From 915539866e88e17adb36a9e08817ba86adb07a4b Mon Sep 17 00:00:00 2001 From: Adam Dangoor Date: Sat, 29 Sep 2018 16:44:43 +0100 Subject: [PATCH 01/27] Show difference between mock and real --- tests/mock_vws/test_authorization_header.py | 23 +++++++++++++++++++++ 1 file changed, 23 insertions(+) diff --git a/tests/mock_vws/test_authorization_header.py b/tests/mock_vws/test_authorization_header.py index 841839c50..519ad45f7 100644 --- a/tests/mock_vws/test_authorization_header.py +++ b/tests/mock_vws/test_authorization_header.py @@ -17,6 +17,9 @@ assert_vws_failure, ) from tests.mock_vws.utils.authorization import rfc_1123_date +from mock_vws.database import VuforiaDatabase +from tests.mock_vws.utils import get_vws_target +import uuid @pytest.mark.usefixtures('verify_mock_vuforia') @@ -98,3 +101,23 @@ def test_incorrect(self, endpoint: Endpoint) -> None: status_code=codes.BAD_REQUEST, result_code=ResultCodes.FAIL, ) + + + def test_foobar( + self, + vuforia_database_keys: VuforiaDatabase, + ) -> None: + """ + """ + keys = vuforia_database_keys + keys.server_secret_key = b'example' + response = get_vws_target( + target_id=uuid.uuid4().hex, + vuforia_database_keys=keys, + ) + + assert_vws_failure( + response=response, + status_code=codes.UNAUTHORIZED, + result_code=ResultCodes.AUTHENTICATION_FAILURE, + ) From f1948d1409e36465d5a10f783d255f75383624ee Mon Sep 17 00:00:00 2001 From: Adam Dangoor Date: Sat, 29 Sep 2018 16:45:40 +0100 Subject: [PATCH 02/27] Stub for query difference --- tests/mock_vws/test_authorization_header.py | 21 ++++++++++++++++++++- 1 file changed, 20 insertions(+), 1 deletion(-) diff --git a/tests/mock_vws/test_authorization_header.py b/tests/mock_vws/test_authorization_header.py index 519ad45f7..a6bc21b3a 100644 --- a/tests/mock_vws/test_authorization_header.py +++ b/tests/mock_vws/test_authorization_header.py @@ -103,7 +103,26 @@ def test_incorrect(self, endpoint: Endpoint) -> None: ) - def test_foobar( + def test_bad_secret_key_services( + self, + vuforia_database_keys: VuforiaDatabase, + ) -> None: + """ + """ + keys = vuforia_database_keys + keys.server_secret_key = b'example' + response = get_vws_target( + target_id=uuid.uuid4().hex, + vuforia_database_keys=keys, + ) + + assert_vws_failure( + response=response, + status_code=codes.UNAUTHORIZED, + result_code=ResultCodes.AUTHENTICATION_FAILURE, + ) + + def test_bad_secret_key_query( self, vuforia_database_keys: VuforiaDatabase, ) -> None: From d920660f9ba8b7a885251279a63f4d31fe76763c Mon Sep 17 00:00:00 2001 From: Adam Dangoor Date: Sat, 29 Sep 2018 16:57:29 +0100 Subject: [PATCH 03/27] A different erroring test --- tests/mock_vws/test_authorization_header.py | 24 ++++++++++++--------- 1 file changed, 14 insertions(+), 10 deletions(-) diff --git a/tests/mock_vws/test_authorization_header.py b/tests/mock_vws/test_authorization_header.py index a6bc21b3a..274667b23 100644 --- a/tests/mock_vws/test_authorization_header.py +++ b/tests/mock_vws/test_authorization_header.py @@ -18,8 +18,9 @@ ) from tests.mock_vws.utils.authorization import rfc_1123_date from mock_vws.database import VuforiaDatabase -from tests.mock_vws.utils import get_vws_target +from tests.mock_vws.utils import get_vws_target, query import uuid +import io @pytest.mark.usefixtures('verify_mock_vuforia') @@ -66,9 +67,9 @@ def test_missing(self, endpoint: Endpoint) -> None: result_code=ResultCodes.AUTHENTICATION_FAILURE, ) - def test_incorrect(self, endpoint: Endpoint) -> None: + def test_malformed(self, endpoint: Endpoint) -> None: """ - If an incorrect `Authorization` header is given, a `BAD_REQUEST` + If a malformed `Authorization` header is given, a `BAD_REQUEST` response is given. """ date = rfc_1123_date() @@ -125,18 +126,21 @@ def test_bad_secret_key_services( def test_bad_secret_key_query( self, vuforia_database_keys: VuforiaDatabase, + high_quality_image: io.BytesIO, ) -> None: """ """ - keys = vuforia_database_keys - keys.server_secret_key = b'example' - response = get_vws_target( - target_id=uuid.uuid4().hex, - vuforia_database_keys=keys, + vuforia_database_keys.client_secret_key = b'example' + image_content = high_quality_image.getvalue() + body = {'image': ('image.jpeg', image_content, 'image/jpeg')} + + response = query( + vuforia_database_keys=vuforia_database_keys, + body=body, ) - assert_vws_failure( + assert_vwq_failure( response=response, status_code=codes.UNAUTHORIZED, - result_code=ResultCodes.AUTHENTICATION_FAILURE, + content_type='application/json', ) From d1d8e36e07e114782f48d7a2cd5adc89f5dfbe63 Mon Sep 17 00:00:00 2001 From: Adam Dangoor Date: Sat, 29 Sep 2018 17:18:53 +0100 Subject: [PATCH 04/27] Add docstrings --- tests/mock_vws/test_authorization_header.py | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/tests/mock_vws/test_authorization_header.py b/tests/mock_vws/test_authorization_header.py index 274667b23..6a3654f31 100644 --- a/tests/mock_vws/test_authorization_header.py +++ b/tests/mock_vws/test_authorization_header.py @@ -109,6 +109,8 @@ def test_bad_secret_key_services( vuforia_database_keys: VuforiaDatabase, ) -> None: """ + If the server secret key given is incorrect, an + ``AuthenticationFailure`` response is returned. """ keys = vuforia_database_keys keys.server_secret_key = b'example' @@ -129,6 +131,8 @@ def test_bad_secret_key_query( high_quality_image: io.BytesIO, ) -> None: """ + If the client secret key given is incorrect, an + ``UNAUTHORIZED`` response is returned. """ vuforia_database_keys.client_secret_key = b'example' image_content = high_quality_image.getvalue() From 759194f4d4977ffc2351a8b4506905e7c7a02ead Mon Sep 17 00:00:00 2001 From: Adam Dangoor Date: Sat, 29 Sep 2018 18:49:57 +0100 Subject: [PATCH 05/27] Passing tests on real --- tests/mock_vws/test_authorization_header.py | 45 +++++++++++++++++++++ 1 file changed, 45 insertions(+) diff --git