2023-11-07 10:47:24 +01:00
|
|
|
from fastapi.testclient import TestClient
|
2026-03-05 16:07:08 +01:00
|
|
|
from pydantic import SecretStr
|
2023-11-07 10:47:24 +01:00
|
|
|
from tailscalesd.main import Settings, app, get_settings
|
|
|
|
|
|
|
|
|
|
client = TestClient(app)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def get_settings_override() -> Settings:
|
2024-07-17 09:48:30 +02:00
|
|
|
return Settings(
|
|
|
|
|
test_mode=True,
|
|
|
|
|
tailnet="test",
|
2026-03-05 16:07:08 +01:00
|
|
|
client_id=SecretStr("test"),
|
|
|
|
|
client_secret=SecretStr("test"),
|
|
|
|
|
bearer_token=SecretStr("test"),
|
2024-07-17 09:48:30 +02:00
|
|
|
)
|
2023-11-07 10:47:24 +01:00
|
|
|
|
|
|
|
|
|
|
|
|
|
app.dependency_overrides[get_settings] = get_settings_override
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def test_auth_works():
|
|
|
|
|
response = client.get("/", headers={"Authorization": "Bearer test"})
|
|
|
|
|
assert response.status_code == 200
|
|
|
|
|
assert response.json() == []
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def test_unauthorized_wrong_token():
|
|
|
|
|
response = client.get("/", headers={"Authorization": "Bearer incorrect_token"})
|
|
|
|
|
assert response.status_code == 401
|
|
|
|
|
assert response.json() == {"detail": "Invalid authentication credentials"}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def test_unauthorized_no_token():
|
|
|
|
|
response = client.get("/")
|
|
|
|
|
assert response.status_code == 403
|
|
|
|
|
assert response.json() == {"detail": "Not authenticated"}
|
2026-03-05 15:56:06 +01:00
|
|
|
|
|
|
|
|
|
|
|
|
|
def test_settings_support_secret_files(tmp_path):
|
|
|
|
|
bearer_token_file = tmp_path / "bearer_token"
|
|
|
|
|
client_id_file = tmp_path / "client_id"
|
|
|
|
|
client_secret_file = tmp_path / "client_secret"
|
|
|
|
|
bearer_token_file.write_text("from-file-token\n", encoding="utf-8")
|
|
|
|
|
client_id_file.write_text("from-file-client-id\n", encoding="utf-8")
|
|
|
|
|
client_secret_file.write_text("from-file-client-secret\n", encoding="utf-8")
|
|
|
|
|
|
|
|
|
|
settings = Settings(
|
|
|
|
|
test_mode=True,
|
|
|
|
|
tailnet="test",
|
|
|
|
|
bearer_token_file=str(bearer_token_file),
|
|
|
|
|
client_id_file=str(client_id_file),
|
|
|
|
|
client_secret_file=str(client_secret_file),
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
assert settings.bearer_token is not None
|
|
|
|
|
assert settings.client_id is not None
|
|
|
|
|
assert settings.client_secret is not None
|
|
|
|
|
assert settings.bearer_token.get_secret_value() == "from-file-token"
|
|
|
|
|
assert settings.client_id.get_secret_value() == "from-file-client-id"
|
|
|
|
|
assert settings.client_secret.get_secret_value() == "from-file-client-secret"
|
