Exemple #1
0
def app(kid, rsa_private_key, rsa_public_key):
    """
    Flask application fixture.
    """
    mocker = Mocker()
    mocker.mock_functions()
    root_dir = os.path.dirname(os.path.realpath(__file__))
    app_init(fence.app, test_settings, root_dir=root_dir)
    fence.app.config["TESTING"] = True
    fence.app.config["DEBUG"] = True
    # We want to set up the keys so that the test application can load keys
    # from the test keys directory, but the default keypair used will be the
    # one using the fixtures. So, stick the keypair at the front of the
    # keypairs list and reverse the ordered dictionary of public keys after
    # inserting the fixture keypair.
    fixture_keypair = Keypair(kid=kid,
                              public_key=rsa_public_key,
                              private_key=rsa_private_key)
    fence.app.keypairs = [fixture_keypair] + fence.app.keypairs
    fence.app.jwt_public_keys[
        fence.app.config["BASE_URL"]][kid] = rsa_public_key
    fence.app.jwt_public_keys[fence.app.config["BASE_URL"]] = OrderedDict(
        reversed(
            list(fence.app.jwt_public_keys[
                fence.app.config["BASE_URL"]].items())))

    return fence.app
Exemple #2
0
def config_idp_in_client(app, db_session, kid_2, rsa_private_key_2,
                         rsa_public_key_2, restore_config):
    """
    Set info about this fence's (client fence's) IDP in config.
    Reset when done.
    """

    saved_keypairs = app.keypairs
    keypair = Keypair(kid=kid_2,
                      public_key=rsa_public_key_2,
                      private_key=rsa_private_key_2)
    app.keypairs = [keypair]

    saved_jwtpks = app.jwt_public_keys
    app.jwt_public_keys["/"] = OrderedDict([(kid_2, rsa_public_key_2)])

    saved_db_Session = app.db.Session
    app.db.Session = lambda: db_session

    config.update({
        "BASE_URL":
        "/",
        "MOCK_AUTH":
        False,
        "DEFAULT_LOGIN_IDP":
        "fence",
        "LOGIN_OPTIONS": [{
            "name": "InCommon login",
            "idp": "fence",
            "fence_idp": "shibboleth",
            "shib_idps": ["some-incommon-entity-id"],
        }],
        "OPENID_CONNECT": {
            "fence": {
                "client_id": "other_fence_client_id",
                "client_secret": "other_fence_client_secret",
                "api_base_url": "http://other-fence",
                "authorize_url": "http://other-fence/oauth2/authorize",
            }
        },
    })
    app.fence_client = OAuthClient(**config["OPENID_CONNECT"]["fence"])

    yield Dict(
        client_id=config["OPENID_CONNECT"]["fence"]["client_id"],
        client_secret=config["OPENID_CONNECT"]["fence"]["client_secret"],
    )

    app.keypairs = saved_keypairs
    app.jwt_public_keys = saved_jwtpks
    app.db.Session = saved_db_Session
Exemple #3
0
def fence_client_app(
    app,
    fence_oauth_client,
    fence_oauth_client_url,
    db_session,
    kid_2,
    rsa_private_key_2,
    rsa_public_key_2,
):
    """
    A Flask application fixture which acts as a client of the original ``app``
    in a multi-tenant configuration.
    """
    root_dir = os.path.dirname(os.path.dirname(os.path.realpath(__file__)))
    client_app = flask.Flask("client_app")
    app_init(client_app, test_settings, root_dir=root_dir)

    keypair = Keypair(kid=kid_2,
                      public_key=rsa_public_key_2,
                      private_key=rsa_private_key_2)
    client_app.keypairs = [keypair]

    client_app.jwt_public_keys["/"] = OrderedDict([(kid_2, rsa_public_key_2)])

    client_app.config["BASE_URL"] = "/"
    client_app.config["MOCK_AUTH"] = False
    client_app.config["DEFAULT_LOGIN_URL"] = "/login/fence"
    client_app.db.Session = lambda: db_session
    client_app.config["OPENID_CONNECT"] = {
        "fence": {
            "client_id": fence_oauth_client.client_id,
            "client_secret": fence_oauth_client.client_secret,
            "api_base_url": "http://localhost:50000",
            "authorize_url": "http://localhost:50000/oauth2/authorize",
            "access_token_url": "http://localhost:50000/oauth2/token",
            "refresh_token_url": "http://localhost:50000/oauth2/token",
            "client_kwargs": {
                "scope": "openid user",
                "redirect_uri": fence_oauth_client_url,
            },
        }
    }
    client_app.fence_client = OAuthClient(
        **client_app.config["OPENID_CONNECT"]["fence"])
    return client_app
Exemple #4
0
def app(kid, rsa_private_key, rsa_public_key):
    """
    Flask application fixture.
    """
    mocker = Mocker()
    mocker.mock_functions()

    root_dir = os.path.dirname(os.path.realpath(__file__))

    # delete the record operation from the data blueprint, because right now it calls a
    # whole bunch of stuff on the arborist client to do some setup for the uploader role
    fence.blueprints.data.blueprint.deferred_functions = [
        f
        for f in fence.blueprints.data.blueprint.deferred_functions
        if f.__name__ != "record"
    ]
    app_init(
        fence.app,
        test_settings,
        root_dir=root_dir,
        config_path=os.path.join(root_dir, "test-fence-config.yaml"),
    )

    # We want to set up the keys so that the test application can load keys
    # from the test keys directory, but the default keypair used will be the
    # one using the fixtures. So, stick the keypair at the front of the
    # keypairs list and reverse the ordered dictionary of public keys after
    # inserting the fixture keypair.
    fixture_keypair = Keypair(
        kid=kid, public_key=rsa_public_key, private_key=rsa_private_key
    )
    fence.app.keypairs = [fixture_keypair] + fence.app.keypairs
    fence.app.jwt_public_keys[config["BASE_URL"]][kid] = rsa_public_key
    fence.app.jwt_public_keys[config["BASE_URL"]] = OrderedDict(
        reversed(list(fence.app.jwt_public_keys[config["BASE_URL"]].items()))
    )

    config.update(BASE_URL=config["BASE_URL"])
    config.update(ENCRYPTION_KEY=Fernet.generate_key().decode("utf-8"))

    yield fence.app

    mocker.unmock_functions()