datatracker/ietf/api/tests_ietf_utils.py at patch-1 · Reality2byte/datatracker · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
# Copyright The IETF Trust 2025, All Rights Reserved

from django.test import RequestFactory
from django.test.utils import override_settings

from ietf.api.ietf_utils import is_valid_token, requires_api_token
from ietf.utils.test_utils import TestCase


class IetfUtilsTests(TestCase):
    @override_settings(
        APP_API_TOKENS={
            "ietf.api.foobar": ["valid-token"],
            "ietf.api.misconfigured": "valid-token",  # misconfigured
        }
    )
    def test_is_valid_token(self):
        self.assertFalse(is_valid_token("ietf.fake.endpoint", "valid-token"))
        self.assertFalse(is_valid_token("ietf.api.foobar", "invalid-token"))
        self.assertFalse(is_valid_token("ietf.api.foobar", None))
        self.assertTrue(is_valid_token("ietf.api.foobar", "valid-token"))

        # misconfiguration
        self.assertFalse(is_valid_token("ietf.api.misconfigured", "v"))
        self.assertFalse(is_valid_token("ietf.api.misconfigured", None))
        self.assertTrue(is_valid_token("ietf.api.misconfigured", "valid-token"))

    @override_settings(
        APP_API_TOKENS={
            "ietf.api.foo": ["valid-token"],
            "ietf.api.bar": ["another-token"],
            "ietf.api.misconfigured": "valid-token",  # misconfigured
        }
    )
    def test_requires_api_token(self):
        @requires_api_token("ietf.api.foo")
        def protected_function(request):
            return f"Access granted: {request.method}"

        # request with a valid token
        request = RequestFactory().get(
            "/some/url", headers={"X_API_KEY": "valid-token"}
        )
        result = protected_function(request)
        self.assertEqual(result, "Access granted: GET")

        # request with an invalid token
        request = RequestFactory().get(
            "/some/url", headers={"X_API_KEY": "invalid-token"}
        )
        result = protected_function(request)
        self.assertEqual(result.status_code, 403)

        # request without a token
        request = RequestFactory().get("/some/url", headers={"X_API_KEY": ""})
        result = protected_function(request)
        self.assertEqual(result.status_code, 403)

        # request without a X_API_KEY token
        request = RequestFactory().get("/some/url")
        result = protected_function(request)
        self.assertEqual(result.status_code, 403)

        # request with a valid token for another API endpoint
        request = RequestFactory().get(
            "/some/url", headers={"X_API_KEY": "another-token"}
        )
        result = protected_function(request)
        self.assertEqual(result.status_code, 403)

        # requests for a misconfigured endpoint
        @requires_api_token("ietf.api.misconfigured")
        def another_protected_function(request):
            return f"Access granted: {request.method}"

        # request with valid token
        request = RequestFactory().get(
            "/some/url", headers={"X_API_KEY": "valid-token"}
        )
        result = another_protected_function(request)
        self.assertEqual(result, "Access granted: GET")

        # request with invalid token with the correct initial character
        request = RequestFactory().get("/some/url", headers={"X_API_KEY": "v"})
        result = another_protected_function(request)
        self.assertEqual(result.status_code, 403)