add better auth

2025-03-25 11:45:09 -03:00
parent 2218a6f867
commit 317c79cee2
11 changed files with 912 additions and 46 deletions
--- a/http-api/tests/routes/test_courses.py
+++ b/http-api/tests/routes/test_courses.py
@@ -18,19 +18,21 @@ def test_post_course(
        http_api_proxy(
            raw_path='/courses',
            method=HTTPMethod.POST,
+            headers={'Tenant': '*'},
            body={
                'course': {
                    'name': 'pytest',
                    'access_period': 365,
-                },
-                'org': {
-                    'id': '6RQuJ7koa9Gz4ZXTA4NeGR',
-                    'name': 'EDUSEG',
-                },
+                    'cert': {
+                        'exp_interval': 730,  # 2 years
+                    },
+                }
            },
        ),
        lambda_context,
    )

+    print(r)
+
    assert 'id' in json.loads(r['body'])
    assert r['statusCode'] == HTTPStatus.CREATED
--- a/http-api/tests/seeds.jsonl
+++ b/http-api/tests/seeds.jsonl
@@ -1,4 +1,5 @@
 {"id": {"S": "5OxmMjL-ujoR5IMGegQz"}, "sk": {"S": "0"}, "update_date": {"S": "2024-02-08T16:42:33.776409-03:00"}, "create_date": {"S": "2019-03-25T00:00:00-03:00"}, "email_verified": {"BOOL": true}, "cognito:sub": {"S": "58efed8d-d276-41a8-8502-4ab8b5a6415e"}, "cpf": {"S": "07879819908"}, "email": {"S": "sergio@somosbeta.com.br"}, "name": {"S": "S\u00e9rgio Rafael de Siqueira"}, "last_login": {"S": "2024-02-08T20:53:45.818126-03:00"}, "tenant:org_id": {"L": [{"S": "cJtK9SsnJhKPyxESe7g3DG"}, {"S": "edp8njvgQuzNkLx2ySNfAD"}, {"S": "8TVSi5oACLxTiT8ycKPmaQ"}]}}
 {"id": {"S": "5OxmMjL-ujoR5IMGegQz"}, "sk": {"S": "emails#sergio@somosbeta.com.br"}, "email_verified": {"BOOL": true}, "update_date": {"S": "2024-02-08T16:42:33.776409-03:00"}, "create_date": {"S": "2019-03-25T00:00:00-03:00"}, "email_primary": {"BOOL": true}, "mx_record_exists": {"BOOL": true}, "update_date": {"S": "2023-11-09T12:13:04.308986-03:00"}}
+{"id": {"S": "5OxmMjL-ujoR5IMGegQz"}, "sk": {"S": "acls#*"}, "create_date": {"S": "2022-06-13T15:00:24.309410-03:00"}, "roles": {"L": [{"S": "ADMIN"}]}}
 {"id": {"S": "logs#5OxmMjL-ujoR5IMGegQz"}, "sk": {"S": "2024-02-08T16:42:33.776409-03:00"}, "action": {"S": "OPEN_EMAIL"}}
 {"id": {"S": "logs#5OxmMjL-ujoR5IMGegQz"}, "sk": {"S": "2019-03-25T00:00:00-03:00"}, "action": {"S": "CLICK_EMAIL"}}
--- a/http-api/tests/test_auth.py
+++ b/http-api/tests/test_auth.py
@@ -1,17 +1,19 @@
 import auth as app
+from auth import _parse_bearer_token

