matlab-proxy 0.26.0__py3-none-any.whl → 0.27.1__py3-none-any.whl

tests/unit/util/mwi/test_token_auth.py

@@ -1,303 +0,0 @@
-# Copyright 2023-2025 The MathWorks, Inc.
-
-import pytest
-from aiohttp import web
-from aiohttp_session import setup as aiohttp_session_setup
-from aiohttp_session.cookie_storage import EncryptedCookieStorage
-from cryptography import fernet
-
-from matlab_proxy.constants import MWI_AUTH_TOKEN_NAME_FOR_HTTP
-from matlab_proxy.util.mwi import environment_variables as mwi_env
-from matlab_proxy.util.mwi import token_auth
-
-## APIs to test:
-# 1. generate_mwi_auth_token (auth enabled, auth enabled+custom token, custom token, auth disabled)
-# 2. authenticate_access_decorator (headers & url_string, and session storage)
-
-## Testing generate_mwi_auth_token :
-
-test_data = [
-    pytest.param(
-        "False",
-        "CustomTokenStr123_-Test1",
-        None,
-        id="token isn't generated when MWI_ENABLE_AUTH_TOKEN is explicitly disabled & has custom token set",
-    ),
-    pytest.param(
-        "",
-        "CustomTokenStr123_-Test2",
-        "CustomTokenStr123_-Test2",
-        id="token is generated when MWI_ENABLE_AUTH_TOKEN is not set & has custom token set",
-    ),
-    pytest.param(
-        "True",
-        "CustomTokenStr123_-Test3",
-        "CustomTokenStr123_-Test3",
-        id="token is generated when MWI_ENABLE_AUTH_TOKEN is set & has custom token set",
-    ),
-]
-
-
-@pytest.mark.parametrize(
-    "expected_auth_enablement, auth_token, expected_auth_token",
-    test_data,
-)
-def test_generate_mwi_auth_token(
-    monkeypatch, expected_auth_enablement, auth_token, expected_auth_token
-):
-    monkeypatch.setenv(
-        mwi_env.get_env_name_enable_mwi_auth_token(), str(expected_auth_enablement)
-    )
-    monkeypatch.setenv(mwi_env.get_env_name_mwi_auth_token(), str(auth_token))
-
-    generated_token = token_auth.generate_mwi_auth_token_and_hash()["token"]
-    assert generated_token == expected_auth_token
-
-
-def test_auto_token_generation_with_enable_flag_set(monkeypatch):
-    # Test if token is auto-generated when MWI_ENABLE_AUTH_TOKEN is True
-    expected_auth_enablement = "True"
-    monkeypatch.setenv(
-        mwi_env.get_env_name_enable_mwi_auth_token(), str(expected_auth_enablement)
-    )
-
-    generated_token = token_auth.generate_mwi_auth_token_and_hash()["token"]
-    assert generated_token is not None
-
-
-def test_auto_token_generation_with_enable_flag_unset():
-    # Test if token is generated by default when MWI_ENABLE_AUTH_TOKEN and MWI_AUTH_TOKEN are not set
-    generated_token = token_auth.generate_mwi_auth_token_and_hash()["token"]
-    assert generated_token is not None
-
-
-## Testing authenticate_access_decorator :
-# This in turn, also tests authenticate_request
-
-
-@pytest.fixture
-def get_custom_auth_token_str():
-    return "CustomTokenStr123_-TestOtherAPIS"
-
-
-@token_auth.authenticate_access_decorator
-async def fake_endpoint(request):
-    if request.method == "POST":
-        request.app["value"] = (await request.post())["value"]
-        return web.Response(body=b"thanks for the data")
-    return web.Response(body="value: {}".format(request.app["value"]).encode("utf-8"))
-
-
-@pytest.fixture
-def fake_server_with_auth_enabled(
-    event_loop, aiohttp_client, monkeypatch, get_custom_auth_token_str
-):
-    auth_token = get_custom_auth_token_str
-    auth_enablement = "True"
-    monkeypatch.setenv(
-        mwi_env.get_env_name_enable_mwi_auth_token(), str(auth_enablement)
-    )
-    monkeypatch.setenv(mwi_env.get_env_name_mwi_auth_token(), str(auth_token))
-
-    (
-        mwi_auth_token,
-        mwi_auth_token_hash,
