AuthPolicy upgrade to v2 tests

testsuite/tests/kuadrant/authorino/identity/api_key/test_auth_credentials.py

@@ -4,7 +4,7 @@
 from testsuite.objects import Credentials
 
 
-@pytest.fixture(scope="module", params=["authorization_header", "custom_header", "query", "cookie"])
+@pytest.fixture(scope="module", params=["authorizationHeader", "customHeader", "queryString", "cookie"])
 def credentials(request):
     """Location where are auth credentials passed"""
     return Credentials(request.param, "APIKEY")

testsuite/tests/kuadrant/authorino/identity/extended_properties/test_extended_properties.py

@@ -1,7 +1,7 @@
 """Basic tests for extended properties"""
 import pytest
 
-from testsuite.objects import Value, ValueFrom, ExtendedProperty
+from testsuite.objects import Value, ValueFrom, Property
 from testsuite.utils import extract_response
 
 
@@ -16,13 +16,14 @@ def authorization(authorization, rhsso):
     authorization.identity.add_oidc(
         "rhsso",
         rhsso.well_known["issuer"],
-        extended_properties=[
-            ExtendedProperty("property_static", Value("static")),
-            # ValueFrom points to the request uri
-            ExtendedProperty("property_dynamic", ValueFrom("context.request.http.path")),
-            ExtendedProperty("property_chain_static", ValueFrom("auth.identity.property_static")),
-            ExtendedProperty("property_chain_dynamic", ValueFrom("auth.identity.property_dynamic")),
-            ExtendedProperty("property_chain_self", ValueFrom("auth.identity.property_chain_self"), overwrite=True),
+        defaults_properties=[
+            Property("property_static", Value("static")),
+            Property("property_dynamic", ValueFrom("context.request.http.path")),
+            Property("property_chain_static", ValueFrom("auth.identity.property_static")),
+            Property("property_chain_dynamic", ValueFrom("auth.identity.property_dynamic")),
+        ],
+        overrides_properties=[
+            Property("property_chain_self", ValueFrom("auth.identity.property_chain_self")),
         ],
     )
     authorization.responses.add_simple("auth.identity")

testsuite/tests/kuadrant/authorino/identity/extended_properties/test_overwriting.py

@@ -1,24 +1,26 @@
 """https://github.com/Kuadrant/authorino/pull/399"""
 import pytest
 
-from testsuite.objects import ExtendedProperty, Value
+from testsuite.objects import Value, Property
 from testsuite.utils import extract_response
 
 
 @pytest.fixture(scope="module")
 def authorization(authorization):
     """
-    Add plain authentication with three extended properties:
-    explicit False, explicit True and missing which should be default False.
+    Add plain authentication with defaults and overrides properties.
     Add simple response to expose `auth.identity` part of AuthJson
     """
     authorization.identity.add_plain(
         "plain",
         "context.request.http.headers.x-user|@fromstr",
-        extended_properties=[
-            ExtendedProperty("name", Value("bar"), overwrite=False),
-            ExtendedProperty("age", Value(35), overwrite=True),
-            ExtendedProperty("group", Value("admin")),
+        defaults_properties=[
+            Property("name", Value("bar")),
+            Property("group", Value("admin")),
+        ],
+        overrides_properties=[
+            Property("age", Value(35)),
+            Property("expire", Value("1-12-1999")),
         ],
     )
     authorization.responses.add_simple("auth.identity")
@@ -28,9 +30,10 @@ def authorization(authorization):
 
 def test_overwrite(client):
     """
-    Test the ExtendedProperty overwrite functionality overwriting the value in headers when True.
+    Test overriding and defaults capability. Defaults must not override the value in header but Overrides must do so.
     """
-    response = client.get("/get", headers={"x-user": '{"name":"foo","age":30,"group":"guest"}'})
+    response = client.get("/get", headers={"x-user": '{"name":"foo","age":30}'})
     assert extract_response(response)["name"] % "MISSING" == "foo"
     assert extract_response(response)["age"] % "MISSING" == 35
-    assert extract_response(response)["group"] % "MISSING" == "guest"
+    assert extract_response(response)["group"] % "MISSING" == "admin"
+    assert extract_response(response)["expire"] % "MISSING" == "1-12-1999"

testsuite/tests/kuadrant/authorino/identity/extended_properties/test_token_normalization.py

