def test_rejects_when_api_key_is_not_active(self):
self.mock_authenticate.side_effect = users.Unauthorized(
'negative ghost rider')
self.request.path = '/protected'
self.request.authorization = {'username': '******'}
response = middleware.auth_filter()
self.assertEqual(('Unauthorized: negative ghost rider', 401), response)
def test_rejects_if_api_key_is_malformed(self):
self.mock_authenticate.side_effect = users.MalformedAPIKey()
self.request.path = '/protected'
self.request.authorization = {'username': '******'}
response = middleware.auth_filter()
self.assertEqual(
('Cannot authenticate request: API key is malformed', 401),
response)
def test_checks_api_key_for_protected_endpoints(self):
endpoints = (
'/v0/services',
'/v0/algorithm',
'/v0/algorithm/test-service-id',
'/v0/job',
'/v0/job/test-job-id',
'/v0/job/by_scene/test-scene-id',
'/v0/job/by_productline/test-productline-id',
'/v0/productline',
'/random/path/somebody/maybe/forgot/to/protect',
)
for endpoint in endpoints:
self.request.reset_mock()
self.request.path = endpoint
self.request.authorization = {'username': '******'}
middleware.auth_filter()
self.assertEqual(len(endpoints), self.mock_authenticate.call_count)
def test_rejects_when_encountering_unexpected_verification_error(self):
self.mock_authenticate.side_effect = users.Error(
'random error of known type')
self.request.path = '/protected'
self.request.authorization = {'username': '******'}
response = middleware.auth_filter()
self.assertEqual((
'Cannot authenticate request: an internal error prevents API key verification',
500), response)
def test_rejects_if_api_key_is_missing(self):
self.request.path = '/protected'
self.request.authorization = {'username': ''}
response = middleware.auth_filter()
self.assertEqual(
('Cannot authenticate request: API key is missing', 401), response)