def test_can_use_cognito_auth_object_with_scopes(sample_app, swagger_gen):
authorizer = CognitoUserPoolAuthorizer('MyUserPool',
header='Authorization',
provider_arns=['myarn'])
@sample_app.route('/api-key-required',
authorizer=authorizer.with_scopes(
["write:test", "read:test"]))
def foo():
return {}
doc = swagger_gen.generate_swagger(sample_app)
single_method = doc['paths']['/api-key-required']['get']
assert single_method.get('security') == [{
'MyUserPool': ["write:test", "read:test"]
}]
assert 'securityDefinitions' in doc
assert doc['securityDefinitions'].get('MyUserPool') == {
'in': 'header',
'type': 'apiKey',
'name': 'Authorization',
'x-amazon-apigateway-authtype': 'cognito_user_pools',
'x-amazon-apigateway-authorizer': {
'type': 'cognito_user_pools',
'providerARNs': ['myarn']
}
}
def test_auth_defined_for_multiple_methods(sample_app, swagger_gen):
authorizer = CognitoUserPoolAuthorizer('MyUserPool',
header='Authorization',
provider_arns=['myarn'])
@sample_app.route('/pool1', authorizer=authorizer)
def foo():
return {}
@sample_app.route('/pool2', authorizer=authorizer)
def bar():
return {}
doc = swagger_gen.generate_swagger(sample_app)
assert 'securityDefinitions' in doc
assert len(doc['securityDefinitions']) == 1
