From f3badb18b299019b0705a1289a5f81dfb3a6f437 Mon Sep 17 00:00:00 2001 From: Sonny Bakker Date: Tue, 3 Dec 2024 12:55:42 +0100 Subject: [PATCH] [#293] use `secrets` stlib module & regenerate test tokens --- src/openklant/components/token/utils.py | 5 +-- .../tests/files/token_all_fields.yaml | 4 +- .../tests/files/token_empty_database.yaml | 4 +- .../tests/files/token_existing_tokens.yaml | 4 +- .../tests/files/token_idempotent.yaml | 4 +- .../tests/files/token_invalid_email.yaml | 4 +- .../tests/files/token_invalid_identifier.yaml | 4 +- .../tests/files/token_invalid_token.yaml | 2 +- .../tests/test_token_auth_config.py | 44 +++++++++---------- 9 files changed, 37 insertions(+), 38 deletions(-) diff --git a/src/openklant/components/token/utils.py b/src/openklant/components/token/utils.py index 3d30ac30..f527b36e 100644 --- a/src/openklant/components/token/utils.py +++ b/src/openklant/components/token/utils.py @@ -1,11 +1,10 @@ -import binascii -import os +import secrets from typing import Iterable def _generate_token() -> str: - return binascii.hexlify(os.urandom(20)).decode() + return secrets.token_hex(20) def get_token(existing_tokens: Iterable[str]) -> str: diff --git a/src/openklant/setup_configuration/tests/files/token_all_fields.yaml b/src/openklant/setup_configuration/tests/files/token_all_fields.yaml index 30edd02c..195ff813 100644 --- a/src/openklant/setup_configuration/tests/files/token_all_fields.yaml +++ b/src/openklant/setup_configuration/tests/files/token_all_fields.yaml @@ -3,7 +3,7 @@ tokens_config_enable: true tokens_config: items: - identifier: token-1 - token: 06c76243e011f788c069e0436e529c10b7753609 + token: 18b2b74ef994314b84021d47b9422e82b685d82f contact_person: Person 1 email: person-1@example.com organization: Organization XYZ @@ -11,7 +11,7 @@ tokens_config: administration: Administration XYZ - identifier: token-3 - token: 90fd511f069605ace65b32143d0b7e3554054792 + token: e882642bd0ec2482adcdc97258c2e6f98cb06d85 contact_person: Person 3 email: person-3@example.com organization: Organization ZYX diff --git a/src/openklant/setup_configuration/tests/files/token_empty_database.yaml b/src/openklant/setup_configuration/tests/files/token_empty_database.yaml index 756f1535..c5ca8b4f 100644 --- a/src/openklant/setup_configuration/tests/files/token_empty_database.yaml +++ b/src/openklant/setup_configuration/tests/files/token_empty_database.yaml @@ -3,11 +3,11 @@ tokens_config_enable: true tokens_config: items: - identifier: token-1 - token: 06c76243e011f788c069e0436e529c10b7753609 + token: 7b2b212d9f16d171a70a1d927cdcfbd5ca7a4799 contact_person: Person 1 email: person-1@example.com - identifier: token-2 - token: 90fd511f069605ace65b32143d0b7e3554054792 + token: ba9d233e95e04c4a8a661a27daffe7c9bd019067 contact_person: Person 2 email: person-2@example.com diff --git a/src/openklant/setup_configuration/tests/files/token_existing_tokens.yaml b/src/openklant/setup_configuration/tests/files/token_existing_tokens.yaml index e1e3dc47..1ece3f85 100644 --- a/src/openklant/setup_configuration/tests/files/token_existing_tokens.yaml +++ b/src/openklant/setup_configuration/tests/files/token_existing_tokens.yaml @@ -3,11 +3,11 @@ tokens_config_enable: true tokens_config: items: - identifier: token-1 - token: 06c76243e011f788c069e0436e529c10b7753609 + token: 18b2b74ef994314b84021d47b9422e82b685d82f contact_person: Person 1 email: person-1@example.com - identifier: token-3 - token: 90fd511f069605ace65b32143d0b7e3554054792 + token: e882642bd0ec2482adcdc97258c2e6f98cb06d85 contact_person: Person 3 email: person-3@example.com diff --git a/src/openklant/setup_configuration/tests/files/token_idempotent.yaml