-    ) = token_auth.generate_mwi_auth_token_and_hash().values()
-
-    app = web.Application()
-    app["settings"] = {
-        "mwi_is_token_auth_enabled": mwi_auth_token is not None,
-        "mwi_auth_token": mwi_auth_token,
-        "mwi_auth_token_hash": mwi_auth_token_hash,
-        "mwi_auth_token_name_for_http": MWI_AUTH_TOKEN_NAME_FOR_HTTP,
-        "mwi_auth_token_name_for_env": mwi_env.get_env_name_mwi_auth_token().lower(),
-    }
-    app.router.add_get("/", fake_endpoint)
-    app.router.add_post("/", fake_endpoint)
-    # Setup the session storage
-    fernet_key = fernet.Fernet.generate_key()
-    f = fernet.Fernet(fernet_key)
-    aiohttp_session_setup(
-        app, EncryptedCookieStorage(f, cookie_name="matlab-proxy-session")
-    )
-    return event_loop.run_until_complete(aiohttp_client(app))
-
-
-async def test_set_value_with_token(
-    fake_server_with_auth_enabled, get_custom_auth_token_str
-):
-    resp = await fake_server_with_auth_enabled.post(
-        "/",
-        data={"value": "foo"},
-        headers={MWI_AUTH_TOKEN_NAME_FOR_HTTP: get_custom_auth_token_str},
-    )
-    assert resp.status == web.HTTPOk.status_code
-    assert await resp.text() == "thanks for the data"
-    assert fake_server_with_auth_enabled.server.app["value"] == "foo"
-
-    # Test subsequent requests do not need token authentication
-    resp2 = await fake_server_with_auth_enabled.post(
-        "/",
-        data={"value": "foobar"},
-    )
-    assert resp2.status == web.HTTPOk.status_code
-    assert fake_server_with_auth_enabled.server.app["value"] == "foobar"
-
-    # Test request which accepts cookies from previous request
-    resp3 = await fake_server_with_auth_enabled.post(
-        "/",
-        data={"value": "foobar1"},
-        cookies=resp.cookies,
-    )
-    assert resp3.status == web.HTTPOk.status_code
-    assert fake_server_with_auth_enabled.server.app["value"] == "foobar1"
-
-
-async def test_set_value_with_token_hash(
-    fake_server_with_auth_enabled, get_custom_auth_token_str
-):
-    resp = await fake_server_with_auth_enabled.post(
-        "/",
-        data={"value": "foo"},
-        headers={
-            MWI_AUTH_TOKEN_NAME_FOR_HTTP: token_auth._generate_hash(
-                get_custom_auth_token_str
-            )
-        },
-    )
-    assert resp.status == web.HTTPOk.status_code
-    assert await resp.text() == "thanks for the data"
-    assert fake_server_with_auth_enabled.server.app["value"] == "foo"
-
-    # Test subsequent requests do not need token authentication
-    resp2 = await fake_server_with_auth_enabled.post(
-        "/",
-        data={"value": "foobar"},
-    )
-    assert resp2.status == web.HTTPOk.status_code
-    assert fake_server_with_auth_enabled.server.app["value"] == "foobar"
-
-    # Test request which accepts cookies from previous request
-    resp3 = await fake_server_with_auth_enabled.post(
-        "/",
-        data={"value": "foobar1"},
-        cookies=resp.cookies,
-    )
-    assert resp3.status == web.HTTPOk.status_code
-    assert fake_server_with_auth_enabled.server.app["value"] == "foobar1"
-
-
-async def test_set_value_without_token(fake_server_with_auth_enabled):
-    resp2 = await fake_server_with_auth_enabled.post(
-        "/",
-        data={"value": "foobar"},
-    )
-    assert resp2.status == web.HTTPForbidden.status_code
-
-
-async def test_set_value_with_invalid_token(fake_server_with_auth_enabled):
-    resp2 = await fake_server_with_auth_enabled.post(
-        "/",
-        data={"value": "foobar"},
-        headers={MWI_AUTH_TOKEN_NAME_FOR_HTTP: "invalid-token"},
-    )
-    assert resp2.status == web.HTTPForbidden.status_code
-
-
