async def test_fk_host_matches():
expected_rs = RsFake("200 OK", CIMultiDict({"foo": "bar"}))
assert await FkHost("www.example.com", MgFixed(expected_rs)).route(
RqFake()) is None
assert (await FkHost("www.example.com", MgFixed(expected_rs)).route(
RqFake(headers=CIMultiDict({"host": "www.example.com"}))) is
expected_rs)
async def test_fk_methods_matches():
expected_rs = RsEmpty()
fk = FkMethods(
"PUT",
"GET",
resp=expected_rs,
)
assert await fk.route(RqFake(method="GET", url="/foo/bar?baz=1")
) is expected_rs
assert await fk.route(RqFake(method="POST", url="/foo/bar?baz=1")) is None
async def test_fk_params_matches():
expected_rs = RsEmpty()
fk = FkParams(
"foo",
re.compile("[0-9]+"),
resp=expected_rs,
)
assert await fk.route(RqFake(url="/bar?foo=1226")) is expected_rs
assert await fk.route(RqFake(url="/bar?foo=baz")) is None
assert await fk.route(RqFake(url="/bar")) is None
async def test_fk_chain_has_match():
rs = await FkChain(
FkRegex(r"/foo", resp=RsText("Foo!")),
FkRegex(r"/bar", resp=RsText("Bar!")),
FkRegex(r"/baz", resp=RsText("Baz!")),
).route(RqFake(url="/bar"))
assert await whole_body_of(rs) == b"Bar!"
async def test_mg_auth_safe_from_hackers(idt):
mg_fake = Mock(act=AsyncMock())
await MgAuth(mg_fake, PsFixed(idt)).act(
RqWithHeaders(RqFake(headers={}), {"MgAuth": "urn%3Atest%3A1"}))
assert mg_fake.act.call_count == 1
rq = mg_fake.act.call_args.args[0]
assert await rq.headers() == {}
async def test_fk_encoding_no_match(fk, rq):
assert (
await FkEncoding(fk, resp=RsText("Foo!")).route(
RqFake(headers={"accept-encoding": rq})
)
is None
)
async def test_mg_auth_logs_in_with_cookie():
rs = await MgAuth(MgFixed(RsText()), PsCookie(CcPlain())).act(
RqFake(headers={"cookie": "PsCookie=urn%3Atest%3A99"}))
assert await rs.headers() == {
"Content-Type":
"text/plain",
"Set-Cookie":
"PsCookie=urn%3Atest%3A99;Path=/;HttpOnly;Expires=Sat, 13 Feb 2021 03:21:34 GMT;",
}
async def test_ps_basic_enter_valid():
"""
PsBasic handling valid auth credentials
"""
identity: Identity = await PsBasic("Realm123", EntryFake(True)).enter(
RqFake(headers=MappingProxyType(
{"Authorization": auth_header_value("john", "secret-pswd")})))
assert await identity.urn() == "urn:basic:john"
assert await identity.properties() == {}
async def test_rq_with_headers_immutability():
headers = await RqWithHeaders(
RqFake(
headers=CIMultiDict({"foo": "bar", "accept": "some-value"}),
),
{"foo": "baz"},
).headers()
with pytest.raises(TypeError):
headers["accept"] = "foo"
async def test_rq_with_headers_case_insensitive():
headers = await RqWithHeaders(
RqFake(
headers=MultiDict({"Foo": "bar", "accept": "some-value"}),
),
{"foo": "baz"},
).headers()
assert headers.getall("foo") == headers.getall("Foo") == ["bar", "baz"]
assert headers.getall("accept") == headers.getall("ACCEPT") == ["some-value"]
async def test_ps_token_fails():
signature = SiHmac("foo")
raw_token = (
"eyJhbGciOiAiSFMyNTYiLCAidHlwIjogIkpXVCJ9."
