- Added User to Request.

issue #40

Author: albamig

minos/api_gateway/rest/handler.py

@@ -69,7 +69,16 @@ async def call(address: str, port: int, original_req: web.Request, **kwargs) ->
     :return: The web response to be retrieved to the client.
     """
 
-    headers = original_req.headers
+    headers = original_req.headers.copy()
+    if "Authorization" in headers and "Bearer" in headers["Authorization"]:
+        parts = headers["Authorization"].split()
+        if len(parts) == 2:
+            headers["User"] = parts[1]
+        else:
+            headers["User"] = "None"
+    else:
+        headers["User"] = "None"
+
     url = original_req.url.with_scheme("http").with_host(address).with_port(port)
     method = original_req.method
     content = await original_req.text()

poetry.lock

@@ -0,0 +1,80 @@
+import os
+from unittest import (
+    mock,
+)
+
+from aiohttp.test_utils import (
+    AioHTTPTestCase,
+    unittest_run_loop,
+)
+
+from minos.api_gateway.common import (
+    MinosConfig,
+)
+from minos.api_gateway.rest import (
+    ApiGatewayRestService,
+)
+from tests.mock_servers.server import (
+    MockServer,
+)
+from tests.utils import (
+    BASE_PATH,
+)
+
+
+class TestApiGatewayCORS(AioHTTPTestCase):
+    CONFIG_FILE_PATH = BASE_PATH / "config.yml"
+
+    @mock.patch.dict(os.environ, {"API_GATEWAY_CORS_ENABLED": "true"})
+    def setUp(self) -> None:
+        self.config = MinosConfig(self.CONFIG_FILE_PATH)
+
+        self.discovery = MockServer(
+            host=self.config.discovery.connection.host, port=self.config.discovery.connection.port,
+        )
+        self.discovery.add_json_response(
+            "/microservices", {"address": "localhost", "port": "5568", "status": True},
+        )
+
+        self.microservice = MockServer(host="localhost", port=5568)
+        self.microservice.add_json_response(
+            "/order/5", "Microservice call correct!!!", methods=("GET", "PUT", "PATCH", "DELETE",)
+        )
+        self.microservice.add_json_response("/order", "Microservice call correct!!!", methods=("POST",))
+
+        self.discovery.start()
+        self.microservice.start()
+        super().setUp()
+
+    def tearDown(self) -> None:
+        self.discovery.shutdown_server()
+        self.microservice.shutdown_server()
+        super().tearDown()
+
+    async def get_application(self):
+        """
+        Override the get_app method to return your application.
+        """
+        rest_service = ApiGatewayRestService(
+            address=self.config.rest.connection.host, port=self.config.rest.connection.port, config=self.config
+        )
+
+        return await rest_service.create_application()
+
+    @unittest_run_loop
+    async def test_auth_headers(self):
+        url = "/order"
+        headers = {"Authorization": "Bearer test_token"}
+        response = await self.client.request("POST", url, headers=headers)
+
+        self.assertEqual(200, response.status)
+        self.assertIn("Microservice call correct!!!", await response.text())
+
+    @unittest_run_loop
+    async def test_wrong_auth_headers(self):
+        url = "/order"
+        headers = {"Authorization": "Bearer"}
+        response = await self.client.request("POST", url, headers=headers)
+
+        self.assertEqual(200, response.status)
+        self.assertIn("Microservice call correct!!!", await response.text())

tests/test_api_gateway/test_rest/test_authentication.py

@@ -0,0 +1,103 @@
+import os
+from unittest import (
+    mock,
+)
+
+import attr
+from aiohttp.test_utils import (
+    AioHTTPTestCase,
+    unittest_run_loop,
+)
+from aiohttp_middlewares.cors import (
+    ACCESS_CONTROL_ALLOW_HEADERS,
+    ACCESS_CONTROL_ALLOW_METHODS,
+    ACCESS_CONTROL_ALLOW_ORIGIN,
+    DEFAULT_ALLOW_HEADERS,
+    DEFAULT_ALLOW_METHODS,
+)
+
+from minos.api_gateway.common import (
+    MinosConfig,
+)
+from minos.api_gateway.rest import (
+    ApiGatewayRestService,
+)
+from tests.mock_servers.server import (
+    MockServer,
+)
+from tests.utils import (
+    BASE_PATH,
+)
+
+
+class TestApiGatewayCORS(AioHTTPTestCase):
+    CONFIG_FILE_PATH = BASE_PATH / "config.yml"
+    TEST_DENIED_ORIGIN = "https://www.google.com"
+    TEST_ORIGIN = "http://localhost:3000"
+
+    @mock.patch.dict(os.environ, {"API_GATEWAY_CORS_ENABLED": "true"})
+    def setUp(self) -> None:
+        self.config = MinosConfig(self.CONFIG_FILE_PATH)
+
+        self.discovery = MockServer(
+            host=self.config.discovery.connection.host, port=self.config.discovery.connection.port,
+        )
+        self.discovery.add_json_response(
+            "/microservices", {"address": "localhost", "port": "5568", "status": True},
+        )
+
+        self.microservice = MockServer(host="localhost", port=5568)
+        self.microservice.add_json_response(
+            "/order/5", "Microservice call correct!!!", methods=("GET", "PUT", "PATCH", "DELETE",)
+        )
+        self.microservice.add_json_response("/order", "Microservice call correct!!!", methods=("POST",))
+
+        self.discovery.start()
+        self.microservice.start()
+        super().setUp()
+
+    def tearDown(self) -> None:
+        self.discovery.shutdown_server()
+        self.microservice.shutdown_server()
+        super().tearDown()
+
+    async def get_application(self):
+        """
+        Override the get_app method to return your application.
+        """
+        rest_service = ApiGatewayRestService(
+            address=self.config.rest.connection.host, port=self.config.rest.connection.port, config=self.config
+        )
+
+        return await rest_service.create_application()
+
+    @staticmethod
+    def check_allow_origin(
+        response, origin, *, allow_headers=DEFAULT_ALLOW_HEADERS, allow_methods=DEFAULT_ALLOW_METHODS,
+    ):
+        assert response.headers[ACCESS_CONTROL_ALLOW_ORIGIN] == origin
+        if allow_headers:
+            assert response.headers[ACCESS_CONTROL_ALLOW_HEADERS] == ", ".join(allow_headers)
+        if allow_methods:
+            assert response.headers[ACCESS_CONTROL_ALLOW_METHODS] == ", ".join(allow_methods)
+
+    @unittest_run_loop
+    async def test_cors_enabled(self):
+        method = "GET"
+        extra_headers = {}
+        expected_origin = "*"
+        expected_allow_headers = None
+        expected_allow_methods = None
+        url = "/order/5?verb=GET&path=12324"
+
+        kwargs = {}
+        if expected_allow_headers is not attr.NOTHING:
+            kwargs["allow_headers"] = expected_allow_headers
+        if expected_allow_methods is not attr.NOTHING:
+            kwargs["allow_methods"] = expected_allow_methods
+
+        self.check_allow_origin(
+            await self.client.request(method, url, headers={"Origin": self.TEST_ORIGIN, **extra_headers}),
+            expected_origin,
+            **kwargs,
+        )

