Merge pull request #51 from Clariteia/0.0.4

Sergio García Prado · web-flow · commit c97cd883334d · 2021-08-25T13:02:23.000+02:00
0.0.4
diff --git a/HISTORY.md b/HISTORY.md
@@ -14,3 +14,6 @@
 * Handle requests to unavailable microservices.
 * Improve request forwarding to microservices.
 * Fix bug related with unnecessary `json` casting.
+
+## 0.0.4 (2021-08-54)
+* Add support to `CORS`.
diff --git a/minos/api_gateway/rest/__init__.py b/minos/api_gateway/rest/__init__.py
@@ -5,7 +5,7 @@
 
 Minos framework can not be copied and/or distributed without the express permission of Clariteia SL.
 """
-__version__ = "0.0.3"
+__version__ = "0.0.4"
 
 from .launchers import (
     EntrypointLauncher,
diff --git a/minos/api_gateway/rest/service.py b/minos/api_gateway/rest/service.py
@@ -5,6 +5,9 @@
 from aiohttp import (
     web,
 )
+from aiohttp_middlewares import (
+    cors_middleware,
+)
 from aiomisc.service.aiohttp import (
     AIOHTTPService,
 )
@@ -25,7 +28,12 @@ def __init__(self, address: str, port: int, config: MinosConfig):
         super().__init__(address, port)
 
     async def create_application(self) -> web.Application:
-        app = web.Application()
+        middlewares = list()
+        if self.config.cors.enabled:
+            middlewares = [cors_middleware(allow_all=True)]
+
+        app = web.Application(middlewares=middlewares)
+
         app["config"] = self.config
 
         app.router.add_route("*", "/{endpoint:.*}", handler.orchestrate)
diff --git a/poetry.lock b/poetry.lock
diff --git a/pyproject.toml b/pyproject.toml
@@ -1,6 +1,6 @@
 [tool.poetry]
 name = "minos_apigateway"
-version = "0.0.3"
+version = "0.0.4"
 description = "Python Package containing the main API Gateway implementation used in Minos Microservices."
 readme = "README.md"
 repository = "https://github.com/clariteia/api_gateway"
@@ -31,9 +31,10 @@ include = [
 
 [tool.poetry.dependencies]
 python = "^3.9"
-minos-apigateway-common = "^0.0.4"
+minos-apigateway-common = "^0.0.5"
 typer = "^0.3.2"
 cached-property = "^1.5.2"
+aiohttp-middlewares = "^1.1.0"
 
 [tool.poetry.dev-dependencies]
 black = "^19.10b"
diff --git a/tests/config.yml b/tests/config.yml
@@ -11,3 +11,6 @@ discovery:
         host: localhost
         port: 6379
         password:
+cors:
+  enabled: false
+
diff --git a/tests/test_api_gateway/test_rest/test_service.py b/tests/test_api_gateway/test_rest/test_service.py
@@ -1,11 +1,23 @@
 """tests.test_api_gateway.test_rest.service module."""
 
+import os
 import unittest
+from unittest import (
+    mock,
+)
 
+import attr
 from aiohttp.test_utils import (
     AioHTTPTestCase,
     unittest_run_loop,
 )
+from aiohttp_middlewares.cors import (
+    ACCESS_CONTROL_ALLOW_HEADERS,
+    ACCESS_CONTROL_ALLOW_METHODS,
+    ACCESS_CONTROL_ALLOW_ORIGIN,
+    DEFAULT_ALLOW_HEADERS,
+    DEFAULT_ALLOW_METHODS,
+)
 
 from minos.api_gateway.common import (
     MinosConfig,
@@ -200,5 +212,78 @@ async def test_get(self):
         self.assertIn("The requested endpoint is not available.", await response.text())
 
 
+class TestApiGatewayCORS(AioHTTPTestCase):
+    CONFIG_FILE_PATH = BASE_PATH / "config.yml"
+    TEST_DENIED_ORIGIN = "https://www.google.com"
+    TEST_ORIGIN = "http://localhost:3000"
+
+    @mock.patch.dict(os.environ, {"API_GATEWAY_CORS_ENABLED": "true"})
+    def setUp(self) -> None:
+        self.config = MinosConfig(self.CONFIG_FILE_PATH)
+
+        self.discovery = MockServer(
+            host=self.config.discovery.connection.host, port=self.config.discovery.connection.port,
+        )
+        self.discovery.add_json_response(
+            "/microservices", {"address": "localhost", "port": "5568", "status": True},
+        )
+
+        self.microservice = MockServer(host="localhost", port=5568)
+        self.microservice.add_json_response(
+            "/order/5", "Microservice call correct!!!", methods=("GET", "PUT", "PATCH", "DELETE",)
+        )
+        self.microservice.add_json_response("/order", "Microservice call correct!!!", methods=("POST",))
+
+        self.discovery.start()
+        self.microservice.start()
+        super().setUp()
+
+    def tearDown(self) -> None:
+        self.discovery.shutdown_server()
+        self.microservice.shutdown_server()
+        super().tearDown()
+
+    async def get_application(self):
+        """
+        Override the get_app method to return your application.
+        """
+        rest_service = ApiGatewayRestService(
+            address=self.config.rest.connection.host, port=self.config.rest.connection.port, config=self.config
+        )
+
+        return await rest_service.create_application()
+
+    @staticmethod
+    def check_allow_origin(
+        response, origin, *, allow_headers=DEFAULT_ALLOW_HEADERS, allow_methods=DEFAULT_ALLOW_METHODS,
+    ):
+        assert response.headers[ACCESS_CONTROL_ALLOW_ORIGIN] == origin
+        if allow_headers:
+            assert response.headers[ACCESS_CONTROL_ALLOW_HEADERS] == ", ".join(allow_headers)
+        if allow_methods:
+            assert response.headers[ACCESS_CONTROL_ALLOW_METHODS] == ", ".join(allow_methods)
+
+    @unittest_run_loop
+    async def test_cors_enabled(self):
+        method = "GET"
+        extra_headers = {}
+        expected_origin = "*"
+        expected_allow_headers = None
+        expected_allow_methods = None
+        url = "/order/5?verb=GET&path=12324"
+
+        kwargs = {}
+        if expected_allow_headers is not attr.NOTHING:
+            kwargs["allow_headers"] = expected_allow_headers
+        if expected_allow_methods is not attr.NOTHING:
+            kwargs["allow_methods"] = expected_allow_methods
+
+        self.check_allow_origin(
+            await self.client.request(method, url, headers={"Origin": self.TEST_ORIGIN, **extra_headers}),
+            expected_origin,
+            **kwargs,
+        )
+
+
 if __name__ == "__main__":
     unittest.main()
