@@ -45,6 +45,33 @@ def test_proxy_request(self, mock_request):
45
45
response = proxy_request (req , 'http://example.com/api' )
46
46
self .assertEqual (response , "Plain text response" )
47
47
48
+ def test_smart_configuration (self ):
49
+ """Test /fhir/.well-known/smart-configuration endpoint"""
50
+ response = self .client .get ('/fhir/.well-known/smart-configuration' )
51
+ self .assertEqual (response .status_code , 200 )
52
+ self .assertEqual (response .json , {
53
+ 'authorization_endpoint' : 'http://authorize.example.com' ,
54
+ 'token_endpoint' : 'http://token.example.com' ,
55
+ 'introspection_endpoint' : 'http://introspection.example.com'
56
+ })
57
+
58
+ def test_config_settings (self ):
59
+ """Test /settings endpoint"""
60
+ # Test retrieving non-sensitive config
61
+ response = self .client .get ('/settings' )
62
+ self .assertEqual (response .status_code , 200 )
63
+ self .assertIn ('UPSTREAM_SERVER' , response .json )
64
+ self .assertNotIn ('SECRET' , response .json )
65
+
66
+ # Test retrieving specific config
67
+ response = self .client .get ('/settings/UPSTREAM_SERVER' )
68
+ self .assertEqual (response .status_code , 200 )
69
+ self .assertEqual (response .json ['UPSTREAM_SERVER' ], 'http://example.com' )
70
+
71
+ # Test accessing sensitive config
72
+ response = self .client .get ('/settings/SECRET_KEY' )
73
+ self .assertEqual (response .status_code , 400 )
74
+
48
75
@patch ('jwt.PyJWKClient' )
49
76
@patch ('jwt.decode' )
50
77
def test_validate_jwt (self , mock_decode , mock_jwk_client ):
@@ -57,14 +84,14 @@ def test_validate_jwt(self, mock_decode, mock_jwk_client):
57
84
58
85
# Set up mock JWT decoding
59
86
mock_decode .
return_value = {
'email' :
'[email protected] ' }
60
- self .app .json = CustomJSONProvider (self .app )
61
87
62
88
# Test valid token
63
89
response = self .client .get ('/' , headers = {'Authorization' : 'Bearer valid_token' })
64
90
print (f'Status Code: { response .status_code } ' )
65
91
print (f'Response Data: { response .data .decode ()} ' )
66
92
print (f'Response JSON: { response .json } ' )
67
93
self .assertEqual (response .status_code , 200 )
94
+ self .assertEqual (response .json .get ('message' ), 'request proxied' )
68
95
69
96
# Test missing token
70
97
response = self .client .get ('/' )
@@ -84,38 +111,12 @@ def test_validate_jwt(self, mock_decode, mock_jwk_client):
84
111
self .assertEqual (response .json .get ('message' ), "token expired" )
85
112
86
113
# Test whitelisted path without token
87
- response = self .client .get ('/whitelisted' , content_type = 'application/json' )
114
+ response = self .client .get ('/whitelisted' )
88
115
print (f'Status Code: { response .status_code } ' )
89
116
print (f'Response Data: { response .data .decode ()} ' )
90
117
print (f'Response JSON: { response .json } ' )
91
118
self .assertEqual (response .status_code , 200 )
92
-
93
- def test_smart_configuration (self ):
94
- """Test /fhir/.well-known/smart-configuration endpoint"""
95
- response = self .client .get ('/fhir/.well-known/smart-configuration' )
96
- self .assertEqual (response .status_code , 200 )
97
- self .assertEqual (response .json , {
98
- 'authorization_endpoint' : 'http://authorize.example.com' ,
99
- 'token_endpoint' : 'http://token.example.com' ,
100
- 'introspection_endpoint' : 'http://introspection.example.com'
101
- })
102
-
103
- def test_config_settings (self ):
104
- """Test /settings endpoint"""
105
- # Test retrieving non-sensitive config
106
- response = self .client .get ('/settings' )
107
- self .assertEqual (response .status_code , 200 )
108
- self .assertIn ('UPSTREAM_SERVER' , response .json )
109
- self .assertNotIn ('SECRET' , response .json )
110
-
111
- # Test retrieving specific config
112
- response = self .client .get ('/settings/UPSTREAM_SERVER' )
113
- self .assertEqual (response .status_code , 200 )
114
- self .assertEqual (response .json ['UPSTREAM_SERVER' ], 'http://example.com' )
115
-
116
- # Test accessing sensitive config
117
- response = self .client .get ('/settings/SECRET_KEY' )
118
- self .assertEqual (response .status_code , 400 )
119
+ self .assertEqual (response .json .get ('message' ), 'whitelisted path accessed' )
119
120
120
121
if __name__ == '__main__' :
121
122
unittest .main ()
0 commit comments