def setUp(self): self.store = FakeSecretsStore({ "secrets": { "secret/authentication/public-key": { "type": "versioned", "current": AUTH_TOKEN_PUBLIC_KEY, } }, }) self.factory = EdgeRequestContextFactory(self.store)
def setUp(self): configurator = Configurator() configurator.add_route("example", "/example", request_method="GET") configurator.add_route("trace_context", "/trace_context", request_method="GET") configurator.add_view(example_application, route_name="example", renderer="json") configurator.add_view(local_tracing_within_context, route_name="trace_context", renderer="json") configurator.add_view(render_exception_view, context=ControlFlowException, renderer="json") configurator.add_view(render_bad_exception_view, context=ControlFlowException2, renderer="json") mock_filewatcher = mock.Mock(spec=FileWatcher) mock_filewatcher.get_data.return_value = { "secrets": { "secret/authentication/public-key": { "type": "versioned", "current": AUTH_TOKEN_PUBLIC_KEY, } }, "vault": { "token": "test", "url": "http://vault.example.com:8200/" }, } secrets = SecretsStore("/secrets") secrets._filewatcher = mock_filewatcher self.observer = mock.Mock(spec=BaseplateObserver) self.server_observer = mock.Mock(spec=ServerSpanObserver) def _register_mock(context, server_span): server_span.register(self.server_observer) self.observer.on_server_span_created.side_effect = _register_mock self.baseplate = Baseplate() self.baseplate.register(self.observer) self.baseplate_configurator = BaseplateConfigurator( self.baseplate, trust_trace_headers=True, edge_context_factory=EdgeRequestContextFactory(secrets), ) configurator.include(self.baseplate_configurator.includeme) self.context_init_event_subscriber = mock.Mock() configurator.add_subscriber(self.context_init_event_subscriber, ServerSpanInitialized) app = configurator.make_wsgi_app() self.test_app = webtest.TestApp(app)
def setUp(self): mock_filewatcher = mock.Mock(spec=FileWatcher) mock_filewatcher.get_data.return_value = { "secrets": { "secret/authentication/public-key": { "type": "versioned", "current": AUTH_TOKEN_PUBLIC_KEY, } }, "vault": { "token": "test", "url": "http://vault.example.com:8200/" }, } self.store = SecretsStore("/secrets") self.store._filewatcher = mock_filewatcher self.factory = EdgeRequestContextFactory(self.store)
def make_edge_context_factory(): secrets = FakeSecretsStore( { "secrets": { "secret/authentication/public-key": { "type": "versioned", "current": AUTH_TOKEN_PUBLIC_KEY, } }, } ) return EdgeRequestContextFactory(secrets)
class EdgeRequestContextTests(unittest.TestCase): LOID_ID = "t2_deadbeef" LOID_CREATED_MS = 100000 SESSION_ID = "beefdead" DEVICE_ID = "becc50f6-ff3d-407a-aa49-fa49531363be" ORIGIN_NAME = "baseplate" def setUp(self): mock_filewatcher = mock.Mock(spec=FileWatcher) mock_filewatcher.get_data.return_value = { "secrets": { "secret/authentication/public-key": { "type": "versioned", "current": AUTH_TOKEN_PUBLIC_KEY, } }, "vault": { "token": "test", "url": "http://vault.example.com:8200/" }, } self.store = SecretsStore("/secrets") self.store._filewatcher = mock_filewatcher self.factory = EdgeRequestContextFactory(self.store) def test_create(self): request_context = self.factory.new( authentication_token=AUTH_TOKEN_VALID, loid_id=self.LOID_ID, loid_created_ms=self.LOID_CREATED_MS, session_id=self.SESSION_ID, device_id=self.DEVICE_ID, origin_service_name=self.ORIGIN_NAME, ) self.assertIsNot(request_context._t_request, None) self.assertEqual(request_context._header, SERIALIZED_EDGECONTEXT_WITH_VALID_AUTH) def test_create_validation(self): with self.assertRaises(ValueError): self.factory.new( authentication_token=None, loid_id="abc123", loid_created_ms=self.LOID_CREATED_MS, session_id=self.SESSION_ID, ) def test_create_empty_context(self): request_context = self.factory.new() self.assertEqual( request_context._header, b"\x0c\x00\x01\x00\x0c\x00\x02\x00\x0c\x00\x04\x00\x0c\x00\x05\x00\x00", ) def test_logged_out_user(self): request_context = self.factory.from_upstream( SERIALIZED_EDGECONTEXT_WITH_NO_AUTH) with self.assertRaises(NoAuthenticationError): request_context.user.id with self.assertRaises(NoAuthenticationError): request_context.user.roles self.assertFalse(request_context.user.is_logged_in) self.assertEqual(request_context.user.loid, self.LOID_ID) self.assertEqual(request_context.user.cookie_created_ms, self.LOID_CREATED_MS) with self.assertRaises(NoAuthenticationError): request_context.oauth_client.id with self.assertRaises(NoAuthenticationError): request_context.oauth_client.is_type("third_party") self.assertEqual(request_context.session.id, self.SESSION_ID) self.assertEqual(request_context.device.id, self.DEVICE_ID) self.assertEqual( request_context.event_fields(), { "user_id": self.LOID_ID, "logged_in": False, "cookie_created_timestamp": self.LOID_CREATED_MS, "session_id": self.SESSION_ID, "oauth_client_id": None, "device_id": self.DEVICE_ID, }, ) @unittest.skipIf(not cryptography_installed, "cryptography not installed") def test_logged_in_user(self): request_context = self.factory.from_upstream( SERIALIZED_EDGECONTEXT_WITH_VALID_AUTH) self.assertEqual(request_context.user.id, "t2_example") self.assertTrue(request_context.user.is_logged_in) self.assertEqual(request_context.user.loid, self.LOID_ID) self.assertEqual(request_context.user.cookie_created_ms, self.LOID_CREATED_MS) self.assertEqual(request_context.user.roles, set()) self.assertFalse(request_context.user.has_role("test")) self.assertIs(request_context.oauth_client.id, None) self.assertFalse(request_context.oauth_client.is_type("third_party")) self.assertEqual(request_context.session.id, self.SESSION_ID) self.assertEqual(request_context.device.id, self.DEVICE_ID) self.assertEqual(request_context.origin_service.name, self.ORIGIN_NAME) self.assertEqual( request_context.event_fields(), { "user_id": "t2_example", "logged_in": True, "cookie_created_timestamp": self.LOID_CREATED_MS, "session_id": self.SESSION_ID, "oauth_client_id": None, "device_id": self.DEVICE_ID, }, ) @unittest.skipIf(not cryptography_installed, "cryptography not installed") def test_expired_token(self): request_context = self.factory.from_upstream( SERIALIZED_EDGECONTEXT_WITH_EXPIRED_AUTH) with self.assertRaises(NoAuthenticationError): request_context.user.id with self.assertRaises(NoAuthenticationError): request_context.user.roles with self.assertRaises(NoAuthenticationError): request_context.oauth_client.id with self.assertRaises(NoAuthenticationError): request_context.oauth_client.is_type("third_party") self.assertFalse(request_context.user.is_logged_in) self.assertEqual(request_context.user.loid, self.LOID_ID) self.assertEqual(request_context.user.cookie_created_ms, self.LOID_CREATED_MS) self.assertEqual(request_context.session.id, self.SESSION_ID) self.assertEqual( request_context.event_fields(), { "user_id": self.LOID_ID, "logged_in": False, "cookie_created_timestamp": self.LOID_CREATED_MS, "session_id": self.SESSION_ID, "oauth_client_id": None, }, ) @unittest.skipIf(not cryptography_installed, "cryptography not installed") def test_anonymous_token(self): request_context = self.factory.from_upstream( SERIALIZED_EDGECONTEXT_WITH_ANON_AUTH) with self.assertRaises(NoAuthenticationError): request_context.user.id self.assertFalse(request_context.user.is_logged_in) self.assertEqual(request_context.user.loid, self.LOID_ID) self.assertEqual(request_context.user.cookie_created_ms, self.LOID_CREATED_MS) self.assertEqual(request_context.session.id, self.SESSION_ID) self.assertTrue(request_context.user.has_role("anonymous"))