b/src/openklant/setup_configuration/tests/files/token_idempotent.yaml index f7eef547..c8581d94 100644 --- a/src/openklant/setup_configuration/tests/files/token_idempotent.yaml +++ b/src/openklant/setup_configuration/tests/files/token_idempotent.yaml @@ -3,7 +3,7 @@ tokens_config_enable: true tokens_config: items: - identifier: token-1 - token: 06c76243e011f788c069e0436e529c10b7753609 + token: 7b2b212d9f16d171a70a1d927cdcfbd5ca7a4799 contact_person: Person 1 email: person-1@example.com organization: Organization XYZ @@ -11,7 +11,7 @@ tokens_config: administration: Administration XYZ - identifier: token-2 - token: 90fd511f069605ace65b32143d0b7e3554054792 + token: ba9d233e95e04c4a8a661a27daffe7c9bd019067 contact_person: Person 2 email: person-2@example.com organization: Organization ZYX diff --git a/src/openklant/setup_configuration/tests/files/token_invalid_email.yaml b/src/openklant/setup_configuration/tests/files/token_invalid_email.yaml index c9750101..4e3b7119 100644 --- a/src/openklant/setup_configuration/tests/files/token_invalid_email.yaml +++ b/src/openklant/setup_configuration/tests/files/token_invalid_email.yaml @@ -3,7 +3,7 @@ tokens_config_enable: true tokens_config: items: - identifier: token-1 - token: 06c76243e011f788c069e0436e529c10b7753609 + token: ba9d233e95e04c4a8a661a27daffe7c9bd019067 contact_person: Person 1 email: invalid organization: Organization XYZ @@ -11,7 +11,7 @@ tokens_config: administration: Administration XYZ - identifier: token-2 - token: 90fd511f069605ace65b32143d0b7e3554054792 + token: 795cb35c930d27b98297df761f0fa52182348875 contact_person: Person 2 email: person-2@example.com organization: Organization ZYX diff --git a/src/openklant/setup_configuration/tests/files/token_invalid_identifier.yaml b/src/openklant/setup_configuration/tests/files/token_invalid_identifier.yaml index a1154617..1edfc139 100644 --- a/src/openklant/setup_configuration/tests/files/token_invalid_identifier.yaml +++ b/src/openklant/setup_configuration/tests/files/token_invalid_identifier.yaml @@ -3,7 +3,7 @@ tokens_config_enable: true tokens_config: items: - identifier: foobar foobar foobar foobar foobar foobar foobar foobar foobar foobar foobar foobar - token: 06c76243e011f788c069e0436e529c10b7753609 + token: ba9d233e95e04c4a8a661a27daffe7c9bd019067 contact_person: Person 1 email: person-1@example.com organization: Organization XYZ @@ -11,7 +11,7 @@ tokens_config: administration: Administration XYZ - identifier: token-2 - token: 90fd511f069605ace65b32143d0b7e3554054792 + token: 795cb35c930d27b98297df761f0fa52182348875 contact_person: Person 2 email: person-2@example.com organization: Organization ZYX diff --git a/src/openklant/setup_configuration/tests/files/token_invalid_token.yaml b/src/openklant/setup_configuration/tests/files/token_invalid_token.yaml index c2629795..c103fb9a 100644 --- a/src/openklant/setup_configuration/tests/files/token_invalid_token.yaml +++ b/src/openklant/setup_configuration/tests/files/token_invalid_token.yaml @@ -11,7 +11,7 @@ tokens_config: administration: Administration XYZ - identifier: token-2 - token: 90fd511f069605ace65b32143d0b7e3554054792 + token: ba9d233e95e04c4a8a661a27daffe7c9bd019067 contact_person: Person 2 email: person-2@example.com organization: Organization ZYX diff --git a/src/openklant/setup_configuration/tests/test_token_auth_config.py b/src/openklant/setup_configuration/tests/test_token_auth_config.py index 51c66557..f3bc760b 100644 --- a/src/openklant/setup_configuration/tests/test_token_auth_config.py +++ b/src/openklant/setup_configuration/tests/test_token_auth_config.py @@ -26,7 +26,7 @@ def