@@ -1,6 +1,6 @@
 """https://github.com/Kuadrant/authorino/blob/main/docs/user-guides/token-normalization.md"""
 import pytest
-from testsuite.objects import Value, ValueFrom, ExtendedProperty, Rule
+from testsuite.objects import Value, ValueFrom, Property, Rule
 from testsuite.httpx.auth import HeaderApiKeyAuth, HttpxOidcClientAuth
 
 
@@ -37,10 +37,12 @@ def authorization(authorization, rhsso, api_key):
     authorization.identity.add_oidc(
         "rhsso",
         rhsso.well_known["issuer"],
-        extended_properties=[ExtendedProperty("roles", ValueFrom("auth.identity.realm_access.roles"))],
+        overrides_properties=[Property("roles", ValueFrom("auth.identity.realm_access.roles"))],
     )
     authorization.identity.add_api_key(
-        "api_key", selector=api_key.selector, extended_properties=[ExtendedProperty("roles", Value(["admin"]))]
+        "api_key",
+        selector=api_key.selector,
+        defaults_properties=[Property("roles", Value(["admin"]))],
     )
 
     rule = Rule(selector="auth.identity.roles", operator="incl", value="admin")

testsuite/tests/kuadrant/authorino/priority/test_sequence_api_key.py

@@ -35,11 +35,11 @@ def authorization(authorization, first_api_key, second_api_key):
     authorization.identity.add_api_key(
         "priority-zero",
         selector=first_api_key.selector,
-        credentials=Credentials("authorization_header", "APIKEY"),
+        credentials=Credentials("authorizationHeader", "APIKEY"),
         priority=0,
     )
     authorization.identity.add_api_key(
-        "priority-one", selector=second_api_key.selector, credentials=Credentials("query", "APIKEY"), priority=1
+        "priority-one", selector=second_api_key.selector, credentials=Credentials("queryString", "APIKEY"), priority=1
     )
 
     return authorization

testsuite/tests/kuadrant/authorino/response/test_wrapper_key.py → testsuite/tests/kuadrant/authorino/response/test_headers.py

@@ -16,11 +16,11 @@ def header_name(request):
 def authorization(authorization, header_name):
     """Add response to Authorization"""
     authorization.responses.clear_all()  # delete previous responses due to the parametrization
-    authorization.responses.add_json("header", [Property("anything", Value("one"))], wrapper_key=header_name)
+    authorization.responses.add_json(header_name, [Property("anything", Value("one"))])
     return authorization
 
 
-def test_wrapper_key_with(auth, client, header_name):
+def test_headers(auth, client, header_name):
     """Tests that value in correct Header"""
     response = client.get("/get", auth=auth)
     assert response.status_code == 200

testsuite/tests/kuadrant/authorino/test_redirect.py

@@ -3,14 +3,20 @@
 """
 import pytest
 
+from testsuite.objects import Property, ValueFrom
+
 STATUS_CODE = 302
 REDIRECT_URL = "http://anything.inavlid?redirect_to="
 
 
 @pytest.fixture(scope="module")
 def authorization(authorization):
     """In case of Authorino, AuthConfig used for authorization"""
-    authorization.set_deny_with(STATUS_CODE, REDIRECT_URL + "{context.request.http.path}")
+    authorization.responses.set_deny_with(
+        "unauthenticated",
+        code=STATUS_CODE,
+        headers=[Property("Location", ValueFrom(REDIRECT_URL + "{context.request.http.path}"))],
+    )
     return authorization