From dfd745ecbfa902eafd037103a0c63cfe47ad1d4e Mon Sep 17 00:00:00 2001 From: Lars Wirzenius Date: Sun, 16 Apr 2017 12:56:25 +0300 Subject: Change yarns to test authentication for requests --- yarns/100-hello.yarn | 10 +++++++--- yarns/900.yarn | 36 +++++++++++++++++++++++++++++++++--- yarns/lib.py | 20 ++++++++++++++++++-- 3 files changed, 58 insertions(+), 8 deletions(-) diff --git a/yarns/100-hello.yarn b/yarns/100-hello.yarn index 9d06262..ca26822 100644 --- a/yarns/100-hello.yarn +++ b/yarns/100-hello.yarn @@ -4,13 +4,17 @@ This scenario is just for making sure we can, in our tests, start and stop the backend, and make requests to it. SCENARIO backend smoke test - GIVEN a running backend instance + GIVEN a users.yaml with user admin, password foo, scopes get, put + AND a running backend instance - WHEN client makes request GET /version + WHEN user admin makes unauthenticated request GET /version + THEN HTTP status code is 401 + + WHEN user admin makes request GET /version THEN HTTP status code is 200 AND result matches { "version": "1.0" } - WHEN client makes request GET /blatherskite + WHEN user admin makes request GET /blatherskite THEN HTTP status code is 404 FINALLY stop backend instance diff --git a/yarns/900.yarn b/yarns/900.yarn index c7e81a0..5d11865 100644 --- a/yarns/900.yarn +++ b/yarns/900.yarn @@ -1,8 +1,24 @@ # Scenario step implementations + IMPLEMENTS GIVEN a users.yaml with user (\S+), password (\S+), scopes (.+) + username = get_next_match() + password = get_next_match() + scopes_string = get_next_match() + scopes = [s.strip() for s in scopes_string.split(',')] + user = { + 'salt': 'nacl', + 'password': distixapi.encrypt_password('nacl', password), + 'cleartext': password, + 'scopes': scopes, + } + users = load_users() + users['users'][username] = user + save_users(users) + IMPLEMENTS GIVEN a running backend instance backend = os.path.join(srcdir, 'distix-backend') - cliapp.runcmd(['/usr/sbin/daemonize', '-c.', backend, 'pid', 'port']) + cliapp.runcmd( + ['/usr/sbin/daemonize', '-c.', backend, 'pid', 'port', 'users.yaml']) vars['pid'] = cat('pid').strip() vars['port'] = cat('port').strip() @@ -11,8 +27,22 @@ print 'killing process', repr(vars['pid']) os.kill(int(vars['pid']), signal.SIGTERM) - IMPLEMENTS WHEN client makes request GET (\S+) - path = os.environ['MATCH_1'] + IMPLEMENTS WHEN user (\S+) makes request GET (\S+) + user = get_next_match() + path = get_next_match() + url = 'http://localhost:{}{}'.format(vars['port'], path) + print 'url:', repr(url) + users = load_users() + print repr(users) + password = users['users'][user]['cleartext'] + import requests + r = requests.get(url, auth=(user, password)) + vars['http-status'] = r.status_code + vars['http-body'] = r.text + + IMPLEMENTS WHEN user (\S+) makes unauthenticated request GET (\S+) + user = get_next_match() + path = get_next_match() url = 'http://localhost:{}{}'.format(vars['port'], path) print 'url:', repr(url) import requests diff --git a/yarns/lib.py b/yarns/lib.py index b7df3a7..502674e 100644 --- a/yarns/lib.py +++ b/yarns/lib.py @@ -1,15 +1,18 @@ import errno import os import time +import yaml import cliapp +from yarnutils import * -import yarnutils +import distixapi datadir = os.environ['DATADIR'] srcdir = os.environ['SRCDIR'] -vars = yarnutils.Variables(datadir) + +vars = Variables(datadir) MAX_CAT_TIME = 5 # seconds @@ -27,3 +30,16 @@ def cat(filename): continue raise raise Exception("cat took more then %s seconds" % MAX_CAT_TIME) + + +def load_users(): + if os.path.exists('users.yaml'): + with open('users.yaml') as f: + return yaml.safe_load(f) + return {'users': {}} + + +def save_users(users): + print 'saving', repr(users) + with open('users.yaml', 'w') as f: + yaml.safe_dump(users, stream=f) -- cgit v1.2.1