Rauise coverage to 90%

mkalioby · mkalioby · commit de002a392ae7 · 2023-06-17T18:39:03.000+03:00
diff --git a/.gitignore b/.gitignore
@@ -1,6 +1,7 @@
 .idea
 env
 example/test_db
+example/passkeys
 # Byte-compiled / optimized / DLL files
 __pycache__/
 *.py[cod]
diff --git a/example/test_app/tests/test_current_platform.py b/example/test_app/tests/test_current_platform.py
@@ -0,0 +1,30 @@
+from django.test import TestCase, RequestFactory
+
+from passkeys.FIDO2 import get_current_platform
+
+
+class TestCurrentPlatform(TestCase):
+    def setUp(self) -> None:
+        self.request_factory = RequestFactory()
+
+    def check_platform(self,user_agent, platform):
+        request = self.request_factory.get('/', HTTP_USER_AGENT=user_agent)
+        self.assertEquals(get_current_platform(request), platform)
+
+    def test_mac(self):
+        self.check_platform("Mozilla/5.0 (Macintosh; Intel Mac OS X 13_4) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Safari/605.1.15","Apple")
+    def test_ios(self):
+        self.check_platform("Mozilla/5.0 (Macintosh; Intel Mac OS X 13_4) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Safari/605.1.15","Apple")
+    def test_ipad(self):
+        self.check_platform("Mozilla/5.0 (iPad; CPU OS 16_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1","Apple")
+
+    def test_chrome_mac(self):
+        self.check_platform("Mozilla/5.0 (Macintosh; Intel Mac OS X 13_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36","Chrome on Apple")
+
+    def test_chrome_windows(self):
+        self.check_platform("Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36","Microsoft")
+
+    def test_android(self):
+        self.check_platform("Mozilla/5.0 (Linux; Android 10) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.130 Mobile Safari/537.36","Google")
+        self.check_platform("Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.130 Mobile Safari/537.36","Google")
+        self.check_platform("Mozilla/5.0 (Linux; Android 10; LM-Q720) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.130 Mobile Safari/537.36","Google")
diff --git a/example/test_app/tests/test_fido.py b/example/test_app/tests/test_fido.py
@@ -1,22 +1,35 @@
 import json
+from importlib import import_module
 
+from django.http import HttpRequest
 from django.test import RequestFactory,TransactionTestCase, Client
 from django.urls import reverse
 
+from test_app import settings
 from test_app.soft_webauthn import SoftWebauthnDevice
 
+from passkeys.models import UserPasskey
+
 
 class test_fido(TransactionTestCase):
     def setUp(self) -> None:
         from django.contrib.auth import get_user_model
         self.user_model = get_user_model()
         self.user = self.user_model.objects.create_user(username="test",password="test")
         self.client = Client()
+        settings.SESSION_ENGINE = 'django.contrib.sessions.backends.file'
+        engine = import_module(settings.SESSION_ENGINE)
+        store = engine.SessionStore()
+        store.save()
+        self.session = store
+        self.client.cookies["sessionid"] = store.session_key
+
         self.client.post("/auth/login", {"username": "test", "password": "test", 'passkeys': ''})
         self.factory = RequestFactory()
 
 
     def test_key_reg(self):
+        self.client.post('auth/login',{"usernaame":"test","password":"test","passkeys":""})
         r = self.client.get(reverse('passkeys:reg_begin'))
         self.assertEquals(r.status_code, 200)
         j = json.loads(r.content)
@@ -33,9 +46,42 @@ def test_key_reg(self):
         self.assertTrue("status" in j)
 
         self.assertEquals(j["status"], "OK")
+        self.assertEquals(UserPasskey.objects.latest('id').name, "testKey")
         return s
 
