test(auth): fix future expiring too fast

tests/common.py

@@ -6,10 +6,21 @@ from mnemonic import Mnemonic
 RECOVERY_KEY_VALIDATION_DATETIME = "selfprivacy_api.models.tokens.time.datetime"
 DEVICE_KEY_VALIDATION_DATETIME = RECOVERY_KEY_VALIDATION_DATETIME
 
-FIVE_MINUTES_INTO_FUTURE_NAIVE = datetime.now() + timedelta(minutes=5)
+
-FIVE_MINUTES_INTO_FUTURE = datetime.now(timezone.utc) + timedelta(minutes=5)
+def five_minutes_into_future_naive():
-FIVE_MINUTES_INTO_PAST_NAIVE = datetime.now() - timedelta(minutes=5)
+    return datetime.now() + timedelta(minutes=5)
-FIVE_MINUTES_INTO_PAST = datetime.now(timezone.utc) - timedelta(minutes=5)
+
+
+def five_minutes_into_future():
+    return datetime.now(timezone.utc) + timedelta(minutes=5)
+
+
+def five_minutes_into_past_naive():
+    return datetime.now() - timedelta(minutes=5)
+
+
+def five_minutes_into_past():
+    return datetime.now(timezone.utc) - timedelta(minutes=5)
 
 
 class NearFuture(datetime):

tests/test_graphql/test_api_recovery.py

@@ -10,8 +10,8 @@ from tests.common import (
 )
 
 # Graphql API's output should be timezone-naive
-from tests.common import FIVE_MINUTES_INTO_FUTURE_NAIVE as FIVE_MINUTES_INTO_FUTURE
+from tests.common import five_minutes_into_future_naive as five_minutes_into_future
-from tests.common import FIVE_MINUTES_INTO_PAST_NAIVE as FIVE_MINUTES_INTO_PAST
+from tests.common import five_minutes_into_past_naive as five_minutes_into_past
 
 from tests.test_graphql.api_common import (
     assert_empty,
@@ -161,7 +161,7 @@ def test_graphql_generate_recovery_key(client, authorized_client, tokens_file):
 def test_graphql_generate_recovery_key_with_expiration_date(
     client, authorized_client, tokens_file
 ):
-    expiration_date = FIVE_MINUTES_INTO_FUTURE
+    expiration_date = five_minutes_into_future()
     key = graphql_make_new_recovery_key(authorized_client, expires_at=expiration_date)
 
     status = graphql_recovery_status(authorized_client)
@@ -179,7 +179,7 @@ def test_graphql_generate_recovery_key_with_expiration_date(
 def test_graphql_use_recovery_key_after_expiration(
     client, authorized_client, tokens_file, mocker
 ):
-    expiration_date = FIVE_MINUTES_INTO_FUTURE
+    expiration_date = five_minutes_into_future()
     key = graphql_make_new_recovery_key(authorized_client, expires_at=expiration_date)
 
     # Timewarp to after it expires
@@ -201,7 +201,7 @@ def test_graphql_use_recovery_key_after_expiration(
 def test_graphql_generate_recovery_key_with_expiration_in_the_past(
     authorized_client, tokens_file
 ):
-    expiration_date = FIVE_MINUTES_INTO_PAST
+    expiration_date = five_minutes_into_past()
     response = request_make_new_recovery_key(
         authorized_client, expires_at=expiration_date
     )

tests/test_graphql/test_repository/test_tokens_repository.py

@@ -27,7 +27,7 @@ from selfprivacy_api.repositories.tokens.abstract_tokens_repository import (
     AbstractTokensRepository,
 )
 
-from tests.common import FIVE_MINUTES_INTO_PAST, FIVE_MINUTES_INTO_FUTURE
+from tests.common import five_minutes_into_past, five_minutes_into_future
 
 
 ORIGINAL_DEVICE_NAMES = [
@@ -363,7 +363,7 @@ def test_use_mnemonic_expired_recovery_key(
     some_tokens_repo,
 ):
     repo = some_tokens_repo
-    expiration = FIVE_MINUTES_INTO_PAST
+    expiration = five_minutes_into_past()
     assert repo.create_recovery_key(uses_left=2, expiration=expiration) is not None
     recovery_key = repo.get_recovery_key()
     # TODO: do not ignore timezone once json backend is deleted
@@ -543,7 +543,7 @@ def test_use_mnemonic_expired_new_device_key(
     some_tokens_repo,
 ):
     repo = some_tokens_repo
-    expiration = FIVE_MINUTES_INTO_PAST
+    expiration = five_minutes_into_past()
 
     key = repo.get_new_device_key()
     assert key is not None
@@ -601,5 +601,5 @@ def test_clone_json_to_redis_full(some_tokens_repo):
     repo = some_tokens_repo
     if isinstance(repo, JsonTokensRepository):
         repo.get_new_device_key()
-        repo.create_recovery_key(FIVE_MINUTES_INTO_FUTURE, 2)
+        repo.create_recovery_key(five_minutes_into_future(), 2)
         clone_to_redis(repo)

tests/test_rest_endpoints/test_auth.py

@@ -11,8 +11,8 @@ from tests.common import (
     NearFuture,
     assert_recovery_recent,
 )
-from tests.common import FIVE_MINUTES_INTO_FUTURE_NAIVE as FIVE_MINUTES_INTO_FUTURE
+from tests.common import five_minutes_into_future_naive as five_minutes_into_future
-from tests.common import FIVE_MINUTES_INTO_PAST_NAIVE as FIVE_MINUTES_INTO_PAST
+from tests.common import five_minutes_into_past_naive as five_minutes_into_past
 
 DATE_FORMATS = [
     "%Y-%m-%dT%H:%M:%S.%fZ",
@@ -76,6 +76,8 @@ def rest_make_recovery_token(client, expires_at=None, timeformat=None, uses=None
             json=json,
         )
 
+    if not response.status_code == 200:
+        raise ValueError(response.reason, response.text, response.json()["detail"])
     assert response.status_code == 200
     assert "token" in response.json()
     return response.json()["token"]
@@ -323,7 +325,7 @@ def test_generate_recovery_token_with_expiration_date(
 ):
     # Generate token with expiration date
     # Generate expiration date in the future
-    expiration_date = FIVE_MINUTES_INTO_FUTURE
+    expiration_date = five_minutes_into_future()
     mnemonic_token = rest_make_recovery_token(
         authorized_client, expires_at=expiration_date, timeformat=timeformat
     )
@@ -362,7 +364,7 @@ def test_generate_recovery_token_with_expiration_in_the_past(
     authorized_client, tokens_file, timeformat
 ):
     # Server must return 400 if expiration date is in the past
-    expiration_date = FIVE_MINUTES_INTO_PAST
+    expiration_date = five_minutes_into_past()
     expiration_date_str = expiration_date.strftime(timeformat)
     response = authorized_client.post(
         "/auth/recovery_token",