSO_CLIENT_SECRET='abc', ESI_SSO_CALLBACK_URL='xyz')
+    def test_settings_incomplete_ESI_SSO_CLIENT_ID(self):
+        del settings.ESI_SSO_CLIENT_ID
+        errors = check_sso_application_settings()
+        self.assertEqual(len(errors), 1)
+
+    @override_settings(ESI_SSO_CLIENT_ID='123', ESI_SSO_CALLBACK_URL='xyz')
+    def test_settings_incomplete_ESI_SSO_CLIENT_SECRET(self):
+        del settings.ESI_SSO_CLIENT_SECRET
+        errors = check_sso_application_settings()
+        self.assertEqual(len(errors), 1)
+
+    @override_settings(ESI_SSO_CLIENT_ID='123', ESI_SSO_CLIENT_SECRET='abc')
+    def test_settings_incomplete_ESI_SSO_CALLBACK_URL(self):
+        del settings.ESI_SSO_CALLBACK_URL
+        errors = check_sso_application_settings()
+        self.assertEqual(len(errors), 1)
+
+    @override_settings(ESI_SSO_CLIENT_ID='123', ESI_SSO_CLIENT_SECRET='abc', DEBUG=True)
+    def test_settings_incomplete_debug_mode(self):
+        del settings.ESI_SSO_CALLBACK_URL
+        errors = check_sso_application_settings()
+        self.assertEqual(len(errors), 1)
+
+    @override_settings(
+        ESI_SSO_CLIENT_ID='123', ESI_SSO_CLIENT_SECRET='abc', DEBUG=False
+    )
+    def test_settings_incomplete_non_debug_mode(self):
+        del settings.ESI_SSO_CALLBACK_URL
+        errors = check_sso_application_settings()
+        self.assertEqual(len(errors), 1)