Skip to content

Commit dc4fd99

Browse files
bkioshnbkioshn
authored
test(cat-gateway): Generate auth token for test (#2163)
* test(cat-gateway): generate auth token with already registered account Signed-off-by: bkioshn <[email protected]> * test(cat-gateway): remove BEARER_TOKEN env Signed-off-by: bkioshn <[email protected]> * test(cat-gateway): fix rbac auth token factory Signed-off-by: bkioshn <[email protected]> --------- Signed-off-by: bkioshn <[email protected]>
1 parent d8babcf commit dc4fd99

File tree

8 files changed

+237
-50
lines changed

8 files changed

+237
-50
lines changed

catalyst-gateway/tests/api_tests/Earthfile

Lines changed: 0 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -21,8 +21,6 @@ test:
2121

2222
ENV EVENT_DB_TEST_URL "postgres://catalyst-event-dev:CHANGE_ME@localhost/CatalystEventDev"
2323
ENV CAT_GATEWAY_TEST_URL "http://127.0.0.1:3030"
24-
# cspell: disable-next-line
25-
ENV BEARER_TOKEN = "catid.:[email protected]/ycih6xARcuFGiRrtf1ETLWPvXGd_UBheZ4A5kccWNAU.2CB_ByoGhZ8xBjLveK6jcGbKZ7_5TDjCwbTyNtHWFXnyKuvkTp9zo9tmBOVkPRbHjSwzx85kX3lIoGtKF3_dDQ"
2624

2725
WITH DOCKER \
2826
--compose docker-compose.yml \

catalyst-gateway/tests/api_tests/api/__init__.py

Lines changed: 0 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -7,14 +7,6 @@
77
print ("Please set the environment variable CAT_GATEWAY_TEST_URL")
88
sys.exit(1)
99

10-
try:
11-
os.environ["BEARER_TOKEN"]
12-
except KeyError:
13-
print ("Please set the environment variable BEARER_TOKEN")
14-
sys.exit(1)
15-
16-
17-
BEARER_TOKEN = os.environ["BEARER_TOKEN"]
1810
CAT_GATEWAY_TEST_URL = os.environ["CAT_GATEWAY_TEST_URL"]
1911

2012
def cat_gateway_endpoint_url(endpoint: str):

catalyst-gateway/tests/api_tests/api/v1/document.py

Lines changed: 7 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -1,29 +1,29 @@
11
import requests
2-
from api import cat_gateway_endpoint_url, BEARER_TOKEN
2+
from api import cat_gateway_endpoint_url
33

44
URL = cat_gateway_endpoint_url("api/v1/document")
55

66
# Signed document GET
7-
def get(document_id: str):
7+
def get(document_id: str, token: str):
88
document_url = f"{URL}/{document_id}"
99
headers = {
10-
"Authorization": f"Bearer {BEARER_TOKEN}"
10+
"Authorization": f"Bearer {token}"
1111
}
1212
return requests.get(document_url, headers=headers)
1313

1414
# Signed document PUT
15-
def put(data: str):
15+
def put(data: str, token: str):
1616
headers = {
17-
"Authorization": f"Bearer {BEARER_TOKEN}",
17+
"Authorization": f"Bearer {token}",
1818
"Content-Type": "application/cbor"
1919
}
2020
data = bytes.fromhex(data)
2121
return requests.put(URL, headers=headers, data=data)
2222

2323
# Signed document POST
24-
def post(document_url: str, filter: dict):
24+
def post(document_url: str, filter: dict, token: str):
2525
headers = {
26-
"Authorization": f"Bearer {BEARER_TOKEN}",
26+
"Authorization": f"Bearer {token}",
2727
"Content-Type": "application/json"
2828
}
2929
return requests.post(f"{URL}{document_url}", headers=headers, json=filter)

catalyst-gateway/tests/api_tests/integration/test_signed_doc.py

Lines changed: 43 additions & 30 deletions
Original file line numberDiff line numberDiff line change
@@ -7,6 +7,7 @@
77
from typing import Dict, Any, List
88
from uuid_extensions import uuid7str
99
import copy
10+
from utils.auth_token import rbac_auth_token_factory
1011

1112

1213
class SignedDocument:
@@ -66,8 +67,9 @@ def comment_templates() -> List[str]:
6667

