utils: remove obsolete timestamp_from_datetime (#45256)

src/authentic2/utils/__init__.py

@@ -951,12 +951,6 @@ def select_next_url(request, default, field_name=None, include_post=False, repla
     return default
 
 
-def timestamp_from_datetime(dt):
-    '''Convert an aware datetime as an Unix timestamp'''
-    utc_naive = dt.replace(tzinfo=None) - dt.utcoffset()
-    return int((utc_naive - datetime.datetime(1970, 1, 1)).total_seconds())
-
-
 def human_duration(seconds):
     day = (24 * 3600)
     hour = 3600

src/authentic2_idp_oidc/views.py

@@ -38,7 +38,7 @@ from authentic2 import app_settings as a2_app_settings
 from authentic2.compat.misc import Base64Error
 from authentic2.decorators import setting_enabled
 from authentic2.exponential_retry_timeout import ExponentialRetryTimeout
-from authentic2.utils import (login_require, redirect, timestamp_from_datetime,
+from authentic2.utils import (login_require, redirect,
                               last_authentication_event, make_url)
 from authentic2.views import logout as a2_logout
 from authentic2 import hooks
@@ -337,11 +337,12 @@ def authorize(request, *args, **kwargs):
                                           request.user,
                                           scopes,
                                           id_token=True)
+        exp = start + idtoken_duration(client)
         id_token.update({
             'iss': utils.get_issuer(request),
             'aud': client.client_id,
-            'exp': timestamp_from_datetime(start + idtoken_duration(client)),
-            'iat': timestamp_from_datetime(start),
+            'exp': int(exp.timestamp()),
+            'iat': int(start.timestamp()),
             'auth_time': last_auth['when'],
             'acr': acr,
             'sid': utils.get_session_id(request, client),
@@ -512,12 +513,13 @@ def idtoken_from_user_credential(request):
         user,
         scopes,
         id_token=True)
+    exp = start + idtoken_duration(client)
     id_token.update({
         'iss': utils.get_issuer(request),
         'aud': client.client_id,
-        'exp': timestamp_from_datetime(start + idtoken_duration(client)),
-        'iat': timestamp_from_datetime(start),
-        'auth_time': timestamp_from_datetime(start),
+        'exp': int(exp.timestamp()),
+        'iat': int(start.timestamp()),
+        'auth_time': int(start.timestamp()),
         'acr': '0',
     })
     return JsonResponse({
@@ -565,13 +567,14 @@ def tokens_from_authz_code(request):
         oidc_code.user,
         oidc_code.scope_set(),
         id_token=True)
+    exp = start + idtoken_duration(client)
     id_token.update({
         'iss': utils.get_issuer(request),
         'sub': utils.make_sub(client, oidc_code.user),
         'aud': client.client_id,
-        'exp': timestamp_from_datetime(start + idtoken_duration(client)),
-        'iat': timestamp_from_datetime(start),
-        'auth_time': timestamp_from_datetime(oidc_code.auth_time),
+        'exp': int(exp.timestamp()),
+        'iat': int(start.timestamp()),
+        'auth_time': int(oidc_code.auth_time.timestamp()),
         'acr': acr,
     })
     if oidc_code.nonce is not None:

tests/auth_fc/test_auth_fc.py

@@ -32,8 +32,6 @@ from django.utils.encoding import force_text
 from django.utils.six.moves.urllib import parse as urlparse
 from django.utils.timezone import now
 
-from authentic2.utils import timestamp_from_datetime
-
 from authentic2_auth_fc import models
 from authentic2_auth_fc.utils import requests_retry_session
 
@@ -105,8 +103,8 @@ def test_login_autorun(app, fc_settings, settings):
     assert response['Location'] == reverse('fc-login-or-link')
 