 
+    def test_auto_key_name(self):
+        r = self.client.get(reverse('passkeys:reg_begin'))
+        self.assertEquals(r.status_code, 200)
+        j = json.loads(r.content)
+        j['publicKey']['challenge'] = j['publicKey']['challenge'].encode("ascii")
+        s = SoftWebauthnDevice()
+        res = s.create(j, "https://" + j["publicKey"]["rp"]["id"])
+        u = reverse('passkeys:reg_complete')
+        r = self.client.post(u, data=json.dumps(res), HTTP_USER_AGENT="Mozilla/5.0 (Macintosh; Intel Mac OS X 13_4) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Safari/605.1.15", content_type="application/json")
+        try:
+            j = json.loads(r.content)
+        except Exception:
+            raise AssertionError("Failed to get the required JSON after reg_completed")
+        self.assertTrue("status" in j)
+        self.assertEquals(j["status"], "OK")
+        self.assertEquals(UserPasskey.objects.latest('id').name,"Apple")
+        return s
+
+    def test_error_when_no_session(self):
+        res = {}
+        res["key_name"] = "testKey"
+        u = reverse('passkeys:reg_complete')
+        r = self.client.post(u, data=json.dumps(res), headers={"USER_AGENT": ""}, HTTP_USER_AGENT="",
+                             content_type="application/json")
+        try:
+            j = json.loads(r.content)
+        except Exception:
+            raise AssertionError("Failed to get the required JSON after reg_completed")
+        self.assertTrue("status" in j)
+        self.assertEquals(j["status"], "ERR")
+        self.assertEquals(j["message"], "FIDO Status can't be found, please try again")
+
     def test_passkey_login(self):
         authenticator = self.test_key_reg()
         self.client.get('/auth/logout')
@@ -51,6 +97,16 @@ def test_passkey_login(self):
         self.assertTrue(self.client.session.get("passkey",{}).get("passkey",False))
         self.assertEquals(self.client.session.get("passkey",{}).get("name"),"testKey")
 
+    def test_base_username(self):
+        authenticator = self.test_key_reg()
+        self.client.get('/auth/logout')
+        session = self.session
+        session["base_username"]= "test"
+        session.save()
+        r = self.client.get(reverse('passkeys:auth_begin'))
+        self.assertEquals(r.status_code, 200)
+        j = json.loads(r.content)
+        print(j)
 
-
-
+    def test_passkey_login_no_session(self):
+        pass
diff --git a/passkeys/FIDO2.py b/passkeys/FIDO2.py
@@ -1,5 +1,6 @@
 import json
 from base64 import urlsafe_b64encode
+import traceback
 
 import fido2.features
 from django.conf import settings
@@ -21,7 +22,7 @@ def enable_json_mapping():
 
 
 def getUserCredentials(user):
-    return [AttestedCredentialData(websafe_decode(uk.token)) for uk in UserPasskey.objects.filter(user = user)]
+    return [AttestedCredentialData(websafe_decode(uk.token)) for uk in UserPasskey.objects.filter(user__username = user)]
 
 
 def getServer(request=None):
@@ -89,10 +90,9 @@ def reg_complete(request):
 
         uk.save()
         return JsonResponse({'status': 'OK'})
-    except Exception as exp:
-        import traceback
-        print(traceback.format_exc())
-        return JsonResponse({'status': 'ERR', "message": "Error on server, please try again later"})
+    except Exception as exp: # pragma: no cover
+        print(traceback.format_exc()) # pragma: no cover
+        return JsonResponse({'status': 'ERR', "message": "Error on server, please try again later"}) # pragma: no cover
 
 
 def auth_begin(request):
@@ -105,7 +105,7 @@ def auth_begin(request):
     if request.user.is_authenticated:
         username = request.user.username
     if username:
-        credentials = getUserCredentials(request.session.get("base_username", request.user.username))
+        credentials = getUserCredentials(username)
     auth_data, state = server.authenticate_begin(credentials)
     request.session['fido2_state'] = state
     return JsonResponse(dict(auth_data))
@@ -140,14 +140,14 @@ def auth_complete(request):
             cred = server.authenticate_complete(
                     request.session.pop('fido2_state'), credentials = credentials, response = data
             )
-        except ValueError:
-            return None
-        except Exception as excep:
-            raise Exception(excep)
+        except ValueError:   # pragma: no cover
+            return None      # pragma: no cover
+        except Exception as excep:              # pragma: no cover
+            raise Exception(excep)              # pragma: no cover
         if key:
             key.last_used = timezone.now()
             request.session["passkey"] = {'passkey': True, 'name': key.name, "id":key.id, "platform": key.platform,
                                            'cross_platform': get_current_platform(request) != key.platform}
             key.save()
             return key.user
-    return None
+    return None                           # pragma: no cover