6768
# return a Proposal document which is already published to the cat-gateway
6869
@pytest.fixture
69-
def proposal_doc_factory(proposal_templates):
70+
def proposal_doc_factory(proposal_templates, rbac_auth_token_factory):
7071
def __proposal_doc_factory() -> SignedDocument:
72+
rbac_auth_token = rbac_auth_token_factory()
7173
proposal_doc_id = uuid7str()
7274
proposal_metadata_json = {
7375
"id": proposal_doc_id,
@@ -85,7 +87,7 @@ def __proposal_doc_factory() -> SignedDocument:
8587
proposal_json = json.load(proposal_json_file)
8688

8789
doc = SignedDocument(proposal_metadata_json, proposal_json)
88-
resp = document.put(data=doc.hex())
90+
resp = document.put(data=doc.hex(), token=rbac_auth_token)
8991
assert (
9092
resp.status_code == 201
9193
), f"Failed to publish document: {resp.status_code} - {resp.text}"
@@ -97,8 +99,9 @@ def __proposal_doc_factory() -> SignedDocument:
9799

98100
# return a Comment document which is already published to the cat-gateway
99101
@pytest.fixture
100-
def comment_doc_factory(proposal_doc_factory, comment_templates) -> SignedDocument:
102+
def comment_doc_factory(proposal_doc_factory, comment_templates, rbac_auth_token_factory) -> SignedDocument:
101103
def __comment_doc_factory() -> SignedDocument:
104+
rbac_auth_token = rbac_auth_token_factory()
102105
proposal_doc = proposal_doc_factory()
103106
comment_doc_id = uuid7str()
104107
comment_metadata_json = {
@@ -115,7 +118,7 @@ def __comment_doc_factory() -> SignedDocument:
115118
comment_json = json.load(comment_json_file)
116119

117120
doc = SignedDocument(comment_metadata_json, comment_json)
118-
resp = document.put(data=doc.hex())
121+
resp = document.put(data=doc.hex(), token=rbac_auth_token)
119122
assert (
120123
resp.status_code == 201
121124
), f"Failed to publish document: {resp.status_code} - {resp.text}"
@@ -128,9 +131,10 @@ def __comment_doc_factory() -> SignedDocument:
128131
# return a submission action document.
129132
@pytest.fixture
130133
def submission_action_factory(
131-
proposal_doc_factory, comment_templates
134+
proposal_doc_factory, comment_templates, rbac_auth_token_factory
132135
) -> SignedDocument:
133136
def __submission_action_factory() -> SignedDocument:
137+
rbac_auth_token = rbac_auth_token_factory()
134138
proposal_doc = proposal_doc_factory()
135139
submission_action_id = uuid7str()
136140
sub_action_metadata_json = {
@@ -148,7 +152,7 @@ def __submission_action_factory() -> SignedDocument:
148152
comment_json = json.load(comment_json_file)
149153

150154
doc = SignedDocument(sub_action_metadata_json, comment_json)
151-
resp = document.put(data=doc.hex())
155+
resp = document.put(data=doc.hex(), token=rbac_auth_token)
152156
assert (
153157
resp.status_code == 201
154158
), f"Failed to publish sub_action: {resp.status_code} - {resp.text}"
@@ -158,41 +162,43 @@ def __submission_action_factory() -> SignedDocument:
158162
return __submission_action_factory
159163

160164

161-
def test_templates(proposal_templates, comment_templates):
165+
def test_templates(proposal_templates, comment_templates, rbac_auth_token_factory):
166+
rbac_auth_token = rbac_auth_token_factory()
162167
templates = proposal_templates + comment_templates
163168
for template_id in templates:
164-
resp = document.get(document_id=template_id)
169+
resp = document.get(document_id=template_id, token=rbac_auth_token)
165170
assert (
166171
resp.status_code == 200
167172
), f"Failed to get document: {resp.status_code} - {resp.text} for id {template_id}"
168173

169174

170-
def test_proposal_doc(proposal_doc_factory):
175+
def test_proposal_doc(proposal_doc_factory, rbac_auth_token_factory):
176+
rbac_auth_token = rbac_auth_token_factory()
171177
proposal_doc = proposal_doc_factory()
172178
proposal_doc_id = proposal_doc.metadata["id"]
173179

174180
# Put a proposal document again
175-
resp = document.put(data=proposal_doc.hex())
181+
resp = document.put(data=proposal_doc.hex(), token=rbac_auth_token)
176182
assert (
177183
resp.status_code == 204
178184
), f"Failed to publish document: {resp.status_code} - {resp.text}"
179185

180186
# Get the proposal document
181-
resp = document.get(document_id=proposal_doc_id)
187+
resp = document.get(document_id=proposal_doc_id, token=rbac_auth_token)
182188
assert (
183189
resp.status_code == 200
184190
), f"Failed to get document: {resp.status_code} - {resp.text}"
185191

