From e1945bfb95db32442fafa1deb8abc98c7d0ce22f Mon Sep 17 00:00:00 2001 From: Alex Zgabur Date: Fri, 10 Nov 2023 18:43:52 +0100 Subject: [PATCH] Responses section refactor tests --- .../test_response_condition.py | 6 ++-- .../identity/rhsso/test_rhsso_context.py | 14 ++++++---- .../authorino/metrics/test_deep_metrics.py | 4 +-- .../clusterwide/test_wildcard_collision.py | 6 ++-- .../authorino/operator/http/conftest.py | 4 +-- .../authorino/operator/sharding/conftest.py | 4 +-- .../authorino/response/test_auth_json.py | 4 +-- .../authorino/response/test_base64.py | 6 ++-- .../authorino/response/test_deny_with.py | 28 ++++++++++--------- .../authorino/response/test_headers.py | 4 +-- .../response/test_multiple_responses.py | 6 ++-- .../response/test_simple_response.py | 4 +-- .../tests/kuadrant/authorino/test_redirect.py | 11 ++++---- .../kuadrant/authorino/wristband/conftest.py | 7 ++++- .../tests/kuadrant/test_rate_limit_authz.py | 6 ++-- 15 files changed, 62 insertions(+), 52 deletions(-) diff --git a/testsuite/tests/kuadrant/authorino/conditions/section_conditions/test_response_condition.py b/testsuite/tests/kuadrant/authorino/conditions/section_conditions/test_response_condition.py index 189661f0..1a570158 100644 --- a/testsuite/tests/kuadrant/authorino/conditions/section_conditions/test_response_condition.py +++ b/testsuite/tests/kuadrant/authorino/conditions/section_conditions/test_response_condition.py @@ -1,15 +1,15 @@ """Test condition to skip the response section of AuthConfig""" import pytest -from testsuite.objects import Rule, Value +from testsuite.objects import Rule, Value, ResponseJson from testsuite.utils import extract_response @pytest.fixture(scope="module") def authorization(authorization): """Add to the AuthConfig response, which will only trigger on POST requests""" - authorization.responses.add_json( - "simple", {"data": Value("response")}, when=[Rule("context.request.http.method", "eq", "POST")] + authorization.responses.add_success_header( + "simple", ResponseJson({"data": Value("response")}), when=[Rule("context.request.http.method", "eq", "POST")] ) return authorization diff --git a/testsuite/tests/kuadrant/authorino/identity/rhsso/test_rhsso_context.py b/testsuite/tests/kuadrant/authorino/identity/rhsso/test_rhsso_context.py index f4c095b9..1bf559d3 100644 --- a/testsuite/tests/kuadrant/authorino/identity/rhsso/test_rhsso_context.py +++ b/testsuite/tests/kuadrant/authorino/identity/rhsso/test_rhsso_context.py @@ -4,18 +4,20 @@ import pytest -from testsuite.objects import ValueFrom +from testsuite.objects import ValueFrom, ResponseJson @pytest.fixture(scope="module") def authorization(authorization): """Setup AuthConfig for test""" - authorization.responses.add_json( + authorization.responses.add_success_header( "auth-json", - { - "auth": ValueFrom("auth.identity"), - "context": ValueFrom("context.request.http.headers.authorization"), - }, + ResponseJson( + { + "auth": ValueFrom("auth.identity"), + "context": ValueFrom("context.request.http.headers.authorization"), + } + ), ) return authorization diff --git a/testsuite/tests/kuadrant/authorino/metrics/test_deep_metrics.py b/testsuite/tests/kuadrant/authorino/metrics/test_deep_metrics.py index d98e2a5d..7bd130fc 100644 --- a/testsuite/tests/kuadrant/authorino/metrics/test_deep_metrics.py +++ b/testsuite/tests/kuadrant/authorino/metrics/test_deep_metrics.py @@ -1,7 +1,7 @@ """Tests for the functionality of the deep-evaluator metric samples""" import pytest -from testsuite.objects import Value +from testsuite.objects import Value, ResponseJson @pytest.fixture(scope="module") @@ -25,7 +25,7 @@ def authorization(authorization, mockserver_expectation): authorization.identity.add_anonymous("anonymous", metrics=True) authorization.authorization.add_opa_policy("opa", "allow { true }", metrics=True) authorization.metadata.add_http("http", mockserver_expectation, "GET", metrics=True) - authorization.responses.add_json("json", {"auth": Value("response")}, metrics=True) + authorization.responses.add_success_header("json", ResponseJson({"auth": Value("response")}), metrics=True) return authorization diff --git