a/tests/mock_vws/test_authorization_header.py b/tests/mock_vws/test_authorization_header.py index 6a3654f31..77d8d9b24 100644 --- a/tests/mock_vws/test_authorization_header.py +++ b/tests/mock_vws/test_authorization_header.py @@ -104,6 +104,51 @@ def test_malformed(self, endpoint: Endpoint) -> None: ) + def test_bad_access_key_services( + self, + vuforia_database_keys: VuforiaDatabase, + ) -> None: + """ + If the server access key given does not match any database, a + ``Fail`` response is returned. + """ + keys = vuforia_database_keys + keys.server_access_key = b'example' + response = get_vws_target( + target_id=uuid.uuid4().hex, + vuforia_database_keys=keys, + ) + + assert_vws_failure( + response=response, + status_code=codes.BAD_REQUEST, + result_code=ResultCodes.FAIL, + ) + + def test_bad_access_key_query( + self, + vuforia_database_keys: VuforiaDatabase, + high_quality_image: io.BytesIO, + ) -> None: + """ + If the client access key given is incorrect, an + ``UNAUTHORIZED`` response is returned. + """ + vuforia_database_keys.client_access_key = b'example' + image_content = high_quality_image.getvalue() + body = {'image': ('image.jpeg', image_content, 'image/jpeg')} + + response = query( + vuforia_database_keys=vuforia_database_keys, + body=body, + ) + + assert_vwq_failure( + response=response, + status_code=codes.UNAUTHORIZED, + content_type='application/json', + ) + def test_bad_secret_key_services( self, vuforia_database_keys: VuforiaDatabase, From 72cbd3c6965ef38f43a55d4acb5ce76aa82ea8cf Mon Sep 17 00:00:00 2001 From: Adam Dangoor Date: Sat, 29 Sep 2018 18:53:11 +0100 Subject: [PATCH 06/27] Progress --- tests/conftest.py | 16 ++++++++-------- tests/mock_vws/test_authorization_header.py | 11 ++++++++++- 2 files changed, 18 insertions(+), 9 deletions(-) diff --git a/tests/conftest.py b/tests/conftest.py index d6bd6bd64..e4214a714 100644 --- a/tests/conftest.py +++ b/tests/conftest.py @@ -168,14 +168,14 @@ def verify_mock_vuforia( @pytest.fixture( params=[ '_add_target', - '_database_summary', - '_delete_target', - '_get_duplicates', - '_get_target', - '_target_list', - '_target_summary', - '_update_target', - '_query', + # '_database_summary', + # '_delete_target', + # '_get_duplicates', + # '_get_target', + # '_target_list', + # '_target_summary', + # '_update_target', + # '_query', ], ) def endpoint(request: SubRequest) -> Endpoint: diff --git a/tests/mock_vws/test_authorization_header.py b/tests/mock_vws/test_authorization_header.py index 77d8d9b24..8cbcceceb 100644 --- a/tests/mock_vws/test_authorization_header.py +++ b/tests/mock_vws/test_authorization_header.py @@ -67,7 +67,16 @@ def test_missing(self, endpoint: Endpoint) -> None: result_code=ResultCodes.AUTHENTICATION_FAILURE, ) - def test_malformed(self, endpoint: Endpoint) -> None: + @pytest.mark.parametrize('authorization_string', [ + 'gibberish', + 'VWS foo:bar', + 'VWS foobar', + ]) + def test_malformed( + self, + endpoint: Endpoint, + authorization_string: str, + ) -> None: """ If a malformed `Authorization` header is given, a `BAD_REQUEST` response is given. From 91416064f3b5eb12b13d0d62d80c551e9ef6a00c Mon Sep 17 00:00:00 2001 From: Adam Dangoor Date: Sat, 29 Sep 2018 19:07:04 +0100 Subject: [PATCH 07/27] Progress --- tests/conftest.py | 4 ++-- tests/mock_vws/test_authorization_header.py | 5 +++-- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/tests/conftest.py b/tests/conftest.py index e4214a714..b96bbb086 100644 --- a/tests/conftest.py +++ b/tests/conftest.py @@ -167,7 +167,7 @@ def verify_mock_vuforia( @pytest.fixture( params=[ - '_add_target', + # '_add_target', # '_database_summary', # '_delete_target', # '_get_duplicates', @@ -175,7 +175,7 @@ def verify_mock_vuforia( # '_target_list', # '_target_summary', # '_update_target', - # '_query', + '_query', ], ) def endpoint(request: SubRequest) -> Endpoint: diff --git a/tests/mock_vws/test_authorization_header.py b/tests/mock_vws/test_authorization_header.py index 8cbcceceb..27bbf29c4 100644 --- a/tests/mock_vws/test_authorization_header.py +++ b/tests/mock_vws/test_authorization_header.py @@ -69,8 +69,9 @@ def test_missing(self, endpoint: Endpoint) -> None: @pytest.mark.parametrize('authorization_string', [ 'gibberish', - 'VWS foo:bar', + # 'VWS foo:bar', 'VWS foobar', + # 'VWS 4b4d86a7705d6a05f6f34622d42b857c3611d9a7:0MObK1V6QOIiOgpcIXxSVxL0dR8=', ]) def test_malformed( self, @@ -85,7 +86,7 @@ def test_malformed( headers: Dict[str, Union[str, bytes]] = { **endpoint.prepared_request.headers, - 'Authorization': 'gibberish', + 'Authorization': authorization_string, 'Date': date, } From d9f8d98a8fb1cfca18ef783606fc00b9fd1459de Mon Sep 17 00:00:00 2001 From: Adam Dangoor Date: Sat, 29 Sep 2018 19:18:59 +0100 Subject: [PATCH 08/27] Progress --- tests/conftest.py | 4 +- tests/mock_vws/test_authorization_header.py | 56 ++++++++++++++++++--- 2 files changed, 52 insertions(+), 8 deletions(-) diff --git a/tests/conftest.py b/tests/conftest.py index b96bbb086..e4214a714 100644 --- a/tests/conftest.py +++ b/tests/conftest.py @@ -167,7 +167,7 @@ def verify_mock_vuforia( @pytest.fixture( params=[ - # '_add_target', + '_add_target', # '_database_summary', # '_delete_target', # '_get_duplicates', @@ -175,7 +175,7 @@ def verify_mock_vuforia( # '_target_list', # '_target_summary', # '_update_target', - '_query', + # '_query', ], ) def endpoint(request: SubRequest) -> Endpoint: diff --git a/tests/mock_vws/test_authorization_header.py b/tests/mock_vws/test_authorization_header.py index 27bbf29c4..fd97e0b4c 100644 --- a/tests/mock_vws/test_authorization_header.py +++ b/tests/mock_vws/test_authorization_header.py @@ -67,20 +67,59 @@ def test_missing(self, endpoint: Endpoint) -> None: result_code=ResultCodes.AUTHENTICATION_FAILURE, ) + +@pytest.mark.usefixtures('verify_mock_vuforia') +class TestMalformed: + """ + Tests for passing a malformed ``Authorization`` header. + """ + def test_not_start_with_vws(self, endpoint: Endpoint) -> None: + """ + XXX + """ + date = rfc_1123_date() + + headers: Dict[str, Union[str, bytes]] = { + **endpoint.prepared_request.headers, + 'Authorization': authorization_string, + 'Date': date, + } + + endpoint.prepared_request.headers = CaseInsensitiveDict(data=headers) + session = requests.Session() + response = session.send( # type: ignore + request=endpoint.prepared_request, + ) + + url = str(endpoint.prepared_request.url) + netloc = urlparse(url).netloc + if netloc == 'cloudreco.vuforia.com': + assert_vwq_failure( + response=response, + status_code=codes.UNAUTHORIZED, + content_type='text/plain; charset=ISO-8859-1', + ) + assert response.text == 'Malformed authorization header.' + return + + assert_vws_failure( + response=response, + status_code=codes.BAD_REQUEST, + result_code=ResultCodes.FAIL, + ) + @pytest.mark.parametrize('authorization_string', [ - 'gibberish', - # 'VWS foo:bar', + 'VWS foobar:', 'VWS foobar', - # 'VWS 4b4d86a7705d6a05f6f34622d42b857c3611d9a7:0MObK1V6QOIiOgpcIXxSVxL0dR8=', ]) - def test_malformed( + def test_missing_signature( self, endpoint: Endpoint, authorization_string: str, ) -> None: """ - If a malformed `Authorization` header is given, a `BAD_REQUEST` - response is given. + If a signature is missing `Authorization` header is given, a + ``BAD_REQUEST`` response is given. """ date = rfc_1123_date() @@ -114,6 +153,11 @@ def test_malformed( ) +@pytest.mark.usefixtures('verify_mock_vuforia') +class TestBadKey: + """ + Tests for making requests with incorrect keys. + """ def test_bad_access_key_services( self, vuforia_database_keys: VuforiaDatabase, From 5a3b6dc5496b6de7c261ce1bb7c1a993f10a5b1c Mon Sep 17 00:00:00 2001 From: Adam Dangoor Date: Sat, 29 Sep 2018 19:19:52 +0100 Subject: [PATCH 09/27] Progress --- tests/mock_vws/test_authorization_header.py | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/mock_vws/test_authorization_header.py b/tests/mock_vws/test_authorization_header.py index fd97e0b4c..921f73ecb 100644 --- a/tests/mock_vws/test_authorization_header.py +++ b/tests/mock_vws/test_authorization_header.py @@ -77,6 +77,7 @@ def test_not_start_with_vws(self, endpoint: Endpoint) -> None: """ XXX """ + authorization_string = 'gibberish' date = rfc_1123_date() headers: Dict[str, Union[str, bytes]] = { From d31e271a8f0a5d2bf9e69b4f6a4ee0041c29888e Mon Sep 17 00:00:00 2001 From: Adam Dangoor Date: Sat, 29 Sep 2018 19:20:01 +0100 Subject: [PATCH 10/27] Progress --- tests/conftest.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/conftest.py b/tests/conftest.py index e4214a714..b96bbb086 100644 --- a/tests/conftest.py +++ b/tests/conftest.py @@ -167,7 +167,7 @@ def verify_mock_vuforia( @pytest.fixture( params=[ - '_add_target', + # '_add_target', # '_database_summary', # '_delete_target', # '_get_duplicates', @@ -175,7 +175,7 @@ def verify_mock_vuforia( # '_target_list', # '_target_summary', # '_update_target', - # '_query', + '_query', ], ) def endpoint(request: SubRequest) -> Endpoint: From 6fb88bfd69ba9b195e354148ecb6f551e59bbd6b Mon Sep 17 00:00:00 2001 From: Adam Dangoor Date: Sat, 29 Sep 2018 19:21:07 +0100 Subject: [PATCH 11/27] Progress --- tests/mock_vws/test_authorization_header.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/mock_vws/test_authorization_header.py b/tests/mock_vws/test_authorization_header.py index 921f73ecb..892ea18ee 100644 --- a/tests/mock_vws/test_authorization_header.py +++ b/tests/mock_vws/test_authorization_header.py @@ -141,8 +141,8 @@ def test_missing_signature( if netloc == 'cloudreco.vuforia.com': assert_vwq_failure( response=response, - status_code=codes.UNAUTHORIZED, - content_type='text/plain; charset=ISO-8859-1', + status_code=codes.INTERNAL_SERVER_ERROR, + content_type='text/html; charset=ISO-8859-1', ) assert response.text == 'Malformed authorization header.' return From 5795d4b522d4cb0dfbe53d3b0209fc162c470e9c Mon Sep 17 00:00:00 2001 From: Adam Dangoor Date: Sat, 29 Sep 2018 19:34:44 +0100 Subject: [PATCH 12/27] Progress --- tests/conftest.py | 4 ++-- tests/mock_vws/test_authorization_header.py | 15 ++++++++++++--- 2 files changed, 14 insertions(+), 5 deletions(-) diff --git a/tests/conftest.py b/tests/conftest.py index b96bbb086..e4214a714 100644 --- a/tests/conftest.py +++ b/tests/conftest.py @@ -167,7 +167,7 @@ def verify_mock_vuforia( @pytest.fixture( params=[ - # '_add_target', + '_add_target', # '_database_summary', # '_delete_target', # '_get_duplicates', @@ -175,7 +175,7 @@ def verify_mock_vuforia( # '_target_list', # '_target_summary', # '_update_target', - '_query', + # '_query', ], ) def endpoint(request: SubRequest) -> Endpoint: diff --git a/tests/mock_vws/test_authorization_header.py b/tests/mock_vws/test_authorization_header.py index 892ea18ee..ec8812a1f 100644 --- a/tests/mock_vws/test_authorization_header.py +++ b/tests/mock_vws/test_authorization_header.py @@ -73,11 +73,19 @@ class TestMalformed: """ Tests for passing a malformed ``Authorization`` header. """ - def test_not_start_with_vws(self, endpoint: Endpoint) -> None: + + @pytest.mark.parametrize('authorization_string', [ + 'gibberish', + 'VWS', + ]) + def test_one_part( + self, + endpoint: Endpoint, + authorization_string: str, + ) -> None: """ XXX """ - authorization_string = 'gibberish' date = rfc_1123_date() headers: Dict[str, Union[str, bytes]] = { @@ -144,7 +152,8 @@ def test_missing_signature( status_code=codes.INTERNAL_SERVER_ERROR, content_type='text/html; charset=ISO-8859-1', ) - assert response.text == 'Malformed authorization header.' + # TODO + # assert response.text == 'Malformed authorization header.' return assert_vws_failure( From 464d702b9c0f096e7abfbd709b351276ebf4034a Mon Sep 17 00:00:00 2001 From: Adam Dangoor Date: Sat, 29 Sep 2018 19:36:38 +0100 Subject: [PATCH 13/27] Progress --- tests/conftest.py | 4 ++-- tests/mock_vws/test_authorization_header.py | 1 + 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/tests/conftest.py b/tests/conftest.py index e4214a714..b96bbb086 100644 --- a/tests/conftest.py +++ b/tests/conftest.py @@ -167,7 +167,7 @@ def verify_mock_vuforia( @pytest.fixture( params=[ - '_add_target', + # '_add_target', # '_database_summary', # '_delete_target', # '_get_duplicates', @@ -175,7 +175,7 @@ def verify_mock_vuforia( # '_target_list', # '_target_summary', # '_update_target', - # '_query', + '_query', ], ) def endpoint(request: SubRequest) -> Endpoint: diff --git a/tests/mock_vws/test_authorization_header.py b/tests/mock_vws/test_authorization_header.py index ec8812a1f..555fd252c 100644 --- a/tests/mock_vws/test_authorization_header.py +++ b/tests/mock_vws/test_authorization_header.py @@ -77,6 +77,7 @@ class TestMalformed: @pytest.mark.parametrize('authorization_string', [ 'gibberish', 'VWS', + 'VWS ', ]) def test_one_part( self, From 23204e73e79a8db26a693e20940f7e4b4b3a86b4 Mon Sep 17 00:00:00 2001 From: Adam Dangoor Date: Sat, 29 Sep 2018 20:06:04 +0100 Subject: [PATCH 14/27] Add query out of bounds response --- .../resources/query_out_of_bounds_response | 34 +++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 src/mock_vws/resources/query_out_of_bounds_response diff --git a/src/mock_vws/resources/query_out_of_bounds_response b/src/mock_vws/resources/query_out_of_bounds_response new file mode 100644 index 000000000..7a97a1674 --- /dev/null +++ b/src/mock_vws/resources/query_out_of_bounds_response @@ -0,0 +1,34 @@ + + + +Error 500 Server Error + +

HTTP ERROR 500

+

Problem accessing /v1/query. Reason: +

    Server Error

Caused by:

java.lang.ArrayIndexOutOfBoundsException: 1
+	at com.kooaba.queryservice.auth.KWSAuthFilter.doFilter(KWSAuthFilter.java:81)
+	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1652)
+	at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:585)
+	at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143)
+	at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:577)
+	at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:223)
+	at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1127)
+	at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:515)
+	at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:185)
+	at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1061)
+	at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141)
+	at org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:215)
+	at org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:110)
+	at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:97)
+	at org.eclipse.jetty.server.Server.handle(Server.java:497)
+	at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:310)
+	at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:257)
+	at org.eclipse.jetty.io.AbstractConnection$2.run(AbstractConnection.java:540)
+	at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:635)
+	at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:555)
+	at java.lang.Thread.run(Thread.java:748)
+
+
Powered by Jetty://
+ + + From 625ff3fd55e9e1382ca3e4c614714871bea76127 Mon Sep 17 00:00:00 2001 From: Adam Dangoor Date: Sun, 30 Sep 2018 00:39:49 +0100 Subject: [PATCH 15/27] Progress --- src/mock_vws/_query_validators/auth_validators.py | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/src/mock_vws/_query_validators/auth_validators.py b/src/mock_vws/_query_validators/auth_validators.py index f26f28604..f24075955 100644 --- a/src/mock_vws/_query_validators/auth_validators.py +++ b/src/mock_vws/_query_validators/auth_validators.py @@ -69,7 +69,11 @@ def validate_auth_header_number_of_parts( request, context = args header = request.headers['Authorization'] - parts = header.split(' ') + if isinstance(header, bytes): + parts = header.split(b' ') + else isinstance(header, str): + parts = header.split(' ') + if len(parts) == 2 and parts[1]: return wrapped(*args, **kwargs) @@ -105,8 +109,12 @@ def validate_auth_header_has_signature( request, context = args header = request.headers['Authorization'] - if header.count(':') == 1 and header.split(':')[1]: - return wrapped(*args, **kwargs) + if isinstance(header, str): + if header.count(':') == 1 and header.split(':')[1]: + return wrapped(*args, **kwargs) + else isinstance(header, bytes): + if header.count(b':') == 1 and header.split(b':')[1]: + return wrapped(*args, **kwargs) context.status_code = codes.INTERNAL_SERVER_ERROR current_parent = Path(__file__).parent From 0b5dfc6b9a7eafe8ff4ed005786b30fad6edc2aa Mon Sep 17 00:00:00 2001 From: Adam Dangoor Date: Sun, 30 Sep 2018 00:40:38 +0100 Subject: [PATCH 16/27] Progress --- .../resources/query_out_of_bounds_response | 34 ------------------- 1 file changed, 34 deletions(-) delete mode 100644 src/mock_vws/resources/query_out_of_bounds_response diff --git a/src/mock_vws/resources/query_out_of_bounds_response b/src/mock_vws/resources/query_out_of_bounds_response deleted file mode 100644 index 7a97a1674..000000000 --- a/src/mock_vws/resources/query_out_of_bounds_response +++ /dev/null @@ -1,34 +0,0 @@ - - - -Error 500 Server Error - -

HTTP ERROR 500

-

Problem accessing /v1/query. Reason: -

    Server Error

Caused by:

java.lang.ArrayIndexOutOfBoundsException: 1
-	at com.kooaba.queryservice.auth.KWSAuthFilter.doFilter(KWSAuthFilter.java:81)
-	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1652)
-	at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:585)
-	at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143)
-	at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:577)
-	at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:223)
-	at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1127)
-	at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:515)
