Add FIRETEXT_INBOUND_SMS_AUTH config variable and auth check

Checks authentication header value on inbound SMS requests from Firetext against a list of allowed API keys set in the application config. At the moment, we're only logging the attempts without aborting the requests. Once this is rolled out to production and we've checked the logs we'll switch on the aborts and add the tests for 401 and 403 responses.
2026-01-31 23:26:23 -05:00 · 2017-11-20 12:25:01 +00:00
parent 22ec134668
commit 5e53d781e0
4 changed files with 19 additions and 5 deletions
--- a/tests/app/test_cloudfoundry_config.py
+++ b/tests/app/test_cloudfoundry_config.py
@@ -17,6 +17,7 @@ def notify_config():
            'secret_key': 'secret key',
            'dangerous_salt': 'dangerous salt',
            'allow_ip_inbound_sms': ['111.111.111.111', '100.100.100.100'],
+            'firetext_inbound_sms_auth': ['testkey'],
            'route_secret_key_1': "key_1",
            'route_secret_key_2': ""
        }
@@ -211,6 +212,13 @@ def test_sms_inbound_config():
    assert os.environ['SMS_INBOUND_WHITELIST'] == json.dumps(['111.111.111.111', '100.100.100.100'])


+@pytest.mark.usefixtures('os_environ', 'cloudfoundry_environ')
+def test_firetext_inbound_sms_auth_config():
+    extract_cloudfoundry_config()
+
+    assert os.environ['FIRETEXT_INBOUND_SMS_AUTH'] == json.dumps(['testkey'])
+
+
@pytest.mark.usefixtures('os_environ', 'cloudfoundry_environ')
 def test_performance_platform_config():
    extract_cloudfoundry_config()