7df8ed4a60
Change SecScanAPI to use a uri creation func instead of test context Pass config provider through validator context Remove app config dependency for validators
63 lines
2.3 KiB
Python
63 lines
2.3 KiB
Python
import pytest
|
|
|
|
from config import build_requests_session
|
|
from util.config.validator import ValidatorContext
|
|
from util.config.validators import ConfigValidationException
|
|
from util.config.validators.validate_jwt import JWTAuthValidator
|
|
from util.morecollections import AttrDict
|
|
|
|
from test.test_external_jwt_authn import fake_jwt
|
|
|
|
from test.fixtures import *
|
|
from app import config_provider
|
|
|
|
|
|
@pytest.mark.parametrize('unvalidated_config', [
|
|
({}),
|
|
({'AUTHENTICATION_TYPE': 'Database'}),
|
|
])
|
|
def test_validate_noop(unvalidated_config, app):
|
|
config = ValidatorContext(unvalidated_config)
|
|
config.config_provider = config_provider
|
|
JWTAuthValidator.validate(config)
|
|
|
|
|
|
@pytest.mark.parametrize('unvalidated_config', [
|
|
({'AUTHENTICATION_TYPE': 'JWT'}),
|
|
({'AUTHENTICATION_TYPE': 'JWT', 'JWT_AUTH_ISSUER': 'foo'}),
|
|
({'AUTHENTICATION_TYPE': 'JWT', 'JWT_VERIFY_ENDPOINT': 'foo'}),
|
|
])
|
|
def test_invalid_config(unvalidated_config, app):
|
|
with pytest.raises(ConfigValidationException):
|
|
config = ValidatorContext(unvalidated_config)
|
|
config.config_provider = config_provider
|
|
JWTAuthValidator.validate(config)
|
|
|
|
|
|
@pytest.mark.parametrize('username, password, expected_exception', [
|
|
('invaliduser', 'invalidpass', ConfigValidationException),
|
|
('cool.user', 'invalidpass', ConfigValidationException),
|
|
('invaliduser', 'somepass', ConfigValidationException),
|
|
('cool.user', 'password', None),
|
|
])
|
|
def test_validated_jwt(username, password, expected_exception, app):
|
|
with fake_jwt() as jwt_auth:
|
|
config = {}
|
|
config['AUTHENTICATION_TYPE'] = 'JWT'
|
|
config['JWT_AUTH_ISSUER'] = jwt_auth.issuer
|
|
config['JWT_VERIFY_ENDPOINT'] = jwt_auth.verify_url
|
|
config['JWT_QUERY_ENDPOINT'] = jwt_auth.query_url
|
|
config['JWT_GETUSER_ENDPOINT'] = jwt_auth.getuser_url
|
|
|
|
unvalidated_config = ValidatorContext(config)
|
|
unvalidated_config.user = AttrDict(dict(username=username))
|
|
unvalidated_config.user_password = password
|
|
unvalidated_config.config_provider = config_provider
|
|
|
|
unvalidated_config.http_client = build_requests_session()
|
|
|
|
if expected_exception is not None:
|
|
with pytest.raises(ConfigValidationException):
|
|
JWTAuthValidator.validate(unvalidated_config, public_key_path=jwt_auth.public_key_path)
|
|
else:
|
|
JWTAuthValidator.validate(unvalidated_config, public_key_path=jwt_auth.public_key_path)
|