o "4g% @s<ddlZddlZddlmZddlmZmZddlmZddl m Z ddl m Z ddl mZddlZddlmZdd lmZmZmZd d lmZd d lmZd d lmZddddddddddddd Zedededededed ed!d"giZd#d$Ze d%d&d'd(d&d)d*d+id,iid-Gd.d/d/eeZ dS)0N) import_module)parse_qsurlparse)settings)override_settings)reverse) urlencode)OAuth2TestsMixin)MockedResponseTestCasemocked_response)APPLE_SESSION_COOKIE_NAME) jwt_encode) AppleProviderz4ADzS5jKx_kdQihyOocVS0Qwwo7m0f7Ow56EadySJ-cmnwoHHF3AxgRaq-h-KwybSphvdc-X7NbS79-b9dumHKyt1MeVLAsDZD1a-uQCEneY1g9LsQkscNr7OggcpvMg5UUFwv6Akavu8cB0iyhNdha5_AWX27K5lNebvpaXEJ8RSAzyy5UvMjrvZyO1Os_nxXIugCa3NyWOkC8oMppPvr1Bl5AnF_xwXN2n9ozPd9Nb3Q3n-omNgLayyUxhwIjWDlI67Vbx-ESuff8ZEBKuTK0Gdmr4C_QU_j0gvvNMNJweSPxDdRmIUgOnjTVNWmdqFTZs43jXAT4J519rgveNLAkGNEaVriPuGIDde88WS03CVbo_mZ9toFWPyTxvuz8VInJ9S1ZxULo-hQWDBohWGYwvg8cgfXckcqWt5OBqNvPYdLgwb84uVi2JeEHmhcQSc_x0zfRTau5HVE2KdR-gWxQjPWoaBHeDVqwoPKaU2XYxa-gYDXcuSJWHz3BX13oInDEFCXr6VwiLiwLBFsb63EEHwyWXJbTpoar7AARWkz76qtngDkk4t9gk_Q0L1y1qf1GeWiAL7xWb-bdptma4-1ui-R2219-1ONEZ41v_jsIS_z8ooXmVCbUsHV4Z1UDpRvpORVE3u57WK3qXUdAtZsXjaIwkdItbDmL1jFUgefwfO91YYQAQABsigtestkeyzR0Hu4YmpHzw3SKWGYuAcAo6B97-JlN2fXiTjZ2g8eHGQX7LSoKEu0Hmu5hcBZYSgOuorIPsPUu3mNtx3pjLMOaJRk34VwcYu7h23ogEKGcPUt1c4tTotFDdw8WFptDOw4ow31TmlBPExLqzzGjJeQSNULB1bExuuhYMWx6wBXo8zWBaHlnbjZ3hDVTzqjrGIYizSr-_aPUJitPKlR6wBncd8nJYo7bLAmB4mOewXkX5HozIGwuF78RsZoFLi1fAmhqgxQ7eopcU-9DBcksUPO4vkgmlJbrkYzNiQauW9vrllekOGXIQQszhVoqP4MLEMpR-Sy9S3PyItcKbJDE3T4ikRS256zAr5kbIw2CsBzeVKX8FkF9eUOMk9URAMdyPoSw8P1zRk2vCXbiOY7Qttad8ptLEUgfytVSsNtGvMsoQsZWRak8nHnhGJ4s0QzB1OK7sdNgU_cL1HV-VxSSPaHhdJBrJEcrzggDPEBKYfDHU6Iz34d1nvjBxoWE8rfqJsGbCW4xxEaVsclLPioUv4VOcOZWAKoRhcvwIH2jOhoHhSI_Cj5c5zSp7qaK8jCU6T7-GObsgrhpty-k26ZuqRdgu9d-62WO8OBGt1e0wxbTh128-nTTrOESHUlV_K1wpJmXOxNpJiybcgzZNbAmACmsHfxZvN9bt7gKPXxf3-_zFAf12PbYMrOionAJ1N_4HxL7fz3xkr5C87Av06QNilIC-mA-4n9Eqw_R2DYNpE3RYMdWtwKqBwJC8qs3677RpG9vcc-yZ_97pEiytd2FBJ8uoTwHd3DHJB8UVgBSh1kMUpSdoM7HxVzKx732nx6Kusln79LrsfOzrXF4enkfKJYI40-uwT95zw) pktyqdeusekidqidpalgdqnkeysrrrrr!r)rrrrr!rcCs,tjjtt}t||ddtdidS)zB Sign a payload as apple normally would for the id_token. rr) algorithmheaders)jwt algorithms RSAAlgorithmfrom_jwkjsondumpsTESTING_JWT_KEYSETr)payload signing_keyr.t/var/www/html/authentication-server/venv/lib/python3.10/site-packages/allauth/socialaccount/providers/apple/tests.py sign_id_tokenYs r0FappleAPPapp123iddummycertificate_keyz-----BEGIN PRIVATE KEY----- MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQg2+Eybl8ojH4wB30C 3/iDkpsrxuPfs3DZ+3nHNghBOpmhRANCAAQSpo1eQ+EpNgQQyQVs/F27dkq3gvAI 28m95JEk26v64YAea5NTH56mru30RDqTKPgRVi5qRu3XGyqy3mdb8gMy -----END PRIVATE KEY----- ) client_idkeysecretr)SOCIALACCOUNT_STORE_TOKENSSOCIALACCOUNT_PROVIDERScsfeZdZejZddZddZdddZdd Z d d Z fd d Z dddZ ddZ ddZZS) AppleTestsc Cs*tt}dd|d|ddddddd S) Nzhttps://appleid.apple.comr3z 