def test_accepts_multiple_auth_projects(other_api_key, other_project,
request_builder):
request = request_builder(body=json.dumps({"api-key": other_api_key}))
authorized_project = authorize_request(request)
assert authorized_project == other_project
def test_authorize_accepts_auth_key_in_params(api_key, project,
request_builder):
request = request_builder(params={"api-key": api_key})
authorized_project = authorize_request(request)
assert authorized_project == project
def test_authorize_accepts_auth_key_in_header(api_key, project,
request_builder):
request = request_builder(headers={"Authorization": f"Bearer {api_key}"})
authorized_project = authorize_request(request)
assert authorized_project == project
def test_authorize_accepts_auth_key_in_post_payload(api_key, project,
request_builder):
request = request_builder(body=json.dumps({"api-key": api_key}))
authorized_project = authorize_request(request)
assert authorized_project == project
def handler(event, context):
try:
payload = requests.get_payload_from_request(event)
params = event.get("queryStringParameters") or {}
project = auth.authorize_request(event)
key = params.get("key")
method = event["httpMethod"]
if not key:
raise MissingDataKey()
if method == "GET":
data = s3.get_json_data(project, key=key)
elif method == "POST":
data = s3.set_json_data(project, key=key, data=payload)
else:
logger.error(f"Unknown method {method}")
raise Exception(f"HTTP method {method} is not supported.")
return {"statusCode": 200, "body": json.dumps(data)}
except InvalidPayload as ex:
logger.warning(ex)
return {"statusCode": 400, "body": "Invalid JSON payload"}
except NotAuthenticated as exc:
return {"statusCode": 401, "body": str(exc)}
except MissingDataKey:
return {
"statusCode": 400,
"body": f'"key" must be specified in query parameters.',
}
except Exception as exc:
logger.error(exc)
return {"statusCode": 500, "body": "Unknown error. Check logs."}
def test_authorize_attempts_prioritizes_payload_over_header(
api_key, project, request_builder, invalid_api_key):
request = request_builder(
body=json.dumps({"api-key": api_key}),
headers={"Authorization": f"Bearer {invalid_api_key}"},
)
authorized_project = authorize_request(request)
assert authorized_project == project
def test_raises_on_invalid_auth_key(invalid_api_key, request_builder):
request = request_builder(body=json.dumps({"api-key": invalid_api_key}))
with pytest.raises(exceptions.NotAuthenticated):
authorize_request(request)