tests/test_api_gateway/test_rest/test_cors.py

@@ -1,23 +1,11 @@
 """tests.test_api_gateway.test_rest.service module."""
 
-import os
 import unittest
-from unittest import (
-    mock,
-)
 
-import attr
 from aiohttp.test_utils import (
     AioHTTPTestCase,
     unittest_run_loop,
 )
-from aiohttp_middlewares.cors import (
-    ACCESS_CONTROL_ALLOW_HEADERS,
-    ACCESS_CONTROL_ALLOW_METHODS,
-    ACCESS_CONTROL_ALLOW_ORIGIN,
-    DEFAULT_ALLOW_HEADERS,
-    DEFAULT_ALLOW_METHODS,
-)
 
 from minos.api_gateway.common import (
     MinosConfig,
@@ -212,78 +200,5 @@ async def test_get(self):
         self.assertIn("The requested endpoint is not available.", await response.text())
 
 
-class TestApiGatewayCORS(AioHTTPTestCase):
-    CONFIG_FILE_PATH = BASE_PATH / "config.yml"
-    TEST_DENIED_ORIGIN = "https://www.google.com"
-    TEST_ORIGIN = "http://localhost:3000"
-
-    @mock.patch.dict(os.environ, {"API_GATEWAY_CORS_ENABLED": "true"})
-    def setUp(self) -> None:
-        self.config = MinosConfig(self.CONFIG_FILE_PATH)
-
-        self.discovery = MockServer(
-            host=self.config.discovery.connection.host, port=self.config.discovery.connection.port,
-        )
-        self.discovery.add_json_response(
-            "/microservices", {"address": "localhost", "port": "5568", "status": True},
-        )
-
-        self.microservice = MockServer(host="localhost", port=5568)
-        self.microservice.add_json_response(
-            "/order/5", "Microservice call correct!!!", methods=("GET", "PUT", "PATCH", "DELETE",)
-        )
-        self.microservice.add_json_response("/order", "Microservice call correct!!!", methods=("POST",))
-
-        self.discovery.start()
-        self.microservice.start()
-        super().setUp()
-
-    def tearDown(self) -> None:
-        self.discovery.shutdown_server()
-        self.microservice.shutdown_server()
-        super().tearDown()
-
-    async def get_application(self):
-        """
-        Override the get_app method to return your application.
-        """
-        rest_service = ApiGatewayRestService(
-            address=self.config.rest.connection.host, port=self.config.rest.connection.port, config=self.config
-        )
-
-        return await rest_service.create_application()
-
-    @staticmethod
-    def check_allow_origin(
-        response, origin, *, allow_headers=DEFAULT_ALLOW_HEADERS, allow_methods=DEFAULT_ALLOW_METHODS,
-    ):
-        assert response.headers[ACCESS_CONTROL_ALLOW_ORIGIN] == origin
-        if allow_headers:
-            assert response.headers[ACCESS_CONTROL_ALLOW_HEADERS] == ", ".join(allow_headers)
-        if allow_methods:
-            assert response.headers[ACCESS_CONTROL_ALLOW_METHODS] == ", ".join(allow_methods)
-
-    @unittest_run_loop
-    async def test_cors_enabled(self):
-        method = "GET"
-        extra_headers = {}
-        expected_origin = "*"
-        expected_allow_headers = None
-        expected_allow_methods = None
-        url = "/order/5?verb=GET&path=12324"
-
-        kwargs = {}
-        if expected_allow_headers is not attr.NOTHING:
-            kwargs["allow_headers"] = expected_allow_headers
-        if expected_allow_methods is not attr.NOTHING:
-            kwargs["allow_methods"] = expected_allow_methods
-
-        self.check_allow_origin(
-            await self.client.request(method, url, headers={"Origin": self.TEST_ORIGIN, **extra_headers}),
-            expected_origin,
-            **kwargs,
-        )
-
-
 if __name__ == "__main__":
     unittest.main()