fix smart link authentication (#170)

* fix smart link authentication * making some field names mandatory, and some other times field types mandatory * fixing unit tests * removing old ref to USED_TYPE_FIELDS
sequentech · Jan 7, 2022 · 43e86fc · 43e86fc
1 parent 05adce4
commit 43e86fc
Show file tree

Hide file tree

Showing 11 changed files with 85 additions and 27 deletions.
diff --git a/authapi/api/views.py b/authapi/api/views.py
@@ -1488,7 +1488,8 @@ def post(request, pk=None):
             if extra_fields:
                 msg += check_extra_fields(
                     extra_fields,
-                    METHODS.get(auth_method).USED_TYPE_FIELDS)
+                    METHODS.get(auth_method).MANDATORY_FIELDS
+                )
                 slug_set = set()
                 for field in extra_fields:
                     if 'name' in field:
@@ -1505,7 +1506,7 @@ def post(request, pk=None):
             if admin_fields:
                 msg += check_admin_fields(
                     admin_fields,
-                    METHODS.get(auth_method).USED_TYPE_FIELDS)
+                    METHODS.get(auth_method).MANDATORY_FIELDS)
 
             # check census mode
             census = req.get('census', '')

diff --git a/authapi/authmethods/m_dnie.py b/authapi/authmethods/m_dnie.py
@@ -110,7 +110,10 @@ class DNIE:
         "register-pipeline": [],
         "authenticate-pipeline": []
     }
-    USED_TYPE_FIELDS = ['dni']
+    MANDATORY_FIELDS = dict(
+        types=['dni'],
+        names=[]
+    )
     dni_definition = { "name": "dni", "type": "text", "required": True, "min": 2, "max": 200, "required_on_authentication": True }
 
 

diff --git a/authapi/authmethods/m_email.py b/authapi/authmethods/m_email.py
@@ -74,7 +74,11 @@ class Email:
             ["check_total_max", {"field": "ip", "period": 3600*24, "max": 50}],
         ]
     }
-    USED_TYPE_FIELDS = ['email']
+
+    MANDATORY_FIELDS = dict(
+        types=['email'],
+        names=[]
+    )
 
     email_definition = {
         "name": "email",

diff --git a/authapi/authmethods/m_email_otp.py b/authapi/authmethods/m_email_otp.py
@@ -78,7 +78,11 @@ class Email:
             ["check_total_max", {"field": "ip", "period": 3600*24, "max": 20}],
         ]
     }
-    USED_TYPE_FIELDS = ['email']
+
+    MANDATORY_FIELDS = dict(
+        types=['email'],
+        names=[]
+    )
 
     email_definition = {
         "name": "email",

diff --git a/authapi/authmethods/m_emailpwd.py b/authapi/authmethods/m_emailpwd.py
@@ -47,7 +47,10 @@ class EmailPWD:
             {'object_type': 'AuthEvent', 'perms': ['vote',], 'object_id': 'AuthEventId' }
         ],
     }
-    USED_TYPE_FIELDS = ['email', 'password']
+    MANDATORY_FIELDS = dict(
+        types=['email', 'password'],
+        names=[]
+    )
     email_definition = {
         "name": "email",
         "type": "email",

diff --git a/authapi/authmethods/m_openidconnect.py b/authapi/authmethods/m_openidconnect.py
@@ -63,7 +63,10 @@ class OpenIdConnect(object):
             {'object_type': 'AuthEvent', 'perms': ['vote',], 'object_id': 'AuthEventId' }
         ],
     }
-    USED_TYPE_FIELDS = ['sub']
+    MANDATORY_FIELDS = dict(
+        types=[],
+        names=['sub']
+    )
     sub_definition = {
         "name": "sub",
         "type": "text",

diff --git a/authapi/authmethods/m_pwd.py b/authapi/authmethods/m_pwd.py
@@ -47,7 +47,10 @@ class PWD:
             {'object_type': 'AuthEvent', 'perms': ['vote',], 'object_id': 'AuthEventId' }
         ],
     }
-    USED_TYPE_FIELDS = ['username', 'password']
+    MANDATORY_FIELDS = dict(
+        types=['password'],
+        names=['username']
+    )
     username_definition = {
         "name": "username",
         "type": "text",

diff --git a/authapi/authmethods/m_smart_link.py b/authapi/authmethods/m_smart_link.py
@@ -53,7 +53,10 @@ class SmartLink:
       }
     ]
   }
-  USED_TYPE_FIELDS = ['user_id']
+  MANDATORY_FIELDS = dict(
+    types=[],
+    names=['user_id']
+  )
   CONFIG_CONTRACT = [
     {
       'check': 'isinstance',

diff --git a/authapi/authmethods/m_sms.py b/authapi/authmethods/m_sms.py
@@ -84,7 +84,10 @@ class Sms:
             ["check_total_max", {"field": "ip", "period": 3600*24, "max": 20}],
         ]
     }
-    USED_TYPE_FIELDS = ['tlf']
+    MANDATORY_FIELDS = dict(
+        types=[],
+        names=['tlf']
+    )
 
