mobile: Make otp_encrypt_api_key accept API keys.

Since otp_encrypt_api_key only encrypts API keys, it doesn't require access to the full UserProfile object to work properly. Now the parameter it accepts is just the API key. This is preparatory refactoring for removing the api_key field on UserProfile.
2025-11-02 13:03:29 +00:00 · 2018-08-01 11:45:52 +02:00
parent 6a192ac84c
commit 298aa0fcbf
3 changed files with 7 additions and 7 deletions
--- a/zerver/lib/mobile_auth_otp.py
+++ b/zerver/lib/mobile_auth_otp.py
@@ -26,9 +26,9 @@ def hex_to_ascii(input_string: str) -> str:
    """Given a hex array, decode it back to a string"""
    return binascii.unhexlify(input_string).decode('utf8')

-def otp_encrypt_api_key(user_profile: UserProfile, otp: str) -> str:
+def otp_encrypt_api_key(api_key: str, otp: str) -> str:
    assert len(otp) == UserProfile.API_KEY_LENGTH * 2
-    hex_encoded_api_key = ascii_to_hex(user_profile.api_key)
+    hex_encoded_api_key = ascii_to_hex(api_key)
    assert len(hex_encoded_api_key) == UserProfile.API_KEY_LENGTH * 2
    return xor_hex_strings(hex_encoded_api_key, otp)

--- a/zerver/tests/test_signup.py
+++ b/zerver/tests/test_signup.py
@@ -2950,14 +2950,13 @@ class MobileAuthOTPTest(ZulipTestCase):
        self.assertEqual(hex_to_ascii('5a63645231323334'), 'ZcdR1234')

    def test_otp_encrypt_api_key(self) -> None:
-        hamlet = self.example_user('hamlet')
-        hamlet.api_key = '12ac' * 8
+        api_key = '12ac' * 8
        otp = '7be38894' * 8
-        result = otp_encrypt_api_key(hamlet, otp)
+        result = otp_encrypt_api_key(api_key, otp)
        self.assertEqual(result, '4ad1e9f7' * 8)

        decryped = otp_decrypt_api_key(result, otp)
-        self.assertEqual(decryped, hamlet.api_key)
+        self.assertEqual(decryped, api_key)

 class FollowupEmailTest(ZulipTestCase):
    def test_followup_day2_email(self) -> None:
--- a/zerver/views/auth.py
+++ b/zerver/views/auth.py
@@ -156,8 +156,9 @@ def login_or_register_remote_user(request: HttpRequest, remote_username: Optiona
    if mobile_flow_otp is not None:
        # For the mobile Oauth flow, we send the API key and other
        # necessary details in a redirect to a zulip:// URI scheme.
+        api_key = get_api_key(user_profile)
        params = {
-            'otp_encrypted_api_key': otp_encrypt_api_key(user_profile, mobile_flow_otp),
+            'otp_encrypted_api_key': otp_encrypt_api_key(api_key, mobile_flow_otp),
            'email': remote_username,
            'realm': user_profile.realm.uri,
        }