tests

Author: Namitha-Prabhu

tests/e2e-tests/endpoint_tests.py

@@ -0,0 +1,41 @@
+
+import pytest
+import requests
+
+def _get(url, headers=None, timeout=10):
+    return requests.get(url, headers=headers or {}, timeout=timeout)
+
+@pytest.mark.smoketest
+def test_ping(nhsd_apim_proxy_url):
+    resp = requests.get(nhsd_apim_proxy_url + "/_ping")
+    assert resp.status_code == 200
+    print("Ping Response Body:", resp.text)
+
+@pytest.mark.smoketest
+def test_401_status_without_api_key(nhsd_apim_proxy_url):
+    resp = requests.get(
+        f"{nhsd_apim_proxy_url}/_status"
+    )
+    assert resp.status_code == 401
+
+@pytest.mark.smoketest
+@pytest.mark.nhsd_apim_authorization(access="application", level="level3")
+def test_invalid_jwt_rejected(nhsd_apim_proxy_url, nhsd_apim_auth_headers):
+    """
+    Best-effort: if gateway validates JWTs, an invalid token should be rejected.
+    If JWT not used in this env, test is skipped.
+    """
+    headers = {
+        **nhsd_apim_auth_headers,
+        "headerauth1": "headervalue1",
+        "x-request-id": "123456"
+    }
+    print(headers)
+    # If no Authorization configured in project headers, skip
+    if "Authorization" not in headers:
+        pytest.skip("JWT auth not configured for this environment")
+
+    bad_headers = dict(headers)
+    bad_headers["Authorization"] = "Bearer invalid.invalid.invalid"
+    status = _get(f"{nhsd_apim_proxy_url}/_status", headers=bad_headers).status_code
+    assert status in (401, 403), "Expected gateway to reject invalid JWT"

tests/e2e-tests/get_letters_tests.py

@@ -1,9 +1,7 @@
 
 import pytest
 import requests
-import json
-import time
-from lib import Generators
+from lib import generators as Generators
 
 from pytest_nhsd_apim.apigee_apis import (
     DeveloperAppsAPI,
@@ -60,24 +58,3 @@ def test_app_level0_access_post(nhsd_apim_proxy_url, nhsd_apim_auth_headers, _cr
         json = data
     )
     assert resp.status_code == 200
-
-
-
-@pytest.mark.nhsd_apim_authorization(access="application", level="level3")
-def test_ping(nhsd_apim_proxy_url):
-    resp = requests.get(nhsd_apim_proxy_url + "/_ping")
-
-    print("\nCalled:\n" + nhsd_apim_proxy_url + "/_ping" )
-    print("\nResponse status code: ", resp.status_code)
-
-    assert resp.status_code == 200
-
-@pytest.mark.nhsd_apim_authorization(access="application", level="level3")
-def test_401_status_without_api_key(nhsd_apim_proxy_url):
-    resp = requests.get(
-        f"{nhsd_apim_proxy_url}/_status"
-    )
-
-    error_handler.handle_retry(resp)
-
-    assert resp.status_code == 401

tests/e2e-tests/lib/generators.py

@@ -1,15 +1,12 @@
-
-class Generators():
-@staticmethod
+class Generators:
+    @staticmethod
     def generate_valid_create_message_body(environment="sandbox"):
         return {
-            {
-                "data": {
-                    "attributes": {
+            "data": {
+                "attributes": {
                     "status": "PENDING"
-                    },
-                    "id": "2WL5eYSWGzCHlGmzNxuqVusPxDg",
-                    "type": "Letter"
-                }
+                },
+                "id": "2WL5eYSWGzCHlGmzNxuqVusPxDg",
+                "type": "Letter"
             }
         }

tests/e2e-tests/poetry.lock

@@ -0,0 +1,7 @@
+[pytest]
+python_files = *_tests.py
+norecursedirs = .venv .eggs build dist utils
+addopts = --strict-markers
+markers =
+    e2e: end to end tests
+    smoketest: suitable to run against all environments even production