Tests: Add unit tests for Authentication resource

2021-10-12 15:08:39 -04:00 · 2021-10-12 15:08:39 -04:00 · c3412ac58f
parent d51f331453
commit c3412ac58f
2 changed files with 72 additions and 0 deletions
--- a/monkey/tests/unit_tests/monkey_island/cc/resources/auth/test_auth.py
+++ b/monkey/tests/unit_tests/monkey_island/cc/resources/auth/test_auth.py
@ -0,0 +1,69 @@
+import re
+from unittest.mock import MagicMock
+
+import pytest
+
+USERNAME = "test_user"
+PASSWORD = "test_password"
+TEST_REQUEST = f'{{"username": "{USERNAME}", "password": "{PASSWORD}"}}'
+
+
+@pytest.fixture
+def mock_authentication_service(monkeypatch):
+    mock_service = MagicMock()
+    mock_service.authenticate = MagicMock()
+
+    monkeypatch.setattr("monkey_island.cc.resources.auth.auth.AuthenticationService", mock_service)
+
+    return mock_service
+
+
+@pytest.fixture
+def make_auth_request(flask_client):
+    url = "/api/auth"
+
+    def inner(request_body):
+        return flask_client.post(url, data=request_body, follow_redirects=True)
+
+    return inner
+
+
+def test_credential_parsing(make_auth_request, mock_authentication_service):
+    make_auth_request(TEST_REQUEST)
+    mock_authentication_service.authenticate.assert_called_with(USERNAME, PASSWORD)
+
+
+def test_empty_credentials(make_auth_request, mock_authentication_service):
+    make_auth_request("{}")
+    mock_authentication_service.authenticate.assert_called_with("", "")
+
+
+def test_authentication_successful(make_auth_request, mock_authentication_service):
+    mock_authentication_service.authenticate = MagicMock(return_value=True)
+
+    response = make_auth_request(TEST_REQUEST)
+
+    assert response.status_code == 200
+    assert response.json["error"] == ""
+    assert re.match(
+        r"^[a-zA-Z0-9+/=]+\.[a-zA-Z0-9+/=]+\.[a-zA-Z0-9+/=\-_]+$", response.json["access_token"]
+    )
+
+
+def test_authentication_failure(make_auth_request, mock_authentication_service):
+    mock_authentication_service.authenticate = MagicMock(return_value=False)
+
+    response = make_auth_request(TEST_REQUEST)
+
+    assert "access_token" not in response.json
+    assert response.status_code == 401
+    assert response.json["error"] == "Invalid credentials"
+
+
+def test_authentication_error(make_auth_request, mock_authentication_service):
+    mock_authentication_service.authenticate = MagicMock(side_effect=Exception())
+
+    response = make_auth_request(TEST_REQUEST)
+
+    assert "access_token" not in response.json
+    assert response.status_code == 500
--- a/monkey/tests/unit_tests/monkey_island/cc/resources/conftest.py
+++ b/monkey/tests/unit_tests/monkey_island/cc/resources/conftest.py
@ -19,6 +19,7 @@ def flask_client(monkeypatch_session):

 def mock_init_app():
    app = Flask(__name__)
+    app.config["SECRET_KEY"] = "test_key"

    api = flask_restful.Api(app)
    api.representations = {"application/json": output_json}
@ -26,4 +27,6 @@ def mock_init_app():
    monkey_island.cc.app.init_app_url_rules(app)
    monkey_island.cc.app.init_api_resources(api)

+    flask_jwt_extended.JWTManager(app)
+
    return app