def test_secret_create_all_none(self): """Covers case of a POST request with no JSON data.""" test_model = secret_models.SecretModel( **self.default_secret_create_all_none_data) resp, secret_ref = self.behaviors.create_secret(test_model) self.assertEqual(resp.status_code, 201)
def test_secret_create_defaults_then_expire_then_check(self): """Covers case where you try to retrieve a secret that is expired. This test creates a secret that will soon expire. After it expires, check it and verify that it is no longer a valid secret. """ # create a secret that expires in 5 seconds timestamp = utils.create_timestamp_w_tz_and_offset(seconds=5) test_model = secret_models.SecretModel(**secret_create_defaults_data) overrides = {"expiration": timestamp} test_model.override_values(**overrides) resp, secret_ref = self.behaviors.create_secret(test_model) self.assertEqual(resp.status_code, 201) # now get the secret - will be still valid get_resp = self.behaviors.get_secret_metadata(secret_ref) self.assertEqual(get_resp.status_code, 200) # now wait 10 seconds time.sleep(10) # now get the secret - should be invalid (expired) resp = self.behaviors.get_secret_metadata(secret_ref) self.assertEqual(resp.status_code, 404)
def _create_secret_list(self, user, delete=False, expiration="2050-02-28T19:14:44.180394"): secret_defaults_data = { "name": "AES key", "expiration": expiration, "algorithm": "aes", "bit_length": 256, "mode": "cbc", "payload": "gF6+lLoF3ohA9aPRpt+6bQ==", "payload_content_type": "application/octet-stream", "payload_content_encoding": "base64", } secret_list = [] for i in range(0, 5): secret_model = secret_models.SecretModel(**secret_defaults_data) resp, secret_ref = self.sbehaviors.create_secret(secret_model, user_name=user) self.assertEqual(resp.status_code, 201) self.assertIsNotNone(secret_ref) secret_list.append(secret_ref) if delete is True: self._delete_secret_list(secret_list, user) return secret_list
def test_secret_update_two_phase(self): """Covers updating a secret's payload data.""" # Create test_model = secret_models.SecretModel(**self.create_two_phase_data) resp, secret_ref = self.behaviors.create_secret(test_model) self.assertEqual(resp.status_code, 201) # Update payload = "gF6+lLoF3ohA9aPRpt+6bQ==" payload_content_type = "application/octet-stream" payload_content_encoding = "base64" update_resp = self.behaviors.update_secret_payload( secret_ref, payload=payload, payload_content_type=payload_content_type, payload_content_encoding=payload_content_encoding) self.assertEqual(update_resp.status_code, 204) # Get/Check Updated sec_resp = self.behaviors.get_secret( secret_ref=secret_ref, payload_content_type=payload_content_type) self.assertEqual(sec_resp.status_code, 200) self.assertIn('gF6+lLoF3ohA9aPRpt+6bQ==', binascii.b2a_base64(sec_resp.content))
def test_secret_create_defaults_invalid_types_and_encoding(self, **kwargs): """Creating secrets with invalid payload types and encodings.""" test_model = secret_models.SecretModel(**secret_create_defaults_data) test_model.override_values(**kwargs) resp, secret_ref = self.behaviors.create_secret(test_model) self.assertEqual(resp.status_code, 400)
def _create_a_secret(self): secret_model = secret_models.SecretModel(**create_secret_defaults_data) resp, secret_ref = self.secret_behaviors.create_secret(secret_model) self.assertEqual(201, resp.status_code) self.assertIsNotNone(secret_ref) return secret_ref
def store_secret(self, user_name=creator_a, admin=admin_a): test_model = secret_models.SecretModel( **get_default_secret_data()) resp, secret_ref = self.secret_behaviors.create_secret( test_model, user_name=user_name, admin=admin) self.assertEqual(201, resp.status_code) return secret_ref
