def test_can_get_remaining_time_multiple(self, lambda_context_args):
time_source = FakeTimeSource([0, 3, 7, 9])
context = LambdaContext(*lambda_context_args, max_runtime_ms=10000,
time_source=time_source)
time_remaining = context.get_remaining_time_in_millis()
assert time_remaining == 7000
time_remaining = context.get_remaining_time_in_millis()
assert time_remaining == 3000
time_remaining = context.get_remaining_time_in_millis()
assert time_remaining == 1000
def test_can_understand_explicit_auth_policy(self, demo_app_auth,
lambda_context_args,
create_event):
authorizer = LocalGatewayAuthorizer(demo_app_auth)
path = '/explicit'
event = create_event(path, 'GET', {})
event['headers']['authorization'] = 'allow'
context = LambdaContext(*lambda_context_args)
event, context = authorizer.authorize(path, event, context)
assert event['requestContext']['authorizer']['principalId'] == 'user'
def test_cannot_access_view_without_permission(self, demo_app_auth,
lambda_context_args,
create_event):
authorizer = LocalGatewayAuthorizer(demo_app_auth)
path = '/secret'
event = create_event(path, 'GET', {})
event['headers']['authorization'] = 'allow'
context = LambdaContext(*lambda_context_args)
with pytest.raises(ForbiddenError):
authorizer.authorize(path, event, context)
def test_can_authorize_empty_path(self, lambda_context_args,
demo_app_auth, create_event):
# Ensures that / routes work since that is a special case in the
# API Gateway arn generation where an extra / is appended to the end
# of the arn.
authorizer = LocalGatewayAuthorizer(demo_app_auth)
path = '/'
event = create_event(path, 'GET', {})
event['headers']['authorization'] = 'allow'
context = LambdaContext(*lambda_context_args)
event, context = authorizer.authorize(path, event, context)
assert event['requestContext']['authorizer']['principalId'] == 'user'
def invoke(self, function_name, payload=None):
# type: (str, Any) -> InvokeResponse
if payload is None:
payload = {}
scoped = self._config.scope(self._config.chalice_stage, function_name)
lambda_context = LambdaContext(function_name,
memory_size=scoped.lambda_memory_size)
if function_name not in self._app.handler_map:
raise FunctionNotFoundError(function_name)
with self._patched_env_vars(scoped.environment_variables):
response = self._app.handler_map[function_name](payload,
lambda_context)
return InvokeResponse(payload=response)
def test_can_understand_cognito_token(self, lambda_context_args,
demo_app_auth, create_event):
# Ensures that / routes work since that is a special case in the
# API Gateway arn generation where an extra / is appended to the end
# of the arn.
authorizer = LocalGatewayAuthorizer(demo_app_auth)
path = '/cognito'
event = create_event(path, 'GET', {})
event["headers"]["authorization"] = "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJhYWFhYWFhYS1iYmJiLWNjY2MtZGRkZC1lZWVlZWVlZWVlZWUiLCJhdWQiOiJ4eHh4eHh4eHh4eHhleGFtcGxlIiwiZW1haWxfdmVyaWZpZWQiOnRydWUsInRva2VuX3VzZSI6ImlkIiwiYXV0aF90aW1lIjoxNTAwMDA5NDAwLCJpc3MiOiJodHRwczovL2NvZ25pdG8taWRwLnVzLWVhc3QtMS5hbWF6b25hd3MuY29tL3VzLWVhc3QtMV9leGFtcGxlIiwiY29nbml0bzp1c2VybmFtZSI6ImphbmVkb2UiLCJleHAiOjE1ODQ3MjM2MTYsImdpdmVuX25hbWUiOiJKYW5lIiwiaWF0IjoxNTAwMDA5NDAwLCJlbWFpbCI6ImphbmVkb2VAZXhhbXBsZS5jb20iLCJqdGkiOiJkN2UxMTMzYS0xZTNhLTQyMzEtYWU3Yi0yOGQ4NWVlMGIxNGQifQ.p35Yj9KJD5RbfPWGL08IJHgson8BhdGLPQqUOiF0-KM" # noqa
context = LambdaContext(*lambda_context_args)
event, context = authorizer.authorize(path, event, context)
principal_id = event['requestContext']['authorizer']['principalId']
assert principal_id == 'janedoe'
def _generate_lambda_context(self):
# Monkeypatch of the function _generate_lambda_context
# from the class LocalGateway
# for mock the timeout
# type: () -> LambdaContext
if self._config.lambda_timeout is None:
timeout = 10 * 1000
else:
timeout = self._config.lambda_timeout * 1000
return LambdaContext(
function_name=self._config.function_name,
memory_size=self._config.lambda_memory_size,
max_runtime_ms=timeout,
)
def test_does_authorize_unsupported_authorizer(self, demo_app_auth,
lambda_context_args,
create_event):
authorizer = LocalGatewayAuthorizer(demo_app_auth)
path = '/iam'
event = create_event(path, 'GET', {})
context = LambdaContext(*lambda_context_args)
with pytest.warns(None) as recorded_warnings:
new_event, new_context = authorizer.authorize(path, event, context)
assert event == new_event
assert context == new_context
assert len(recorded_warnings) == 1
warning = recorded_warnings[0]
assert issubclass(warning.category, UserWarning)
assert ('IAMAuthorizer is not a supported in local '
'mode. All requests made against a route will be authorized'
' to allow local testing.') in str(warning.message)
def test_can_call_method_without_auth(self, lambda_context_args,
create_event):
demo = app.Chalice('app-name')
@demo.route('/index')
def index_view():
return {}
path = '/index'
authorizer = LocalGatewayAuthorizer(demo)
original_event = create_event(path, 'GET', {})
original_context = LambdaContext(*lambda_context_args)
event, context = authorizer.authorize(
path, original_event, original_context)