a/testsuite/tests/kuadrant/authorino/operator/clusterwide/test_wildcard_collision.py b/testsuite/tests/kuadrant/authorino/operator/clusterwide/test_wildcard_collision.py index 0be7cc85..78b46191 100644 --- a/testsuite/tests/kuadrant/authorino/operator/clusterwide/test_wildcard_collision.py +++ b/testsuite/tests/kuadrant/authorino/operator/clusterwide/test_wildcard_collision.py @@ -4,7 +4,7 @@ import pytest -from testsuite.objects import Value +from testsuite.objects import Value, ResponseJson from testsuite.openshift.objects.auth_config import AuthConfig @@ -15,7 +15,7 @@ def authorization(authorino, blame, openshift, module_label, proxy, wildcard_dom auth = AuthConfig.create_instance( openshift, blame("ac"), None, hostnames=[wildcard_domain], labels={"testRun": module_label} ) - auth.responses.add_json("header", {"anything": Value("one")}) + auth.responses.add_success_header("header", ResponseJson({"anything": Value("one")})) return auth @@ -26,7 +26,7 @@ def authorization2(authorino, blame, openshift2, module_label, proxy, wildcard_d auth = AuthConfig.create_instance( openshift2, blame("ac"), None, hostnames=[wildcard_domain], labels={"testRun": module_label} ) - auth.responses.add_json("header", {"anything": Value("two")}) + auth.responses.add_success_header("header", ResponseJson({"anything": Value("two")})) return auth diff --git a/testsuite/tests/kuadrant/authorino/operator/http/conftest.py b/testsuite/tests/kuadrant/authorino/operator/http/conftest.py index fc3ccc86..68e170a1 100644 --- a/testsuite/tests/kuadrant/authorino/operator/http/conftest.py +++ b/testsuite/tests/kuadrant/authorino/operator/http/conftest.py @@ -1,7 +1,7 @@ """Conftest for all tests requiring custom deployment of Authorino""" import pytest -from testsuite.objects import Value +from testsuite.objects import Value, ResponseJson from testsuite.httpx import HttpxBackoffClient from testsuite.openshift.objects.auth_config import AuthConfig from testsuite.openshift.objects.route import OpenshiftRoute @@ -13,7 +13,7 @@ def authorization(authorization, wildcard_domain, openshift, module_label) -> Au """In case of Authorino, AuthConfig used for authorization""" authorization.remove_all_hosts() authorization.add_host(wildcard_domain) - authorization.responses.add_json("x-ext-auth-other-json", {"propX": Value("valueX")}) + authorization.responses.add_success_header("x-ext-auth-other-json", ResponseJson({"propX": Value("valueX")})) return authorization diff --git a/testsuite/tests/kuadrant/authorino/operator/sharding/conftest.py b/testsuite/tests/kuadrant/authorino/operator/sharding/conftest.py index faf50909..f5201d80 100644 --- a/testsuite/tests/kuadrant/authorino/operator/sharding/conftest.py +++ b/testsuite/tests/kuadrant/authorino/operator/sharding/conftest.py @@ -1,7 +1,7 @@ """Conftest for authorino sharding tests""" import pytest -from testsuite.objects import Value +from testsuite.objects import Value, ResponseJson from testsuite.openshift.envoy import Envoy from testsuite.openshift.objects.auth_config import AuthConfig @@ -34,7 +34,7 @@ def _authorization(hostname=None, sharding_label=None): hostnames=[hostname], labels={"testRun": module_label, "sharding": sharding_label}, ) - auth.responses.add_json("header", {"anything": Value(sharding_label)}) + auth.responses.add_success_header("header", ResponseJson({"anything": Value(sharding_label)})) request.addfinalizer(auth.delete) auth.commit() return auth diff --git a/testsuite/tests/kuadrant/authorino/response/test_auth_json.py b/testsuite/tests/kuadrant/authorino/response/test_auth_json.py index 33db78ab..ebf7eddc 100644 --- a/testsuite/tests/kuadrant/authorino/response/test_auth_json.py +++ b/testsuite/tests/kuadrant/authorino/response/test_auth_json.py @@ -4,7 +4,7 @@ import pytest -from testsuite.objects import ValueFrom +from testsuite.objects import ValueFrom, ResponseJson @pytest.fixture(scope="module") @@ -31,7 +31,7 @@ def authorization(authorization, path_and_value): path, _ = path_and_value authorization.responses.clear_all() # delete previous responses due to the parametrization - authorization.responses.add_json("header", {"anything": ValueFrom(path)}) + authorization.responses.add_success_header("header", ResponseJson({"anything": ValueFrom(path)})) return authorization diff --git a/testsuite/tests/kuadrant/authorino/response/test_base64.py b/testsuite/tests/kuadrant/authorino/response/test_base64.py index 10558589..b03c7ac6 100644 --- a/testsuite/tests/kuadrant/authorino/response/test_base64.py +++ b/testsuite/tests/kuadrant/authorino/response/test_base64.py @@ -6,14 +6,14 @@ import pytest -from testsuite.objects import ValueFrom +from testsuite.objects import ValueFrom, ResponseJson @pytest.fixture(scope="module") def authorization(authorization): """Add response to Authorization""" - authorization.responses.add_json( - "header", {"anything": ValueFrom("context.request.http.headers.test|@base64:decode")} + authorization.responses.add_success_header( + "header", ResponseJson({"anything": ValueFrom("context.request.http.headers.test|@base64:decode")}) ) return authorization diff --git a/testsuite/tests/kuadrant/authorino/response/test_deny_with.py b/testsuite/tests/kuadrant/authorino/response/test_deny_with.py index d9c502b8..419b8664 100644 --- a/testsuite/tests/kuadrant/authorino/response/test_deny_with.py +++ b/testsuite/tests/kuadrant/authorino/response/test_deny_with.py @@ -2,7 +2,7 @@ from json import loads import pytest -from testsuite.objects import Value, ValueFrom, Rule +from testsuite.objects import Value, ValueFrom, Rule, DenyResponse HEADERS = { "x-string-header": Value("abc"), @@ -18,19 +18,21 @@ @pytest.fixture(scope="module") def authorization(authorization): """Set custom deny responses and auth rule with only allowed path '/allow'""" - authorization.responses.set_deny_with( - "unauthenticated", - code=333, - headers=HEADERS, - message=Value("Unauthenticated message"), - body=Value("You are unauthenticated."), + authorization.responses.set_unauthenticated( + DenyResponse( + code=333, + headers=HEADERS, + message=Value("Unauthenticated message"), + body=Value("You are unauthenticated."), + ) ) - authorization.responses.set_deny_with( - "unauthorized", - code=444, - headers=HEADERS, - message=ValueFrom("My path is: " + "{context.request.http.path}"), - body=ValueFrom("You are not authorized to access path: " + "{context.request.http.path}"), + authorization.responses.set_unauthorized( + DenyResponse( + code=444, + headers=HEADERS, + message=ValueFrom("My path is: " + "{context.request.http.path}"), + body=ValueFrom("You are not authorized to access path: " + "{context.request.http.path}"), + ) ) # Authorize only when url path is "/allow" authorization.authorization.add_auth_rules("Whitelist", [Rule("context.request.http.path", "eq", "/allow")]) diff --git a/testsuite/tests/kuadrant/authorino/response/test_headers.py b/testsuite/tests/kuadrant/authorino/response/test_headers.py index 2d07859d..dbb5db55 100644 --- a/testsuite/tests/kuadrant/authorino/response/test_headers.py +++ b/testsuite/tests/kuadrant/authorino/response/test_headers.py @@ -3,7 +3,7 @@ import pytest -from testsuite.objects import Value +from testsuite.objects import Value, ResponseJson @pytest.fixture(scope="module", params=["123456789", "standardCharacters", "specialcharacters+*-."]) @@ -16,7 +16,7 @@ def header_name(request): def authorization(authorization, header_name): """Add response to Authorization""" authorization.responses.clear_all() # delete previous responses due to the parametrization - authorization.responses.add_json(header_name, {"anything": Value("one")}) + authorization.responses.add_success_header(header_name, ResponseJson({"anything": Value("one")})) return authorization diff --git a/testsuite/tests/kuadrant/authorino/response/test_multiple_responses.py b/testsuite/tests/kuadrant/authorino/response/test_multiple_responses.py index b9256447..daecf907 100644 --- a/testsuite/tests/kuadrant/authorino/response/test_multiple_responses.py +++ b/testsuite/tests/kuadrant/authorino/response/test_multiple_responses.py @@ -3,14 +3,14 @@ import pytest -from testsuite.objects import Value +from testsuite.objects import Value, ResponseJson @pytest.fixture(scope="module") def authorization(authorization): """Add response to