186192
# Post a signed document with filter ID
187-
resp = document.post("/index", filter={"id": {"eq": proposal_doc_id}})
193+
resp = document.post("/index", filter={"id": {"eq": proposal_doc_id}}, token=rbac_auth_token)
188194
assert (
189195
resp.status_code == 200
190196
), f"Failed to post document: {resp.status_code} - {resp.text}"
191197

192198
# Put a proposal document with same ID different content
193199
invalid_doc = proposal_doc.copy()
194200
invalid_doc.content["setup"]["title"]["title"] = "another title"
195-
resp = document.put(data=invalid_doc.hex())
201+
resp = document.put(data=invalid_doc.hex(), token=rbac_auth_token)
196202
assert (
197203
resp.status_code == 422
198204
), f"Publish document, expected 422 Unprocessable Content: {resp.status_code} - {resp.text}"
@@ -201,15 +207,15 @@ def test_proposal_doc(proposal_doc_factory):
201207
new_doc = proposal_doc.copy()
202208
new_doc.metadata["ver"] = uuid7str()
203209
new_doc.content["setup"]["title"]["title"] = "another title"
204-
resp = document.put(data=new_doc.hex())
210+
resp = document.put(data=new_doc.hex(), token=rbac_auth_token)
205211
assert (
206212
resp.status_code == 201
207213
), f"Failed to publish document: {resp.status_code} - {resp.text}"
208214

209215
# Put a proposal document with the not known template field
210216
invalid_doc = proposal_doc.copy()
211217
invalid_doc.metadata["template"] = {"id": uuid7str()}
212-
resp = document.put(data=invalid_doc.hex())
218+
resp = document.put(data=invalid_doc.hex(), token=rbac_auth_token)
213219
assert (
214220
resp.status_code == 422
215221
), f"Publish document, expected 422 Unprocessable Content: {resp.status_code} - {resp.text}"
@@ -218,32 +224,33 @@ def test_proposal_doc(proposal_doc_factory):
218224
invalid_doc = proposal_doc.copy()
219225
invalid_doc.metadata["ver"] = uuid7str()
220226
invalid_doc.content = {}
221-
resp = document.put(data=invalid_doc.hex())
227+
resp = document.put(data=invalid_doc.hex(), token=rbac_auth_token)
222228
assert (
223229
resp.status_code == 422
224230
), f"Publish document, expected 422 Unprocessable Content: {resp.status_code} - {resp.text}"
225231

226232
logger.info("Proposal document test successful.")
227233

228234

229-
def test_comment_doc(comment_doc_factory):
235+
def test_comment_doc(comment_doc_factory, rbac_auth_token_factory):
236+
rbac_auth_token = rbac_auth_token_factory()
230237
comment_doc = comment_doc_factory()
231238
comment_doc_id = comment_doc.metadata["id"]
232239

233240
# Put a comment document again
234-
resp = document.put(data=comment_doc.hex())
241+
resp = document.put(data=comment_doc.hex(), token=rbac_auth_token)
235242
assert (
236243
resp.status_code == 204
237244
), f"Failed to publish document: {resp.status_code} - {resp.text}"
238245

239246
# Get the comment document
240-
resp = document.get(document_id=comment_doc_id)
247+
resp = document.get(document_id=comment_doc_id, token=rbac_auth_token)
241248
assert (
242249
resp.status_code == 200
243250
), f"Failed to get document: {resp.status_code} - {resp.text}"
244251

245252
# Post a signed document with filter ID
246-
resp = document.post("/index", filter={"id": {"eq": comment_doc_id}})
253+
resp = document.post("/index", filter={"id": {"eq": comment_doc_id}}, token=rbac_auth_token)
247254
assert (
248255
resp.status_code == 200
249256
), f"Failed to post document: {resp.status_code} - {resp.text}"
@@ -252,72 +259,74 @@ def test_comment_doc(comment_doc_factory):
252259
invalid_doc = comment_doc.copy()
253260
invalid_doc.metadata["ver"] = uuid7str()
254261
invalid_doc.content = {}
255-
resp = document.put(data=invalid_doc.hex())
262+
resp = document.put(data=invalid_doc.hex(), token=rbac_auth_token)
256263
assert (
257264
resp.status_code == 422
258265
), f"Publish document, expected 422 Unprocessable Content: {resp.status_code} - {resp.text}"
259266

260267
# Put a comment document referencing to the not known proposal
261268
invalid_doc = comment_doc.copy()
262269
invalid_doc.metadata["ref"] = {"id": uuid7str()}
263-
resp = document.put(data=invalid_doc.hex())
270+
resp = document.put(data=invalid_doc.hex(), token=rbac_auth_token)
264271
assert (
265272
resp.status_code == 422
266273
), f"Publish document, expected 422 Unprocessable Content: {resp.status_code} - {resp.text}"
267274

