tests for AuthenticationContext

2018-08-09 10:09:30 -04:00 · 2018-08-09 10:09:30 -04:00 · 855c0bc3c4
commit 855c0bc3c4
parent 4da814aaf4
2 changed files with 95 additions and 3 deletions
--- a/atst/domain/authnid/init.py
+++ b/atst/domain/authnid/init.py
@ -7,7 +7,9 @@ class AuthenticationContext():

    def __init__(self, crl_validator, auth_status, sdn, cert):
        if None in locals().values():
-            raise UnauthenticatedError("Missing required authentication context components")
+            raise UnauthenticatedError(
+                "Missing required authentication context components"
+            )

        self.crl_validator = crl_validator
        self.auth_status = auth_status
@ -15,7 +17,6 @@ class AuthenticationContext():
        self.cert = cert.encode()
        self._parsed_sdn = None

-
    def authenticate(self):
        if not self.auth_status == "SUCCESS":
            raise UnauthenticatedError("SSL/TLS client authentication failed")
@ -25,7 +26,6 @@ class AuthenticationContext():

        return True

-
    def get_user(self):
        try:
            return Users.get_by_dod_id(self.parsed_sdn["dod_id"])
--- a/tests/domain/authnid/test_authentication_context.py
+++ b/tests/domain/authnid/test_authentication_context.py
@ -0,0 +1,92 @@
+import pytest
+
+from atst.domain.authnid import AuthenticationContext
+from atst.domain.exceptions import UnauthenticatedError, NotFoundError
+from atst.domain.users import Users
+
+from tests.mocks import DOD_SDN_INFO, DOD_SDN, FIXTURE_EMAIL_ADDRESS
+from tests.factories import UserFactory
+
+CERT = open("tests/fixtures/{}.crt".format(FIXTURE_EMAIL_ADDRESS)).read()
+
+
+class MockCRLValidator():
+
+    def __init__(self, value):
+        self.value = value
+
+    def validate(self, cert):
+        return self.value
+
+
+def test_can_authenticate():
+    auth_context = AuthenticationContext(
+        MockCRLValidator(True), "SUCCESS", DOD_SDN, CERT
+    )
+    assert auth_context.authenticate()
+
+
+def test_unsuccessful_status():
+    auth_context = AuthenticationContext(
+        MockCRLValidator(True), "FAILURE", DOD_SDN, CERT
+    )
+    with pytest.raises(UnauthenticatedError) as excinfo:
+        assert auth_context.authenticate()
+
+    (message,) = excinfo.value.args
+    assert "client authentication" in message
+
+
+def test_crl_check_fails():
+    auth_context = AuthenticationContext(
+        MockCRLValidator(False), "SUCCESS", DOD_SDN, CERT
+    )
+    with pytest.raises(UnauthenticatedError) as excinfo:
+        assert auth_context.authenticate()
+
+    (message,) = excinfo.value.args
+    assert "CRL check" in message
+
+
+def test_bad_sdn():
+    auth_context = AuthenticationContext(
+        MockCRLValidator(True), "SUCCESS", "abc123", CERT
+    )
+    with pytest.raises(UnauthenticatedError) as excinfo:
+        auth_context.get_user()
+
+    (message,) = excinfo.value.args
+    assert "SDN" in message
+
+
+def test_user_exists():
+    user = UserFactory.create(**DOD_SDN_INFO)
+    auth_context = AuthenticationContext(
+        MockCRLValidator(True), "SUCCESS", DOD_SDN, CERT
+    )
+    auth_user = auth_context.get_user()
+
+    assert auth_user == user
+
+
+def test_creates_user():
+    # check user does not exist
+    with pytest.raises(NotFoundError):
+        Users.get_by_dod_id(DOD_SDN_INFO["dod_id"])
+
+    auth_context = AuthenticationContext(
+        MockCRLValidator(True), "SUCCESS", DOD_SDN, CERT
+    )
+    user = auth_context.get_user()
+    assert user.dod_id == DOD_SDN_INFO["dod_id"]
+    assert user.email == FIXTURE_EMAIL_ADDRESS
+
+
+def test_user_cert_has_no_email():
+    cert = open("ssl/client-certs/atat.mil.crt").read()
+    auth_context = AuthenticationContext(
+        MockCRLValidator(True), "SUCCESS", DOD_SDN, cert
+    )
+    user = auth_context.get_user()
+
+    assert user.email == None