1
0
mirror of https://github.com/laurivosandi/certidude synced 2024-12-22 16:25:17 +00:00

Use Falcon framework testing modules

This commit is contained in:
Lauri Võsandi 2017-04-25 13:52:10 +03:00
parent d54982daed
commit 108b6ebfaf

View File

@ -1,15 +1,22 @@
import os import os
import requests import requests
from falcon import testing
from click.testing import CliRunner from click.testing import CliRunner
from certidude.cli import entry_point as cli from certidude.cli import entry_point as cli
from datetime import datetime, timedelta from datetime import datetime, timedelta
from cryptography.hazmat.primitives import hashes, serialization from cryptography.hazmat.primitives import hashes, serialization
from cryptography.x509.oid import NameOID from cryptography.x509.oid import NameOID
import thread import pytest
from xattr import setxattr from xattr import setxattr
runner = CliRunner() runner = CliRunner()
@pytest.fixture(scope='module')
def client():
from certidude.api import certidude_app
return testing.TestClient(certidude_app())
def test_cli_setup_authority(): def test_cli_setup_authority():
result = runner.invoke(cli, ['setup', 'authority']) result = runner.invoke(cli, ['setup', 'authority'])
assert not result.exception assert not result.exception
@ -21,7 +28,9 @@ def test_cli_setup_authority():
assert authority.ca_cert.not_valid_before < datetime.now() assert authority.ca_cert.not_valid_before < datetime.now()
assert authority.ca_cert.not_valid_after > datetime.now() + timedelta(days=7000) assert authority.ca_cert.not_valid_after > datetime.now() + timedelta(days=7000)
thread.start_new_thread(runner.invoke, (cli, ['serve', '-p', '8080'])) # Try starting up forked server
result = runner.invoke(cli, ['serve', '-f', '-p', '8080'])
assert not result.exception
from cryptography import x509 from cryptography import x509
from cryptography.hazmat.primitives.asymmetric import rsa, padding from cryptography.hazmat.primitives.asymmetric import rsa, padding
@ -39,7 +48,7 @@ def test_cli_setup_authority():
csr.sign(key, hashes.SHA256(), default_backend()).public_bytes(serialization.Encoding.PEM)) csr.sign(key, hashes.SHA256(), default_backend()).public_bytes(serialization.Encoding.PEM))
# Check that we can retrieve empty CRL # Check that we can retrieve empty CRL
r = requests.get("http://localhost:8080/api/revoked") r = client().simulate_get("/api/revoked/")
assert r.status_code == 200 assert r.status_code == 200
result = runner.invoke(cli, ['list', '-srv']) result = runner.invoke(cli, ['list', '-srv'])
@ -62,43 +71,43 @@ def test_cli_setup_authority():
# Test CA certificate fetch # Test CA certificate fetch
r = requests.get("http://localhost:8080/api/certificate") r = client().simulate_get("/api/certificate")
assert r.status_code == 200 assert r.status_code == 200
assert r.headers.get('content-type') == "application/x-x509-ca-cert" assert r.headers.get('content-type') == "application/x-x509-ca-cert"
# Test signed certificate API call # Test signed certificate API call
r = requests.get("http://localhost:8080/api/signed/test2") r = client().simulate_get("/api/signed/test2")
assert r.status_code == 200 assert r.status_code == 200
assert r.headers.get('content-type') == "application/x-pem-file" assert r.headers.get('content-type') == "application/x-pem-file"
r = requests.get("http://localhost:8080/api/signed/test2", headers={"Accept":"application/json"}) r = client().simulate_get("/api/signed/test2", headers={"Accept":"application/json"})
assert r.status_code == 200 assert r.status_code == 200
assert r.headers.get('content-type') == "application/json" assert r.headers.get('content-type') == "application/json"
# Test revocations API call # Test revocations API call
r = requests.get("http://localhost:8080/api/revoked") r = client().simulate_get("/api/revoked")
assert r.status_code == 200 assert r.status_code == 200
assert r.headers.get('content-type') == "application/x-pkcs7-crl" assert r.headers.get('content-type') == "application/x-pkcs7-crl"
r = requests.get("http://localhost:8080/api/revoked", r = client().simulate_get("/api/revoked",
headers={"Accept":"application/x-pem-file"}) headers={"Accept":"application/x-pem-file"})
assert r.status_code == 200 assert r.status_code == 200
assert r.headers.get('content-type') == "application/x-pem-file" assert r.headers.get('content-type') == "application/x-pem-file"
# Test attribute fetching API call # Test attribute fetching API call
r = requests.get("http://localhost:8080/api/signed/test2/attr/") r = client().simulate_get("/api/signed/test2/attr/")
assert r.status_code == 403 assert r.status_code == 403
path, _, _ = authority.get_signed("test2") path, _, _ = authority.get_signed("test2")
setxattr(path, "user.lease.address", b"127.0.0.1") setxattr(path, "user.lease.address", b"127.0.0.1")
r = requests.get("http://localhost:8080/api/signed/test2/attr/") r = client().simulate_get("/api/signed/test2/attr/")
assert r.status_code == 200 assert r.status_code == 200
# Tags should not be visible anonymously # Tags should not be visible anonymously
r = requests.get("http://localhost:8080/api/signed/test2/tag/") r = client().simulate_get("/api/signed/test2/tag/")
assert r.status_code == 401 assert r.status_code == 401
@ -108,3 +117,6 @@ def test_cli_setup_authority():
result = runner.invoke(cli, ['revoke', 'test3']) result = runner.invoke(cli, ['revoke', 'test3'])
assert not result.exception assert not result.exception