def fixture_connection_service(connection_api, auth_session):
service = ConnectionService(
connection_api,
auth_session,
minimal_retry_config()
)
return service
async def test_authenticate_and_retrieve_tokens():
with patch("symphony.bdk.core.auth.ext_app_authenticator.create_signed_jwt") as mock_create_jwt:
signed_jwt = "signed jwt"
app_token = "app_token"
app_id = "app_id"
out_app_token = "out_app_token"
symphony_token = "symphony_token"
key_config = BdkRsaKeyConfig(content="key content")
mock_create_jwt.return_value = signed_jwt
extension_app_tokens = ExtensionAppTokens(app_id="my_app_id", app_token=out_app_token,
symphony_token=symphony_token,
expire_at=12345)
mock_authentication_api = AsyncMock()
mock_authentication_api.v1_pubkey_app_authenticate_extension_app_post = AsyncMock(
return_value=extension_app_tokens)
extension_app_authenticator = ExtensionAppAuthenticatorRsa(mock_authentication_api, None, app_id, key_config,
minimal_retry_config())
returned_ext_app_tokens = await extension_app_authenticator.authenticate_and_retrieve_tokens(app_token)
assert returned_ext_app_tokens == extension_app_tokens
assert extension_app_authenticator._tokens_repository._tokens == {out_app_token: symphony_token}
assert await extension_app_authenticator.is_token_pair_valid(out_app_token, symphony_token)
assert not await extension_app_authenticator.is_token_pair_valid("invalid app token", symphony_token)
assert not await extension_app_authenticator.is_token_pair_valid(out_app_token, "invalid symphony token")
mock_create_jwt.assert_called_once_with(key_config, app_id)
mock_authentication_api.v1_pubkey_app_authenticate_extension_app_post.assert_called_once()
call_args = mock_authentication_api.v1_pubkey_app_authenticate_extension_app_post.call_args.args[0]
assert call_args.app_token == app_token
assert call_args.auth_token == signed_jwt
def fixture_message_service(mocked_api_client, auth_session):
service = MessageService(MultiAttachmentsMessagesApi(mocked_api_client),
MessageApi(mocked_api_client),
MessageSuppressionApi(mocked_api_client),
StreamsApi(mocked_api_client),
PodApi(mocked_api_client),
AttachmentsApi(mocked_api_client),
DefaultApi(mocked_api_client), auth_session,
minimal_retry_config())
return service
async def test_validate_jwt_get_pod_certificate_failure():
with patch("symphony.bdk.core.auth.ext_app_authenticator.validate_jwt") as mock_validate:
mock_pod_api = AsyncMock()
mock_pod_api.v1_podcert_get = AsyncMock(side_effect=ApiException(status=400))
with pytest.raises(ApiException):
ext_app_authenticator = ExtensionAppAuthenticatorRsa(None, mock_pod_api, "app-id", None,
minimal_retry_config())
await ext_app_authenticator.validate_jwt("my-jwt")
mock_pod_api.v1_podcert_get.assert_called_once()
mock_validate.assert_not_called()
async def test_bot_session_cert(mocked_api_client):
session_auth_client = mocked_api_client()
key_auth_client = mocked_api_client()
session_auth_client.call_api.return_value = Token(token="session_token")
key_auth_client.call_api.return_value = Token(token="km_token")
bot_authenticator = BotAuthenticatorCert(session_auth_client, key_auth_client, minimal_retry_config())
session_token = await bot_authenticator.retrieve_session_token()
km_token = await bot_authenticator.retrieve_key_manager_token()
assert session_token == "session_token"
assert km_token == "km_token"
async def test_api_exception_cert_auth_in_userid_authenticate():
with patch(
"symphony.bdk.core.auth.obo_authenticator.CertificateAuthenticationApi"
) as auth_api:
auth_api.v1_app_authenticate_post = AsyncMock(return_value=Token(
token="app_token"))
auth_api.v1_app_user_uid_authenticate_post = AsyncMock(
side_effect=ApiException(400))
obo_authenticator = OboAuthenticatorCert(auth_api,
minimal_retry_config())
with pytest.raises(ApiException):
await obo_authenticator.retrieve_obo_session_token_by_user_id(1234)
async def test_api_exception_in_authenticate_userid(config):
with patch("symphony.bdk.core.auth.obo_authenticator.create_signed_jwt", return_value="signed_jwt"), \
patch("symphony.bdk.core.auth.obo_authenticator.AuthenticationApi") as auth_api:
auth_api.pubkey_app_authenticate_post = AsyncMock(return_value=Token(
token="app_token"))
auth_api.pubkey_app_user_user_id_authenticate_post = AsyncMock(
side_effect=ApiException(400))
obo_authenticator = OboAuthenticatorRsa(config, auth_api,
minimal_retry_config())
with pytest.raises(ApiException):