test_empty_database(self): self.assertEqual(first_token.identifier, "token-1") self.assertEqual( - first_token.token, "06c76243e011f788c069e0436e529c10b7753609" + first_token.token, "7b2b212d9f16d171a70a1d927cdcfbd5ca7a4799" ) self.assertEqual(first_token.contact_person, "Person 1") self.assertEqual(first_token.email, "person-1@example.com") @@ -38,7 +38,7 @@ def test_empty_database(self): self.assertEqual(second_token.identifier, "token-2") self.assertEqual( - second_token.token, "90fd511f069605ace65b32143d0b7e3554054792" + second_token.token, "ba9d233e95e04c4a8a661a27daffe7c9bd019067" ) self.assertEqual(second_token.contact_person, "Person 2") self.assertEqual(second_token.email, "person-2@example.com") @@ -49,14 +49,14 @@ def test_empty_database(self): def test_existing_tokens(self): TokenAuthFactory( identifier="token-1", - token="877caee40349810d47c762882085cb46fc7b4786", + token="ba9d233e95e04c4a8a661a27daffe7c9bd019067", contact_person="Person 4", email="person-4@example.com", ) TokenAuthFactory( identifier="token-2", - token="03032ceb4352020fa84355a4a4652978942c496d", + token="795cb35c930d27b98297df761f0fa52182348875", contact_person="Person 2", email="person-2@example.com", ) @@ -73,7 +73,7 @@ def test_existing_tokens(self): self.assertEqual(first_token.identifier, "token-1") self.assertEqual( - first_token.token, "06c76243e011f788c069e0436e529c10b7753609" + first_token.token, "18b2b74ef994314b84021d47b9422e82b685d82f" ) self.assertEqual(first_token.contact_person, "Person 1") self.assertEqual(first_token.email, "person-1@example.com") @@ -85,7 +85,7 @@ def test_existing_tokens(self): self.assertEqual(second_token.identifier, "token-2") self.assertEqual( - second_token.token, "03032ceb4352020fa84355a4a4652978942c496d" + second_token.token, "795cb35c930d27b98297df761f0fa52182348875", ) self.assertEqual(second_token.contact_person, "Person 2") self.assertEqual(second_token.email, "person-2@example.com") @@ -97,7 +97,7 @@ def test_existing_tokens(self): self.assertEqual(third_token.identifier, "token-3") self.assertEqual( - third_token.token, "90fd511f069605ace65b32143d0b7e3554054792" + third_token.token, "e882642bd0ec2482adcdc97258c2e6f98cb06d85" ) self.assertEqual(third_token.contact_person, "Person 3") self.assertEqual(third_token.email, "person-3@example.com") @@ -108,7 +108,7 @@ def test_existing_tokens(self): def test_with_all_fields(self): TokenAuthFactory( identifier="token-1", - token="877caee40349810d47c762882085cb46fc7b4786", + token="7b2b212d9f16d171a70a1d927cdcfbd5ca7a4799", contact_person="Person 4", email="person-4@example.com", application="overwritten@example.com", @@ -118,7 +118,7 @@ def test_with_all_fields(self): TokenAuthFactory( identifier="token-2", - token="03032ceb4352020fa84355a4a4652978942c496d", + token="ba9d233e95e04c4a8a661a27daffe7c9bd019067", contact_person="Person 2", email="person-2@example.com", ) @@ -135,7 +135,7 @@ def test_with_all_fields(self): self.assertEqual(first_token.identifier, "token-1") self.assertEqual( - first_token.token, "06c76243e011f788c069e0436e529c10b7753609" + first_token.token, "18b2b74ef994314b84021d47b9422e82b685d82f" ) self.assertEqual(first_token.contact_person, "Person 1") self.assertEqual(first_token.email, "person-1@example.com") @@ -147,7 +147,7 @@ def test_with_all_fields(self): self.assertEqual(second_token.identifier, "token-2") self.assertEqual( - second_token.token, "03032ceb4352020fa84355a4a4652978942c496d" + second_token.token, "ba9d233e95e04c4a8a661a27daffe7c9bd019067" ) self.assertEqual(second_token.contact_person, "Person 2") self.assertEqual(second_token.email, "person-2@example.com") @@ -159,7 +159,7 @@ def