Authorization""" - authorization.responses.add_json("header", {"anything": Value("one")}) - authorization.responses.add_json("X-Test", {"anything": Value("two")}) + authorization.responses.add_success_header("header", ResponseJson({"anything": Value("one")})) + authorization.responses.add_success_header("X-Test", ResponseJson({"anything": Value("two")})) return authorization diff --git a/testsuite/tests/kuadrant/authorino/response/test_simple_response.py b/testsuite/tests/kuadrant/authorino/response/test_simple_response.py index fe83e476..ac8ec1cc 100644 --- a/testsuite/tests/kuadrant/authorino/response/test_simple_response.py +++ b/testsuite/tests/kuadrant/authorino/response/test_simple_response.py @@ -3,13 +3,13 @@ import pytest -from testsuite.objects import Value +from testsuite.objects import Value, ResponseJson @pytest.fixture(scope="module") def authorization(authorization): """Add response to Authorization""" - authorization.responses.add_json("header", {"anything": Value("one")}) + authorization.responses.add_success_header("header", ResponseJson({"anything": Value("one")})) return authorization diff --git a/testsuite/tests/kuadrant/authorino/test_redirect.py b/testsuite/tests/kuadrant/authorino/test_redirect.py index 68280fcc..026c21d6 100644 --- a/testsuite/tests/kuadrant/authorino/test_redirect.py +++ b/testsuite/tests/kuadrant/authorino/test_redirect.py @@ -3,7 +3,7 @@ """ import pytest -from testsuite.objects import ValueFrom +from testsuite.objects import ValueFrom, DenyResponse STATUS_CODE = 302 REDIRECT_URL = "http://anything.inavlid?redirect_to=" @@ -12,10 +12,11 @@ @pytest.fixture(scope="module") def authorization(authorization): """In case of Authorino, AuthConfig used for authorization""" - authorization.responses.set_deny_with( - "unauthenticated", - code=STATUS_CODE, - headers={"Location": ValueFrom(REDIRECT_URL + "{context.request.http.path}")}, + authorization.responses.set_unauthenticated( + DenyResponse( + code=STATUS_CODE, + headers={"Location": ValueFrom(REDIRECT_URL + "{context.request.http.path}")}, + ) ) return authorization diff --git a/testsuite/tests/kuadrant/authorino/wristband/conftest.py b/testsuite/tests/kuadrant/authorino/wristband/conftest.py index c258590c..9d6524e1 100644 --- a/testsuite/tests/kuadrant/authorino/wristband/conftest.py +++ b/testsuite/tests/kuadrant/authorino/wristband/conftest.py @@ -3,6 +3,7 @@ import pytest +from testsuite.objects import WristbandSigningKeyRef, ResponseWristband from testsuite.openshift.objects.auth_config import AuthConfig from testsuite.openshift.envoy import Envoy from testsuite.certificates import CertInfo @@ -70,7 +71,11 @@ def wristband_endpoint(openshift, authorino, authorization_name): @pytest.fixture(scope="module") def authorization(authorization, wristband_secret, wristband_endpoint) -> AuthConfig: """Add wristband response with the signing key to the AuthConfig""" - authorization.responses.add_wristband("wristband", wristband_endpoint, wristband_secret, wrapper="dynamicMetadata") + + authorization.responses.add_success_dynamic( + "wristband", + ResponseWristband(issuer=wristband_endpoint, signingKeyRefs=[WristbandSigningKeyRef(wristband_secret)]), + ) return authorization diff --git a/testsuite/tests/kuadrant/test_rate_limit_authz.py b/testsuite/tests/kuadrant/test_rate_limit_authz.py index 6f90a181..b1bd2464 100644 --- a/testsuite/tests/kuadrant/test_rate_limit_authz.py +++ b/testsuite/tests/kuadrant/test_rate_limit_authz.py @@ -3,7 +3,7 @@ import pytest from testsuite.httpx.auth import HttpxOidcClientAuth -from testsuite.objects import ValueFrom +from testsuite.objects import ValueFrom, ResponseJson from testsuite.openshift.objects.rate_limit import Limit @@ -19,8 +19,8 @@ def rate_limit(rate_limit): @pytest.fixture(scope="module") def authorization(authorization): """Adds JSON injection, that wraps the response as Envoy Dynamic Metadata for rate limit""" - authorization.responses.add_json( - "identity", {"user": ValueFrom("auth.identity.preferred_username")}, wrapper="dynamicMetadata" + authorization.responses.add_success_dynamic( + "identity", ResponseJson({"user": ValueFrom("auth.identity.preferred_username")}) ) return authorization