diff --git a/tests/test_platform_django.py b/tests/test_platform_django.py index 6576ec2..ebbdb99 100644 --- a/tests/test_platform_django.py +++ b/tests/test_platform_django.py @@ -33,7 +33,7 @@ def test_django_auth( responses.add( responses.POST, "https://bento-auth.local/policy/evaluate", - json={"result": authz_res}, + json={"result": [[authz_res]]}, status=authz_code, ) r: JsonResponse = client.post( diff --git a/tests/test_platform_fastapi.py b/tests/test_platform_fastapi.py index 77f8a5b..1d8eccc 100644 --- a/tests/test_platform_fastapi.py +++ b/tests/test_platform_fastapi.py @@ -248,20 +248,20 @@ def test_fastapi_auth( aioresponse: aioresponses, fastapi_client_auth: TestClient, ): - aioresponse.post("https://bento-auth.local/policy/evaluate", status=authz_code, payload={"result": authz_res}) + aioresponse.post("https://bento-auth.local/policy/evaluate", status=authz_code, payload={"result": [[authz_res]]}) r = fastapi_client_auth.post( test_url, headers=(TEST_AUTHZ_HEADERS if inc_headers else {}), json=TEST_AUTHZ_VALID_POST_BODY) assert r.status_code == test_code def test_fastapi_auth_invalid_body(aioresponse: aioresponses, fastapi_client_auth: TestClient): - aioresponse.post("https://bento-auth.local/policy/evaluate", status=200, payload={"result": True}) + aioresponse.post("https://bento-auth.local/policy/evaluate", status=200, payload={"result": [[True]]}) r = fastapi_client_auth.post("/post-private", headers=TEST_AUTHZ_HEADERS, json={"test1": "a"}) assert r.status_code == 400 def test_fastapi_auth_500(aioresponse: aioresponses, fastapi_client_auth: TestClient): - aioresponse.post("https://bento-auth.local/policy/evaluate", status=200, payload={"result": True}) + aioresponse.post("https://bento-auth.local/policy/evaluate", status=200, payload={"result": [[True]]}) r = fastapi_client_auth.get("/get-500", headers=TEST_AUTHZ_HEADERS) assert r.status_code == 500 @@ -282,7 +282,7 @@ def test_fastapi_auth_options_call(aioresponse: aioresponses, fastapi_client_aut def test_fastapi_auth_post_with_token_in_body(aioresponse: aioresponses, fastapi_client_auth: TestClient): - aioresponse.post("https://bento-auth.local/policy/evaluate", status=200, payload={"result": True}) + aioresponse.post("https://bento-auth.local/policy/evaluate", status=200, payload={"result": [[True]]}) r = fastapi_client_auth.post("/post-with-token-in-body", json={"token": "test", "payload": "hello world"}) assert r.status_code == 200 assert r.text == '{"payload":"hello world"}' diff --git a/tests/test_platform_flask.py b/tests/test_platform_flask.py index 94e999b..f4ecf4a 100644 --- a/tests/test_platform_flask.py +++ b/tests/test_platform_flask.py @@ -114,6 +114,19 @@ def auth_post_with_token_in_body(): ) return jsonify({"payload": payload}) + @test_app_auth.route("/post-with-token-evaluate-one", methods=["POST"]) + def auth_post_with_token_evaluate_one(): + token = request.json["token"] + + auth_middleware.mark_authz_done(request) + return jsonify({"payload": auth_middleware.evaluate_one( + request, + PERMISSION_INGEST_DATA, + RESOURCE_EVERYTHING, + require_token=True, + headers_getter=(lambda _r: {"Authorization": f"Bearer {token}"}), + )}) + with test_app_auth.test_client() as client: yield client @@ -207,7 +220,7 @@ def test_flask_auth( responses.add( responses.POST, "https://bento-auth.local/policy/evaluate", - json={"result": authz_res}, + json={"result": [[authz_res]]}, status=authz_code, ) r = flask_client_auth.post( @@ -217,26 +230,34 @@ def test_flask_auth( @responses.activate def test_flask_auth_500(flask_client_auth: FlaskClient): - responses.add(responses.POST, "https://bento-auth.local/policy/evaluate", json={"result": True}, status=200) + responses.add(responses.POST, "https://bento-auth.local/policy/evaluate", json={"result": [[True]]}, status=200) r = flask_client_auth.get("/get-500", headers=TEST_AUTHZ_HEADERS) assert r.status_code == 500 @responses.activate def test_flask_auth_404(flask_client_auth: FlaskClient): - responses.add(responses.POST, "https://bento-auth.local/policy/evaluate", json={"result": True}, status=200) + responses.add(responses.POST, "https://bento-auth.local/policy/evaluate", json={"result": [[True]]}, status=200) r = flask_client_auth.get("/get-404", headers=TEST_AUTHZ_HEADERS) assert r.status_code == 404 @responses.activate def test_flask_auth_post_with_token_in_body(flask_client_auth: FlaskClient): - responses.add(responses.POST, "https://bento-auth.local/policy/evaluate", json={"result": True}, status=200) + responses.add(responses.POST, "https://bento-auth.local/policy/evaluate", json={"result": [[True]]}, status=200) r = flask_client_auth.post("/post-with-token-in-body", json={"token": "test", "payload": "hello world"}) assert r.status_code == 200 assert r.text == '{"payload":"hello world"}\n' +@responses.activate +def test_flask_auth_post_with_token_evaluate_one(flask_client_auth: FlaskClient): + responses.add(responses.POST, "https://bento-auth.local/policy/evaluate", json={"result": [[True]]}, status=200) + r = flask_client_auth.post("/post-with-token-evaluate-one", json={"token": "test"}) + assert r.status_code == 200 + assert r.text == '{"payload":true}\n' + + @responses.activate def test_flask_auth_disabled(flask_client_auth_disabled_with_middleware: tuple[FlaskClient, FlaskAuthMiddleware]): flask_client_auth_disabled, auth_middleware_disabled = flask_client_auth_disabled_with_middleware