-async def test_set_value_with_token_in_params(
-    fake_server_with_auth_enabled, get_custom_auth_token_str
-):
-    fake_server_with_auth_enabled.server.app["value"] = "foo"
-    resp = await fake_server_with_auth_enabled.post(
-        "/",
-        data={"value": "foofoo"},
-        params={
-            MWI_AUTH_TOKEN_NAME_FOR_HTTP: token_auth._generate_hash(
-                get_custom_auth_token_str
-            )
-        },
-    )
-    assert resp.status == web.HTTPOk.status_code
-    assert await resp.text() == "thanks for the data"
-    assert fake_server_with_auth_enabled.server.app["value"] == "foofoo"
-
-    # Test subsequent requests do not need token authentication
-    resp2 = await fake_server_with_auth_enabled.post(
-        "/",
-        data={"value": "foobar"},
-    )
-    assert resp2.status == web.HTTPForbidden.status_code
-    # assert server_with_auth_enabled.server.app["value"] == "foobar"
-
-
-async def test_get_value_without_token(fake_server_with_auth_enabled):
-    fake_server_with_auth_enabled.server.app["value"] = "bar"
-    resp = await fake_server_with_auth_enabled.get("/")
-    assert resp.status == web.HTTPForbidden.status_code
-
-
-async def test_get_value_with_token_in_query_params(
-    fake_server_with_auth_enabled, get_custom_auth_token_str
-):
-    fake_server_with_auth_enabled.server.app["value"] = "bar"
-    resp = await fake_server_with_auth_enabled.get(
-        "/",
-        params={
-            MWI_AUTH_TOKEN_NAME_FOR_HTTP: token_auth._generate_hash(
-                get_custom_auth_token_str
-            )
-        },
-    )
-    assert resp.status == web.HTTPOk.status_code
-    assert await resp.text() == "value: bar"
-
-
-## Create a fake_server without authentication enabled, and test that you can access data.
-
-
-@pytest.fixture
-def fake_server_without_auth_enabled(event_loop, aiohttp_client, monkeypatch):
-    auth_enablement = "False"
-    monkeypatch.setenv(
-        mwi_env.get_env_name_enable_mwi_auth_token(), str(auth_enablement)
-    )
-    (
-        mwi_auth_token,
-        mwi_auth_token_hash,
-    ) = token_auth.generate_mwi_auth_token_and_hash().values()
-
-    app = web.Application()
-    app["settings"] = {
-        "mwi_is_token_auth_enabled": mwi_auth_token != None,
-        "mwi_auth_token": mwi_auth_token,
-        "mwi_auth_token_hash": mwi_auth_token_hash,
-        "mwi_auth_token_name_for_env": mwi_env.get_env_name_mwi_auth_token().lower(),
-    }
-    app.router.add_get("/", fake_endpoint)
-    app.router.add_post("/", fake_endpoint)
-    # Setup the session storage
-    fernet_key = fernet.Fernet.generate_key()
-    f = fernet.Fernet(fernet_key)
-    aiohttp_session_setup(
-        app, EncryptedCookieStorage(f, cookie_name="matlab-proxy-session")
-    )
-    return event_loop.run_until_complete(aiohttp_client(app))
-
-
-async def test_get_value(fake_server_without_auth_enabled):
-    fake_server_without_auth_enabled.server.app["value"] = "bar1"
-    resp = await fake_server_without_auth_enabled.get("/")
-    assert resp.status == web.HTTPOk.status_code
-    assert await resp.text() == "value: bar1"
-
-
-async def test_get_value_in_query_params(
-    fake_server_without_auth_enabled, get_custom_auth_token_str
-):
-    # Server should respond even if token is provided when not needed.
-    fake_server_without_auth_enabled.server.app["value"] = "bar2"
-    resp = await fake_server_without_auth_enabled.get(
-        "/", params={"mwi-auth-token": get_custom_auth_token_str}
-    )
-    assert resp.status == web.HTTPOk.status_code
-    assert await resp.text() == "value: bar2"

tests/unit/util/mwi/test_validators.py

@@ -1,364 +0,0 @@
-# Copyright 2020-2025 The MathWorks, Inc.
