def _request_get(self, clientKey, url):
client = _TestClient(baseUrl='https://gavindev.atlassian.net',
clientKey=clientKey,
publicKey='public123',
sharedSecret='myscret')
_TestClient.save(client)
auth = encode_token('GET', url, client.clientKey, client.sharedSecret)
return self.client.get(url,
content_type='application/json',
headers={'Authorization': 'JWT ' + auth})
def _request_post(self, clientKey, url, body):
client = _TestClient(baseUrl='https://gavindev.atlassian.net',
clientKey='test_webook',
publicKey='public123',
sharedSecret='myscret')
_TestClient.save(client)
auth = encode_token('POST',
'/atlassian_connect/webhook/jiraissue_created',
client.clientKey, client.sharedSecret)
return self.client.post(url,
data=json.dumps(body),
content_type='application/json',
headers={'Authorization': 'JWT ' + auth})
def test_lifecycle_installed_multiple_invalid_auth(self, m):
"""Multiple requests should error if second update is untrusted"""
m.get(
'https://gavindev.atlassian.net/plugins/servlet/oauth/consumer-info',
text=consumer_info_response)
client = dict(baseUrl='https://gavindev.atlassian.net',
clientKey='abc123',
publicKey='public123',
sharedSecret='myscret')
rv = self.client.post('/atlassian_connect/lifecycle/installed',
data=json.dumps(client),
content_type='application/json')
self.assertEqual(204, rv.status_code)
# Add auth
auth = encode_token('GET', '/lifecycle/installed', client['clientKey'],
'some other secret')
rv = self.client.post('/atlassian_connect/lifecycle/installed',
data=json.dumps(client),
content_type='application/json',
headers={'Authorization': 'JWT ' + auth})
self.assertEqual(401, rv.status_code)
def request(
self,
method="GET",
path="/",
data=None,
json=None,
flags=None,
params=None,
headers=None,
files=None,
trailing=None,
absolute=False,
):
"""
:param method:
:param path:
:param data:
:param json:
:param flags:
:param params:
:param headers:
:param files:
:param trailing: bool
:param absolute: bool, OPTIONAL: Do not prefix url, url is absolute
:return:
"""
url = self.url_joiner(None if absolute else self.url, path, trailing)
params_already_in_url = True if "?" in url else False
if params or flags:
if params_already_in_url:
url += "&"
else:
url += "?"
if params:
url += urlencode(params or {})
if flags:
url += ("&" if params or params_already_in_url else "") + "&".join(flags or [])
json_dump = None
if files is None:
data = None if not data else dumps(data)
json_dump = None if not json else dumps(json)
self.log_curl_debug(method=method, url=url, headers=headers, data=data if data else json_dump)
headers = headers or self.default_headers
if self._secret is not None:
token = encode.encode_token(method, url, self._app_key, self._secret)
headers["Authorization"] = f"JWT {token}"
response = self._session.request(
method=method,
url=url,
headers=headers,
data=data,
json=json,
timeout=self.timeout,
verify=self.verify_ssl,
files=files,
proxies=self.proxies,
)
response.encoding = "utf-8"
log.debug("HTTP: {} {} -> {} {}".format(method, path, response.status_code, response.reason))
log.debug("HTTP: Response text -> {}".format(response.text))
if self.advanced_mode:
return response
response.raise_for_status()
return response