def app(kid, rsa_private_key, rsa_public_key):
"""
Flask application fixture.
"""
mocker = Mocker()
mocker.mock_functions()
root_dir = os.path.dirname(os.path.realpath(__file__))
app_init(fence.app, test_settings, root_dir=root_dir)
fence.app.config["TESTING"] = True
fence.app.config["DEBUG"] = True
# We want to set up the keys so that the test application can load keys
# from the test keys directory, but the default keypair used will be the
# one using the fixtures. So, stick the keypair at the front of the
# keypairs list and reverse the ordered dictionary of public keys after
# inserting the fixture keypair.
fixture_keypair = Keypair(kid=kid,
public_key=rsa_public_key,
private_key=rsa_private_key)
fence.app.keypairs = [fixture_keypair] + fence.app.keypairs
fence.app.jwt_public_keys[
fence.app.config["BASE_URL"]][kid] = rsa_public_key
fence.app.jwt_public_keys[fence.app.config["BASE_URL"]] = OrderedDict(
reversed(
list(fence.app.jwt_public_keys[
fence.app.config["BASE_URL"]].items())))
return fence.app
def app():
"""
Flask application fixture.
"""
mocker = Mocker()
mocker.mock_functions()
root_dir = os.path.dirname(os.path.realpath(__file__))
app_init(fence.app, test_settings, root_dir=root_dir)
return fence.app
def fence_client_app(
app,
fence_oauth_client,
fence_oauth_client_url,
db_session,
kid_2,
rsa_private_key_2,
rsa_public_key_2,
):
"""
A Flask application fixture which acts as a client of the original ``app``
in a multi-tenant configuration.
"""
root_dir = os.path.dirname(os.path.dirname(os.path.realpath(__file__)))
client_app = flask.Flask("client_app")
app_init(client_app, test_settings, root_dir=root_dir)
keypair = Keypair(kid=kid_2,
public_key=rsa_public_key_2,
private_key=rsa_private_key_2)
client_app.keypairs = [keypair]
client_app.jwt_public_keys["/"] = OrderedDict([(kid_2, rsa_public_key_2)])
client_app.config["BASE_URL"] = "/"
client_app.config["MOCK_AUTH"] = False
client_app.config["DEFAULT_LOGIN_URL"] = "/login/fence"
client_app.db.Session = lambda: db_session
client_app.config["OPENID_CONNECT"] = {
"fence": {
"client_id": fence_oauth_client.client_id,
"client_secret": fence_oauth_client.client_secret,
"api_base_url": "http://localhost:50000",
"authorize_url": "http://localhost:50000/oauth2/authorize",
"access_token_url": "http://localhost:50000/oauth2/token",
"refresh_token_url": "http://localhost:50000/oauth2/token",
"client_kwargs": {
"scope": "openid user",
"redirect_uri": fence_oauth_client_url,
},
}
}
client_app.fence_client = OAuthClient(
**client_app.config["OPENID_CONNECT"]["fence"])
return client_app
def app(kid, rsa_private_key, rsa_public_key):
"""
Flask application fixture.
"""
mocker = Mocker()
mocker.mock_functions()
root_dir = os.path.dirname(os.path.realpath(__file__))
# delete the record operation from the data blueprint, because right now it calls a
# whole bunch of stuff on the arborist client to do some setup for the uploader role
fence.blueprints.data.blueprint.deferred_functions = [
f
for f in fence.blueprints.data.blueprint.deferred_functions
if f.__name__ != "record"
]
app_init(
fence.app,
test_settings,
root_dir=root_dir,
config_path=os.path.join(root_dir, "test-fence-config.yaml"),
)
# We want to set up the keys so that the test application can load keys
# from the test keys directory, but the default keypair used will be the
# one using the fixtures. So, stick the keypair at the front of the
# keypairs list and reverse the ordered dictionary of public keys after
# inserting the fixture keypair.
fixture_keypair = Keypair(
kid=kid, public_key=rsa_public_key, private_key=rsa_private_key
)
fence.app.keypairs = [fixture_keypair] + fence.app.keypairs
fence.app.jwt_public_keys[config["BASE_URL"]][kid] = rsa_public_key
fence.app.jwt_public_keys[config["BASE_URL"]] = OrderedDict(
reversed(list(fence.app.jwt_public_keys[config["BASE_URL"]].items()))
)
config.update(BASE_URL=config["BASE_URL"])
config.update(ENCRYPTION_KEY=Fernet.generate_key().decode("utf-8"))
yield fence.app
mocker.unmock_functions()
def fence_client_app(
app, fence_oauth_client, fence_oauth_client_url, db_session):
"""
A Flask application fixture which acts as a client of the original ``app``
in a multi-tenant configuration.