await obo_authenticator.retrieve_obo_session_token_by_user_id(1234)
async def test_api_exception_cert(mocked_api_client):
session_auth_client = mocked_api_client()
key_auth_client = mocked_api_client()
session_auth_client.call_api.side_effect = ApiException(status=401)
key_auth_client.call_api.side_effect = ApiException(status=401)
bot_authenticator = BotAuthenticatorCert(session_auth_client, key_auth_client, minimal_retry_config())
with pytest.raises(AuthUnauthorizedError):
await bot_authenticator.retrieve_session_token()
with pytest.raises(AuthUnauthorizedError):
await bot_authenticator.retrieve_key_manager_token()
async def test_authenticate_and_retrieve_tokens_failure():
with patch("symphony.bdk.core.auth.ext_app_authenticator.create_signed_jwt") as mock_create_jwt:
key_config = BdkRsaKeyConfig(content="key content")
mock_create_jwt.return_value = "signed jwt"
mock_authentication_api = AsyncMock()
mock_authentication_api.v1_pubkey_app_authenticate_extension_app_post = AsyncMock(side_effect=ValueError)
extension_app_authenticator = ExtensionAppAuthenticatorRsa(mock_authentication_api, None, "app_id", key_config,
minimal_retry_config())
with pytest.raises(ValueError):
await extension_app_authenticator.authenticate_and_retrieve_tokens("app_token")
assert extension_app_authenticator._tokens_repository._tokens == {}
mock_authentication_api.v1_pubkey_app_authenticate_extension_app_post.assert_called_once()
async def test_bot_session_rsa(config, mocked_api_client):
with patch("symphony.bdk.core.auth.bot_authenticator.create_signed_jwt",
return_value="privateKey"):
login_api_client = mocked_api_client()
relay_api_client = mocked_api_client()
login_api_client.call_api.return_value = Token(token="session_token")
relay_api_client.call_api.return_value = Token(token="km_token")
bot_authenticator = BotAuthenticatorRsa(config, login_api_client,
relay_api_client,
minimal_retry_config())
session_token = await bot_authenticator.retrieve_session_token()
km_token = await bot_authenticator.retrieve_key_manager_token()
assert session_token == "session_token"
assert km_token == "km_token"
async def test_api_exception_rsa(config, mocked_api_client):
with patch("symphony.bdk.core.auth.bot_authenticator.create_signed_jwt",
return_value="privateKey"):
login_api_client = mocked_api_client()
relay_api_client = mocked_api_client()
login_api_client.call_api.side_effect = ApiException(status=401)
relay_api_client.call_api.side_effect = ApiException(status=401)
bot_authenticator = BotAuthenticatorRsa(config, login_api_client,
relay_api_client,
minimal_retry_config())
with pytest.raises(AuthUnauthorizedError):
await bot_authenticator.retrieve_session_token()
with pytest.raises(AuthUnauthorizedError):
await bot_authenticator.retrieve_key_manager_token()
async def test_authenticate_by_user_id_cert_authentication():
with patch(
"symphony.bdk.core.auth.obo_authenticator.CertificateAuthenticationApi"
) as auth_api:
user_id = 1234
app_token = "app_token"
session_token = "session_token"
auth_api.v1_app_authenticate_post = AsyncMock(return_value=Token(
token=app_token))
auth_api.v1_app_user_uid_authenticate_post = AsyncMock(
return_value=OboAuthResponse(session_token=session_token))
obo_authenticator = OboAuthenticatorCert(auth_api,
minimal_retry_config())
obo_session = obo_authenticator.authenticate_by_user_id(user_id)
assert obo_session.user_id == user_id
assert await obo_session.session_token == session_token
auth_api.v1_app_authenticate_post.assert_called_once()
auth_api.v1_app_user_uid_authenticate_post.assert_called_once_with(
session_token=app_token, uid=user_id)
async def test_obo_session_username_cert_authentication():
with patch(
"symphony.bdk.core.auth.obo_authenticator.CertificateAuthenticationApi"
) as auth_api:
username = "******"
app_token = "app_token"
session_token = "session_token"
auth_api.v1_app_authenticate_post = AsyncMock(return_value=Token(
token=app_token))
auth_api.v1_app_username_username_authenticate_post = AsyncMock(
return_value=OboAuthResponse(session_token=session_token))
obo_authenticator = OboAuthenticatorCert(auth_api,
minimal_retry_config())
retrieved_session_token = await obo_authenticator.retrieve_obo_session_token_by_username(
username)
assert retrieved_session_token == session_token
auth_api.v1_app_authenticate_post.assert_called_once()
auth_api.v1_app_username_username_authenticate_post.assert_called_once_with(