 
-@pytest.mark.parametrize('exp', [timestamp_from_datetime(now() + datetime.timedelta(seconds=1000)),
-                                 timestamp_from_datetime(now() - datetime.timedelta(seconds=1000))])
+@pytest.mark.parametrize('exp', [now() + datetime.timedelta(seconds=1000),
+                                 now() - datetime.timedelta(seconds=1000)])
 def test_login_simple(app, fc_settings, caplog, hooks, exp):
     response = app.get('/login/?service=portail&next=/idp/')
     response = response.click(href='callback')
@@ -131,7 +129,7 @@ def test_login_simple(app, fc_settings, caplog, hooks, exp):
             'sub': '1234',
             'aud': 'xxx',
             'nonce': state,
-            'exp': exp,
+            'exp': int(exp.timestamp()),
             'iss': 'https://fcp.integ01.dev-franceconnect.fr/',
         }
         return json.dumps({
@@ -155,7 +153,7 @@ def test_login_simple(app, fc_settings, caplog, hooks, exp):
     fc_settings.A2_FC_CREATE = True
     with httmock.HTTMock(access_token_response, user_info_response):
         response = app.get(callback + '?service=portail&next=/idp/&code=zzz&state=%s' % state, status=302)
-    if exp < timestamp_from_datetime(now()):
+    if exp < now():
         assert User.objects.count() == 0
     else:
         assert User.objects.count() == 1
@@ -213,11 +211,12 @@ def test_login_email_is_unique(app, fc_settings, caplog):
         assert parsed_redirect.path == parsed_callback.path
         for cb_key, cb_value in urlparse.parse_qs(parsed_callback.query).items():
             urlparse.parse_qs(parsed_redirect.query)[cb_key] == cb_value
+        exp = now() + datetime.timedelta(seconds=1000)
         id_token = {
             'sub': '1234',
             'aud': 'xxx',
             'nonce': state,
-            'exp': timestamp_from_datetime(now() + datetime.timedelta(seconds=1000)),
+            'exp': int(exp.timestamp()),
             'iss': 'https://fcp.integ01.dev-franceconnect.fr/',
         }
         return json.dumps({
@@ -284,11 +283,12 @@ def test_login_email_is_unique_and_already_linked(app, fc_settings, caplog):
         assert parsed_redirect.path == parsed_callback.path
         for cb_key, cb_value in urlparse.parse_qs(parsed_callback.query).items():
             urlparse.parse_qs(parsed_redirect.query)[cb_key] == cb_value
+        exp = now() + datetime.timedelta(seconds=1000)
         id_token = {
             'sub': SUB,
             'aud': 'xxx',
             'nonce': state,
-            'exp': timestamp_from_datetime(now() + datetime.timedelta(seconds=1000)),
+            'exp': int(exp.timestamp()),
             'iss': 'https://fcp.integ01.dev-franceconnect.fr/',
         }
         return json.dumps({
@@ -347,7 +347,7 @@ def test_password_reset(app, mailoutbox):
 
 
 def test_registration1(app, fc_settings, caplog, hooks):
-    exp = timestamp_from_datetime(now() + datetime.timedelta(seconds=1000))
+    exp = now() + datetime.timedelta(seconds=1000)
     response = app.get('/login/?service=portail&next=/idp/')
     response = response.click(href="callback")
     # 1. Try a login
@@ -375,7 +375,7 @@ def test_registration1(app, fc_settings, caplog, hooks):
             'sub': '1234',
             'aud': 'xxx',
             'nonce': state,
-            'exp': exp,
+            'exp': int(exp.timestamp()),
             'iss': 'https://fcp.integ01.dev-franceconnect.fr/',
             'email': 'john.doe@example.com',
         }
@@ -436,7 +436,7 @@ def test_registration1(app, fc_settings, caplog, hooks):
 
 
 def test_registration2(app, fc_settings, caplog, hooks):
-    exp = timestamp_from_datetime(now() + datetime.timedelta(seconds=1000))
+    exp = now() + datetime.timedelta(seconds=1000)
     response = app.get('/login/?service=portail&next=/idp/')
     response = response.click("Register")
     response = response.click(href='callback')
@@ -465,7 +465,7 @@ def test_registration2(app, fc_settings, caplog, hooks):
             'sub': '1234',
             'aud': 'xxx',
             'nonce': state,
-            'exp': exp,
+            'exp': int(exp.timestamp()),
             'iss': 'https://fcp.integ01.dev-franceconnect.fr/',
             'email': 'john.doe@example.com',
         }
@@ -530,7 +530,7 @@ def test_registration2(app, fc_settings, caplog, hooks):
 
 
 def test_can_change_password(app, fc_settings, caplog, hooks):
-    exp = timestamp_from_datetime(now() + datetime.timedelta(seconds=1000))
+    exp = now() + datetime.timedelta(seconds=1000)
     response = app.get('/login/?service=portail&next=/idp/')
     response = response.click("Register")
     response = response.click(href='callback')
@@ -559,7 +559,7 @@ def test_can_change_password(app, fc_settings, caplog, hooks):
             'sub': '1234',
             'aud': 'xxx',
             'nonce': state,
-            'exp': exp,
+            'exp': int(exp.timestamp()),
             'iss': 'https://fcp.integ01.dev-franceconnect.fr/',
             'email': 'john.doe@example.com',
         }

tests/test_auth_oidc.py

@@ -44,7 +44,7 @@ from authentic2_auth_oidc.utils import (
 from authentic2_auth_oidc.models import OIDCProvider, OIDCClaimMapping
 from authentic2.models import Attribute
 from authentic2.models import AttributeValue
-from authentic2.utils import timestamp_from_datetime, last_authentication_event
+from authentic2.utils import last_authentication_event
 from authentic2.a2_rbac.utils import get_default_ou
 
 from . import utils
@@ -247,12 +247,13 @@ def oidc_provider_mock(oidc_provider, oidc_provider_jwkset, code, extra_id_token
     @urlmatch(netloc=token_endpoint.netloc, path=token_endpoint.path)
     def token_endpoint_mock(url, request):
         if urlparse.parse_qs(request.body).get('code') == [code]:
+            exp = now() + datetime.timedelta(seconds=10)
             id_token = {
                 'iss': oidc_provider.issuer,
                 'sub': sub,
-                'iat': timestamp_from_datetime(now()),
+                'iat': int(now().timestamp()),
                 'aud': str(oidc_provider.client_id),
-                'exp': timestamp_from_datetime(now() + datetime.timedelta(seconds=10)),
+                'exp': int(exp.timestamp()),
                 'name': 'doe',
             }
             if nonce: