-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
1 changed file
with
30 additions
and
29 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -45,6 +45,33 @@ def test_proxy_request(self, mock_request): | |
| response = proxy_request(req, 'http://example.com/api') | ||
| self.assertEqual(response, "Plain text response") | ||
|
|
||
| def test_smart_configuration(self): | ||
| """Test /fhir/.well-known/smart-configuration endpoint""" | ||
| response = self.client.get('/fhir/.well-known/smart-configuration') | ||
| self.assertEqual(response.status_code, 200) | ||
| self.assertEqual(response.json, { | ||
| 'authorization_endpoint': 'http://authorize.example.com', | ||
| 'token_endpoint': 'http://token.example.com', | ||
| 'introspection_endpoint': 'http://introspection.example.com' | ||
| }) | ||
|
|
||
| def test_config_settings(self): | ||
| """Test /settings endpoint""" | ||
| # Test retrieving non-sensitive config | ||
| response = self.client.get('/settings') | ||
| self.assertEqual(response.status_code, 200) | ||
| self.assertIn('UPSTREAM_SERVER', response.json) | ||
| self.assertNotIn('SECRET', response.json) | ||
|
|
||
| # Test retrieving specific config | ||
| response = self.client.get('/settings/UPSTREAM_SERVER') | ||
| self.assertEqual(response.status_code, 200) | ||
| self.assertEqual(response.json['UPSTREAM_SERVER'], 'http://example.com') | ||
|
|
||
| # Test accessing sensitive config | ||
| response = self.client.get('/settings/SECRET_KEY') | ||
| self.assertEqual(response.status_code, 400) | ||
|
|
||
| @patch('jwt.PyJWKClient') | ||
| @patch('jwt.decode') | ||
| def test_validate_jwt(self, mock_decode, mock_jwk_client): | ||
|
|
@@ -57,14 +84,14 @@ def test_validate_jwt(self, mock_decode, mock_jwk_client): | |
|
|
||
| # Set up mock JWT decoding | ||
| mock_decode.return_value = {'email': '[email protected]'} | ||
| self.app.json = CustomJSONProvider(self.app) | ||
|
|
||
| # Test valid token | ||
| response = self.client.get('/', headers={'Authorization': 'Bearer valid_token'}) | ||
| print(f'Status Code: {response.status_code}') | ||
| print(f'Response Data: {response.data.decode()}') | ||
| print(f'Response JSON: {response.json}') | ||
| self.assertEqual(response.status_code, 200) | ||
| self.assertEqual(response.json.get('message'), 'request proxied') | ||
|
|
||
| # Test missing token | ||
| response = self.client.get('/') | ||
|
|
@@ -84,38 +111,12 @@ def test_validate_jwt(self, mock_decode, mock_jwk_client): | |
| self.assertEqual(response.json.get('message'), "token expired") | ||
|
|
||
| # Test whitelisted path without token | ||
| response = self.client.get('/whitelisted', content_type='application/json') | ||
| response = self.client.get('/whitelisted') | ||
| print(f'Status Code: {response.status_code}') | ||
| print(f'Response Data: {response.data.decode()}') | ||
| print(f'Response JSON: {response.json}') | ||
| self.assertEqual(response.status_code, 200) | ||
|
|
||
| def test_smart_configuration(self): | ||
| """Test /fhir/.well-known/smart-configuration endpoint""" | ||
| response = self.client.get('/fhir/.well-known/smart-configuration') | ||
| self.assertEqual(response.status_code, 200) | ||
| self.assertEqual(response.json, { | ||
| 'authorization_endpoint': 'http://authorize.example.com', | ||
| 'token_endpoint': 'http://token.example.com', | ||
| 'introspection_endpoint': 'http://introspection.example.com' | ||
| }) | ||
|
|
||
| def test_config_settings(self): | ||
| """Test /settings endpoint""" | ||
| # Test retrieving non-sensitive config | ||
| response = self.client.get('/settings') | ||
| self.assertEqual(response.status_code, 200) | ||
| self.assertIn('UPSTREAM_SERVER', response.json) | ||
| self.assertNotIn('SECRET', response.json) | ||
|
|
||
| # Test retrieving specific config | ||
| response = self.client.get('/settings/UPSTREAM_SERVER') | ||
| self.assertEqual(response.status_code, 200) | ||
| self.assertEqual(response.json['UPSTREAM_SERVER'], 'http://example.com') | ||
|
|
||
| # Test accessing sensitive config | ||
| response = self.client.get('/settings/SECRET_KEY') | ||
| self.assertEqual(response.status_code, 400) | ||
| self.assertEqual(response.json.get('message'), 'whitelisted path accessed') | ||
|
|
||
| if __name__ == '__main__': | ||
| unittest.main() | ||