"eyJleHAiOiAxNjIwNzA3Mzg1LjIxNDI5LCAiaWF0IjogIjIwMjEtMDUtMTBUMDc6Mjk6NDUuMjE0MjkwIiwgIn"
"BAD6ICJ1cm46IGpvaG4tZ29sZCJ9._L3pWAhDph1wzBuwxxEvH9WinpDvxs_gFa3mPj1Tvco="
)
assert (await PsToken.from_signature(signature).enter(
RqFake(headers={"authorization": f"Bearer {raw_token}"})) is None)
async def test_ps_token_encode_decode():
signature = SiHmac("foo")
token = await EntrySimple(signature).new_token(
IdentitySimple("urn: john-gold"))
identity = await PsToken.from_signature(signature).enter(
RqFake(headers={
"authorization": f"Bearer {(await token.encoded()).decode()}"
}))
assert await identity.properties() == {}
assert await identity.urn() == "urn: john-gold"
async def test_ps_basic_enter_no_auth():
"""
PsBasic handling missing auth credentials
"""
with pytest.raises(RsForward) as e:
await PsBasic("Realm123", EntryFake(False)).enter(RqFake())
forward = e.value
assert await forward.status() == "401 Unauthorized"
headers = await forward.headers()
assert headers.getone("WWW-Authenticate") == 'Basic realm="Realm123"'
async def test_rq_without_headers_case_insensitive():
headers = await RqWithoutHeaders(
RqFake(headers=MultiDict({
"Foo": "bar",
"accept": "some-value"
}), ),
["ACCEPT"],
).headers()
assert headers.getall("foo") == headers.getall("Foo") == ["bar"]
assert "accept" not in headers
assert "Accept" not in headers
async def test_ps_all_success_entry():
idt = await PsAll(
[
PsFixed(IdentitySimple("urn:test:1")),
PsFixed(IdentitySimple("urn:test:2")),
PsFixed(IdentitySimple("urn:test:3")),
PsFixed(IdentitySimple("urn:test:4")),
],
identity=2,
).enter(RqFake())
assert await idt.urn() == "urn:test:3"
async def test_ps_all_fail():
idt = await PsAll(
[
PsFixed(IdentitySimple("urn:test:1")),
PsFixed(IdentitySimple("urn:test:2")),
PsFixed(None),
PsFixed(IdentitySimple("urn:test:4")),
],
identity=0,
).enter(RqFake())
assert idt is None
async def test_ps_basic_enter_invalid_creds():
"""
PsBasic handling invalid auth credentials
"""
with pytest.raises(RsForward) as e:
await PsBasic("Realm123", EntryFake(False)).enter(
RqFake(headers=MappingProxyType(
{"Authorization": auth_header_value("john", "secret-pswd")})))
forward = e.value
assert await forward.status() == "401 Unauthorized"
headers = await forward.headers()
assert headers.getone("WWW-Authenticate") == 'Basic realm="Realm123"'
async def test_fk_fixed_works():
rs = RsFake("200 OK", MultiDict({"foo": "bar"}))
assert await FkFixed(MgFixed(rs)).route(RqFake()) is rs
async def test_mg_secure_fails_on_anonymous():
with pytest.raises(HttpException) as e:
await MgSecure(MgFixed(RsEmpty())).act(RqFake())
assert e.value.code() == 303
async def test_fk_content_type_no_match(fk, rq):
assert (await FkContentType([fk], resp=RsText("Foo!")).route(
RqFake(headers={"content-type": rq})) is None)
async def test_fk_content_type_matches(fk, rq):
rs = await FkContentType([fk], resp=RsText("Foo!")).route(
RqFake(headers={"content-type": rq}))
assert await whole_body_of(rs) == b"Foo!"
async def test_mg_forward_catches_exceptions_raised_by_response():
rs = await MgForward(origin=MgFixed(RsThrow())).act(RqFake())
assert await rs.status() == "303 See Other"
assert await rs.headers() == {"Location": "/"}
assert await whole_body_of(rs) == b""
async def test_fk_types_no_match(fk, rq):
assert (await FkTypes([fk], resp=RsText("Foo!")).route(
RqFake(headers={"accept": rq})) is None)
async def test_fk_encoding_matches(fk, rq):
rs = await FkEncoding(fk, resp=RsText("Foo!")).route(
RqFake(headers={"accept-encoding": rq})
)
assert await whole_body_of(rs) == b"Foo!"
async def test_fk_regex_no_match(arg):
assert (await FkRegex(arg, resp=RsText("Foo!")).route(
RqFake(url="/idontmatch")) is None)
async def test_mg_auth_logs_in():
mg_fake = Mock(act=AsyncMock())
await MgAuth(mg_fake, PsFixed(IdentitySimple("urn:test:1"))).act(RqFake())
assert mg_fake.act.call_count == 1
rq = mg_fake.act.call_args.args[0]
assert await rq.headers() == {"Foo": "bar", "MgAuth": "urn%3Atest%3A1"}
async def test_fk_types_matches(fk, rq):
rs = await FkTypes([fk], resp=RsText("Foo!")).route(
RqFake(headers={"accept": rq}))
assert await whole_body_of(rs) == b"Foo!"
async def test_fk_chain_no_match():
assert (await FkChain(
FkRegex(r"/foo", resp=RsText("Foo!")),
FkRegex(r"/bar", resp=RsText("Bar!")),
FkRegex(r"/baz", resp=RsText("Baz!")),
).route(RqFake(url="/idontmatch")) is None)
async def test_fk_regex_has_match(arg):
rs = await FkRegex(arg, resp=RsText("Foo!")).route(RqFake(url="/foo"))
assert await whole_body_of(rs) == b"Foo!"
async def test_mg_secure_passes_authenticated_user():
expected = RsEmpty()
rs = await MgSecure(MgFixed(expected)).act(
RqWithHeaders(RqFake(headers={}), {"MgAuth": "urn%3Atest%3A1"}))
assert rs is expected