-
-"""Tests for functions in matlab_proxy/util/mwi_validators.py"""
-
-import os
-import random
-import socket
-import tempfile
-from matlab_proxy.util.mwi.validators import (
-    validate_idle_timeout,
-    validate_matlab_root_path,
-)
-from matlab_proxy import constants
-from pathlib import Path
-
-import matlab_proxy
-import pytest
-from matlab_proxy.util import system
-from matlab_proxy.util.mwi import environment_variables as mwi_env
-from matlab_proxy.util.mwi import validators
-from matlab_proxy.util.mwi.exceptions import (
-    NetworkLicensingError,
-    FatalError,
-    MatlabInstallError,
-)
-
-
-@pytest.mark.parametrize(
-    "MLM_LICENSE_FILE",
-    [
-        ("/path/to/a/non-existent/file"),
-        ("1234"),
-        ("hostname"),
-        ("1234hostname"),
-    ],
-    ids=[
-        "Invalid path to a license file",
-        "NLM string with just port number",
-        "NLM string with just hostname",
-        "NLM string with just port number and hostname",
-    ],
-)
-def test_validate_mlm_license_file_invalid_value(MLM_LICENSE_FILE, monkeypatch):
-    """Check if validator raises expected exception"""
-
-    env_name = mwi_env.get_env_name_network_license_manager()
-
-    monkeypatch.setenv(env_name, MLM_LICENSE_FILE)
-    nlm_conn_str = os.getenv(env_name)
-
-    with pytest.raises(NetworkLicensingError) as e_info:
-        validators.validate_mlm_license_file(nlm_conn_str)
-    assert MLM_LICENSE_FILE in str(e_info.value)
-
-
-@pytest.fixture(name="temporary_license_file")
-def temporary_license_file_fixture(tmp_path):
-    """Pytest fixture which returns a valid path to temporary license file."""
-    import time
-
-    temp_license_file_path = tmp_path / f'{str(time.time()).replace(".", "")}.lic'
-    temp_license_file_path.touch()
-
-    return temp_license_file_path
-
-
-def test_validate_mlm_license_file_valid_license_file_path(
-    temporary_license_file, monkeypatch
-):
-    """Check if a valid license path has been supplied to MLM_LICENSE_FILE env var"""
-    env_name = mwi_env.get_env_name_network_license_manager()
-    monkeypatch.setenv(env_name, str(temporary_license_file))
-
-    validated_file_path = validators.validate_mlm_license_file(os.getenv(env_name))
-    assert str(temporary_license_file) == validated_file_path
-
-
-@pytest.mark.parametrize(
-    "MLM_LICENSE_FILE",
-    [
-        (["1234@1.2_any-alphanumeric"]),
-        (["1234@1.2_any-alphanumeric", "1234@1.2_any-alphanumeric"]),
-        (
-            [
-                "1234@1.2_any-alphanumeric",
-                "1234@1.2_any-alphanumeric",
-                "1234@1.2_any-alphanumeric",
-            ]
-        ),
-        [
-            "1234@1.2_any-alphanumeric,1234@1.2_any-alphanumeric,1234@1.2_any-alphanumeric"
-        ],
-        (
-            [
-                "1234@1.2_any-alphanumeric",
-                "1234@1.2_any-alphanumeric,1234@1.2_any-alphanumeric,1234@1.2_any-alphanumeric",
-            ]
-        ),
-        (
-            [
-                "1234@1.2_any-alphanumeric,1234@1.2_any-alphanumeric,1234@1.2_any-alphanumeric",
-                "1234@1.2_any-alphanumeric",
-            ]
-        ),
-        (
-            [
-                "1234@1.2_any-alphanumeric",
-                "1234@1.2_any-alphanumeric,1234@1.2_any-alphanumeric,1234@1.2_any-alphanumeric",
-                "1234@1.2_any-alphanumeric",
-            ]
-        ),
-    ],
-    ids=[
-        "1 NLM server",
-        "2 NLM servers",
-        "3 NLM servers",
-        "Just a server triad",
-        "1 NLM server prefixed to a server triad",
-        "1 NLM server suffixed to a server triad",
-        "1 NLM server prefixed and another suffixed to a server triad",
-    ],
-)
-def test_validate_mlm_license_file_for_valid_nlm_string(MLM_LICENSE_FILE, monkeypatch):
-    """Check if port@hostname passes validation"""
-
-    seperator = system.get_mlm_license_file_seperator()
-    MLM_LICENSE_FILE = seperator.join(MLM_LICENSE_FILE)
-    env_name = mwi_env.get_env_name_network_license_manager()
-    monkeypatch.setenv(env_name, MLM_LICENSE_FILE)
-    conn_str = validators.validate_mlm_license_file(os.getenv(env_name))
-    assert conn_str == MLM_LICENSE_FILE
-
-
-def test_validate_mlm_license_file_None():
-    """Test to check if validate_mlm_license_file() returns None when nlm_conn_str is None."""