268275
logger.info("Comment document test successful.")
269276

270277

271-
def test_submission_action(submission_action_factory):
278+
def test_submission_action(submission_action_factory, rbac_auth_token_factory):
279+
rbac_auth_token = rbac_auth_token_factory()
272280
submission_action = submission_action_factory()
273281
submission_action_id = submission_action.metadata["id"]
274282

275283
# Put a submission action document
276-
resp = document.put(data=submission_action.hex())
284+
resp = document.put(data=submission_action.hex(), token=rbac_auth_token)
277285
assert (
278286
resp.status_code == 204
279287
), f"Failed to publish document: {resp.status_code} - {resp.text}"
280288

281289
# Get the submission action doc
282-
resp = document.get(document_id=submission_action_id)
290+
resp = document.get(document_id=submission_action_id, token=rbac_auth_token)
283291
assert (
284292
resp.status_code == 200
285293
), f"Failed to get document: {resp.status_code} - {resp.text}"
286294

287295
# Post a signed document with filter ID
288-
resp = document.post("/index", filter={"id": {"eq": submission_action_id}})
296+
resp = document.post("/index", filter={"id": {"eq": submission_action_id}}, token=rbac_auth_token)
289297
assert (
290298
resp.status_code == 200
291299
), f"Failed to post document: {resp.status_code} - {resp.text}"
292300

293301
# Submission action document MUST have a ref
294302
invalid_doc = submission_action.copy()
295303
invalid_doc.metadata["ref"] = {}
296-
resp = document.put(data=invalid_doc.hex())
304+
resp = document.put(data=invalid_doc.hex(), token=rbac_auth_token)
297305
assert (
298306
resp.status_code == 422
299307
), f"Publish document, expected 422 Unprocessable Content: {resp.status_code} - {resp.text}"
300308

301309
# Put a submission action document referencing an unknown proposal
302310
invalid_doc = submission_action.copy()
303311
invalid_doc.metadata["ref"] = {"id": uuid7str()}
304-
resp = document.put(data=invalid_doc.hex())
312+
resp = document.put(data=invalid_doc.hex(), token=rbac_auth_token)
305313
assert (
306314
resp.status_code == 422
307315
), f"Publish document, expected 422 Unprocessable Content: {resp.status_code} - {resp.text}"
308316

309317
logger.info("Submission action document test successful.")
310318

311319

312-
def test_document_index_endpoint(proposal_doc_factory):
320+
def test_document_index_endpoint(proposal_doc_factory, rbac_auth_token_factory):
321+
rbac_auth_token = rbac_auth_token_factory()
313322
# submiting 10 proposal documents
314323
total_amount = 10
315324
first_proposal = proposal_doc_factory()
316325
for _ in range(total_amount - 1):
317326
doc = first_proposal.copy()
318327
# keep the same id, but different version
319328
doc.metadata["ver"] = uuid7str()
320-
resp = document.put(data=doc.hex())
329+
resp = document.put(data=doc.hex(), token=rbac_auth_token)
321330
assert (
322331
resp.status_code == 201
323332
), f"Failed to publish document: {resp.status_code} - {resp.text}"
@@ -328,6 +337,7 @@ def test_document_index_endpoint(proposal_doc_factory):
328337
resp = document.post(
329338
f"/index?limit={limit}&page={page}",
330339
filter=filter,
340+
token=rbac_auth_token
331341
)
332342
assert (
333343
resp.status_code == 200
@@ -342,6 +352,7 @@ def test_document_index_endpoint(proposal_doc_factory):
342352
resp = document.post(
343353
f"/index?limit={limit}&page={page}",
344354
filter=filter,
355+
token=rbac_auth_token
345356
)
346357
assert (
347358
resp.status_code == 200
@@ -355,6 +366,7 @@ def test_document_index_endpoint(proposal_doc_factory):
355366
resp = document.post(
356367
f"/index?limit={total_amount}",
357368
filter=filter,
369+
token=rbac_auth_token
358370
)
359371
assert (
360372
resp.status_code == 200
@@ -368,6 +380,7 @@ def test_document_index_endpoint(proposal_doc_factory):
368380
resp = document.post(
369381
"/index?page=92233720368547759",
370382
filter={},
383+
token=rbac_auth_token
371384
)
372385
assert (
373386
resp.status_code == 412

0 commit comments

Comments
 (0)