def app(kid, rsa_private_key, rsa_public_key): """ Flask application fixture. """ mocker = Mocker() mocker.mock_functions() root_dir = os.path.dirname(os.path.realpath(__file__)) app_init(fence.app, test_settings, root_dir=root_dir) fence.app.config["TESTING"] = True fence.app.config["DEBUG"] = True # We want to set up the keys so that the test application can load keys # from the test keys directory, but the default keypair used will be the # one using the fixtures. So, stick the keypair at the front of the # keypairs list and reverse the ordered dictionary of public keys after # inserting the fixture keypair. fixture_keypair = Keypair(kid=kid, public_key=rsa_public_key, private_key=rsa_private_key) fence.app.keypairs = [fixture_keypair] + fence.app.keypairs fence.app.jwt_public_keys[ fence.app.config["BASE_URL"]][kid] = rsa_public_key fence.app.jwt_public_keys[fence.app.config["BASE_URL"]] = OrderedDict( reversed( list(fence.app.jwt_public_keys[ fence.app.config["BASE_URL"]].items()))) return fence.app
def app(): """ Flask application fixture. """ mocker = Mocker() mocker.mock_functions() root_dir = os.path.dirname(os.path.realpath(__file__)) app_init(fence.app, test_settings, root_dir=root_dir) return fence.app
def fence_client_app( app, fence_oauth_client, fence_oauth_client_url, db_session, kid_2, rsa_private_key_2, rsa_public_key_2, ): """ A Flask application fixture which acts as a client of the original ``app`` in a multi-tenant configuration. """ root_dir = os.path.dirname(os.path.dirname(os.path.realpath(__file__))) client_app = flask.Flask("client_app") app_init(client_app, test_settings, root_dir=root_dir) keypair = Keypair(kid=kid_2, public_key=rsa_public_key_2, private_key=rsa_private_key_2) client_app.keypairs = [keypair] client_app.jwt_public_keys["/"] = OrderedDict([(kid_2, rsa_public_key_2)]) client_app.config["BASE_URL"] = "/" client_app.config["MOCK_AUTH"] = False client_app.config["DEFAULT_LOGIN_URL"] = "/login/fence" client_app.db.Session = lambda: db_session client_app.config["OPENID_CONNECT"] = { "fence": { "client_id": fence_oauth_client.client_id, "client_secret": fence_oauth_client.client_secret, "api_base_url": "http://localhost:50000", "authorize_url": "http://localhost:50000/oauth2/authorize", "access_token_url": "http://localhost:50000/oauth2/token", "refresh_token_url": "http://localhost:50000/oauth2/token", "client_kwargs": { "scope": "openid user", "redirect_uri": fence_oauth_client_url, }, } } client_app.fence_client = OAuthClient( **client_app.config["OPENID_CONNECT"]["fence"]) return client_app
def app(kid, rsa_private_key, rsa_public_key): """ Flask application fixture. """ mocker = Mocker() mocker.mock_functions() root_dir = os.path.dirname(os.path.realpath(__file__)) # delete the record operation from the data blueprint, because right now it calls a # whole bunch of stuff on the arborist client to do some setup for the uploader role fence.blueprints.data.blueprint.deferred_functions = [ f for f in fence.blueprints.data.blueprint.deferred_functions if f.__name__ != "record" ] app_init( fence.app, test_settings, root_dir=root_dir, config_path=os.path.join(root_dir, "test-fence-config.yaml"), ) # We want to set up the keys so that the test application can load keys # from the test keys directory, but the default keypair used will be the # one using the fixtures. So, stick the keypair at the front of the # keypairs list and reverse the ordered dictionary of public keys after # inserting the fixture keypair. fixture_keypair = Keypair( kid=kid, public_key=rsa_public_key, private_key=rsa_private_key ) fence.app.keypairs = [fixture_keypair] + fence.app.keypairs fence.app.jwt_public_keys[config["BASE_URL"]][kid] = rsa_public_key fence.app.jwt_public_keys[config["BASE_URL"]] = OrderedDict( reversed(list(fence.app.jwt_public_keys[config["BASE_URL"]].items())) ) config.update(BASE_URL=config["BASE_URL"]) config.update(ENCRYPTION_KEY=Fernet.generate_key().decode("utf-8")) yield fence.app mocker.unmock_functions()
