Allow for multiple api keys for a service.

2026-02-01 15:46:07 -05:00 · 2016-01-19 18:25:21 +00:00
parent 811e7c1bec
commit 1db57dca8c
7 changed files with 80 additions and 40 deletions
--- a/tests/app/authentication/test_authentication.py
+++ b/tests/app/authentication/test_authentication.py
@@ -1,7 +1,8 @@
 from client.authentication import create_jwt_token
 from flask import json, url_for

-from app.dao.api_key_dao import get_unsigned_secret
+from app.dao.api_key_dao import get_unsigned_secrets, save_model_api_key
+from app.models import ApiKey


 def test_should_not_allow_request_with_no_token(notify_api):
@@ -23,7 +24,7 @@ def test_should_not_allow_request_with_incorrect_header(notify_api):
            assert data['error'] == 'Unauthorized, authentication bearer scheme must be used'


-def test_should_not_allow_request_with_incorrect_token(notify_api):
+def test_should_not_allow_request_with_incorrect_token(notify_api, notify_db, notify_db_session, sample_api_key):
    with notify_api.test_request_context():
        with notify_api.test_client() as client:
            response = client.get(url_for('service.get_service'),
@@ -38,7 +39,7 @@ def test_should_not_allow_incorrect_path(notify_api, notify_db, notify_db_sessio
        with notify_api.test_client() as client:
            token = create_jwt_token(request_method="GET",
                                     request_path="/bad",
-                                     secret=get_unsigned_secret(sample_api_key.service_id),
+                                     secret=get_unsigned_secrets(sample_api_key.service_id)[0],
                                     client_id=sample_api_key.service_id)
            response = client.get(url_for('service.get_service'),
                                  headers={'Authorization': "Bearer {}".format(token)})
@@ -79,6 +80,18 @@ def test_should_allow_valid_token(notify_api, notify_db, notify_db_session, samp
            assert response.status_code == 200


+def test_should_allow_valid_token_when_service_has_multiple_keys(notify_api, notify_db, notify_db_session,
+                                                                 sample_api_key):
+    with notify_api.test_request_context():
+        with notify_api.test_client() as client:
+            data = {'service_id': sample_api_key.service_id, 'name': 'some key name'}
+            api_key = ApiKey(**data)
+            save_model_api_key(api_key)
+            token = __create_get_token(sample_api_key.service_id)
+            response = client.get(url_for('service.get_service'),
+                                  headers={'Authorization': 'Bearer {}'.format(token)})
+            assert response.status_code == 200
+
 JSON_BODY = json.dumps({
    'name': 'new name'
 })
@@ -118,7 +131,7 @@ def test_should_not_allow_valid_token_with_invalid_post_body(notify_api, notify_
 def __create_get_token(service_id):
    return create_jwt_token(request_method="GET",
                            request_path=url_for('service.get_service'),
-                            secret=get_unsigned_secret(service_id),
+                            secret=get_unsigned_secrets(service_id)[0],
                            client_id=service_id)


@@ -126,7 +139,7 @@ def __create_post_token(service_id, request_body):
    return create_jwt_token(
        request_method="POST",
        request_path=url_for('service.create_service'),
-        secret=get_unsigned_secret(service_id),
+        secret=get_unsigned_secrets(service_id)[0],
        client_id=service_id,
        request_body=request_body
    )