session_token=app_token, username=username)
async def test_authenticate_by_user_id(config):
signed_jwt = "signed_jwt"
app_token = "app_token"
session_token = "session_token"
user_id = 1234
with patch("symphony.bdk.core.auth.obo_authenticator.create_signed_jwt", return_value=signed_jwt) as create_jwt, \
patch("symphony.bdk.core.auth.obo_authenticator.AuthenticationApi") as auth_api:
auth_api.pubkey_app_authenticate_post = AsyncMock(return_value=Token(
token=app_token))
auth_api.pubkey_app_user_user_id_authenticate_post = AsyncMock(
return_value=Token(token=session_token))
obo_authenticator = OboAuthenticatorRsa(config, auth_api,
minimal_retry_config())
obo_session = obo_authenticator.authenticate_by_user_id(1234)
assert await obo_session.session_token == "session_token"
create_jwt.assert_called_once_with(config.private_key, config.app_id)
auth_api.pubkey_app_authenticate_post.assert_called_once_with(
AuthenticateRequest(token=signed_jwt))
auth_api.pubkey_app_user_user_id_authenticate_post.assert_called_once_with(
session_token=app_token, user_id=user_id)
async def test_cert_authenticate_and_retrieve_tokens():
app_token = "app_token"
app_id = "app_id"
out_app_token = "out_app_token"
symphony_token = "symphony_token"
extension_app_tokens = ExtensionAppTokens(app_id="my_app_id", app_token=out_app_token,
symphony_token=symphony_token,
expire_at=12345)
mock_authentication_api = AsyncMock()
mock_authentication_api.v1_authenticate_extension_app_post = AsyncMock(return_value=extension_app_tokens)
extension_app_authenticator = ExtensionAppAuthenticatorCert(mock_authentication_api, None, app_id,
minimal_retry_config())
returned_ext_app_tokens = await extension_app_authenticator.authenticate_and_retrieve_tokens(app_token)
assert returned_ext_app_tokens == extension_app_tokens
assert extension_app_authenticator._tokens_repository._tokens == {out_app_token: symphony_token}
assert await extension_app_authenticator.is_token_pair_valid(out_app_token, symphony_token)
assert not await extension_app_authenticator.is_token_pair_valid("invalid app token", symphony_token)
assert not await extension_app_authenticator.is_token_pair_valid(out_app_token, "invalid symphony token")
expected_request = ExtensionAppAuthenticateRequest(app_token=app_token)
mock_authentication_api.v1_authenticate_extension_app_post.assert_called_once_with(auth_request=expected_request)
def new_ext_app_authenticator():
return ExtensionAppAuthenticatorRsa(None, None, None, None, minimal_retry_config())
async def test_cert_validate_jwt():
with patch("symphony.bdk.core.auth.ext_app_authenticator.validate_jwt") as mock_validate:
certificate_content = "certificate content"
jwt = "my-jwt"
app_id = "app-id"
mock_pod_api = AsyncMock()
mock_pod_api.v1_app_pod_certificate_get = AsyncMock(
return_value=PodCertificate(certificate=certificate_content))
ext_app_authenticator = ExtensionAppAuthenticatorCert(None, mock_pod_api, app_id, minimal_retry_config())
await ext_app_authenticator.validate_jwt(jwt)
mock_pod_api.v1_app_pod_certificate_get.assert_called_once()
mock_validate.assert_called_once_with(jwt, certificate_content, app_id)
def fixture_stream_service(streams_api, room_membership_api, share_api,
auth_session):
return StreamService(streams_api, room_membership_api, share_api,
auth_session, minimal_retry_config())
def fixture_signal_service(signals_api, auth_session):
service = SignalService(signals_api, auth_session, minimal_retry_config())
return service
def fixture_application_service(application_api, app_entitlement_api,
auth_session):
service = ApplicationService(application_api, app_entitlement_api,
auth_session, minimal_retry_config())
return service
def fixture_user_service(user_api, users_api, audit_trail_api, system_api,
auth_session):
service = UserService(user_api, users_api, audit_trail_api, system_api,
auth_session, minimal_retry_config())
return service
def fixture_config():
config = BdkConfigLoader.load_from_file(get_config_resource_filepath("config.yaml"))
config.datafeed.retry = minimal_retry_config()
config.datafeed.version = "v2"
return config
def fixture_session_service(session_api, auth_session):
service = SessionService(session_api, auth_session, minimal_retry_config())
return service
def fixture_presence_service(mocked_presence_api_client, auth_session):
return PresenceService(mocked_presence_api_client, auth_session, minimal_retry_config())
