def test_get_access_token(self, mocked_requests_post): content = {"access_token": "fake_access_token"} mocked_requests_post.return_value = generate_response(content, 200) ms_helper = MicrosoftGraphHelper("tenant_id1234", "client_id1234", "client_secret1234") token = ms_helper.get_access_token() assert token == "fake_access_token"
def test_check_stats_code_good(self, mocked_requests_post): content = {"access_token": "fake_access_token"} mocked_requests_post.return_value = generate_response(content, 200) ms_helper = MicrosoftGraphHelper("tenant_id1234", "client_id1234", "client_secret1234") r = requests_mock.response r.status_code = 200 assert ms_helper.check_status_code(r)
def test_search_alert(self, mocked_requests_post, mocked_requests_get): content = {"access_token": "fake_access_token"} content2 = {"alerts": [{"alert1": 1}, {"alert2": 2}]} mocked_requests_post.return_value = generate_response(content, 200) mocked_requests_get.return_value = generate_response(content2, 200) ms_helper = MicrosoftGraphHelper("tenant_id1234", "client_id1234", "client_secret1234") ms_helper.clear_cache() r = alert_search("ms_graph_url", ms_helper, "filter") assert r.json() == content2
def test_update_alert(self, mocked_requests_post, mocked_requests_patch): content = {"access_token": "fake_access_token"} content2 = {"alert_details": {"details": "updated"}} mocked_requests_post.return_value = generate_response(content, 200) mocked_requests_patch.return_value = generate_response(content2, 200) ms_helper = MicrosoftGraphHelper("tenant_id1234", "client_id1234", "client_secret1234") ms_helper.clear_cache() r = update_alert("ms_graph_url", ms_helper, "21354657678", '{"update_data": "data"}') assert r.json() == content2
def test_get_alert_details(self, mocked_requests_post, mocked_requests_get): content = {"access_token": "fake_access_token"} content2 = {"alert_details": {"details": 1234}} mocked_requests_post.return_value = generate_response(content, 200) mocked_requests_get.return_value = generate_response(content2, 200) ms_helper = MicrosoftGraphHelper("tenant_id1234", "client_id1234", "client_secret1234") ms_helper.clear_cache() r = get_alert_details("ms_graph_url", ms_helper, "1223456788") assert r.json() == content2
def test_check_stats_code_bad(self, mocked_requests_post): content = {"access_token": "fake_access_token"} mocked_requests_post.return_value = generate_response(content, 200) ms_helper = MicrosoftGraphHelper("tenant_id1234", "client_id1234", "client_secret1234") r = requests_mock.response r.status_code = 500 try: ms_helper.check_status_code(r) except ValueError as e: assert e.args[ 0] == "Invalid response from Microsoft Security Graph"
def test_get_access_token_refresh(self, mocked_requests_post): content1 = {"access_token": ""} content2 = {"access_token": "fake_refreshed_access_token"} mocked_requests_post.side_effect = [ generate_response(content1, 200), generate_response(content2, 200) ] ms_helper = MicrosoftGraphHelper("tenant_id1234", "client_id1234", "client_secret1234") ms_helper.clear_cache() token = ms_helper.get_access_token() assert token == "fake_refreshed_access_token"
def _reload(self, event, opts): """Configuration options have changed, save new values""" self.options = opts.get("fn_microsoft_security_graph", {}) self.Microsoft_security_graph_helper = MicrosoftGraphHelper( self.options.get("tenant_id"), self.options.get("client_id"), self.options.get("client_secret"))
def test_check_stats_code_invalid(self, mocked_requests_post): content1 = {"access_token": "fake_access_token"} content2 = {"access_token": "new_fake_access_token"} mocked_requests_post.side_effect = [ generate_response(content1, 200), generate_response(content2, 200) ] ms_helper = MicrosoftGraphHelper("tenant_id1234", "client_id1234", "client_secret1234") r = requests_mock.response r.status_code = 401 r.content = "Fake content" assert not ms_helper.check_status_code(r) token = ms_helper.get_access_token() assert token == "new_fake_access_token"
def __init__(self, opts): """constructor provides access to the configuration options""" super(IntegrationComponent, self).__init__(opts) self.options = opts.get("fn_microsoft_security_graph", {}) # Validate required fields in app.config are set required_fields = ["microsoft_graph_url", "tenant_id", "client_id", "client_secret"] validate_fields(required_fields, self.options) self.Microsoft_security_graph_helper = MicrosoftGraphHelper(self.options.get("tenant_id"), self.options.get("client_id"), self.options.get("client_secret")) self.polling_main()
def test_get_alerts(self, mocked_requests_post, mocked_requests_get): opts = { "alert_time_range_sec": "100", "microsoft_graph_url": "fake_url", "alert_filter": "severity%20eq%20'high'" } content = {"access_token": "fake_access_token"} content2 = {"value": {"alert_details": {"details": 1234}}} mocked_requests_post.return_value = generate_response(content, 200) mocked_requests_get.return_value = generate_response(content2, 200) ms_helper = MicrosoftGraphHelper("tenant_id1234", "client_id1234", "client_secret1234") alerts = get_alerts(opts, ms_helper) assert alerts == {"alert_details": {"details": 1234}}