-	at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:185)
-	at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1061)
-	at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141)
-	at org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:215)
-	at org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:110)
-	at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:97)
-	at org.eclipse.jetty.server.Server.handle(Server.java:497)
-	at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:310)
-	at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:257)
-	at org.eclipse.jetty.io.AbstractConnection$2.run(AbstractConnection.java:540)
-	at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:635)
-	at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:555)
-	at java.lang.Thread.run(Thread.java:748)
-
-
Powered by Jetty://
- - - From b5fe3ac46123df18312326766df16b42882bdf51 Mon Sep 17 00:00:00 2001 From: Adam Dangoor Date: Sun, 30 Sep 2018 00:43:20 +0100 Subject: [PATCH 17/27] Progress --- .../_query_validators/auth_validators.py | 21 +++++++++++-------- tests/mock_vws/test_authorization_header.py | 10 ++++----- 2 files changed, 17 insertions(+), 14 deletions(-) diff --git a/src/mock_vws/_query_validators/auth_validators.py b/src/mock_vws/_query_validators/auth_validators.py index f24075955..1e2cf6cd0 100644 --- a/src/mock_vws/_query_validators/auth_validators.py +++ b/src/mock_vws/_query_validators/auth_validators.py @@ -69,10 +69,12 @@ def validate_auth_header_number_of_parts( request, context = args header = request.headers['Authorization'] - if isinstance(header, bytes): - parts = header.split(b' ') - else isinstance(header, str): - parts = header.split(' ') + if isinstance(header, str): + divider = ' ' + else: + divider = b' ' + + parts = header.split(divider) if len(parts) == 2 and parts[1]: return wrapped(*args, **kwargs) @@ -110,11 +112,12 @@ def validate_auth_header_has_signature( header = request.headers['Authorization'] if isinstance(header, str): - if header.count(':') == 1 and header.split(':')[1]: - return wrapped(*args, **kwargs) - else isinstance(header, bytes): - if header.count(b':') == 1 and header.split(b':')[1]: - return wrapped(*args, **kwargs) + divider = ':' + else: + divider = b':' + + if header.count(divider) == 1 and header.split(divider)[1]: + return wrapped(*args, **kwargs) context.status_code = codes.INTERNAL_SERVER_ERROR current_parent = Path(__file__).parent diff --git a/tests/mock_vws/test_authorization_header.py b/tests/mock_vws/test_authorization_header.py index 0aa7f7c89..86a510616 100644 --- a/tests/mock_vws/test_authorization_header.py +++ b/tests/mock_vws/test_authorization_header.py @@ -2,6 +2,8 @@ Tests for the `Authorization` header. """ +import io +import uuid from pathlib import Path from typing import Dict, Union from urllib.parse import urlparse @@ -12,16 +14,13 @@ from requests.structures import CaseInsensitiveDict from mock_vws._constants import ResultCodes -from tests.mock_vws.utils import Endpoint +from mock_vws.database import VuforiaDatabase +from tests.mock_vws.utils import Endpoint, get_vws_target, query from tests.mock_vws.utils.assertions import ( assert_vwq_failure, assert_vws_failure, ) from tests.mock_vws.utils.authorization import rfc_1123_date -from mock_vws.database import VuforiaDatabase -from tests.mock_vws.utils import get_vws_target, query -import uuid -import io @pytest.mark.usefixtures('verify_mock_vuforia') @@ -184,6 +183,7 @@ class TestBadKey: """ Tests for making requests with incorrect keys. """ + def test_bad_access_key_services( self, vuforia_database: VuforiaDatabase, From 01f128d6975ed30673bf9a23dae81c0eaa8e0223 Mon Sep 17 00:00:00 2001 From: Adam Dangoor Date: Sun, 30 Sep 2018 15:12:28 +0100 Subject: [PATCH 18/27] Progress --- src/mock_vws/_mock_web_query_api.py | 2 ++ .../_query_validators/auth_validators.py | 34 +++++++++++++++++++ tests/mock_vws/test_authorization_header.py | 1 + 3 files changed, 37 insertions(+) diff --git a/src/mock_vws/_mock_web_query_api.py b/src/mock_vws/_mock_web_query_api.py index 7eb33fd76..585eb7eac 100644 --- a/src/mock_vws/_mock_web_query_api.py +++ b/src/mock_vws/_mock_web_query_api.py @@ -42,6 +42,7 @@ validate_auth_header_has_signature, validate_auth_header_number_of_parts, validate_authorization, + validate_client_key_exists, ) from ._query_validators.date_validators import ( validate_date_format, @@ -105,6 +106,7 @@ def decorator(method: Callable[..., str]) -> Callable[..., str]: validate_accept_header, validate_project_state, validate_authorization, + validate_client_key_exists, validate_auth_header_has_signature, validate_auth_header_number_of_parts, validate_auth_header_exists, diff --git a/src/mock_vws/_query_validators/auth_validators.py b/src/mock_vws/_query_validators/auth_validators.py index 9fb1c3b2b..490179c45 100644 --- a/src/mock_vws/_query_validators/auth_validators.py +++ b/src/mock_vws/_query_validators/auth_validators.py @@ -81,6 +81,40 @@ def validate_auth_header_number_of_parts( return text +@wrapt.decorator +def validate_client_key_exists( + wrapped: Callable[..., str], + instance: Any, # pylint: disable=unused-argument + args: Tuple[_RequestObjectProxy, _Context], + kwargs: Dict, +) -> str: + """ + Validate the authorization header includes a client key for a database. + + Args: + wrapped: An endpoint function for `requests_mock`. + instance: The class that the endpoint function is in. + args: The arguments given to the endpoint function. + kwargs: The keyword arguments given to the endpoint function. + + Returns: + The result of calling the endpoint. + An ``UNAUTHORIZED`` FOOBAR. + """ + request, context = args + + header = request.headers['Authorization'] + first_part, signature = header.split(b':') + _, access_key = first_part.split(b' ') + for database in instance.databases: + if access_key == database.client_access_key: + return wrapped(*args, **kwargs) + + context.status_code = codes.UNAUTHORIZED + context.headers['WWW-Authenticate'] = 'VWS' + return 'foo' + + @wrapt.decorator def validate_auth_header_has_signature( wrapped: Callable[..., str], diff --git a/tests/mock_vws/test_authorization_header.py b/tests/mock_vws/test_authorization_header.py index 58cd97e11..b42f12fe1 100644 --- a/tests/mock_vws/test_authorization_header.py +++ b/tests/mock_vws/test_authorization_header.py @@ -228,6 +228,7 @@ def test_bad_access_key_query( status_code=codes.UNAUTHORIZED, content_type='application/json', ) + assert response.text == 'Malformed authorization header.' def test_bad_secret_key_services( self, From 07b2e7dd8b038fc888fd60e08505dc3e1b33341d Mon Sep 17 00:00:00 2001 From: Adam Dangoor Date: Sun, 30 Sep 2018 15:17:01 +0100 Subject: [PATCH 19/27] Progress --- tests/mock_vws/test_authorization_header.py | 18 +++++++++++++++++- 1 file changed, 17 insertions(+), 1 deletion(-) diff --git a/tests/mock_vws/test_authorization_header.py b/tests/mock_vws/test_authorization_header.py index b42f12fe1..6d6696cdd 100644 --- a/tests/mock_vws/test_authorization_header.py +++ b/tests/mock_vws/test_authorization_header.py @@ -17,6 +17,8 @@ from mock_vws.database import VuforiaDatabase from tests.mock_vws.utils import Endpoint, get_vws_target, query from tests.mock_vws.utils.assertions import ( + assert_valid_date_header, + assert_valid_transaction_id, assert_vwq_failure, assert_vws_failure, ) @@ -228,7 +230,21 @@ def test_bad_access_key_query( status_code=codes.UNAUTHORIZED, content_type='application/json', ) - assert response.text == 'Malformed authorization header.' + + assert response.json().keys() == {'transaction_id', 'result_code'} + assert_valid_transaction_id(response=response) + assert_valid_date_header(response=response) + result_code = response.json()['result_code'] + transaction_id = response.json()['transaction_id'] + assert result_code == ResultCodes.AUTHENTICATION_FAILURE.value + # The separators are inconsistent and we test this. + expected_text = ( + '{"transaction_id":' + f'"{transaction_id}",' + f'"result_code":"{result_code}"' + '}' + ) + assert response.text == expected_text def test_bad_secret_key_services( self, From 5cb859eb5306d85db28fd8356f7e415a42d26563 Mon Sep 17 00:00:00 2001 From: Adam Dangoor Date: Sun, 30 Sep 2018 15:19:15 +0100 Subject: [PATCH 20/27] Fixing one test --- src/mock_vws/_query_validators/auth_validators.py | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/src/mock_vws/_query_validators/auth_validators.py b/src/mock_vws/_query_validators/auth_validators.py index 490179c45..1ab59e169 100644 --- a/src/mock_vws/_query_validators/auth_validators.py +++ b/src/mock_vws/_query_validators/auth_validators.py @@ -2,6 +2,7 @@ Authorization validators to use in the mock query API. """ +import uuid from pathlib import Path from typing import Any, Callable, Dict, Tuple @@ -10,6 +11,7 @@ from requests_mock.request import _RequestObjectProxy from requests_mock.response import _Context +from .._constants import ResultCodes from .._mock_common import get_database_matching_client_keys @@ -112,7 +114,15 @@ def validate_client_key_exists( context.status_code = codes.UNAUTHORIZED context.headers['WWW-Authenticate'] = 'VWS' - return 'foo' + transaction_id = uuid.uuid4().hex + result_code = ResultCodes.AUTHENTICATION_FAILURE.value + text = ( + '{"transaction_id":' + f'"{transaction_id}",' + f'"result_code":"{result_code}"' + '}' + ) + return text @wrapt.decorator From ceb681d5de60a7b329334c84729f370dcc36de44 Mon Sep 17 00:00:00 2001 From: Adam Dangoor Date: Sun, 30 Sep 2018 16:19:25 +0100 Subject: [PATCH 21/27] Remove unnecessary changes --- tests/conftest.py | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/tests/conftest.py b/tests/conftest.py index 527b741ca..fb4054900 100644 --- a/tests/conftest.py +++ b/tests/conftest.py @@ -159,14 +159,14 @@ def verify_mock_vuforia( @pytest.fixture( params=[ - # '_add_target', - # '_database_summary', - # '_delete_target', - # '_get_duplicates', - # '_get_target', - # '_target_list', - # '_target_summary', - # '_update_target', + '_add_target', + '_database_summary', + '_delete_target', + '_get_duplicates', + '_get_target', + '_target_list', + '_target_summary', + '_update_target', '_query', ], ) From 4715e4394535b001f3d5967cb25b4b7fe9b8713e Mon Sep 17 00:00:00 2001 From: Adam Dangoor Date: Sun, 30 Sep 2018 20:52:48 +0100 Subject: [PATCH 22/27] One more passing test --- src/mock_vws/_query_validators/auth_validators.py | 11 ++++++++--- tests/mock_vws/test_authorization_header.py | 15 +++++++++++++++ 2 files changed, 23 insertions(+), 3 deletions(-) diff --git a/src/mock_vws/_query_validators/auth_validators.py b/src/mock_vws/_query_validators/auth_validators.py index 1ab59e169..54c8e3d34 100644 --- a/src/mock_vws/_query_validators/auth_validators.py +++ b/src/mock_vws/_query_validators/auth_validators.py @@ -195,8 +195,13 @@ def validate_authorization( return wrapped(*args, **kwargs) context.status_code = codes.UNAUTHORIZED - text = 'Malformed authorization header.' - content_type = 'text/plain; charset=ISO-8859-1' - context.headers['Content-Type'] = content_type context.headers['WWW-Authenticate'] = 'VWS' + transaction_id = uuid.uuid4().hex + result_code = ResultCodes.AUTHENTICATION_FAILURE.value + text = ( + '{"transaction_id":' + f'"{transaction_id}",' + f'"result_code":"{result_code}"' + '}' + ) return text diff --git a/tests/mock_vws/test_authorization_header.py b/tests/mock_vws/test_authorization_header.py index 6d6696cdd..82d16d82a 100644 --- a/tests/mock_vws/test_authorization_header.py +++ b/tests/mock_vws/test_authorization_header.py @@ -290,3 +290,18 @@ def test_bad_secret_key_query( status_code=codes.UNAUTHORIZED, content_type='application/json', ) + + assert response.json().keys() == {'transaction_id', 