"""
root_dir = os.path.dirname(os.path.dirname(os.path.realpath(__file__)))
client_app = flask.Flask('client_app')
app_init(client_app, test_settings, root_dir=root_dir)
client_app.register_blueprint(
fence.blueprints.oauth2.blueprint, url_prefix='/oauth2'
)
client_app.register_blueprint(
fence.blueprints.login.blueprint, url_prefix='/login'
)
client_app.jwt_public_keys['/'] = client_app.jwt_public_keys.pop(
client_app.config['BASE_URL']
)
client_app.config['BASE_URL'] = '/'
client_app.config['MOCK_AUTH'] = False
client_app.config['DEFAULT_LOGIN_URL'] = '/login/fence'
client_app.config['DEFAULT_LOGIN_URL_REDIRECT_PARAM'] = 'redirect_uri'
client_app.db.Session = lambda: db_session
client_app.config['OPENID_CONNECT'] = {
'fence': {
'client_id': fence_oauth_client.client_id,
'client_secret': fence_oauth_client.client_secret,
'api_base_url': 'http://localhost:50000',
'authorize_url': 'http://localhost:50000/oauth2/authorize',
'access_token_url': 'http://localhost:50000/oauth2/token',
'refresh_token_url': 'http://localhost:50000/oauth2/token',
'client_kwargs': {
'scope': 'openid user',
'redirect_uri': fence_oauth_client_url,
}
}
}
client_app.fence_client = OAuthClient(
**client_app.config['OPENID_CONNECT']['fence']
)
return client_app
from fence import app_init from fence import app app_init(app) app.debug = False application = app
def test_app_config():
"""
Test app_init call using the 'test-fence-config.yaml'
This includes the check to verify underlying storage
"""
config_path = "test-fence-config.yaml"
root_dir = os.path.dirname(os.path.realpath(__file__))
# delete the record operation from the data blueprint, because right now it calls a
# whole bunch of stuff on the arborist client to do some setup for the uploader role
fence.blueprints.data.blueprint.deferred_functions = [
f for f in fence.blueprints.data.blueprint.deferred_functions
if f.__name__ != "record"
]
fake_blob_service_client = FakeBlobServiceClient()
patch_list = [
{
"patch_name": "fence.app_sessions"
},
{
"patch_name": "fence.app_register_blueprints"
},
{
"patch_name": "fence.oidc.oidc_server.OIDCServer.init_app"
},
{
"patch_name": "fence._setup_prometheus"
},
{
"patch_name": "fence.resources.storage.StorageManager.__init__",
"return_value": None,
},
{
"patch_name": "fence._check_aws_creds_and_region"
},
{
"patch_name": "fence.BlobServiceClient.from_connection_string",
"return_value": fake_blob_service_client,
},
]
patchers = []
for patch_values in patch_list:
patcher = (patch(patch_values["patch_name"],
return_value=patch_values["return_value"])
if "return_value" in patch_values.keys() else patch(
patch_values["patch_name"]))
patcher.start()
patchers.append(patcher)
app_init(
fence.app,
test_settings,
root_dir=root_dir,
config_path=os.path.join(root_dir, config_path),
)
assert fence.app.config # nosec
for patcher in patchers:
patcher.stop()
parser = argparse.ArgumentParser()
parser.add_argument(
"-c",
"--config_file_name",
help="Name for file is something other than "
"fence-config.yaml. Will search in defined search folders specified in "
"fence's settings. To automatically create configs, check out the "
'cfg_help.py file in this directory. Run "python cfg_help.py --help".',
default="fence-config.yaml",
)
parser.add_argument(
"--config_path",
help="Full path to a yaml config file for fence. Will not"
" search directories for config.",
)
args = parser.parse_args()
if config.get("MOCK_STORAGE"):
from mock import patch
from cdisutilstest.code.storage_client_mock import get_client
patcher = patch("fence.resources.storage.get_client", get_client)
patcher.start()
app_init(app,
config_path=args.config_path,
config_file_name=args.config_file_name)
app.run(debug=True, port=8000)
