fix: corrected is_authorized deserialization and tests

indykite · Feb 10, 2023 · f273e38 · f273e38
1 parent f3039bb
commit f273e38
Show file tree

Hide file tree

Showing 4 changed files with 26 additions and 27 deletions.
diff --git a/indykite_sdk/authorization/is_authorized.py b/indykite_sdk/authorization/is_authorized.py
@@ -2,6 +2,7 @@
 from indykite_sdk.indykite.identity.v1beta2 import identity_management_api_pb2 as pb2_ident
 from indykite_sdk.indykite.identity.v1beta2 import model_pb2 as model
 from indykite_sdk.indykite.objects.v1beta1 import struct_pb2 as pb2_struct
+from indykite_sdk.model.is_authorized import IsAuthorizedResponse
 import sys
 import indykite_sdk.utils.logger as logger
 
@@ -27,7 +28,7 @@ def is_authorized_digital_twin(self, digital_twin_id, tenant_id, resources=[], a
     if not response:
         return None
 
-    return response
+    return IsAuthorizedResponse.deserialize(response)
 
 
 def is_authorized_token(self, access_token, resources=[], actions=[]):
@@ -48,7 +49,7 @@ def is_authorized_token(self, access_token, resources=[], actions=[]):
     if not response:
         return None
 
-    return response
+    return IsAuthorizedResponse.deserialize(response)
 
 
 def is_authorized_property_filter(self, type_filter, value, resources=[], actions=[]):
@@ -72,7 +73,7 @@ def is_authorized_property_filter(self, type_filter, value, resources=[], action
     if not response:
         return None
 
-    return response
+    return IsAuthorizedResponse.deserialize(response)
 
 
 def request_resource(resources):

diff --git a/indykite_sdk/config/helper.py b/indykite_sdk/config/helper.py
@@ -21,7 +21,6 @@ def load_json(content):
 
 def create_agent_jwt(credentials):
     jwk = credentials.get('privateKeyJWK')
-    print(jwk)
     key = JsonWebKey.import_key(jwk)
     message = create_jwt_message(credentials)
     jwt_token = jwt.encode({
@@ -49,11 +48,9 @@ def get_int_from_datetime(dt):
 
 def create_property_mask(fields):
     props = []
-    print(fields)
     for f in fields:
         props.append(attributes.PropertyMask(definition=attributes.PropertyDefinition(property=f)))
 
-    # print(props)
     return props
 
 

diff --git a/indykite_sdk/model/is_authorized.py b/indykite_sdk/model/is_authorized.py
@@ -1,5 +1,5 @@
 from indykite_sdk.utils import timestamp_to_date
-from google.protobuf.json_format import MessageToDict
+from google.protobuf.json_format import MessageToJson, MessageToDict
 
 
 class IsAuthorizedResponse:
@@ -8,11 +8,14 @@ def deserialize(cls, message):
         if message is None:
             return None
 
-        is_authorized_response = IsAuthorizedResponse(
-            decision_time=timestamp_to_date(message.decision_time),
-            decisions=MessageToDict(message.decisions)
-        )
-
+        message_dict = MessageToDict(message, preserving_proto_field_name=True)
+        if message_dict and message_dict["decisions"]:
+            is_authorized_response = IsAuthorizedResponse(
+                decision_time=timestamp_to_date(message.decision_time),
+                decisions=message_dict["decisions"]
+            )
+        else:
+            is_authorized_response = IsAuthorizedResponse(decision_time=None, decisions={})
         return is_authorized_response
 
     def __init__(self, decision_time, decisions):
@@ -28,9 +31,13 @@ def __init__(self, id: any, label):
 
 
 class IsAuthorizedDecisions:
+    def __init__(self, decision, allow_action):
+        self.decision = decision
+        self.allow_action = allow_action
 
-    def __init__(self, id: any, label):
-        self.id = id
-        self.label = label
 
+class IsAuthorizedActions:
+    def __init__(self, action, is_allowed):
+        self.action = action
+        self.is_allowed = is_allowed
 
diff --git a/tests/test_is_authorized.py b/tests/test_is_authorized.py
@@ -1,7 +1,7 @@
 from indykite_sdk.authorization import AuthorizationClient
 from indykite_sdk.indykite.authorization.v1beta1 import authorization_service_pb2 as pb2
 from indykite_sdk.indykite.identity.v1beta2 import identity_management_api_pb2 as pb2_ident
-from indykite_sdk.model.is_authorized import IsAuthorizedResource
+from indykite_sdk.model.is_authorized import IsAuthorizedResource, IsAuthorizedResponse
 from indykite_sdk.indykite.identity.v1beta2 import model_pb2 as model
 from indykite_sdk.indykite.objects.v1beta1 import struct_pb2 as pb2_struct
 from helpers import data
@@ -29,6 +29,7 @@ def test_is_authorized_token_success():
     res = []
     for r in resources:
         res.append(pb2.IsAuthorizedRequest.Resource(id=r.id, label=r.label))
+
     digital_twin_identifier = pb2_ident.DigitalTwinIdentifier(
         access_token=str(access_token)
     )
@@ -40,6 +41,7 @@ def mocked_is_authorized(request: pb2.IsAuthorizedRequest):
     client.stub.IsAuthorized = mocked_is_authorized
     response = client.is_authorized_token(access_token, resources, actions)
     assert response is not None
+    assert isinstance(response, IsAuthorizedResponse)
 
 
 def test_is_authorized_token_empty():
@@ -105,13 +107,9 @@ def test_is_authorized_dt_success():
         )
     )
 
-    def mocked_is_authorized(request: pb2.IsAuthorizedRequest):
-        assert request.digital_twin_identifier == digital_twin_identifier
-        return pb2.IsAuthorizedResponse()
-
-    client.stub.IsAuthorized = mocked_is_authorized
     response = client.is_authorized_digital_twin(digital_twin_id, tenant_id, resources, actions)
     assert response is not None
+    assert isinstance(response, IsAuthorizedResponse)
 
 
 def test_is_authorized_dt_empty():
@@ -169,7 +167,7 @@ def test_is_authorized_property_success():
     assert client is not None
 
     type_filter = "email"
-    email_value = "sdk@indykite.com"
+    email_value = "test2000@example.com"
     resources = [IsAuthorizedResource("resourceID", "LabelName"), IsAuthorizedResource("resource2ID", "LabelName")]
     actions = ["ACTION"]
     digital_twin_identifier = pb2_ident.DigitalTwinIdentifier(
@@ -179,13 +177,9 @@ def test_is_authorized_property_success():
         )
     )
 
-    def mocked_is_authorized(request: pb2.IsAuthorizedRequest):
-        assert request.digital_twin_identifier == digital_twin_identifier
-        return pb2.IsAuthorizedResponse()
-
-    client.stub.IsAuthorized = mocked_is_authorized
     response = client.is_authorized_property_filter(type_filter, email_value, resources, actions)
     assert response is not None
+    assert isinstance(response, IsAuthorizedResponse)
 
 
 def test_is_authorized_property_empty():