000313.c9720f41e9434e18987a.1218CkaUPjk4MJinaAq6Z0tGUAtest@privaterelay.appleid.comtrueiI) issaudexpiatsubat_hashemailemail_verifiedis_private_email auth_time)inttime)selfnowr.r.r/get_apple_id_token_payload}s z%AppleTests.get_apple_id_token_payloadcCs`t|}t||jdd|i}|jjdksJWddS1s)wYdS)Nid_tokenr>)r0rNr get_mocked_responseprovider verify_tokenuserrF)rLrO socialloginr.r.r/test_verify_tokens "zAppleTests.test_verify_tokenTcCs"t|}tdd|dddS)zR `with_refresh_token` is not optional for apple, so it's ignored. testacr<testrtBearer) access_token expires_inrO refresh_token token_type)r0rNr)r*)rLwith_refresh_tokenrOr.r.r/get_login_response_jsons z"AppleTests.get_login_response_jsoncCstdtddiS)a* Apple is unusual in that the `id_token` contains all the user info so no profile info request is made. However, it does need the public key verification, so this mocked response is the public key request in order to verify the authenticity of the id_token. content-typeapplication/json)r KEY_SERVER_RESP_JSONrLr.r.r/rPs zAppleTests.get_mocked_responsecCsdS)NzA Br.rcr.r.r/get_expected_to_strszAppleTests.get_expected_to_strc s:t|}|t|tdddddd|S)a Add apple specific response parameters which they include in the form_post response. https://developer.apple.com/documentation/sign_in_with_apple/sign_in_with_apple_js/incorporating_sign_in_with_apple_into_other_platforms zprivate@appleid.apple.comAB) firstNamelastName)rFname)rOrS)superget_complete_parametersupdater0rNr)r*)rLauth_request_paramsparams __class__r.r/rks  z"AppleTests.get_complete_parametersloginc Cs|jt|jjddtt|d}t|d}t|j }t|jjd}| |dd |d|j |d}t td |d d i|$|jj|||d }td |jvs[J|j|j}Wd|S1smwY|S)N_login?)processlocation _callback redirect_urir)r]r_r`radataapple_finish_callback)clientpostrrQidrdictrrquery assertGreaterfindr^r r rkurlget) rL resp_mockrtr]resprr complete_url response_jsonr.r.r/rqs8      zAppleTests.logincCs^|jjt|jjddddd}td|jvsJ|j|j}||dtt dd d S) z-Override base test because apple posts errorsrvmisctestingstate123)errorstaterxrzz%socialaccount/authentication_error.%sACCOUNT_TEMPLATE_EXTENSIONhtmlN) r{r|rrQr}rrassertTemplateUsedgetattrr)rLrr.r.r/test_authentication_errors z$AppleTests.test_authentication_errorcCs||}td}||jd||d|jdv|d|jdv|t|jjv|jj t}t t j }|j }||j}|t|d|| d|dS)Nrz PATH_INFOr QUERY_STRINGcoderpath)rqrPr assertEqualrequest assertTruerr{cookiesrrrSESSION_ENGINE SessionStorevaluelenr")rLr finish_urlapple_session_cookieenginerapple_login_sessionr.r.r/test_apple_finishs  zAppleTests.test_apple_finish)T)rqT)__name__ __module__ __qualname__rr} provider_idrNrUr^rPrdrkrqrr __classcell__r.r.ror/r;fs   r;)!r)rK importlibr urllib.parserr django.confrdjango.test.utilsr django.urlsrdjango.utils.httprr%allauth.socialaccount.testsr allauth.testsr r r apple_sessionrr{rrQrr+r*rbr0r;r.r.r.r/sl         3