-    assert validators.validate_mlm_license_file(None) is None
-
-
-def test_get_with_environment_variables(monkeypatch):
-    """Check if path to license file passes validation"""
-    env_name = mwi_env.get_env_name_network_license_manager()
-    fd, path = tempfile.mkstemp()
-    monkeypatch.setenv(env_name, path)
-    try:
-        conn_str = validators.validate_mlm_license_file(os.getenv(env_name))
-        assert conn_str == str(path)
-    finally:
-        os.close(fd)
-        os.remove(path)
-
-
-def test_validate_app_port_is_free_false():
-    """Test to validate if supplied app port is free"""
-    s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
-    s.bind(("", 0))
-    port = s.getsockname()[1]
-    with pytest.raises(FatalError) as e:
-        validators.validate_app_port_is_free(port)
-    s.close()
-
-
-def test_validate_app_port_is_free_true():
-    """Test to validate if supplied app port is free"""
-    s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
-    s.bind(("", 0))
-    port = s.getsockname()[1]
-    s.close()
-    assert validators.validate_app_port_is_free(port) == port
-
-
-def test_validate_app_port_None():
-    """Tests if validated app port is None when MWI_APP_PORT env variable is not set.
-    If validated app port is None implies a random free port will be used at launch.
-    """
-    assert validators.validate_app_port_is_free(None) is None
-
-
-def test_validate_env_config_true():
-    """Validate the default config which is used in this package."""
-    config = validators.validate_env_config(matlab_proxy.get_default_config_name())
-    assert isinstance(config, dict)
-
-
-def test_validate_env_config_false():
-    """Passing a non existent config should raise FatalError exception"""
-
-    with pytest.raises(FatalError):
-        validators.validate_env_config(str(random.randint(10, 100)))
-
-
-def test_get_configs():
-    """Test to check if atleast 1 env config is discovered.
-    When this package is installed, we will have a default config.
-    """
-    configs = validators.__get_configs()
-
-    assert len(configs.keys()) >= 1
-
-
-@pytest.mark.parametrize(
-    "mwi_base_url, validated_base_url",
-    [
-        ("", ""),
-        ("/bla", "/bla"),
-        ("/bla/", "/bla"),
-    ],
-    ids=[
-        "Launch integration at root",
-        "Launch at custom path",
-        "Launch at custom with suffix: /",
-    ],
-)
-def test_validate_base_url(mwi_base_url, validated_base_url):
-    """Tests multiple base_urls which will beparsed and validated successfully.
-
-    Args:
-        base_url (str): base_url
-        validated_base_url (str): validated base_url
-    """
-    assert validators.validate_base_url(mwi_base_url) == validated_base_url
-
-
-def test_validate_base_url_no_prefix_error():
-    """Test to check base_url will throw error when a prefix / is not present in it.[summary]"""
-    with pytest.raises(FatalError) as e:
-        validators.validate_base_url("matlab/")
-
-
-def test_validate_mwi_ssl_key_and_cert_file(monkeypatch):
-    """Check if port@hostname passes validation"""
-    ssl_cert_file_env_name = mwi_env.get_env_name_ssl_cert_file()
-    ssl_key_file_env_name = mwi_env.get_env_name_ssl_key_file()
-    fd, path = tempfile.mkstemp()
-
-    monkeypatch.setenv(ssl_cert_file_env_name, path)
-    monkeypatch.setenv(ssl_key_file_env_name, path)
-    try:
-        # Verify that if KEY and CERT are provided
-        key_file, cert_file = validators.validate_ssl_key_and_cert_file(
-            os.getenv(ssl_key_file_env_name), os.getenv(ssl_cert_file_env_name)
-        )
-        assert key_file == str(path)
-        assert cert_file == str(path)
-
-        # Verify that KEY can be None
-        key_file, cert_file = validators.validate_ssl_key_and_cert_file(
-            None, os.getenv(ssl_cert_file_env_name)
-        )
-        assert key_file == None
-        assert cert_file == str(path)
-
-        # Verify that if KEY is provided, CERT must also be provided
-        with pytest.raises(FatalError) as e:
-            validators.validate_ssl_key_and_cert_file(
-                os.getenv(ssl_key_file_env_name), None
-            )
-
-        # Verify that KEY is valid file location
-        with pytest.raises(FatalError) as e:
-            validators.validate_ssl_key_and_cert_file(
-                "/file/does/not/exist", os.getenv(ssl_cert_file_env_name)
-            )
-
-        # Verify that KEY is valid file location
-        with pytest.raises(FatalError) as e:
-            validators.validate_ssl_key_and_cert_file(
-                os.getenv(ssl_key_file_env_name), "/file/does/not/exist"
-            )
-    finally:
-        # Need to close the file descriptor in Windows
-        # Or else PermissionError is raised.
