saladeaula.digital/http-api/tests/test_auth.py

from layercake.dynamodb import DynamoDBCollection, DynamoDBPersistenceLayer

import auth as app
from auth import _parse_bearer_token

from .conftest import LambdaContext


def test_bearer_jwt(lambda_context: LambdaContext):
    # You should mock the Cognito user to pass the test
    app.get_user = lambda *args, **kwargs: {
        'sub': '58efed8d-d276-41a8-8502-4ab8b5a6415e',
        'name': 'pytest',
        'custom:user_id': '5OxmMjL-ujoR5IMGegQz',
    }
    event = {
        'headers': {
            'authorization': 'Bearer 3c51cdfd-d23e-47f9-8d7c-e3e31a432921',
        },
    }

    assert app.lambda_handler(event, lambda_context) == {
        'isAuthorized': True,
        'context': {
            'user': {
                'sub': '58efed8d-d276-41a8-8502-4ab8b5a6415e',
                'name': 'pytest',
                'custom:user_id': '5OxmMjL-ujoR5IMGegQz',
            }
        },
    }


def test_bearer_apikey(
    dynamodb_seeds,
    dynamodb_persistence_layer: DynamoDBPersistenceLayer,
    lambda_context: LambdaContext,
):
    app.collect = DynamoDBCollection(dynamodb_persistence_layer)

    event = {
        'headers': {
            'authorization': 'Bearer sk-MzI1MDQ0NTctZjEzMy00YzAwLTkzNmItNmFhNzEyY2E5ZjQw',
        }
    }
    # This data was added from seeds
    assert app.lambda_handler(event, lambda_context) == {
        'isAuthorized': True,
        'context': {
            'tenant': {
                'name': 'default',
                'id': '*',
            }
        },
    }

    # This data was added from seeds
    assert app.lambda_handler(
        {
            'headers': {
                'authorization': 'Bearer sk-abc',
            }
        },
        lambda_context,
    ) == {'isAuthorized': False}


def test_parse_bearer_token_api_key():
    bearer = _parse_bearer_token(
        'Bearer sk-35433970-6857-4062-bb43-f71683b2f68e',
    )

    assert bearer.token == '35433970-6857-4062-bb43-f71683b2f68e'  # type: ignore
    assert bearer.auth_type == 'API_KEY'  # type: ignore


def test_parse_bearer_token_user_token():
    bearer = _parse_bearer_token('Bearer d977f5a2-0302-4dd2-87c7-57414264d27a')

    assert bearer.token == 'd977f5a2-0302-4dd2-87c7-57414264d27a'  # type: ignore
    assert bearer.auth_type == 'USER_TOKEN'  # type: ignore