# Assert that when the authorizer.authorize is called and there is no
# authorizer defined for a particular route that it is a noop.
assert original_event == event
assert original_context == context
def test_does_authorize_unsupported_cognito_token(self,
lambda_context_args,
demo_app_auth,
create_event):
authorizer = LocalGatewayAuthorizer(demo_app_auth)
path = '/cognito'
event = create_event(path, 'GET', {})
event["headers"]["authorization"] = "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJhYWFhYWFhYS1iYmJiLWNjY2MtZGRkZC1lZWVlZWVlZWVlZWUiLCJhdWQiOiJ4eHh4eHh4eHh4eHhleGFtcGxlIiwiZW1haWxfdmVyaWZpZWQiOnRydWUsInRva2VuX3VzZSI6ImlkIiwiYXV0aF90aW1lIjoxNTAwMDA5NDAwLCJpc3MiOiJodHRwczovL2NvZ25pdG8taWRwLnVzLWVhc3QtMS5hbWF6b25hd3MuY29tL3VzLWVhc3QtMV9leGFtcGxlIiwiZXhwIjoxNTg0NzIzNjE2LCJnaXZlbl9uYW1lIjoiSmFuZSIsImlhdCI6MTUwMDAwOTQwMCwiZW1haWwiOiJqYW5lZG9lQGV4YW1wbGUuY29tIiwianRpIjoiZDdlMTEzM2EtMWUzYS00MjMxLWFlN2ItMjhkODVlZTBiMTRkIn0.SN5n-A3kxboNYg0sGIOipVUksCdn6xRJmAK9kSZof10" # noqa
context = LambdaContext(*lambda_context_args)
with pytest.warns(None) as recorded_warnings:
new_event, new_context = authorizer.authorize(path, event, context)
assert event == new_event
assert context == new_context
assert len(recorded_warnings) == 1
warning = recorded_warnings[0]
assert issubclass(warning.category, UserWarning)
assert ('CognitoUserPoolAuthorizer for machine-to-machine '
'communicaiton is not supported in local mode. All requests '
'made against a route will be authorized to allow local '
'testing.') in str(warning.message)
def test_scheduled_event(app, lambda_context_args):
@app.schedule("rate(1 minutes)")
def every_hour(event):
raise Exception("schedule event!")
context = LambdaContext(
*lambda_context_args, max_runtime_ms=10000, time_source=time
)
lambda_event = {
"version": "0",
"account": "120987654312",
"region": "us-west-1",
"detail": {},
"detail-type": "Scheduled Event",
"source": "aws.events",
"time": "1970-01-01T00:00:00Z",
"id": "event-id",
"resources": ["arn:aws:events:us-west-1:120987654312:rule/my-schedule"],
}
with pytest.raises(Exception) as exc_info:
every_hour(lambda_event, context=context)
assert str(exc_info.value) == "schedule event!"
def test_does_set_version_to_latest(self, lambda_context_args):
context = LambdaContext(*lambda_context_args)
assert context.function_version == '$LATEST'
def test_does_populate_aws_request_id_with_valid_uuid(self,
lambda_context_args):
context = LambdaContext(*lambda_context_args)
assert AWS_REQUEST_ID_PATTERN.match(context.aws_request_id)
def test_can_get_remaining_time_once(self, lambda_context_args):
time_source = FakeTimeSource([0, 5])
context = LambdaContext(*lambda_context_args, max_runtime_ms=10000,
time_source=time_source)
time_remaining = context.get_remaining_time_in_millis()
assert time_remaining == 5000
