setup test

cuenca-mx · May 29, 2024 · 5fc937e · 5fc937e
1 parent 5dadcaa
commit 5fc937e
Show file tree

Hide file tree

Showing 7 changed files with 149 additions and 9 deletions.
diff --git a/requirements-test.txt b/requirements-test.txt
@@ -7,3 +7,4 @@ pytest==6.2.*
 pytest-asyncio==0.15.1
 pytest-cov==2.12.*
 pytest-freezegun==0.4.*
+moto[server,kms]==5.0.8
diff --git a/requirements.txt b/requirements.txt
@@ -1,3 +1,3 @@
 mongoengine==0.27.0
 dnspython==2.1.0
-blinker==1.4
+blinker==1.8.2
diff --git a/tests/conftest.py b/tests/conftest.py
@@ -1,11 +1,13 @@
-from functools import partial
-from typing import Generator
+import os
+import subprocess
+from typing import Generator, Tuple
 
-import mongomock
+import boto3
 import pytest
-from _pytest.monkeypatch import MonkeyPatch
-
-# DATABASE_URI = 'mongodb://localhost:27017/db'
+import requests
+from bson import CodecOptions
+from bson.binary import STANDARD
+from pymongo.encryption import ClientEncryption
 
 
 @pytest.fixture(scope='session')
@@ -20,7 +22,92 @@ def mongo_connection_url() -> Generator[str, None, None]:
 
 
 @pytest.fixture(autouse=True)
-def connect_database(mongo_connection_url: str) -> None:
+def connect_database(mongo_connection_url: str):
     import mongoengine
 
