spiff-arena/spiffworkflow-backend/tests/spiffworkflow_backend/integration/test_authentication.py

173 lines
7.7 KiB
Python

"""Test_authentication."""
import ast
import base64
from spiffworkflow_backend.services.authentication_service import AuthenticationService
from tests.spiffworkflow_backend.helpers.base_test import BaseTest
class TestAuthentication(BaseTest):
"""TestAuthentication."""
def test_get_login_state(self) -> None:
"""Test_get_login_state."""
redirect_url = "http://example.com/"
state = AuthenticationService.generate_state(redirect_url)
state_dict = ast.literal_eval(base64.b64decode(state).decode("utf-8"))
assert isinstance(state_dict, dict)
assert "redirect_url" in state_dict.keys()
assert state_dict["redirect_url"] == redirect_url
# def test_get_login_redirect_url(self):
# redirect_url = "http://example.com/"
# state = AuthenticationService.generate_state(redirect_url)
# with current_app.app_context():
# login_redirect_url = AuthenticationService().get_login_redirect_url(state.decode("UTF-8"))
# print("test_get_login_redirect_url")
# print("test_get_login_redirect_url")
# def test_get_token_script(self, app: Flask) -> None:
# """Test_get_token_script."""
# print("Test Get Token Script")
#
# (
# keycloak_server_url,
# keycloak_client_id,
# keycloak_realm_name,
# keycloak_client_secret_key,
# ) = self.get_keycloak_constants(app)
# keycloak_user = "ciuser1"
# keycloak_pass = "ciuser1" # noqa: S105
#
# print(f"Test Get Token Script: keycloak_server_url: {keycloak_server_url}")
# print(f"Test Get Token Script: keycloak_client_id: {keycloak_client_id}")
# print(f"Test Get Token Script: keycloak_realm_name: {keycloak_realm_name}")
# print(
# f"Test Get Token Script: keycloak_client_secret_key: {keycloak_client_secret_key}"
# )
#
# frontend_client_id = "spiffworkflow-frontend"
#
# print(f"Test Get Token Script: frontend_client_id: {frontend_client_id}")
#
# # Get frontend token
# request_url = f"{keycloak_server_url}/realms/{keycloak_realm_name}/protocol/openid-connect/token"
# headers = {"Content-Type": "application/x-www-form-urlencoded"}
# post_data = {
# "grant_type": "password",
# "username": keycloak_user,
# "password": keycloak_pass,
# "client_id": frontend_client_id,
# }
# print(f"Test Get Token Script: request_url: {request_url}")
# print(f"Test Get Token Script: headers: {headers}")
# print(f"Test Get Token Script: post_data: {post_data}")
#
# frontend_response = requests.post(
# request_url, headers=headers, json=post_data, data=post_data
# )
# frontend_token = json.loads(frontend_response.text)
#
# print(f"Test Get Token Script: frontend_response: {frontend_response}")
# print(f"Test Get Token Script: frontend_token: {frontend_token}")
#
# # assert isinstance(frontend_token, dict)
# # assert isinstance(frontend_token["access_token"], str)
# # assert isinstance(frontend_token["refresh_token"], str)
# # assert frontend_token["expires_in"] == 300
# # assert frontend_token["refresh_expires_in"] == 1800
# # assert frontend_token["token_type"] == "Bearer"
#
# # Get backend token
# backend_basic_auth_string = f"{keycloak_client_id}:{keycloak_client_secret_key}"
# backend_basic_auth_bytes = bytes(backend_basic_auth_string, encoding="ascii")
# backend_basic_auth = base64.b64encode(backend_basic_auth_bytes)
#
# request_url = f"{keycloak_server_url}/realms/{keycloak_realm_name}/protocol/openid-connect/token"
# headers = {
# "Content-Type": "application/x-www-form-urlencoded",
# "Authorization": f"Basic {backend_basic_auth.decode('utf-8')}",
# }
# data = {
# "grant_type": "urn:ietf:params:oauth:grant-type:token-exchange",
# "client_id": keycloak_client_id,
# "subject_token": frontend_token["access_token"],
# "audience": keycloak_client_id,
# }
# print(f"Test Get Token Script: request_url: {request_url}")
# print(f"Test Get Token Script: headers: {headers}")
# print(f"Test Get Token Script: data: {data}")
#
# backend_response = requests.post(request_url, headers=headers, data=data)
# json_data = json.loads(backend_response.text)
# backend_token = json_data["access_token"]
# print(f"Test Get Token Script: backend_response: {backend_response}")
# print(f"Test Get Token Script: backend_token: {backend_token}")
#
# if backend_token:
# # Getting resource set
# auth_bearer_string = f"Bearer {backend_token}"
# headers = {
# "Content-Type": "application/json",
# "Authorization": auth_bearer_string,
# }
#
# # uri_to_test_against = "%2Fprocess-models"
# uri_to_test_against = "/status"
# request_url = (
# f"{keycloak_server_url}/realms/{keycloak_realm_name}/authz/protection/resource_set?"
# + f"matchingUri=true&deep=true&max=-1&exactName=false&uri={uri_to_test_against}"
# )
# # f"uri={uri_to_test_against}"
# print(f"Test Get Token Script: request_url: {request_url}")
# print(f"Test Get Token Script: headers: {headers}")
#
# resource_result = requests.get(request_url, headers=headers)
# print(f"Test Get Token Script: resource_result: {resource_result}")
#
# json_data = json.loads(resource_result.text)
# resource_id_name_pairs = []
# for result in json_data:
# if "_id" in result and result["_id"]:
# pair_key = result["_id"]
# if "name" in result and result["name"]:
# pair_value = result["name"]
# # pair = {{result['_id']}: {}}
# else:
# pair_value = "no_name"
# # pair = {{result['_id']}: }
# pair = [pair_key, pair_value]
# resource_id_name_pairs.append(pair)
# print(
# f"Test Get Token Script: resource_id_name_pairs: {resource_id_name_pairs}"
# )
#
# # Getting Permissions
# for resource_id_name_pair in resource_id_name_pairs:
# resource_id = resource_id_name_pair[0]
# resource_id_name_pair[1]
#
# headers = {
# "Content-Type": "application/x-www-form-urlencoded",
# "Authorization": f"Basic {backend_basic_auth.decode('utf-8')}",
# }
#
# post_data = {
# "audience": keycloak_client_id,
# "permission": resource_id,
# "subject_token": backend_token,
# "grant_type": "urn:ietf:params:oauth:grant-type:uma-ticket",
# }
# print(f"Test Get Token Script: headers: {headers}")
# print(f"Test Get Token Script: post_data: {post_data}")
# print(f"Test Get Token Script: request_url: {request_url}")
#
# permission_result = requests.post(
# request_url, headers=headers, data=post_data
# )
# print(f"Test Get Token Script: permission_result: {permission_result}")
#
# print("test_get_token_script")