refactor: update models and tests to reflect latest API changes

the API expects to accept the public/private keys as in raw data form, either as a string or a bytes-like object.
cal-itp · May 24, 2022 · 7e0f6c7 · 7e0f6c7
1 parent b48eaa7
commit 7e0f6c7
Show file tree

Hide file tree

Showing 4 changed files with 16 additions and 24 deletions.
diff --git a/benefits/core/models.py b/benefits/core/models.py
@@ -6,8 +6,6 @@
 from django.db import models
 from django.urls import reverse
 
-from eligibility_api.client import JWK
-
 
 logger = logging.getLogger(__name__)
 
@@ -22,12 +20,6 @@ class PemData(models.Model):
     def __str__(self):
         return self.label
 
-    @property
-    def jwk(self):
-        """Eligibility API JWK instance from this PemData."""
-        pem_bytes = bytes(self.text, "utf-8")
-        return JWK.from_pem(pem_bytes)
-
 
 class AuthProvider(models.Model):
     """An entity that provides authentication for eligibility verifiers."""
@@ -100,9 +92,9 @@ def __str__(self):
         return self.name
 
     @property
-    def public_jwk(self):
-        """Eligibility API JWK instance of this Verifier's public key"""
-        return self.public_key.jwk
+    def public_key_data(self):
+        """This Verifier's public key as a string."""
+        return self.public_key.text
 
     @property
     def requires_authentication(self):
@@ -189,9 +181,9 @@ def index_url(self):
         return reverse("core:agency_index", args=[self.slug])
 
     @property
-    def private_jwk(self):
-        """Eligibility API instance of this Agency's private key"""
-        return self.private_key.jwk
+    def private_key_data(self):
+        """This Agency's private key as a string."""
+        return self.private_key.text
 
     @staticmethod
     def by_id(id):

diff --git a/benefits/eligibility/views.py b/benefits/eligibility/views.py
@@ -193,10 +193,10 @@ def _verify(request, form):
         issuer=settings.ALLOWED_HOSTS[0],
         agency=agency.agency_id,
         jws_signing_alg=agency.jws_signing_alg,
-        client_private_jwk=agency.private_jwk,
+        client_private_key=agency.private_key_data,
         jwe_encryption_alg=verifier.jwe_encryption_alg,
         jwe_cek_enc=verifier.jwe_cek_enc,
-        server_public_jwk=verifier.public_jwk,
+        server_public_key=verifier.public_key_data,
     )
 
     # get the eligibility type names

diff --git a/requirements.txt b/requirements.txt
@@ -1,7 +1,7 @@
 Authlib==1.0.1
 Django==3.2.13
 django-csp==3.7
-git+https://github.com/cal-itp/eligibility-api@4126dcf43dcc5de22ffb6c738de76e176c21f8e4#egg=eligibility_api
+git+https://github.com/cal-itp/eligibility-api@a2f9932d074d10afc21713ada32eebe3841a1a3d#egg=eligibility_api
 gunicorn==20.1.0
 requests==2.27.1
 six==1.16.0
diff --git a/tests/pytest/eligibility/test_views.py b/tests/pytest/eligibility/test_views.py
@@ -11,7 +11,7 @@
 
 from benefits.core import session
 from benefits.core.models import TransitAgency
-from eligibility_api.client import ApiError, TokenError, JWK
+from eligibility_api.client import ApiError, TokenError
 from eligibility_api.server import make_token
 from benefits.eligibility.views import confirm
 from tests.pytest.conftest import with_agency, initialize_request
@@ -87,10 +87,10 @@ def test_confirm_success(mocker, rf):
                 "eligibility": ["type1"],
             },
             verifier.jws_signing_alg,
-            _get_jwk("server.key"),
+            _get_key("server.key"),
             verifier.jwe_encryption_alg,
             verifier.jwe_cek_enc,
-            _get_jwk("client.pub"),
+            _get_key("client.pub"),
         ),
     )
 
@@ -107,12 +107,12 @@ def test_confirm_success(mocker, rf):
     assert response.url == reverse("enrollment:index")
 
 
-def _get_jwk(filename):
+def _get_key(filename):
     current_path = Path(os.path.dirname(os.path.realpath(__file__)))
     file_path = current_path / "keys" / filename
 
     with file_path.open(mode="rb") as pemfile:
-        key = JWK.from_pem(pemfile.read())
+        key = str(pemfile.read(), "utf-8")
 
     return key
 
@@ -189,10 +189,10 @@ def _tokenize_response_error_scenarios():
                     "eligibility": ["type1"],
                 },
                 "RS512",  # signing algorithm that doesn't match verifier.jws_signing_alg
-                _get_jwk("server.key"),
+                _get_key("server.key"),
                 verifier.jwe_encryption_alg,
                 verifier.jwe_cek_enc,
-                _get_jwk("client.pub"),
+                _get_key("client.pub"),
             ),
             id='TokenError("JWS token signature verification failed")',
         ),