feat: add forgotten password feature

indykite_sdk/README.md

@@ -1278,19 +1278,32 @@ positional arguments:
   consent_ids List of consent ids separated by space
 ```
 
-79. To see all available options, run
+79. Start forgotten password flow
+
+```shell
+python3 api.py start_forgotten_password DIGITAL_TWIN_ID TENANT_ID
+```
+
+```shell
+positional arguments:
+  digital_twin_id   String
+  tenant_id   String
+```
+
+----------------
+To see all available options, run
 
 ```shell
 python3 api.py --help
 ```
 
-80. To see the subcommands help page, run
+To see the subcommands help page, run
 
 ```shell
 python3 api.py <sub_command> --help
 ```
 
-81. To execute the functions against the local instance, add the `-l` flag to the command:
+To execute the functions against the local instance, add the `-l` flag to the command:
 
 ```shell
 python api.py -l introspect USER_TOKEN

indykite_sdk/api.py

@@ -488,6 +488,12 @@ def main():
     revoke_consent_parser.add_argument("pii_principal_id", help="DigitalTwin Id (gid)")
     revoke_consent_parser.add_argument("consent_ids", nargs='*', help="List of consent ids separated by space")
 
+    # FORGOTTEN_PASSWORD
+    start_forgotten_password = subparsers.add_parser("start_forgotten_password")
+    start_forgotten_password.add_argument("digital_twin_id", help="gid ID of the digital twin with forgotten password")
+    start_forgotten_password.add_argument("tenant_id", help="gid ID of the tenant")
+
+
     args = parser.parse_args()
     local = args.local
     client = IdentityClient(local)
@@ -1726,6 +1732,15 @@ def main():
             print("Invalid consent response")
         return consent_response
 
+    elif command == "start_forgotten_password":
+        digital_twin_id = args.digital_twin_id
+        tenant_id = args.tenant_id
+        forgotten_password = client.start_forgotten_password_flow(digital_twin_id, tenant_id)
+        if forgotten_password is not None:
+            print(forgotten_password)
+        else:
+            print("Invalid forgotten password response")
+
 
 def print_verify_info(digital_twin_info):  # pragma: no cover
     print("Digital twin info")

indykite_sdk/identity/__init__.py

@@ -58,3 +58,4 @@ def __init__(self, local=False):
     from .enrich_token import enrich_token
     from .import_digital_twins import import_digital_twins
     from .consent import create_consent, list_consents, revoke_consent
+    from .forgotten_password import start_forgotten_password_flow

indykite_sdk/identity/forgotten_password.py

@@ -0,0 +1,24 @@
+from indykite_sdk.indykite.identity.v1beta2 import identity_management_api_pb2 as pb2
+from indykite_sdk.indykite.identity.v1beta2 import model_pb2 as model
+import sys
+from indykite_sdk.utils.logger import handle_excepthook, logger_error
+
+
+def start_forgotten_password_flow(self, digital_twin_id, tenant_id):
+    sys.excepthook = handle_excepthook
+    try:
+        response = self.stub.StartForgottenPasswordFlow(
+            pb2.StartForgottenPasswordFlowRequest(
+                digital_twin=model.DigitalTwin(
+                    id=str(digital_twin_id),
+                    tenant_id=str(tenant_id)
+                )
+            )
+        )
+    except Exception as exception:
+        return logger_error(exception)
+
+    if not response:
+        return None
+
+    return True

tests/helpers/data.py

@@ -16,6 +16,7 @@
 TENANT = "gid:AAAAA2CHw7x3Dk68uWSkjl7FoG0"
 TENANT_EMAIL = "gid:AAAAA2luZHlraURlgAADDwAAAAI"
 DIGITAL_TWIN = "gid:AAAAFZVCTOBCHEPMgdvP44aZLbg"
+DIGITAL_TWIN_TEST = "gid:AAAAFf_ZpzyM2UpRuG22DJLLNq0"
 CODE_VERIFIER = "AAAAAAAAAAEAAAAAAAAAAgAAAAAAAAADAAAAAAAAAAQ"
 CODE_CHALLENGE = "cjbADBcANsbeEzqHghDd1YVnqh0GGaD3D2njiub5Fuk"
 # this is changes, if test starts failing, check it!!!
@@ -91,6 +92,10 @@ def get_digital_twin():
     return DIGITAL_TWIN
 
 
+def get_digital_twin_test():
+    return DIGITAL_TWIN_TEST
+
+
 def get_url():
     return URL
 

tests/test_forgotten_password.py

@@ -0,0 +1,70 @@
+from indykite_sdk.identity import IdentityClient
+from indykite_sdk.model.digital_twin import DigitalTwin
+from helpers import data
+
+
+def test_forgotten_password_wrong_twin_id(capsys):
+    digital_twin_id = "696e6479-6b69-465-8000-010f00000000"
+    tenant_id = data.get_tenant()
+
+    client = IdentityClient()
+    assert client is not None
+
+    response = client.start_forgotten_password_flow(digital_twin_id, tenant_id)
+    captured = capsys.readouterr()
+
+    assert (
+        "StatusCode.INVALID_ARGUMENT" in captured.err
+    )
+
+
+def test_forgotten_password_wrong_tenant_id(capsys):
+    digital_twin_id = data.get_digital_twin_test()
+    tenant_id = "gid:AAAAAbHLUExsxkqsqRoI93amR30"
+
+    client = IdentityClient()
+    assert client is not None
+
+    response = client.start_forgotten_password_flow(digital_twin_id, tenant_id)
+    captured = capsys.readouterr()
+
+    assert "tenantId is not valid Tenant identifier" in captured.err
+
+
+def test_forgotten_password_uuid_tenant_id(capsys):
+    digital_twin_id = data.get_digital_twin_test()
+    tenant_id = "696e6479-6b69-4465-8000-030f00000001"
+
+    client = IdentityClient()
+    assert client is not None
+
+    response = client.start_forgotten_password_flow(digital_twin_id, tenant_id)
+    captured = capsys.readouterr()
+
+    "invalid DigitalTwin.Id: value length must be 16 bytes" in captured.err
+
+
+def test_forgotten_password_nonexisting_twin_id(capsys):
+    digital_twin_id = "gid:AAAAAbHLUExsxkqsqRoI93amR30"
+    tenant_id = data.get_tenant()
+
+    client = IdentityClient()
+    assert client is not None
+
+    response = client.start_forgotten_password_flow(digital_twin_id, tenant_id)
+    captured = capsys.readouterr()
+
+    assert "StatusCode.INVALID_ARGUMENT" in captured.err
+
+
+def test_forgotten_password_success(capsys):
+    digital_twin_id = data.get_digital_twin_test()
+    tenant_id = data.get_tenant()
+
+    client = IdentityClient()
+    assert client is not None
+
+    response = client.start_forgotten_password_flow(digital_twin_id, tenant_id)
+    captured = capsys.readouterr()
+
+    assert response is True