From ee56dbb9268d56e06611de39740f32f05ebe4ffd Mon Sep 17 00:00:00 2001
From: Inesh Bose <2504266b@student.gla.ac.uk>
Date: Fri, 27 Nov 2020 18:21:14 +0000
Subject: [PATCH] Update dependencies, login and validate refactor

---
 boyd_bot/app.py                 |  2 +-
 boyd_bot/services/platform.py   | 13 +++++++++++--
 boyd_bot/timetable.py           | 15 ++++++++++-----
 docs/files/services/platform.md |  9 +++++++++
 docs/requirements.txt           |  4 ++--
 requirements.txt                | 20 ++++++++++----------
 6 files changed, 43 insertions(+), 20 deletions(-)

diff --git a/boyd_bot/app.py b/boyd_bot/app.py
index f7a1c4d..331b249 100644
--- a/boyd_bot/app.py
+++ b/boyd_bot/app.py
@@ -29,7 +29,7 @@ def webhook():
         user_data = platform.get_user_data(sender_id)
         if (
             not sender_id
-            or ("error" in user_data and platform_user)
+            or (not platform.validate_user(user_data) and platform_user)
             or not (platform_user or config["FEATURES"]["DEMO"])
         ):
             log(config["LOG"]["INVALID_USER"](sender_id))
diff --git a/boyd_bot/services/platform.py b/boyd_bot/services/platform.py
index 776109c..25f937c 100644
--- a/boyd_bot/services/platform.py
+++ b/boyd_bot/services/platform.py
@@ -46,7 +46,7 @@ def send_message(self, uid, message):
         """
         return [
             requests.post(
-                "https://graph.facebook.com/v7.0/me/messages",
+                "https://graph.facebook.com/me/messages",
                 params={"access_token": self.platform_token},
                 json={
                     "recipient": {"id": uid},
@@ -62,7 +62,7 @@ def get_user_data(self, uid):
         Get basic information about the user from the platform.
         """
         return requests.get(
-            f"https://graph.facebook.com/v7.0/{uid}",
+            f"https://graph.facebook.com/{uid}",
             params={"access_token": self.platform_token}
         ).json()
 
@@ -84,6 +84,15 @@ def get_id(self, data):
                 False,
             )
 
+    def validate_user(self, data):
+        """
+        Check that a user is a valid platform-user by verifying
+        details from the platform's API.
+        """
+        return (
+            "error" not in data or data["error"]["error_subcode"] == 2018218
+        )
+
     def reply(self, message=None):
         """
         Send a response to a message sent by the user.
diff --git a/boyd_bot/timetable.py b/boyd_bot/timetable.py
index a4d874c..6e291e9 100644
--- a/boyd_bot/timetable.py
+++ b/boyd_bot/timetable.py
@@ -25,14 +25,19 @@ def __init__(self):
 
     def login(self, uid, uni_id, uni_pw):
         try:
-            self.calendars[uid] = Calendar.from_ical(
-                requests.get(self.cal_url, auth=(uni_id, uni_pw)).content
-            )
-            return True, "Success"
+            req = requests.get(self.cal_url, auth=(uni_id, uni_pw))
+            if req.status_code == 200:
+                self.calendars[uid] = Calendar.from_ical(req.content)
+                return True, "Success"
+            else:
+                raise (
+                    ValueError() if req.status_code in [401, 403]
+                    else Exception(f"Code {req.status_code} : {req.content}")
+                )
         except ValueError:
             return False, "Invalid credentials."
         except Exception as e:
-            return False, f"Something went wrong. Try again. {str(e)}"
+            return False, f"Something went wrong. Try again.\n{str(e)}"
 
     def format_event(self, event):
         return (
diff --git a/docs/files/services/platform.md b/docs/files/services/platform.md
index d6c58ea..7ebf482 100644
--- a/docs/files/services/platform.md
+++ b/docs/files/services/platform.md
@@ -62,6 +62,15 @@ Maps to unique sender ID through POST request data.
 | **`data`:** the POST request dictionary | **`str`:** the unique sender ID of the user |
 
 
+### `Platform`.**`validate_user(data)`**
+
+Confirms user is valid platform-user with their API.
+
+|                  Parameters                |                  Returns                    |
+|--------------------------------------------|---------------------------------------------|
+| **`data`:** the JSON with user information | **`bool`:** if user is valid platform user  |
+
+
 ### `Platform`.**`reply(message=None)`**
 
 Prepares a formatted JSON containing the message as a response to the POST request.
diff --git a/docs/requirements.txt b/docs/requirements.txt
index b01596f..95b086c 100644
--- a/docs/requirements.txt
+++ b/docs/requirements.txt
@@ -1,3 +1,3 @@
 mkdocs==1.1.2
-mkdocs-material==5.5.5
-mkdocs-material-extensions==1.0
\ No newline at end of file
+mkdocs-material==6.1.6
+mkdocs-material-extensions==1.0.1
\ No newline at end of file
diff --git a/requirements.txt b/requirements.txt
index b921f1d..8ff1885 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,22 +1,22 @@
 APScheduler==3.6.3
-cryptography==2.9.2
+cryptography==3.2.1
 Flask==1.1.2
-icalendar==4.0.6
-pymongo==3.11.0
-rapidfuzz==0.9.1
-requests==2.24.0
+icalendar==4.0.7
+pymongo==3.11.1
+rapidfuzz==0.13.3
+requests==2.25.0
 
 
 # requests
-certifi==2020.6.20
+certifi==2020.11.8
 chardet==3.0.4
-idna==2.9
-urllib3==1.25.9
+idna==2.10
+urllib3==1.26.2
 
 
 # cryptography
 six==1.15.0
-cffi==1.14.0
+cffi==1.14.4
 pycparser==2.20
 
 
@@ -27,7 +27,7 @@ Jinja2==2.11.2
 Werkzeug==1.0.1
 
 Flask-WTF==0.14.3
-WTForms==2.3.1
+WTForms==2.3.3
 MarkupSafe==1.1.1