-    mongoengine.connect(host=mongo_connection_url)
+    return mongoengine.connect(host=mongo_connection_url)
+
+
+@pytest.fixture
+def kms_connection_url():
+    # process = subprocess.Popen(
+    #     [
+    #         'moto_server',
+    #         '-p',
+    #         '4000',
+    #         '-c',
+    #         'tests/kms_cert.crt',
+    #         '-k',
+    #         'tests/kms_private_key.key',
+    #     ]
+    # )
+    yield 'https://127.0.0.1:4000'
+    # import time
+    # time.sleep(5)
+    # process.kill()
+
+
+KEY_NAMESPACE = 'encryption.__keyVault'
+KEY_NAME = 'knox-card-key'
+KMS_PROVIDER = dict(
+    aws=dict(
+        accessKeyId='test',
+        secretAccessKey='test',
+    )
+)
+
+@pytest.fixture
+def master_key_kms(kms_connection_url):
+    """
+    Creates new master key in the local kms, only for testing purpose.
+    :return: Tuple: master key ARN, kms region, kms host name
+    """
+    kms = boto3.client('kms',
+                       endpoint_url=kms_connection_url,
+                       region_name='us-east-1',
+                       aws_access_key_id='test',
+                       aws_secret_access_key='test',
+                       verify=False,
+                       )
+    kms_key = kms.create_key()
+    return kms_key
+
+
+@pytest.fixture
+def create_data_key(master_key_kms, connect_database, kms_connection_url) -> Generator:
+    """
+    Creates data keys for testing purpose. It is required in order to use
+    Explicit Client-Side Field Level Encryption (CSFLE)
+
+    :param master_key_kms: Tuple: master key ARN, kms region, kms host name
+    :return: None
+    """
+    # client = connect(host=DB_URI)
+
+    key_name, key_coll = KEY_NAMESPACE.split(".", 1)
+
+    key_vault = connect_database[key_name][key_coll]
+    key_vault.drop()
+    key_vault.create_index(
+        "keyAltNames",
+        unique=True,
+        partialFilterExpression={"keyAltNames": {"$exists": True}},
+    )
+
+    with ClientEncryption(
+        KMS_PROVIDER,
+        KEY_NAMESPACE,
+        connect_database,
+        CodecOptions(uuid_representation=STANDARD),
+    ) as client_encryption:
+        client_encryption.create_data_key(
+            'aws',
+            key_alt_names=[KEY_NAME],
+            master_key=dict(
+                key=master_key_kms['KeyMetadata']['Arn'],
+                region='us-east-1',
+                endpoint=kms_connection_url
+            ),
+        )
+    yield
+    key_vault.drop()
diff --git a/tests/kms_cert.crt b/tests/kms_cert.crt
@@ -0,0 +1,21 @@
+-----BEGIN CERTIFICATE-----
+MIIDdjCCAl4CCQCKGabuKmQzTzANBgkqhkiG9w0BAQsFADB9MQswCQYDVQQGEwJN
+WDENMAsGA1UECAwEQ0RNWDENMAsGA1UEBwwEQ0RNWDEPMA0GA1UECgwGQ3VlbmNh
+MQwwCgYDVQQLDANkZXYxEjAQBgNVBAMMCXByb3h5LWttczEdMBsGCSqGSIb3DQEJ
+ARYOZGV2QGN1ZW5jYS5jb20wHhcNMjExMjI4MTgxMjQ1WhcNMzExMjI2MTgxMjQ1
+WjB9MQswCQYDVQQGEwJNWDENMAsGA1UECAwEQ0RNWDENMAsGA1UEBwwEQ0RNWDEP
+MA0GA1UECgwGQ3VlbmNhMQwwCgYDVQQLDANkZXYxEjAQBgNVBAMMCXByb3h5LWtt