     tlf_definition = {
         "name": "tlf",

diff --git a/authapi/authmethods/m_sms_otp.py b/authapi/authmethods/m_sms_otp.py
@@ -83,7 +83,10 @@ class SmsOtp:
             ["check_total_max", {"field": "tlf", "period": 3600*24, "max": 20}]
         ]
     }
-    USED_TYPE_FIELDS = ['tlf']
+    MANDATORY_FIELDS = dict(
+        types=[],
+        names=['tlf']
+    )
 
     tlf_definition = {
         "name": "tlf",

diff --git a/authapi/utils.py b/authapi/utils.py
@@ -663,10 +663,29 @@ def send_codes(users, ip, auth_method, config=None, sender_uid=None, eid=None):
     'check_total_max',
     'check_total_connection',
     )
-VALID_TYPE_FIELDS = ('text', 'password', 'int', 'bool', 'regex', 'email', 'tlf',
-        'captcha', 'textarea', 'dni', 'dict', 'image', 'date')
+VALID_TYPE_FIELDS = (
+    'text',
+    'password',
+    'int', 
+    'bool',
+    'regex',
+    'email',
+    'tlf',
+    'captcha',
+    'textarea',
+    'dni',
+    'dict',
+    'image',
+    'date'
+)
 REQUIRED_ADMIN_FIELDS = ('name', 'type')
-VALID_ADMIN_FIELDS = VALID_FIELDS + ('description', 'label', 'step', 'value', 'placeholder')
+VALID_ADMIN_FIELDS = VALID_FIELDS + (
+    'description',
+    'label',
+    'step',
+    'value',
+    'placeholder'
+)
 
 def check_authmethod(method):
     """ Check if method exists in method list. """
@@ -799,20 +818,26 @@ def check_fields(key, value):
                 msg += "Invalid extra_fields: bad %s.\n" % key
     return msg
 
-def check_extra_fields(fields, mandatory_type_fields=[]):
+def check_extra_fields(fields, mandatory_fields=dict(types=[], names=[])):
     """ Check extra_fields when create auth-event. """
     msg = ''
     if len(fields) > settings.MAX_EXTRA_FIELDS:
         return "Maximum number of fields reached\n"
     used_fields = ['status']
     found_used_type_fields = []
-    mandatory_type_fields = mandatory_type_fields[:]
+    found_used_name_fields = []
+    mandatory_type_fields = mandatory_fields['types'][:]
+    mandatory_name_fields = mandatory_fields['names'][:]
     for field in fields:
-        if field.get('name') in used_fields:
-            msg += "Two fields with same name: %s.\n" % field.get('name')
-        used_fields.append(field.get('name'))
-        if field.get('type') in mandatory_type_fields:
-            found_used_type_fields.append(field.get('name'))
+        fname = field.get('name')
+        ftype = field.get('type')
+        if fname in used_fields:
+            msg += "Two fields with same name: %s.\n" % fname
+        used_fields.append(fname)
+        if ftype in mandatory_type_fields:
+            found_used_type_fields.append(ftype)
+        if fname in mandatory_name_fields:
+            found_used_name_fields.append(fname)
         for required in REQUIRED_FIELDS:
             if not required in field.keys():
                 msg += "Required field %s.\n" % required
@@ -822,27 +847,30 @@ def check_extra_fields(fields, mandatory_type_fields=[]):
             else:
                 msg += "Invalid extra_field: %s not possible.\n" % key
     if set(found_used_type_fields) != set(mandatory_type_fields):
-        msg += "Not all required used fields were found"
+        msg += "Not all mandatory type fields were found"
+    if set(found_used_name_fields) != set(mandatory_name_fields):
+        msg += "Not all mandatory type fields were found"
     return msg
 
 def check_admin_field(key, value):
     """ Check fields in admin_field when create auth-event. """
     msg = ''
     return msg
 
-def check_admin_fields(fields, used_type_fields=[]):
+def check_admin_fields(fields, mandatory_fields=[]):
     """ Check extra_fields when create auth-event. """
     msg = ''
     if fields is None:
        return msg
     if len(fields) > settings.MAX_ADMIN_FIELDS:
         return "Maximum number of fields reached\n"
     # create a copy of the list to not modify it
-    used_fields = used_type_fields[:]
+    used_fields = mandatory_fields['names'][:]
     for field in fields:
-        if field.get('name') in used_fields:
-            msg += "Two admin fields with same name: %s.\n" % field.get('name')
-        used_fields.append(field.get('name'))
+        fname = field.get('name')
+        if fname in used_fields:
+            msg += "Two admin fields with same name: %s.\n" % fname
+        used_fields.append(fname)
         for required in REQUIRED_ADMIN_FIELDS:
             if not required in field.keys():
                 msg += "Required field %s.\n" % required