2024-01-25 14:41:35 -05:00
|
|
|
import json
|
2024-01-25 13:46:55 -05:00
|
|
|
|
2024-02-05 14:56:48 -05:00
|
|
|
import httpretty
|
2024-01-25 13:46:55 -05:00
|
|
|
import pytest
|
|
|
|
|
from rest_framework import status
|
|
|
|
|
|
|
|
|
|
from common.cloud_auth_api.client import CloudAuthApiClient, CloudAuthApiException
|
|
|
|
|
|
|
|
|
|
GRAFANA_CLOUD_AUTH_API_URL = "http://example.com"
|
|
|
|
|
GRAFANA_CLOUD_AUTH_API_SYSTEM_TOKEN = "asdfasdfasdfasdf"
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@pytest.fixture(autouse=True)
|
|
|
|
|
def configure_cloud_auth_api_client(settings):
|
|
|
|
|
settings.GRAFANA_CLOUD_AUTH_API_URL = GRAFANA_CLOUD_AUTH_API_URL
|
|
|
|
|
settings.GRAFANA_CLOUD_AUTH_API_SYSTEM_TOKEN = GRAFANA_CLOUD_AUTH_API_SYSTEM_TOKEN
|
|
|
|
|
|
|
|
|
|
|
2024-01-25 14:19:28 -05:00
|
|
|
@pytest.mark.django_db
|
2024-01-25 13:46:55 -05:00
|
|
|
@pytest.mark.parametrize("response_status_code", [status.HTTP_200_OK, status.HTTP_401_UNAUTHORIZED])
|
2024-02-05 14:56:48 -05:00
|
|
|
@httpretty.activate(verbose=True, allow_net_connect=False)
|
2024-04-11 10:45:21 -04:00
|
|
|
def test_request_signed_token(make_organization, make_user_for_organization, response_status_code):
|
2024-01-25 13:46:55 -05:00
|
|
|
mock_auth_token = ",mnasdlkjlakjoqwejroiqwejr"
|
|
|
|
|
mock_response_text = "error message"
|
|
|
|
|
|
|
|
|
|
org_id = 1
|
|
|
|
|
stack_id = 5
|
2024-01-25 14:19:28 -05:00
|
|
|
|
|
|
|
|
organization = make_organization(stack_id=stack_id, org_id=org_id)
|
2024-04-11 10:45:21 -04:00
|
|
|
user = make_user_for_organization(organization=organization)
|
2024-01-25 14:19:28 -05:00
|
|
|
|
2024-01-25 13:46:55 -05:00
|
|
|
scopes = ["incident:write", "foo:bar"]
|
2024-04-11 10:45:21 -04:00
|
|
|
extra_claims = {"vegetable": "carrot", "fruit": "apple"}
|
2024-01-25 13:46:55 -05:00
|
|
|
|
|
|
|
|
def _make_request():
|
2024-04-11 10:45:21 -04:00
|
|
|
return CloudAuthApiClient().request_signed_token(user, scopes, extra_claims)
|
2024-01-25 13:46:55 -05:00
|
|
|
|
|
|
|
|
url = f"{GRAFANA_CLOUD_AUTH_API_URL}/v1/sign"
|
2024-02-05 14:56:48 -05:00
|
|
|
mock_response = httpretty.Response(json.dumps({"data": {"token": mock_auth_token}}), status=response_status_code)
|
|
|
|
|
httpretty.register_uri(httpretty.POST, url, responses=[mock_response])
|
2024-01-25 13:46:55 -05:00
|
|
|
|
|
|
|
|
if response_status_code != status.HTTP_200_OK:
|
|
|
|
|
with pytest.raises(CloudAuthApiException) as excinfo:
|
|
|
|
|
_make_request()
|
|
|
|
|
|
|
|
|
|
assert excinfo.value.status == response_status_code
|
|
|
|
|
assert excinfo.value.method == "POST"
|
|
|
|
|
assert excinfo.value.msg == mock_response_text
|
|
|
|
|
assert excinfo.value.url == url
|
|
|
|
|
else:
|
|
|
|
|
assert _make_request() == mock_auth_token
|
|
|
|
|
|
2024-02-05 14:56:48 -05:00
|
|
|
last_request = httpretty.last_request()
|
|
|
|
|
assert last_request.method == "POST"
|
|
|
|
|
assert last_request.url == url
|
|
|
|
|
|
|
|
|
|
# assert we're sending the right body
|
|
|
|
|
assert json.loads(last_request.body) == {
|
2024-04-11 10:45:21 -04:00
|
|
|
"claims": {
|
|
|
|
|
"sub": f"email:{user.email}",
|
|
|
|
|
},
|
|
|
|
|
"extra": extra_claims,
|
2024-02-05 14:56:48 -05:00
|
|
|
"accessPolicy": {
|
|
|
|
|
"scopes": scopes,
|
2024-01-25 13:46:55 -05:00
|
|
|
},
|
2024-02-05 14:56:48 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
# assert we're sending the right headers
|
|
|
|
|
assert last_request.headers["Authorization"] == f"Bearer {GRAFANA_CLOUD_AUTH_API_SYSTEM_TOKEN}"
|
|
|
|
|
assert last_request.headers["X-Org-ID"] == str(org_id)
|
|
|
|
|
assert last_request.headers["X-Realms"] == json.dumps(
|
|
|
|
|
[
|
|
|
|
|
{
|
|
|
|
|
"type": "stack",
|
|
|
|
|
"identifier": str(stack_id),
|
2024-01-25 13:46:55 -05:00
|
|
|
},
|
2024-02-05 14:56:48 -05:00
|
|
|
]
|
2024-01-25 13:46:55 -05:00
|
|
|
)
|