+czEdMBsGCSqGSIb3DQEJARYOZGV2QGN1ZW5jYS5jb20wggEiMA0GCSqGSIb3DQEB
+AQUAA4IBDwAwggEKAoIBAQDhfW3INRRhu1lxRPq07jOQozvGiiZrBJjWlqScYsZU
+kd17lrllTcH7deJ6LL8CPLZVpOQlvpO9vEviftehtkB1abMzEA2B/fV7Nb/VCk/k
+oUjsdK4uEoLDbvlGXMo9I5GHQaq/6PhbDf91qK8dDmxSzOU8wN1EoyqxPYBYAc8A
+hF49bCY/NtzfPPJDOkdR0BoNwc2Qn/6gtokURh+aqzrhTlaNHR1SiW61YWAPjuGq
+657qL8z8qEXipAzywzekltCPCzFxyX1+od8PrRQMktlf/kM3kXXhOo1fT/SnhIjQ
+WVZIJIA8Nc0n8bF+q8vpFow57lWyWEpAP4yRtBY6IBSJAgMBAAEwDQYJKoZIhvcN
+AQELBQADggEBADLvJJuNENhAQE/C7JmnKr0dwZJc/EQvtqkwTtFkwGqiZ9BGxKtf
+VQo0U2AJa8h035EnosmLZVF3dRP3y1nkOoVz4C6uGyanYn+JNSSkrw5UpGQI7Kgh
+Lfmv8EPq+l38IhScKQw+tUOzNr+teT7cu2/brG1hJHo4HidDLZf9rzuKXkpLa7Bh
+x3n1tZW/f+uZDeeEDwXLA0uo7EW5TvktOqw5oDIuM7Vyq5eB5LRdo99tHMVSqUXg
+wy6ZTlWPN3Li+0Rp7W55MT1NW8L2gUQzJVcAWE4oqfNZZRQjowBiaIc24RKmQYzp
+/35TIvlOVGl42hjE0SLvF0snFhru/Es0Yvw=
+-----END CERTIFICATE-----
diff --git a/tests/kms_private_key.key b/tests/kms_private_key.key
@@ -0,0 +1,28 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDhfW3INRRhu1lx
+RPq07jOQozvGiiZrBJjWlqScYsZUkd17lrllTcH7deJ6LL8CPLZVpOQlvpO9vEvi
+ftehtkB1abMzEA2B/fV7Nb/VCk/koUjsdK4uEoLDbvlGXMo9I5GHQaq/6PhbDf91
+qK8dDmxSzOU8wN1EoyqxPYBYAc8AhF49bCY/NtzfPPJDOkdR0BoNwc2Qn/6gtokU
+Rh+aqzrhTlaNHR1SiW61YWAPjuGq657qL8z8qEXipAzywzekltCPCzFxyX1+od8P
+rRQMktlf/kM3kXXhOo1fT/SnhIjQWVZIJIA8Nc0n8bF+q8vpFow57lWyWEpAP4yR
+tBY6IBSJAgMBAAECggEAIA9bWonhefvPPcGW+76aakgrKZFe4PxoVqpYgTuyAzgy
+C25ksbiaigw6xTAzgDftnMOzBILSMrng+DUcp4toIsmChxITOZZIHtqHidzLezBL
+VANK+JX9LZhLrOtofcTe3iJCCsMu/JNC7RGsxC7Wy/cB6N9rFmU0nrql0t1+9w2W
+niwpzWvK1PHE0yLP2e1OIqZG4yeeVmgrvSuHXASPK3fHO/Q/im9NKTTQGv+FwUeC
+yoSh6awmtAU33LnqFQox3v69/1Wd3mkM1gfv9W/h/M2qsvdLa3dIhgm8n1Cg5A76
+wdo9mFE58XQ/skvlkL2DuHZ+Hlqj+lAWd6NrRJgvAQKBgQDxTR9VxeRmlgFNycMb
+4Z5aMech/wrVhyInAkH7jACgcj4izs3dbV0TVXxj3rQl4nnHuenAgW2nzpRWyAxE
+SaKAYPH7DsAcY2D1kuC423FHe61uy8fZoHbFhkuPo+sRQh5+2LkfWUN4N7VaK66K
+1k3gSrCcv4a3mzkapBEeSSZ6mQKBgQDvOb5IDQgqjFy6J2JRRteUO1dp3gAoOFYR
+lyyDPRlmSbpa35ElOhlNIRcdtsWAzWj9+wuguJp9i3bZ4lrkN/H6+piNpCjw5zFw
+BiVC7B8c8eWyK+JFakkjaKR+Qs9BP6iao/oJgTpANF1/a7oOq0nJDqpIVocABMv1
+pQ3fDL0PcQKBgB76xdEfTQmWrKguBSypNMljqscElYGAjfPwKESBXvs6b5vMbUXG
+arK2wPeZegt7HiN0TPx4IXnv3b+eg2SpB4Hv8GFJLYT3hVVB/DP/iHWi/UtCQnBA
+V79YVI8mfmGC2aNzc6EAttbSYCgpf4k3plvreu1E8ajU9unisofu4E/RAoGBALCr
+5GsxtKY3owOXsnRz7SH78UKuQU9yy52SF72Ukf2I1afnFDp5/dWIapn3MUU+bhuk
+G6JGs1GkfdHL6XRCHONNzvxMEDBZjZk98KbL2u51dz1uS10YcYtE7LaSgJ2fddU+
+5JnAZlSkV6iS1oWe2o8x1XA29tx8rmRr0SK5NacBAoGBAJ07eTdzZy9nm5lksAI9
+ZM78k48GRbKN+7RjERhsipIRFrQoBkQzIgqSxqJeirXcdjvqRv2aakUyr+LK205V
+lgFc3+Xq/E4UHq5NlXo+oal2PDhrOGktiqhBg5wU2u0h21lyiobdTPByDE4zbaoi
+ZkK7wKrX2bFQpdYkute41oKn
+-----END PRIVATE KEY-----
diff --git a/tests/types/__init__.py b/tests/types/__init__.py
diff --git a/tests/types/test_encrypted_string.py b/tests/types/test_encrypted_string.py
@@ -0,0 +1,3 @@
+def test_encrypted_string(master_key_kms, create_data_key):
+    breakpoint()
+    assert master_key_kms