o h#@sddlmZddlmZddlZddlmZddlmZddl m Z ddl m Z dd Z d d Zd d ZddZddZejdddgddZddZejdddgddZdS))ANY)get_user_modelN) app_settings)"AUTHENTICATION_METHODS_SESSION_KEY)Flow) AuthenticatorcCs||%}||d}d|dvsJ|j|dd|idd}Wdn1s,wY|}|ddd|jksBJdS) Nheadless:mfa:login_webauthnrequest_optionsdata credentialapplication/jsonr content_typeuserid)getjsonpostuser_id)clientpasskeywebauthn_authentication_bypassheadless_reverser respr rc/var/www/html/env_mimamsha/lib/python3.10/site-packages/allauth/headless/mfa/tests/test_webauthn.pytest_passkey_login s rcCsP||d}|}i}|dkrddtii}|dddtiid|ks&JdS) Nrappmeta session_tokenr publicKey)statusr )rrr)rheadless_clientrdbrr rrrrtest_passkey_login_get_optionss r%cCs||d}|jdksJtjdd|ddDvs J||%||d}|}|dd ks8J|dd tksBJWdn1sLwY||}|j|dd |id d }|jd ksiJWdn1sswY||d}|jd ksJdS)Nz"headless:mfa:manage_recovery_codescSsg|]}|dqS)rr.0flowrrr 5sz'test_reauthenticate..r flowsz$headless:mfa:reauthenticate_webauthnr"r r r r r )r status_coderMFA_REAUTHENTICATErrr) auth_clientruser_with_recovery_codesrrrr r rrrtest_reauthenticate+s*   r0cCs|jdd}|j|d|dd}|jdksJ||j|d|dd}Wdn1s/wY|jdks;J||jdksHJdS)NzRenamed!)rnameheadless:mfa:manage_webauthnr r r&r )pkputr,refresh_from_dbwrapr1r.rrreauthentication_bypassr rrrrtest_update_authenticatorLs" r9cCsd|jgi}|j|d|dd}|jdksJ||j|d|dd}Wdn1s/wY|jdks;Jtjj|jdrGJdS)Nauthenticatorsr2r r r&r )r3)r3deleter,robjectsfilterexistsr7rrrtest_delete_authenticatorbs r?email_verifiedFTc Cs>||d}|r|jdksJ |||d}|r4|jdks%J|}|ddtks3Jn|jdks;J||d=}|j|dd|id d }tjjtjj |d  } |ri|jdksbJ| d kshJn |jdkspJ| d ksvJWdn1swYWddSWddS1swYdS)Nr2r&ir r creation_optionsFr r r )typerr) rr,rrrrr<r=TypeWEBAUTHNcount) rr.rwebauthn_registration_bypassr8r@rr r webauthn_countrrrtest_add_authenticatorws<    "rIc Cs>|j|d|j|ddd}|jdksJ|}dd|dd D}t|d ks,J|d } | d d dgdks;J||%} ||d}d|dvsQJ|j|dd| idd}Wdn1sgwY|}|jdkswJ|ddd|jksJ|tdt |j jddt t t j j dgksJdS)Nzheadless:account:login)usernamepasswordr r r&cSg|] }|dr|qS is_pendingr)r(frrrr*sz"test_2fa_login..r r+rCrmfa_authenticateTwebauthn)rrNtypesz"headless:mfa:authenticate_webauthnr r r rrrK)methodatrJmfa)rTrUrrB)rrJr,rlenrrheadless_sessionrrrrrDrE) rr user_passwordrrrrr pending_flows pending_flowr rrrtest_2fa_loginsB  r\login_on_email_verificationcCstjj|_d|_||_|j|dddddd}|jdksJd d |d d D} t | d ks4J| d} | dt j j ksBJ|||} |j|dd| idd}|jdksZJdd |d d D} t | d ksoJ| d} | dt j j ks}J||d}|} d| d vsJtjjdd} || d}|j|dd|ddd}Wdn1swY|} |jdksJ| ddsJtjj| d}|jdksJdS)NTzheadless:mfa:signup_webauthnz pass@key.orgr)emailrJr r r&cSrLrMrOr'rrrr*  z'test_passkey_signup..r r+rCrrzheadless:account:verify_emailkeycSrLrMrOr'rrrr*r_rA)r^zSome key)r1r r ris_authenticated)r)rEmailVerificationMethod MANDATORYACCOUNT_EMAIL_VERIFICATION*ACCOUNT_EMAIL_VERIFICATION_BY_CODE_ENABLED#ACCOUNT_LOGIN_ON_EMAIL_CONFIRMATIONrr,rrWr VERIFY_EMAILvalueMFA_SIGNUP_WEBAUTHNrrr<r4rr6r1)rr$rGrsettings get_last_email_verification_code mailoutboxr]rrZr)coder rr authenticatorrrrtest_passkey_signupsX   ro) unittest.mockrdjango.contrib.authrpytestallauth.accountrallauth.account.authenticationrallauth.headless.constantsrallauth.mfa.modelsrrr%r0r9r?mark parametrizerIr\rorrrrs"     ! &+