def test_authorised_by_idempotent(identity: PrivateIdentity, entity: Entity) -> None: """Adding authentication is idempotent.""" request = Request("PUT", "https://example.org", entity) request.add_authentication_header(identity) request.add_authentication_header(identity) assert len(request.authorisations) == 1
def test_authorised_by(identity: PrivateIdentity, entity: Entity) -> None: """Authorization is provided by the correct identity.""" request = Request("PUT", "https://example.org", entity) request.add_authentication_header(identity) assert len(request.authorisations) == 1 assert request.authorisations[0]["identityId"] == identity.identity_id assert request.authorisations[0][ "protocolId"] == identity.private_key.protocol.name
def test_add_iov42_headers(identity: PrivateIdentity, entity: Entity) -> None: """Authentication adds neccessary x-iov42 headers signed by the identity.""" request = Request("PUT", "https://example.org", entity) request.add_authentication_header(identity) assert [*request.headers] == [ "content-type", "x-iov42-authorisations", "x-iov42-authentication", ]
def test_unknown_method(identity: PrivateIdentity) -> None: """We create the request even if the method is bogus.""" request = Request( "FOO", "https://example.org", Asset(asset_type_id="123456"), ) request.add_authentication_header(identity) assert [*request.headers] == [] assert request.url == "https://example.org" assert request.content == b"" assert not hasattr(request, "resource")
def test_authorised_by_delegate(delegate: PrivateIdentity, entity: Entity) -> None: """Authorization is provided by the delegate.""" request = Request("PUT", "https://example.org", entity) # identity.delegate_identity_id = "abcdefgh" request.add_authentication_header(delegate) assert len(request.authorisations) == 1 assert request.authorisations[0]["identityId"] == delegate.identity_id assert request.authorisations[0][ "protocolId"] == delegate.private_key.protocol.name assert (request.authorisations[0]["delegateIdentityId"] == delegate.delegate_identity_id)
def test_add_xiov42_headers( identity: PrivateIdentity, entity: Entity, claims: typing.Optional[typing.List[bytes]], endorser_id: typing.Optional[str], ) -> None: """Authenticated GET request has only authentication headers.""" request = Request( "GET", "https://example.org/", entity, claims=claims, endorser=endorser_id, node_id="node-1", ) request.add_authentication_header(identity) assert [*request.headers] == ["x-iov42-authentication"]