 from .conftest import LambdaContext


-def test_bearer_jwt(lambda_context: LambdaContext):
+def test_bearer_jwt(lambda_context: LambdaContext, dynamodb_seeds):
+    # You should mock the Cognito user to pass the test
    app.get_user = lambda *args, **kwargs: {
        'sub': '58efed8d-d276-41a8-8502-4ab8b5a6415e',
        'name': 'pytest',
+        'custom:user_id': '5OxmMjL-ujoR5IMGegQz',
    }
-    bearer_token = 'eyJraWQiOiJiSkZaSlNkMjhIeUtJNEQ0bG84SlkxSzk5NEdSUGhYU3YwV1BNczZ3aGVzPSIsImFsZyI6IlJTMjU2In0.eyJzdWIiOiI1OGVmZWQ4ZC1kMjc2LTQxYTgtODUwMi00YWI4YjVhNjQxNWUiLCJldmVudF9pZCI6IjJhNjlmOWE5LWQ2N2MtNDU0Ny04YzJlLWU5N2U2YzI5MzY4YSIsInRva2VuX3VzZSI6ImFjY2VzcyIsInNjb3BlIjoiYXdzLmNvZ25pdG8uc2lnbmluLnVzZXIuYWRtaW4iLCJhdXRoX3RpbWUiOjE3NDIzOTMxNjMsImlzcyI6Imh0dHBzOlwvXC9jb2duaXRvLWlkcC5zYS1lYXN0LTEuYW1hem9uYXdzLmNvbVwvc2EtZWFzdC0xX3M2WW1WU2ZYaiIsImV4cCI6MTc0MjQzNzA4NywiaWF0IjoxNzQyNDMzNDg3LCJqdGkiOiJmNjQ2MTdhMy04MzY2LTQxZWUtOGU2MC04YTA3YzA2N2UzOTMiLCJjbGllbnRfaWQiOiJsZGZ2ZHZrdDZjbDIybjdwMzN2cXRzZjRqIiwidXNlcm5hbWUiOiI1OGVmZWQ4ZC1kMjc2LTQxYTgtODUwMi00YWI4YjVhNjQxNWUifQ.dRhCaEItKEBbzrl7b5Ndh2xI8YGCK8trfKRs6YsW0cdZ_lU59oLhfd1bXEUe-dPyUb3zzGM41bSVUKHZTTlaMx8QNq2U4HbtrgQuQ77yXkN_i8Ft0DpLJiOFtBJzdx-LDUU8CwfjgLNN9fSUyUfkPkCnssBug0fIVcUJpixadk19-7_LJ3_gCPxlpcWT3vCb3yQtY8DzpW4iFcbqBUt1i6XWMTQHfTNamqzaWQ7m6QarefWK1gfDxGmfRg5qQJCRYzsQXcCe3JXRy0BgErpKrVHeIx0Dz8DyOWy1s0hSmv6n9ZPrHOFj13LprS7XihEK9DFwq4usolBungPLRIs_Og'
    event = {
        'headers': {
-            'authorization': f'Bearer {bearer_token}',
+            'authorization': 'Bearer 3c51cdfd-d23e-47f9-8d7c-e3e31a432921',
        },
    }

@@ -21,6 +23,24 @@ def test_bearer_jwt(lambda_context: LambdaContext):
            'user': {
                'sub': '58efed8d-d276-41a8-8502-4ab8b5a6415e',
                'name': 'pytest',
+                'custom:user_id': '5OxmMjL-ujoR5IMGegQz',
            }
        },
    }
+
+
+def test_parse_bearer_token_api_key():
+    bearer = _parse_bearer_token(
+        'Bearer pptx-35433970-6857-4062-bb43-f71683b2f68e',
+        apikey_prefix='pptx',
+    )
+
+    assert bearer.token == '35433970-6857-4062-bb43-f71683b2f68e'  # type: ignore
+    assert bearer.auth_type == 'API_KEY'  # type: ignore
+
+
+def test_parse_bearer_token_user_token():
+    bearer = _parse_bearer_token('Bearer d977f5a2-0302-4dd2-87c7-57414264d27a')
+
+    assert bearer.token == 'd977f5a2-0302-4dd2-87c7-57414264d27a'  # type: ignore
+    assert bearer.auth_type == 'USER_TOKEN'  # type: ignore