-        os.close(fd)
-        os.remove(path)
-
-
-def test_validate_matlab_root_path(tmp_path):
-    """Checks if matlab root is validated without raising exceptions"""
-
-    # Arrange
-    matlab_root = Path(tmp_path) / "MATLAB"
-    os.mkdir(matlab_root)
-    version_info_file = Path(matlab_root) / constants.VERSION_INFO_FILE_NAME
-    version_info_file.touch()
-
-    # Act
-    actual_matlab_root = validate_matlab_root_path(
-        matlab_root, is_custom_matlab_root=False
-    )
-    actual_matlab_root_custom = validate_matlab_root_path(
-        matlab_root, is_custom_matlab_root=True
-    )
-
-    # Assert
-    assert actual_matlab_root == matlab_root
-    assert actual_matlab_root_custom == matlab_root
-
-
-def test_validate_matlab_root_path_non_existent_root_path(tmp_path):
-    """Checks if validate_matlab_root_path raises MatlabInstallError when non-existent path is supplied"""
-    # Arrange
-    matlab_root = Path(tmp_path) / "MATLAB"
-
-    # Act
-    with pytest.raises(MatlabInstallError):
-        actual_matlab_root = validate_matlab_root_path(
-            matlab_root, is_custom_matlab_root=False
-        )
-        actual_matlab_root_custom = validate_matlab_root_path(
-            matlab_root, is_custom_matlab_root=True
-        )
-
-        # Assert
-        assert actual_matlab_root is None
-        assert actual_matlab_root_custom is None
-
-
-def test_validate_matlab_root_path_non_existent_versioninfo_file(tmp_path):
-    """Checks if validate_matlab_root_path does not raise any exceptions even if VersionInfo.xml file does not exist
-    when matlab wrapper is used and raises an exception when custom matlab root is used.
-    """
-    # Arrange
-    matlab_root = Path(tmp_path) / "MATLAB"
-    os.mkdir(matlab_root)
-
-    # Act
-    # Location of VersionInfo.xml can't be determined with matlab wrapper script
-    # and error should not be raised
-    actual_matlab_root = validate_matlab_root_path(
-        matlab_root, is_custom_matlab_root=False
-    )
-
-    # Location of VersionInfo.xml must be determinable when custom MATLAB root is supplied.
-    # If not, an exception must be raised
-    with pytest.raises(MatlabInstallError):
-        validate_matlab_root_path(matlab_root, is_custom_matlab_root=True)
-
-    # Assert
-    assert actual_matlab_root is None
-
-
-@pytest.mark.parametrize(
-    "timeout, validated_timeout",
-    [
-        (None, None),
-        ("abc", None),
-        (-10, None),
-        (123, 60 * 123),
-    ],
-    ids=[
-        "No IDLE timeout specified",
-        "Invalid IDLE timeout specified",
-        "Negative number supplied as IDLE timeout",
-        "Valid IDLE timeout specified",
-    ],
-)
-def test_validate_idle_timeout(timeout, validated_timeout):
-    # Arrange
-    # Nothing to arrange
-
-    # Act
-    actual_timeout = validate_idle_timeout(timeout)
-
-    # Assert
-    assert actual_timeout == validated_timeout