@@ -45,6 +45,33 @@ def test_proxy_request(self, mock_request):
4545 response = proxy_request (req , 'http://example.com/api' )
4646 self .assertEqual (response , "Plain text response" )
4747
48+ def test_smart_configuration (self ):
49+ """Test /fhir/.well-known/smart-configuration endpoint"""
50+ response = self .client .get ('/fhir/.well-known/smart-configuration' )
51+ self .assertEqual (response .status_code , 200 )
52+ self .assertEqual (response .json , {
53+ 'authorization_endpoint' : 'http://authorize.example.com' ,
54+ 'token_endpoint' : 'http://token.example.com' ,
55+ 'introspection_endpoint' : 'http://introspection.example.com'
56+ })
57+
58+ def test_config_settings (self ):
59+ """Test /settings endpoint"""
60+ # Test retrieving non-sensitive config
61+ response = self .client .get ('/settings' )
62+ self .assertEqual (response .status_code , 200 )
63+ self .assertIn ('UPSTREAM_SERVER' , response .json )
64+ self .assertNotIn ('SECRET' , response .json )
65+
66+ # Test retrieving specific config
67+ response = self .client .get ('/settings/UPSTREAM_SERVER' )
68+ self .assertEqual (response .status_code , 200 )
69+ self .assertEqual (response .json ['UPSTREAM_SERVER' ], 'http://example.com' )
70+
71+ # Test accessing sensitive config
72+ response = self .client .get ('/settings/SECRET_KEY' )
73+ self .assertEqual (response .status_code , 400 )
74+
4875 @patch ('jwt.PyJWKClient' )
4976 @patch ('jwt.decode' )
5077 def test_validate_jwt (self , mock_decode , mock_jwk_client ):
@@ -57,14 +84,14 @@ def test_validate_jwt(self, mock_decode, mock_jwk_client):
5784
5885 # Set up mock JWT decoding
5986 mock_decode .
return_value = {
'email' :
'[email protected] ' }
60- self .app .json = CustomJSONProvider (self .app )
6187
6288 # Test valid token
6389 response = self .client .get ('/' , headers = {'Authorization' : 'Bearer valid_token' })
6490 print (f'Status Code: { response .status_code } )
6591 print (f'Response Data: { response .data .decode ()} )
6692 print (f'Response JSON: { response .json } )
6793 self .assertEqual (response .status_code , 200 )
94+ self .assertEqual (response .json .get ('message' ), 'request proxied' )
6895
6996 # Test missing token
7097 response = self .client .get ('/' )
@@ -84,38 +111,12 @@ def test_validate_jwt(self, mock_decode, mock_jwk_client):
84111 self .assertEqual (response .json .get ('message' ), "token expired" )
85112
86113 # Test whitelisted path without token
87- response = self .client .get ('/whitelisted' , content_type = 'application/json' )
114+ response = self .client .get ('/whitelisted' )
88115 print (f'Status Code: { response .status_code } )
89116 print (f'Response Data: { response .data .decode ()} )
90117 print (f'Response JSON: { response .json } )
91118 self .assertEqual (response .status_code , 200 )
92-
93- def test_smart_configuration (self ):
94- """Test /fhir/.well-known/smart-configuration endpoint"""
95- response = self .client .get ('/fhir/.well-known/smart-configuration' )
96- self .assertEqual (response .status_code , 200 )
97- self .assertEqual (response .json , {
98- 'authorization_endpoint' : 'http://authorize.example.com' ,
99- 'token_endpoint' : 'http://token.example.com' ,
100- 'introspection_endpoint' : 'http://introspection.example.com'
101- })
102-
103- def test_config_settings (self ):
104- """Test /settings endpoint"""
105- # Test retrieving non-sensitive config
106- response = self .client .get ('/settings' )
107- self .assertEqual (response .status_code , 200 )
108- self .assertIn ('UPSTREAM_SERVER' , response .json )
109- self .assertNotIn ('SECRET' , response .json )
110-
111- # Test retrieving specific config
112- response = self .client .get ('/settings/UPSTREAM_SERVER' )
113- self .assertEqual (response .status_code , 200 )
114- self .assertEqual (response .json ['UPSTREAM_SERVER' ], 'http://example.com' )
115-
116- # Test accessing sensitive config
117- response = self .client .get ('/settings/SECRET_KEY' )
118- self .assertEqual (response .status_code , 400 )
119+ self .assertEqual (response .json .get ('message' ), 'whitelisted path accessed' )
119120
120121if __name__ == '__main__' :
121122 unittest .main ()
0 commit comments