def app(kid, rsa_private_key, rsa_public_key):
"""
Flask application fixture.
"""
mocker = Mocker()
mocker.mock_functions()
root_dir = os.path.dirname(os.path.realpath(__file__))
app_init(fence.app, test_settings, root_dir=root_dir)
fence.app.config["TESTING"] = True
fence.app.config["DEBUG"] = True
# We want to set up the keys so that the test application can load keys
# from the test keys directory, but the default keypair used will be the
# one using the fixtures. So, stick the keypair at the front of the
# keypairs list and reverse the ordered dictionary of public keys after
# inserting the fixture keypair.
fixture_keypair = Keypair(kid=kid,
public_key=rsa_public_key,
private_key=rsa_private_key)
fence.app.keypairs = [fixture_keypair] + fence.app.keypairs
fence.app.jwt_public_keys[
fence.app.config["BASE_URL"]][kid] = rsa_public_key
fence.app.jwt_public_keys[fence.app.config["BASE_URL"]] = OrderedDict(
reversed(
list(fence.app.jwt_public_keys[
fence.app.config["BASE_URL"]].items())))
return fence.app
def config_idp_in_client(app, db_session, kid_2, rsa_private_key_2,
rsa_public_key_2, restore_config):
"""
Set info about this fence's (client fence's) IDP in config.
Reset when done.
"""
saved_keypairs = app.keypairs
keypair = Keypair(kid=kid_2,
public_key=rsa_public_key_2,
private_key=rsa_private_key_2)
app.keypairs = [keypair]
saved_jwtpks = app.jwt_public_keys
app.jwt_public_keys["/"] = OrderedDict([(kid_2, rsa_public_key_2)])
saved_db_Session = app.db.Session
app.db.Session = lambda: db_session
config.update({
"BASE_URL":
"/",
"MOCK_AUTH":
False,
"DEFAULT_LOGIN_IDP":
"fence",
"LOGIN_OPTIONS": [{
"name": "InCommon login",
"idp": "fence",
"fence_idp": "shibboleth",
"shib_idps": ["some-incommon-entity-id"],
}],
"OPENID_CONNECT": {
"fence": {
"client_id": "other_fence_client_id",
"client_secret": "other_fence_client_secret",
"api_base_url": "http://other-fence",
"authorize_url": "http://other-fence/oauth2/authorize",
}
},
})
app.fence_client = OAuthClient(**config["OPENID_CONNECT"]["fence"])
yield Dict(
client_id=config["OPENID_CONNECT"]["fence"]["client_id"],
client_secret=config["OPENID_CONNECT"]["fence"]["client_secret"],
)
app.keypairs = saved_keypairs
app.jwt_public_keys = saved_jwtpks
app.db.Session = saved_db_Session
def fence_client_app(
app,
fence_oauth_client,
fence_oauth_client_url,
db_session,
kid_2,
rsa_private_key_2,
rsa_public_key_2,
):
"""
A Flask application fixture which acts as a client of the original ``app``
in a multi-tenant configuration.
"""
root_dir = os.path.dirname(os.path.dirname(os.path.realpath(__file__)))
client_app = flask.Flask("client_app")
app_init(client_app, test_settings, root_dir=root_dir)
keypair = Keypair(kid=kid_2,
public_key=rsa_public_key_2,
private_key=rsa_private_key_2)
client_app.keypairs = [keypair]
client_app.jwt_public_keys["/"] = OrderedDict([(kid_2, rsa_public_key_2)])
client_app.config["BASE_URL"] = "/"
client_app.config["MOCK_AUTH"] = False
client_app.config["DEFAULT_LOGIN_URL"] = "/login/fence"
client_app.db.Session = lambda: db_session
client_app.config["OPENID_CONNECT"] = {
"fence": {
"client_id": fence_oauth_client.client_id,
"client_secret": fence_oauth_client.client_secret,
"api_base_url": "http://localhost:50000",
"authorize_url": "http://localhost:50000/oauth2/authorize",
"access_token_url": "http://localhost:50000/oauth2/token",
"refresh_token_url": "http://localhost:50000/oauth2/token",
"client_kwargs": {
"scope": "openid user",
"redirect_uri": fence_oauth_client_url,
},
}
}
client_app.fence_client = OAuthClient(
**client_app.config["OPENID_CONNECT"]["fence"])
return client_app
def app(kid, rsa_private_key, rsa_public_key):
"""
Flask application fixture.
"""
mocker = Mocker()
mocker.mock_functions()
root_dir = os.path.dirname(os.path.realpath(__file__))
# delete the record operation from the data blueprint, because right now it calls a
# whole bunch of stuff on the arborist client to do some setup for the uploader role
fence.blueprints.data.blueprint.deferred_functions = [
f
for f in fence.blueprints.data.blueprint.deferred_functions
if f.__name__ != "record"
]
app_init(
fence.app,
test_settings,
root_dir=root_dir,
config_path=os.path.join(root_dir, "test-fence-config.yaml"),
)
# We want to set up the keys so that the test application can load keys
# from the test keys directory, but the default keypair used will be the
# one using the fixtures. So, stick the keypair at the front of the
# keypairs list and reverse the ordered dictionary of public keys after
# inserting the fixture keypair.
fixture_keypair = Keypair(
kid=kid, public_key=rsa_public_key, private_key=rsa_private_key
)
fence.app.keypairs = [fixture_keypair] + fence.app.keypairs
fence.app.jwt_public_keys[config["BASE_URL"]][kid] = rsa_public_key
fence.app.jwt_public_keys[config["BASE_URL"]] = OrderedDict(
reversed(list(fence.app.jwt_public_keys[config["BASE_URL"]].items()))
)
config.update(BASE_URL=config["BASE_URL"])
config.update(ENCRYPTION_KEY=Fernet.generate_key().decode("utf-8"))
yield fence.app
mocker.unmock_functions()