def test_secret_acl_put_as_observer(self): """Observer can not put to a secret when granted access via acl""" secret_no_payload = { "name": "AES key", "expiration": "2020-02-28T19:14:44.180394", "algorithm": "aes", "bit_length": 256, "mode": "cbc", } secret_model = secret_models.SecretModel(**secret_no_payload) resp, secret_ref = self.secret_behaviors.create_secret( model=secret_model, user_name=creator_a) self.set_secret_acl(secret_ref, get_rbac_plus_acl(observer_a)) # Update payload = "gF6+lLoF3ohA9aPRpt+6bQ==" payload_content_type = "application/octet-stream" payload_content_encoding = "base64" update_resp = self.secret_behaviors.update_secret_payload( secret_ref, user_name=observer_a, payload=payload, payload_content_type=payload_content_type, payload_content_encoding=payload_content_encoding) self.assertEqual(403, update_resp.status_code)
def test_secret_create_defaults_invalid_algorithms(self, algorithm): """Creates secrets with various invalid algorithms.""" test_model = secret_models.SecretModel(**secret_create_defaults_data) overrides = {"algorithm": algorithm} test_model.override_values(**overrides) resp, secret_ref = self.behaviors.create_secret(test_model) self.assertEqual(resp.status_code, 400)
def test_secret_create_defaults_invalid_mode(self, mode): """Covers cases of creating secrets with invalid modes.""" test_model = secret_models.SecretModel(**secret_create_defaults_data) overrides = {"mode": mode} test_model.override_values(**overrides) resp, secret_ref = self.behaviors.create_secret(test_model) self.assertEqual(resp.status_code, 400)
def test_secret_create_defaults_invalid_bit_length(self, bit_length): """Covers cases of creating secrets with invalid bit lengths.""" test_model = secret_models.SecretModel(**secret_create_defaults_data) overrides = {"bit_length": bit_length} test_model.override_values(**overrides) resp, secret_ref = self.behaviors.create_secret(test_model) self.assertEqual(resp.status_code, 400)
def store_passphrase(self): passphrase = keys.get_passphrase_txt() test_model = secret_models.SecretModel( **get_passphrase_req(passphrase)) resp, passphrase_secret_ref = self.secret_behaviors.create_secret( test_model) self.assertEqual(201, resp.status_code) return passphrase_secret_ref
def test_secret_create_defaults_valid_name(self, name): """Covers cases of creating secrets with valid names.""" test_model = secret_models.SecretModel(**secret_create_defaults_data) overrides = {"name": name} test_model.override_values(**overrides) resp, secret_ref = self.behaviors.create_secret(test_model) self.assertEqual(resp.status_code, 201)
def test_secret_get_invalid_mime_type(self): """Covers getting a secret with an invalid mime type.""" test_model = secret_models.SecretModel(**secret_create_defaults_data) resp, secret_ref = self.behaviors.create_secret(test_model) resp = self.behaviors.get_secret(secret_ref, payload_content_type="i/m") self.assertEqual(resp.status_code, 406)
def test_secret_create_defaults_invalid_mode(self, mode): """Covers cases of creating secrets with invalid modes.""" test_model = secret_models.SecretModel( **self.default_secret_create_data) test_model.mode = mode resp, secret_ref = self.behaviors.create_secret(test_model) self.assertEqual(resp.status_code, 400)
def test_secret_create_defaults_invalid_bit_length(self, bit_length): """Covers cases of creating secrets with invalid bit lengths.""" test_model = secret_models.SecretModel( **self.default_secret_create_data) test_model.bit_length = bit_length resp, secret_ref = self.behaviors.create_secret(test_model) self.assertEqual(resp.status_code, 400)
def test_secret_create_invalid_algorithms(self, algorithm): """Creates secrets with various invalid algorithms.""" test_model = secret_models.SecretModel( **self.default_secret_create_data) test_model.algorithm = algorithm resp, secret_ref = self.behaviors.create_secret(test_model) self.assertEqual(resp.status_code, 400)
def test_secret_create_defaults_valid_name(self, name): """Covers cases of creating secrets with valid names.""" test_model = secret_models.SecretModel( **self.default_secret_create_data) test_model.name = name resp, secret_ref = self.behaviors.create_secret(test_model) self.assertEqual(resp.status_code, 201)
def store_certificate(self): pem = keys.get_certificate_pem() test_model = secret_models.SecretModel( **get_certificate_req(base64.b64encode(pem))) resp, certificate_secret_ref = self.secret_behaviors.create_secret( test_model) self.assertEqual(201, resp.status_code) return certificate_secret_ref
