add a validation

jefer94 · Aug 23, 2024 · 4b18dc2 · 4b18dc2
1 parent 3346c8f
commit 4b18dc2
Show file tree

Hide file tree

Showing 2 changed files with 34 additions and 28 deletions.
diff --git a/breathecode/authenticate/tests/urls/tests_app_token.py b/breathecode/authenticate/tests/urls/tests_app_token.py
@@ -14,33 +14,6 @@
 from capyc.rest_framework import pytest as capy
 
 
-def credentials_github_serializer(credentials_github):
-    return {
-        "avatar_url": credentials_github.avatar_url,
-        "name": credentials_github.name,
-        "username": credentials_github.username,
-    }
-
-
-def profile_serializer(credentials_github):
-    return {
-        "avatar_url": credentials_github.avatar_url,
-    }
-
-
-def get_serializer(user, credentials_github=None, profile=None, **data):
-    return {
-        "email": user.email,
-        "username": user.username,
-        "first_name": user.first_name,
-        "github": credentials_github_serializer(credentials_github) if credentials_github else None,
-        "id": user.id,
-        "last_name": user.last_name,
-        "profile": profile_serializer(profile) if profile else None,
-        **data,
-    }
-
-
 @pytest.fixture(autouse=True)
 def setup(db, monkeypatch):
     from linked_services.django.actions import reset_app_cache
@@ -65,6 +38,30 @@ def test_no_auth(bc: Breathecode, client: capy.Client):
     assert bc.database.list_of("authenticate.Token") == []
 
 
+def test_external_app(bc: Breathecode, client: capy.Client, sign_jwt_link: Callable[..., None]):
+    app = {"require_an_agreement": True, "slug": "rigobot"}
+    model = bc.database.create(
+        app=app,
+        first_party_credentials={
+            "app": {
+                "rigobot": 1,
+            },
+        },
+    )
+
+    sign_jwt_link(client, model.app)
+
+    url = reverse_lazy("authenticate:app_token")
+    response = client.post(url)
+
+    json = response.json()
+    expected = {"detail": "from-external-app", "status_code": 400}
+
+    assert json == expected
+    assert response.status_code == status.HTTP_400_BAD_REQUEST
+    assert bc.database.list_of("authenticate.Token") == []
+
+
 def test_no_data(bc: Breathecode, client: capy.Client, sign_jwt_link: Callable[..., None]):
     app = {"require_an_agreement": False, "slug": "rigobot"}
     model = bc.database.create(

diff --git a/breathecode/authenticate/views.py b/breathecode/authenticate/views.py
@@ -2717,7 +2717,6 @@ async def post(self, request, app_slug: str):
             return await s.post("/v1/auth/app/user", data)
 
 
-# app/user/:id
 class AppTokenView(APIView):
     permission_classes = [AllowAny]
     extensions = APIViewExtensions(paginate=True)
@@ -2726,6 +2725,16 @@ class AppTokenView(APIView):
     def post(self, request: LinkedHttpRequest, app: LinkedApp, token: LinkedToken, user_id=None):
         lang = get_user_language(request)
 
+        if app.require_an_agreement:
+            raise ValidationException(
+                translation(
+                    lang,
+                    en="Can't get tokens from an external app",
+                    es="No se puede obtener tokens desde una aplicación externa",
+                    slug="from-external-app",
+                ),
+            )
+
         hash = request.data.get("token")
         if not hash:
             raise ValidationException(