'result_code'} + assert_valid_transaction_id(response=response) + assert_valid_date_header(response=response) + result_code = response.json()['result_code'] + transaction_id = response.json()['transaction_id'] + assert result_code == ResultCodes.AUTHENTICATION_FAILURE.value + # The separators are inconsistent and we test this. + expected_text = ( + '{"transaction_id":' + f'"{transaction_id}",' + f'"result_code":"{result_code}"' + '}' + ) + assert response.text == expected_text From 4552b678583806d4a90e3eafa9fe13dad8143375 Mon Sep 17 00:00:00 2001 From: Adam Dangoor Date: Sun, 30 Sep 2018 20:54:51 +0100 Subject: [PATCH 23/27] Comment out part done code --- .../_services_validators/auth_validators.py | 1 + tests/mock_vws/test_authorization_header.py | 40 +++++++++---------- 2 files changed, 21 insertions(+), 20 deletions(-) diff --git a/src/mock_vws/_services_validators/auth_validators.py b/src/mock_vws/_services_validators/auth_validators.py index 1b2f3b173..bfda92d38 100644 --- a/src/mock_vws/_services_validators/auth_validators.py +++ b/src/mock_vws/_services_validators/auth_validators.py @@ -78,6 +78,7 @@ def validate_authorization( if database is not None: return wrapped(*args, **kwargs) + import pdb; pdb.set_trace() context.status_code = codes.BAD_REQUEST body = { 'transaction_id': uuid.uuid4().hex, diff --git a/tests/mock_vws/test_authorization_header.py b/tests/mock_vws/test_authorization_header.py index 82d16d82a..82a9d7be5 100644 --- a/tests/mock_vws/test_authorization_header.py +++ b/tests/mock_vws/test_authorization_header.py @@ -246,26 +246,26 @@ def test_bad_access_key_query( ) assert response.text == expected_text - def test_bad_secret_key_services( - self, - vuforia_database: VuforiaDatabase, - ) -> None: - """ - If the server secret key given is incorrect, an - ``AuthenticationFailure`` response is returned. - """ - keys = vuforia_database - keys.server_secret_key = b'example' - response = get_vws_target( - target_id=uuid.uuid4().hex, - vuforia_database=keys, - ) - - assert_vws_failure( - response=response, - status_code=codes.UNAUTHORIZED, - result_code=ResultCodes.AUTHENTICATION_FAILURE, - ) + # def test_bad_secret_key_services( + # self, + # vuforia_database: VuforiaDatabase, + # ) -> None: + # """ + # If the server secret key given is incorrect, an + # ``AuthenticationFailure`` response is returned. + # """ + # keys = vuforia_database + # keys.server_secret_key = b'example' + # response = get_vws_target( + # target_id=uuid.uuid4().hex, + # vuforia_database=keys, + # ) + # + # assert_vws_failure( + # response=response, + # status_code=codes.UNAUTHORIZED, + # result_code=ResultCodes.AUTHENTICATION_FAILURE, + # ) def test_bad_secret_key_query( self, From d44383ece746d94d0d64bdc381d1b0700e89ae9b Mon Sep 17 00:00:00 2001 From: Adam Dangoor Date: Tue, 2 Oct 2018 00:00:39 +0100 Subject: [PATCH 24/27] Uncomment code --- tests/mock_vws/test_authorization_header.py | 40 ++++++++++----------- 1 file changed, 20 insertions(+), 20 deletions(-) diff --git a/tests/mock_vws/test_authorization_header.py b/tests/mock_vws/test_authorization_header.py index 82a9d7be5..82d16d82a 100644 --- a/tests/mock_vws/test_authorization_header.py +++ b/tests/mock_vws/test_authorization_header.py @@ -246,26 +246,26 @@ def test_bad_access_key_query( ) assert response.text == expected_text - # def test_bad_secret_key_services( - # self, - # vuforia_database: VuforiaDatabase, - # ) -> None: - # """ - # If the server secret key given is incorrect, an - # ``AuthenticationFailure`` response is returned. - # """ - # keys = vuforia_database - # keys.server_secret_key = b'example' - # response = get_vws_target( - # target_id=uuid.uuid4().hex, - # vuforia_database=keys, - # ) - # - # assert_vws_failure( - # response=response, - # status_code=codes.UNAUTHORIZED, - # result_code=ResultCodes.AUTHENTICATION_FAILURE, - # ) + def test_bad_secret_key_services( + self, + vuforia_database: VuforiaDatabase, + ) -> None: + """ + If the server secret key given is incorrect, an + ``AuthenticationFailure`` response is returned. + """ + keys = vuforia_database + keys.server_secret_key = b'example' + response = get_vws_target( + target_id=uuid.uuid4().hex, + vuforia_database=keys, + ) + + assert_vws_failure( + response=response, + status_code=codes.UNAUTHORIZED, + result_code=ResultCodes.AUTHENTICATION_FAILURE, + ) def test_bad_secret_key_query( self, From 80dd1b7c4510f2f1d7ebbda72bc4d1a781bb6298 Mon Sep 17 00:00:00 2001 From: Adam Dangoor Date: Tue, 2 Oct 2018 00:19:56 +0100 Subject: [PATCH 25/27] Tests working for server keys [skip ci] --- src/mock_vws/_mock_web_services_api.py | 4 + .../_query_validators/auth_validators.py | 2 +- .../_services_validators/auth_validators.py | 76 ++++++++++++++++++- 3 files changed, 78 insertions(+), 4 deletions(-) diff --git a/src/mock_vws/_mock_web_services_api.py b/src/mock_vws/_mock_web_services_api.py index 0aa8c6cbe..709fcf6de 100644 --- a/src/mock_vws/_mock_web_services_api.py +++ b/src/mock_vws/_mock_web_services_api.py @@ -43,6 +43,8 @@ validate_width, ) from ._services_validators.auth_validators import ( + validate_access_key_exists, + validate_auth_header_has_signature, validate_auth_header_exists, validate_authorization, ) @@ -222,6 +224,8 @@ def decorator(method: Callable[..., str]) -> Callable[..., str]: ] common_decorators = [ + validate_access_key_exists, + validate_auth_header_has_signature, validate_auth_header_exists, set_content_length_header, update_request_count, diff --git a/src/mock_vws/_query_validators/auth_validators.py b/src/mock_vws/_query_validators/auth_validators.py index b2341e97f..ad3ed394e 100644 --- a/src/mock_vws/_query_validators/auth_validators.py +++ b/src/mock_vws/_query_validators/auth_validators.py @@ -101,7 +101,7 @@ def validate_client_key_exists( Returns: The result of calling the endpoint. - An ``UNAUTHORIZED`` FOOBAR. + An ``UNAUTHORIZED`` response if the client key is unknown. """ request, context = args diff --git a/src/mock_vws/_services_validators/auth_validators.py b/src/mock_vws/_services_validators/auth_validators.py index bfda92d38..f80293550 100644 --- a/src/mock_vws/_services_validators/auth_validators.py +++ b/src/mock_vws/_services_validators/auth_validators.py @@ -46,6 +46,77 @@ def validate_auth_header_exists( } return json_dump(body) +@wrapt.decorator +def validate_access_key_exists( + wrapped: Callable[..., str], + instance: Any, + args: Tuple[_RequestObjectProxy, _Context], + kwargs: Dict, +) -> str: + """ + Validate the authorization header includes a client key for a database. + + Args: + wrapped: An endpoint function for `requests_mock`. + instance: The class that the endpoint function is in. + args: The arguments given to the endpoint function. + kwargs: The keyword arguments given to the endpoint function. + + Returns: + The result of calling the endpoint. + An ``UNAUTHORIZED`` response if the client key is unknown. + """ + request, context = args + + header = request.headers['Authorization'] + first_part, _ = header.split(b':') + _, access_key = first_part.split(b' ') + for database in instance.databases: + if access_key == database.server_access_key: + return wrapped(*args, **kwargs) + + context.status_code = codes.BAD_REQUEST + + body = { + 'transaction_id': uuid.uuid4().hex, + 'result_code': ResultCodes.FAIL.value, + } + return json_dump(body) + + +@wrapt.decorator +def validate_auth_header_has_signature( + wrapped: Callable[..., str], + instance: Any, # pylint: disable=unused-argument + args: Tuple[_RequestObjectProxy, _Context], + kwargs: Dict, +) -> str: + """ + Validate the authorization header includes a signature. + + Args: + wrapped: An endpoint function for `requests_mock`. + instance: The class that the endpoint function is in. + args: The arguments given to the endpoint function. + kwargs: The keyword arguments given to the endpoint function. + + Returns: + The result of calling the endpoint. + An ``UNAUTHORIZED`` response if the "Authorization" header is not as + expected. + """ + request, context = args + + header = request.headers['Authorization'] + if header.count(b':') == 1 and header.split(b':')[1]: + return wrapped(*args, **kwargs) + + context.status_code = codes.BAD_REQUEST + body = { + 'transaction_id': uuid.uuid4().hex, + 'result_code': ResultCodes.FAIL.value, + } + return json_dump(body) @wrapt.decorator def validate_authorization( @@ -78,10 +149,9 @@ def validate_authorization( if database is not None: return wrapped(*args, **kwargs) - import pdb; pdb.set_trace() - context.status_code = codes.BAD_REQUEST + context.status_code = codes.UNAUTHORIZED body = { 'transaction_id': uuid.uuid4().hex, - 'result_code': ResultCodes.FAIL.value, + 'result_code': ResultCodes.AUTHENTICATION_FAILURE.value, } return json_dump(body) From cb20e6e4485ffce0128e6f011cfd06516296062f Mon Sep 17 00:00:00 2001 From: Adam Dangoor Date: Tue, 2 Oct 2018 00:20:38 +0100 Subject: [PATCH 26/27] Empty for CI [skip ci] --- src/mock_vws/_mock_web_services_api.py | 2 +- src/mock_vws/_services_validators/auth_validators.py | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/src/mock_vws/_mock_web_services_api.py b/src/mock_vws/_mock_web_services_api.py index 709fcf6de..cb9d8f060 100644 --- a/src/mock_vws/_mock_web_services_api.py +++ b/src/mock_vws/_mock_web_services_api.py @@ -44,8 +44,8 @@ ) from ._services_validators.auth_validators import ( validate_access_key_exists, - validate_auth_header_has_signature, validate_auth_header_exists, + validate_auth_header_has_signature, validate_authorization, ) from ._services_validators.date_validators import ( diff --git a/src/mock_vws/_services_validators/auth_validators.py b/src/mock_vws/_services_validators/auth_validators.py index f80293550..712881b15 100644 --- a/src/mock_vws/_services_validators/auth_validators.py +++ b/src/mock_vws/_services_validators/auth_validators.py @@ -46,6 +46,7 @@ def validate_auth_header_exists( } return json_dump(body) + @wrapt.decorator def validate_access_key_exists( wrapped: Callable[..., str], @@ -118,6 +119,7 @@ def validate_auth_header_has_signature( } return json_dump(body) + @wrapt.decorator def validate_authorization( wrapped: Callable[..., str], From 8685237c5307c65d3e2a519d354d6b3dfa9cdf7e Mon Sep 17 00:00:00 2001 From: Adam Dangoor Date: Tue, 2 Oct 2018 00:31:26 +0100 Subject: [PATCH 27/27] Improve docstrings [skip ci] --- src/mock_vws/_services_validators/auth_validators.py | 4 ++-- tests/mock_vws/test_usage.py | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/src/mock_vws/_services_validators/auth_validators.py b/src/mock_vws/_services_validators/auth_validators.py index 712881b15..fd524294c 100644 --- a/src/mock_vws/_services_validators/auth_validators.py +++ b/src/mock_vws/_services_validators/auth_validators.py @@ -55,7 +55,7 @@ def validate_access_key_exists( kwargs: Dict, ) -> str: """ - Validate the authorization header includes a client key for a database. + Validate the authorization header includes an access key for a database. Args: wrapped: An endpoint function for `requests_mock`. @@ -65,7 +65,7 @@ def validate_access_key_exists( Returns: The result of calling the endpoint. - An ``UNAUTHORIZED`` response if the client key is unknown. + An ``UNAUTHORIZED`` response if the access key is unknown. """ request, context = args diff --git a/tests/mock_vws/test_usage.py b/tests/mock_vws/test_usage.py index 567d99fa9..90a1cd8e5 100644 --- a/tests/mock_vws/test_usage.py +++ b/tests/mock_vws/test_usage.py @@ -54,7 +54,7 @@ def request_mocked_address() -> None: url='https://vws.vuforia.com/summary', headers={ 'Date': rfc_1123_date(), - 'Authorization': 'bad_auth_token', + 'Authorization': b'bad_auth_token', }, data=b'', )