def fence_client_app( app, fence_oauth_client, fence_oauth_client_url, db_session): """ A Flask application fixture which acts as a client of the original ``app`` in a multi-tenant configuration. """ root_dir = os.path.dirname(os.path.dirname(os.path.realpath(__file__))) client_app = flask.Flask('client_app') app_init(client_app, test_settings, root_dir=root_dir) client_app.register_blueprint( fence.blueprints.oauth2.blueprint, url_prefix='/oauth2' ) client_app.register_blueprint( fence.blueprints.login.blueprint, url_prefix='/login' ) client_app.jwt_public_keys['/'] = client_app.jwt_public_keys.pop( client_app.config['BASE_URL'] ) client_app.config['BASE_URL'] = '/' client_app.config['MOCK_AUTH'] = False client_app.config['DEFAULT_LOGIN_URL'] = '/login/fence' client_app.config['DEFAULT_LOGIN_URL_REDIRECT_PARAM'] = 'redirect_uri' client_app.db.Session = lambda: db_session client_app.config['OPENID_CONNECT'] = { 'fence': { 'client_id': fence_oauth_client.client_id, 'client_secret': fence_oauth_client.client_secret, 'api_base_url': 'http://localhost:50000', 'authorize_url': 'http://localhost:50000/oauth2/authorize', 'access_token_url': 'http://localhost:50000/oauth2/token', 'refresh_token_url': 'http://localhost:50000/oauth2/token', 'client_kwargs': { 'scope': 'openid user', 'redirect_uri': fence_oauth_client_url, } } } client_app.fence_client = OAuthClient( **client_app.config['OPENID_CONNECT']['fence'] ) return client_app
from fence import app_init from fence import app app_init(app) app.debug = False application = app
def test_app_config(): """ Test app_init call using the 'test-fence-config.yaml' This includes the check to verify underlying storage """ config_path = "test-fence-config.yaml" root_dir = os.path.dirname(os.path.realpath(__file__)) # delete the record operation from the data blueprint, because right now it calls a # whole bunch of stuff on the arborist client to do some setup for the uploader role fence.blueprints.data.blueprint.deferred_functions = [ f for f in fence.blueprints.data.blueprint.deferred_functions if f.__name__ != "record" ] fake_blob_service_client = FakeBlobServiceClient() patch_list = [ { "patch_name": "fence.app_sessions" }, { "patch_name": "fence.app_register_blueprints" }, { "patch_name": "fence.oidc.oidc_server.OIDCServer.init_app" }, { "patch_name": "fence._setup_prometheus" }, { "patch_name": "fence.resources.storage.StorageManager.__init__", "return_value": None, }, { "patch_name": "fence._check_aws_creds_and_region" }, { "patch_name": "fence.BlobServiceClient.from_connection_string", "return_value": fake_blob_service_client, }, ] patchers = [] for patch_values in patch_list: patcher = (patch(patch_values["patch_name"], return_value=patch_values["return_value"]) if "return_value" in patch_values.keys() else patch( patch_values["patch_name"])) patcher.start() patchers.append(patcher) app_init( fence.app, test_settings, root_dir=root_dir, config_path=os.path.join(root_dir, config_path), ) assert fence.app.config # nosec for patcher in patchers: patcher.stop()
parser = argparse.ArgumentParser() parser.add_argument( "-c", "--config_file_name", help="Name for file is something other than " "fence-config.yaml. Will search in defined search folders specified in " "fence's settings. To automatically create configs, check out the " 'cfg_help.py file in this directory. Run "python cfg_help.py --help".', default="fence-config.yaml", ) parser.add_argument( "--config_path", help="Full path to a yaml config file for fence. Will not" " search directories for config.", ) args = parser.parse_args() if config.get("MOCK_STORAGE"): from mock import patch from cdisutilstest.code.storage_client_mock import get_client patcher = patch("fence.resources.storage.get_client", get_client) patcher.start() app_init(app, config_path=args.config_path, config_file_name=args.config_file_name) app.run(debug=True, port=8000)