Fixed encrypted response getting ascii-escaped

mitodl · May 22, 2019 · a12277e · a12277e
1 parent 60b4df3
commit a12277e
Show file tree

Hide file tree

Showing 2 changed files with 33 additions and 2 deletions.
diff --git a/compliance/api.py b/compliance/api.py
@@ -124,14 +124,18 @@ def log_exports_inquiry(user, response, last_sent, last_received):
     info_code = response.exportReply.infoCode
 
     box = SealedBox(get_encryption_public_key())
+    encrypted_request = box.encrypt(xml_request, encoder=Base64Encoder).decode("ascii")
+    encrypted_response = box.encrypt(xml_response, encoder=Base64Encoder).decode(
+        "ascii"
+    )
 
     return ExportsInquiryLog.objects.create(
         user=user,
         computed_result=compute_result_from_codes(reason_code, info_code),
         reason_code=reason_code,
         info_code=info_code,
-        encrypted_request=box.encrypt(xml_request),
-        encrypted_response=box.encrypt(xml_response),
+        encrypted_request=encrypted_request,
+        encrypted_response=encrypted_response,
     )
 
 

diff --git a/compliance/api_test.py b/compliance/api_test.py
@@ -3,6 +3,8 @@
 # pylint: disable=redefined-outer-name
 import pytest
 from lxml import etree
+from nacl.encoding import Base64Encoder
+from nacl.public import SealedBox
 
 from compliance import api
 from compliance.constants import (
@@ -11,6 +13,7 @@
     RESULT_UNKNOWN,
     TEMPORARY_FAILURE_REASON_CODES,
 )
+from compliance.models import ExportsInquiryLog
 
 
 @pytest.mark.usefixtures("cybersource_settings")
@@ -27,6 +30,26 @@ def test_is_exports_verification_disabled(settings, key):
     assert api.is_exports_verification_enabled() is False
 
 
+@pytest.mark.usefixtures("cybersource_settings")
+def test_log_exports_inquiry(mocker, cybersource_private_key, user):
+    """Test that log_exports_inquiry correctly stores the result"""
+    last_sent = {"envelope": etree.Element("sent")}
+    last_received = {"envelope": etree.Element("received")}
+    mock_response = mocker.Mock(
+        reasonCode="100", exportReply=mocker.Mock(infoCode="102")
+    )
+    log = api.log_exports_inquiry(user, mock_response, last_sent, last_received)
+
+    assert log.user == user
+    assert log.reason_code == 100
+    assert log.info_code == "102"
+
+    box = SealedBox(cybersource_private_key)
+
+    assert box.decrypt(log.encrypted_request, encoder=Base64Encoder) == b"<sent/>"
+    assert box.decrypt(log.encrypted_response, encoder=Base64Encoder) == b"<received/>"
+
+
 @pytest.mark.parametrize(
     "cybersource_mock_client_responses, expected_result",
     [
@@ -45,6 +68,8 @@ def test_verify_user_with_exports(
 
     assert result.computed_result == expected_result
 
+    assert ExportsInquiryLog.objects.filter(user=user).exists()
+
 
 @pytest.mark.usefixtures("cybersource_settings")
 @pytest.mark.parametrize("reason_code", TEMPORARY_FAILURE_REASON_CODES)
@@ -67,3 +92,5 @@ def test_verify_user_with_exports_temporary_errors(mocker, user, reason_code):
     mock_log.error.assert_called_once_with(
         "Unable to verify exports controls, received reasonCode: %s", reason_code
     )
+
+    assert not ExportsInquiryLog.objects.filter(user=user).exists()