From 1ab68f2145aa47d3e89d4e9e237fc7670dea2722 Mon Sep 17 00:00:00 2001 From: jr conlin Date: Wed, 12 Apr 2017 16:55:52 -0700 Subject: [PATCH] bug: enforce `senderID` for gcm/fcm closes #868 --- autopush/tests/test_web_validation.py | 15 +++++++++++++++ autopush/tests/test_web_webpush.py | 6 ++++-- autopush/web/webpush.py | 8 ++++++++ 3 files changed, 27 insertions(+), 2 deletions(-) diff --git a/autopush/tests/test_web_validation.py b/autopush/tests/test_web_validation.py index a7905608..8f562b5f 100644 --- a/autopush/tests/test_web_validation.py +++ b/autopush/tests/test_web_validation.py @@ -310,6 +310,7 @@ def test_valid_data(self): ) schema.context["settings"].router.get_uaid.return_value = dict( router_type="gcm", + router_data=dict(creds=dict(senderID="bogus")), ) result, errors = schema.load(self._make_test_data()) eq_(errors, {}) @@ -325,6 +326,7 @@ def test_no_headers(self): ) schema.context["settings"].router.get_uaid.return_value = dict( router_type="gcm", + router_data=dict(creds=dict(senderID="bogus")), ) data = self._make_test_data(body="asdfasdf") @@ -421,6 +423,7 @@ def test_invalid_header_combo(self): ) schema.context["settings"].router.get_uaid.return_value = dict( router_type="gcm", + router_data=dict(creds=dict(senderID="bogus")), ) info = self._make_test_data( headers={ @@ -444,6 +447,7 @@ def test_invalid_header_combo_04(self): ) schema.context["settings"].router.get_uaid.return_value = dict( router_type="gcm", + router_data=dict(creds=dict(senderID="bogus")), ) info = self._make_test_data( headers={ @@ -470,6 +474,7 @@ def test_missing_encryption_salt(self): ) schema.context["settings"].router.get_uaid.return_value = dict( router_type="gcm", + router_data=dict(creds=dict(senderID="bogus")), ) info = self._make_test_data( headers={ @@ -494,6 +499,7 @@ def test_missing_encryption_salt_04(self): ) schema.context["settings"].router.get_uaid.return_value = dict( router_type="gcm", + router_data=dict(creds=dict(senderID="bogus")), ) info = self._make_test_data( headers={ @@ -518,6 +524,7 @@ def test_missing_encryption_key_dh(self): ) schema.context["settings"].router.get_uaid.return_value = dict( router_type="gcm", + router_data=dict(creds=dict(senderID="bogus")), ) info = self._make_test_data( headers={ @@ -543,6 +550,7 @@ def test_missing_crypto_key_dh(self): schema.context["settings"].router.get_uaid.return_value = dict( router_type="gcm", uaid=dummy_uaid, + router_data=dict(creds=dict(senderID="bogus")), ) info = self._make_test_data( headers={ @@ -568,6 +576,7 @@ def test_invalid_data_size(self): schema.context["settings"].router.get_uaid.return_value = dict( router_type="gcm", uaid=dummy_uaid, + router_data=dict(creds=dict(senderID="bogus")), ) schema.context["settings"].max_data = 1 @@ -590,6 +599,7 @@ def test_invalid_data_must_have_crypto_headers(self): ) schema.context["settings"].router.get_uaid.return_value = dict( router_type="gcm", + router_data=dict(creds=dict(senderID="bogus")), ) with assert_raises(InvalidRequest) as cm: @@ -606,6 +616,7 @@ def test_valid_data_crypto_padding_stripped(self): ) schema.context["settings"].router.get_uaid.return_value = dict( router_type="gcm", + router_data=dict(creds=dict(senderID="bogus")), ) padded_value = "asdfjiasljdf===" @@ -633,6 +644,7 @@ def test_invalid_dh_value_for_01_crypto(self): ) schema.context["settings"].router.get_uaid.return_value = dict( router_type="gcm", + router_data=dict(creds=dict(senderID="bogus")), ) padded_value = "asdfjiasljdf===" @@ -664,6 +676,7 @@ def test_invalid_vapid_crypto_header(self): schema.context["settings"].router.get_uaid.return_value = dict( router_type="gcm", uaid=dummy_uaid, + router_data=dict(creds=dict(senderID="bogus")), ) info = self._make_test_data( @@ -691,6 +704,7 @@ def test_invalid_topic(self): schema.context["settings"].router.get_uaid.return_value = dict( router_type="gcm", uaid=dummy_uaid, + router_data=dict(creds=dict(senderID="bogus")), ) info = self._make_test_data( @@ -780,6 +794,7 @@ def _make_fut(self): settings.router.get_uaid.return_value = dict( router_type="gcm", uaid=dummy_uaid, + router_data=dict(creds=dict(senderID="bogus")), ) settings.fernet = self.fernet_mock = Mock() return schema diff --git a/autopush/tests/test_web_webpush.py b/autopush/tests/test_web_webpush.py index f17c3578..280dd059 100644 --- a/autopush/tests/test_web_webpush.py +++ b/autopush/tests/test_web_webpush.py @@ -175,7 +175,8 @@ def handle_finish(result): self.ap_settings.router.get_uaid.return_value = dict( uaid=dummy_uaid, chid=dummy_chid, - router_type="gcm" + router_type="gcm", + router_data=dict(creds=dict(senderID="bogus")), ) self.wp.post() return self.finish_deferred @@ -192,7 +193,8 @@ def handle_finish(result): self.ap_settings.router.get_uaid.return_value = dict( uaid=dummy_uaid, chid=dummy_chid, - router_type="gcm" + router_type="gcm", + router_data=dict(creds=dict(senderID="bogus")), ) self.wp.post() return self.finish_deferred diff --git a/autopush/web/webpush.py b/autopush/web/webpush.py index 7503ccb4..4bae97b3 100644 --- a/autopush/web/webpush.py +++ b/autopush/web/webpush.py @@ -78,6 +78,14 @@ def validate_uaid_month_and_chid(self, d): if result.get("router_type") not in ["webpush", "gcm", "apns", "fcm"]: raise InvalidRequest("Wrong URL for user", errno=108) + if result.get("router_type") in ["gcm", "fcm"]: + if 'senderID' not in result.get('router_data', + {}).get("creds", {}): + # Make sure we note that this record is bad. + result['critical_failure'] = \ + result.get('critical_failure', "Missing SenderID") + settings.router.register_user(result) + if result.get("critical_failure"): raise InvalidRequest("Critical Failure: %s" % result.get("critical_failure"),