Remove secret key on external apps

taigaio · Oct 2, 2016 · 0ba2f60 · 0ba2f60
1 parent 9e9c302
commit 0ba2f60
Show file tree

Hide file tree

Showing 9 changed files with 24 additions and 58 deletions.
diff --git a/taiga/external_apps/encryption.py b/taiga/external_apps/encryption.py
diff --git a/taiga/external_apps/migrations/0002_remove_application_key.py b/taiga/external_apps/migrations/0002_remove_application_key.py
@@ -0,0 +1,19 @@
+# -*- coding: utf-8 -*-
+# Generated by Django 1.9.2 on 2016-09-14 14:13
+from __future__ import unicode_literals
+
+from django.db import migrations
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('external_apps', '0001_initial'),
+    ]
+
+    operations = [
+        migrations.RemoveField(
+            model_name='application',
+            name='key',
+        ),
+    ]
diff --git a/taiga/external_apps/models.py b/taiga/external_apps/models.py
@@ -40,8 +40,6 @@ class Application(models.Model):
 
     next_url = models.TextField(null=False, blank=False, verbose_name=_("Next url"))
 
-    key = models.TextField(null=False, blank=False, verbose_name=_("secret key for ciphering the application tokens"))
-
     class Meta:
         verbose_name = "application"
         verbose_name_plural = "applications"
@@ -71,10 +69,6 @@ class Meta:
     def __str__(self):
         return "{application}: {user} - {token}".format(application=self.application.name, user=self.user.get_full_name(), token=self.token)
 
-    @property
-    def cyphered_token(self):
-        return services.cypher_token(self)
-
     @property
     def next_url(self):
         return "{url}?auth_code={auth_code}".format(url=self.application.next_url, auth_code=self.auth_code)

diff --git a/taiga/external_apps/serializers.py b/taiga/external_apps/serializers.py
@@ -48,4 +48,4 @@ class AuthorizationCodeSerializer(serializers.LightSerializer):
 
 
 class AccessTokenSerializer(serializers.LightSerializer):
-    cyphered_token = Field()
+    token = Field()
diff --git a/taiga/external_apps/services.py b/taiga/external_apps/services.py
@@ -23,8 +23,6 @@
 from django.apps import apps
 from django.utils.translation import ugettext as _
 
-from . import encryption
-
 import json
 
 def get_user_for_application_token(token:str) -> object:
@@ -46,11 +44,3 @@ def authorize_token(application_id:int, user:object, state:str) -> object:
     token.state = state
     token.save()
     return token
-
-
-def cypher_token(application_token:object) -> str:
-    content = {
-        "token": application_token.token
-    }
-
-    return encryption.encrypt(json.dumps(content), application_token.application.key)
diff --git a/taiga/external_apps/validators.py b/taiga/external_apps/validators.py
@@ -29,7 +29,7 @@ class Meta:
 
 
 class ApplicationTokenValidator(validators.ModelValidator):
-    cyphered_token = serializers.CharField(source="cyphered_token", read_only=True)
+    token = serializers.CharField(source="token", read_only=True)
     next_url = serializers.CharField(source="next_url", read_only=True)
     application = ApplicationValidator(read_only=True)
 
@@ -46,9 +46,9 @@ class Meta:
 
 
 class AccessTokenValidator(validators.ModelValidator):
-    cyphered_token = serializers.CharField(source="cyphered_token", read_only=True)
+    token = serializers.CharField(source="token", read_only=True)
     next_url = serializers.CharField(source="next_url", read_only=True)
 
     class Meta:
         model = models.ApplicationToken
-        fields = ("cyphered_token", )
+        fields = ("token", )
diff --git a/tests/factories.py b/tests/factories.py
@@ -560,7 +560,6 @@ class Meta:
         model = "external_apps.Application"
         strategy = factory.CREATE_STRATEGY
 
-    key = "testingkey"
 
 class ApplicationTokenFactory(Factory):
     class Meta:

diff --git a/tests/integration/resources_permissions/test_application_tokens_resources.py b/tests/integration/resources_permissions/test_application_tokens_resources.py
@@ -115,7 +115,6 @@ def test_application_tokens_validate(client, data):
 
     data = json.dumps({
         "application": data.token.application.id,
-        "key": data.token.application.key,
         "auth_code": data.token.auth_code,
         "state": data.token.state
     })

diff --git a/tests/integration/test_application_tokens.py b/tests/integration/test_application_tokens.py
@@ -19,7 +19,6 @@
 
 from django.core.urlresolvers import reverse
 
-from taiga.external_apps import encryption
 from taiga.external_apps import models
 
 
@@ -116,9 +115,7 @@ def test_token_validate(client):
     assert response.status_code == 200
 
     token = models.ApplicationToken.objects.get(id=token.id)
-    decyphered_token = encryption.decrypt(response.data["cyphered_token"], token.application.key)[0]
-    decyphered_token = json.loads(decyphered_token.decode("utf-8"))
-    assert decyphered_token["token"] == token.token
+    assert response.data["token"] == token.token
 
 
 def test_token_validate_validated(client):