test_with_all_fields(self): self.assertEqual(third_token.identifier, "token-3") self.assertEqual( - third_token.token, "90fd511f069605ace65b32143d0b7e3554054792" + third_token.token, "e882642bd0ec2482adcdc97258c2e6f98cb06d85" ) self.assertEqual(third_token.contact_person, "Person 3") self.assertEqual(third_token.email, "person-3@example.com") @@ -170,7 +170,7 @@ def test_with_all_fields(self): def test_invalid_email(self): TokenAuthFactory( identifier="token-1", - token="03032ceb4352020fa84355a4a4652978942c496d", + token="7b2b212d9f16d171a70a1d927cdcfbd5ca7a4799", contact_person="Person 4", email="person-4@example.com", ) @@ -188,7 +188,7 @@ def test_invalid_email(self): self.assertEqual(token.identifier, "token-1") self.assertEqual( - token.token, "03032ceb4352020fa84355a4a4652978942c496d" + token.token, "7b2b212d9f16d171a70a1d927cdcfbd5ca7a4799" ) self.assertEqual(token.contact_person, "Person 4") self.assertEqual(token.email, "person-4@example.com") @@ -199,7 +199,7 @@ def test_invalid_email(self): def test_invalid_token(self): TokenAuthFactory( identifier="token-1", - token="03032ceb4352020fa84355a4a4652978942c496d", + token="7b2b212d9f16d171a70a1d927cdcfbd5ca7a4799", contact_person="Person 4", email="person-4@example.com", ) @@ -217,7 +217,7 @@ def test_invalid_token(self): self.assertEqual(token.identifier, "token-1") self.assertEqual( - token.token, "03032ceb4352020fa84355a4a4652978942c496d" + token.token, "7b2b212d9f16d171a70a1d927cdcfbd5ca7a4799" ) self.assertEqual(token.contact_person, "Person 4") self.assertEqual(token.email, "person-4@example.com") @@ -228,7 +228,7 @@ def test_invalid_token(self): def test_invalid_identifier(self): TokenAuthFactory( identifier="token-1", - token="877caee40349810d47c762882085cb46fc7b4786", + token="7b2b212d9f16d171a70a1d927cdcfbd5ca7a4799", contact_person="Person 4", email="person-4@example.com", ) @@ -246,7 +246,7 @@ def test_invalid_identifier(self): self.assertEqual(token.identifier, "token-1") self.assertEqual( - token.token, "877caee40349810d47c762882085cb46fc7b4786" + token.token, "7b2b212d9f16d171a70a1d927cdcfbd5ca7a4799" ) self.assertEqual(token.contact_person, "Person 4") self.assertEqual(token.email, "person-4@example.com") @@ -267,7 +267,7 @@ def test_idempotent_step(self): self.assertEqual(first_token.identifier, "token-1") self.assertEqual( - first_token.token, "06c76243e011f788c069e0436e529c10b7753609" + first_token.token, "7b2b212d9f16d171a70a1d927cdcfbd5ca7a4799" ) self.assertEqual(first_token.contact_person, "Person 1") self.assertEqual(first_token.email, "person-1@example.com") @@ -279,7 +279,7 @@ def test_idempotent_step(self): self.assertEqual(second_token.identifier, "token-2") self.assertEqual( - second_token.token, "90fd511f069605ace65b32143d0b7e3554054792" + second_token.token, "ba9d233e95e04c4a8a661a27daffe7c9bd019067" ) self.assertEqual(second_token.contact_person, "Person 2") self.assertEqual(second_token.email, "person-2@example.com") @@ -295,7 +295,7 @@ def test_idempotent_step(self): self.assertEqual(first_token.identifier, "token-1") self.assertEqual( - first_token.token, "06c76243e011f788c069e0436e529c10b7753609" + first_token.token, "7b2b212d9f16d171a70a1d927cdcfbd5ca7a4799" ) self.assertEqual(first_token.contact_person, "Person 1") self.assertEqual(first_token.email, "person-1@example.com") @@ -307,7 +307,7 @@ def test_idempotent_step(self): self.assertEqual(second_token.identifier, "token-2") self.assertEqual( - second_token.token, "90fd511f069605ace65b32143d0b7e3554054792" + second_token.token, "ba9d233e95e04c4a8a661a27daffe7c9bd019067" ) self.assertEqual(second_token.contact_person, "Person 2") self.assertEqual(second_token.email, "person-2@example.com")