def test_secret_create_defaults_valid_payload(self, payload): """Create secrets with a various valid payloads.""" test_model = secret_models.SecretModel(**secret_create_defaults_data) overrides = {"payload": payload} test_model.override_values(**overrides) resp, secret_ref = self.behaviors.create_secret(test_model) self.assertEqual(resp.status_code, 201)
def store_encrypted_private_key(self): pem = keys.get_encrypted_private_key_pem() test_model = secret_models.SecretModel( **get_private_key_req(base64.b64encode(pem))) resp, private_key_secret_ref = self.secret_behaviors.create_secret( test_model) self.assertEqual(201, resp.status_code) return private_key_secret_ref
def test_secret_create_with_only_content_type_no_payload(self): """Create secret with valid content type but no payload.""" test_model = secret_models.SecretModel( **self.default_secret_create_all_none_data) test_model.payload_content_type = 'application/octet-stream' resp, secret_ref = self.behaviors.create_secret(test_model) self.assertEqual(resp.status_code, 400)
def test_secret_create_nones_content_type(self): """Create secret with valid content type but no payload.""" test_model = secret_models.SecretModel(**secret_create_nones_data) overrides = {"payload_content_type": "application/octet-stream"} test_model.override_values(**overrides) resp, secret_ref = self.behaviors.create_secret(test_model) self.assertEqual(resp.status_code, 400)
def create_secrets(self, count=1, expected_return=201): """Utility function to create secrets""" secret_ref = None for _ in range(count): test_model = secret_models.SecretModel(**self.secret_data) resp, secret_ref = self.secret_behaviors.create_secret( test_model, user_name=admin_b) self.assertEqual(expected_return, resp.status_code) return secret_ref
def test_secret_create_unauthed_no_proj_id(self): """Attempt to create a secret without a token or project id Should return 401 """ model = secret_models.SecretModel(self.default_secret_create_data) resp, secret_ref = self.behaviors.create_secret(model, use_auth=False) self.assertEqual(401, resp.status_code)
def test_secret_delete_minimal_secret_w_no_metadata(self): """Covers deleting a secret with nones data.""" test_model = secret_models.SecretModel(**self.create_all_none_data) resp, secret_ref = self.behaviors.create_secret(test_model) self.assertEqual(resp.status_code, 201) del_resp = self.behaviors.delete_secret(secret_ref) self.assertEqual(del_resp.status_code, 204)
def test_secret_delete(self): """Covers deleting a secret.""" test_model = secret_models.SecretModel(**self.create_default_data) resp, secret_ref = self.behaviors.create_secret(test_model) self.assertEqual(resp.status_code, 201) del_resp = self.behaviors.delete_secret(secret_ref) self.assertEqual(del_resp.status_code, 204)
def test_secret_create_defaults_invalid_expiration(self, **kwargs): """Create secrets with various invalid expiration data.""" timestamp = utils.create_timestamp_w_tz_and_offset(**kwargs) test_model = secret_models.SecretModel(**secret_create_defaults_data) overrides = {"expiration": timestamp} test_model.override_values(**overrides) resp, secret_ref = self.behaviors.create_secret(test_model) self.assertEqual(resp.status_code, 400)
def create_certificate(self): create_req = get_certificate_req("") del create_req['payload'] del create_req['payload_content_type'] del create_req['payload_content_encoding'] test_model = secret_models.SecretModel(**create_req) resp, certificate_secret_ref = self.secret_behaviors.create_secret( test_model) self.assertEqual(201, resp.status_code) return certificate_secret_ref
def create_encrypted_private_key(self): create_req = get_private_key_req("") del create_req['payload'] del create_req['payload_content_type'] del create_req['payload_content_encoding'] test_model = secret_models.SecretModel(**create_req) resp, private_key_secret_ref = self.secret_behaviors.create_secret( test_model) self.assertEqual(201, resp.status_code) return private_key_secret_ref