pytest-nhsd-apim 5.0.0__py3-none-any.whl → 5.0.2__py3-none-any.whl

pytest_nhsd_apim/apigee_edge.py

@@ -5,6 +5,7 @@ This includes app setup/teardown, getting proxy info (proxy-under-test
 + identity-service of choice), getting products, registering them with
 the test app.
 """
+
 import functools
 import warnings
 from datetime import datetime
@@ -22,7 +23,7 @@ from .apigee_apis import (
     DebugSessionsAPI,
     AccessTokensAPI,
     ApiProductsAPI,
-    DeveloperAppsAPI
+    DeveloperAppsAPI,
 )
 
 APIGEE_BASE_URL = "https://api.enterprise.apigee.com/v1/"
@@ -48,6 +49,7 @@ def _apigee_app_base_url(nhsd_apim_config):
     url = APIGEE_BASE_URL + f"organizations/{org}/developers/{dev}/apps"
     return url
 
+
 @pytest.fixture(scope="session")
 @log_method
 def _apigee_app_base_url_no_dev(nhsd_apim_config):
@@ -55,6 +57,7 @@ def _apigee_app_base_url_no_dev(nhsd_apim_config):
     url = APIGEE_BASE_URL + f"organizations/{org}/apps"
     return url
 
+
 @functools.lru_cache(maxsize=None)
 @log_method
 def _get_proxy_json(session, nhsd_apim_proxy_url):
@@ -62,8 +65,8 @@ def _get_proxy_json(session, nhsd_apim_proxy_url):
     Query the apigee edge API to get data about the desired proxy, in particular its current deployment.
     """
     deployment_err_msg = (
-        "\n\tFailed to retrieve the proxy deployment data. " +
-        "Please check the validity of the APIGEE credentials and token as well as any headers."
+        "\n\tFailed to retrieve the proxy deployment data. "
+        + "Please check the validity of the APIGEE credentials and token as well as any headers."
     )
     deployment_resp = session.get(f"{nhsd_apim_proxy_url}/deployments")
     assert deployment_resp.status_code == 200, deployment_err_msg.format(deployment_resp.content)
@@ -283,7 +286,9 @@ _TEST_APP = None
 
 @pytest.fixture(scope="session")
 @log_method
-def nhsd_apim_test_app(_create_test_app, _apigee_edge_session, _apigee_app_base_url, _apigee_app_base_url_no_dev, _test_app_id) -> Callable:
+def nhsd_apim_test_app(
+    _create_test_app, _apigee_edge_session, _apigee_app_base_url, _apigee_app_base_url_no_dev, _test_app_id
+) -> Callable:
     """
     A Callable that gets you the current state of the test app.
     """
@@ -314,7 +319,7 @@ def nhsd_apim_test_app(_create_test_app, _apigee_edge_session, _apigee_app_base_
             return _TEST_APP
         if _test_app_id:
             resp = _apigee_edge_session.get(_apigee_app_base_url_no_dev + "/" + _test_app_id)
-        else: 
+        else:
             resp = _apigee_edge_session.get(_apigee_app_base_url + "/" + _create_test_app["name"])
         _TEST_APP = resp.json()
         return _TEST_APP
@@ -468,7 +473,7 @@ def _create_test_app(
     else:
         app = {
             "name": f"apim-auto-{uuid4()}",
-            "callbackUrl": "https://example.org/callback",
+            "callbackUrl": "https://google.com/callback",
             "attributes": [{"name": "jwks-resource-url", "value": jwt_public_key_url}],
         }
         create_resp = _apigee_edge_session.post(_apigee_app_base_url, json=app)
@@ -512,7 +517,7 @@ def _create_function_scoped_test_app(
     else:
         app = {
             "name": f"apim-auto-{uuid4()}",
-            "callbackUrl": "https://example.org/callback",
+            "callbackUrl": "https://google.com/callback",
             "attributes": [{"name": "jwks-resource-url", "value": jwt_public_key_url}],
         }
         create_resp = _apigee_edge_session.post(_apigee_app_base_url, json=app)
@@ -538,6 +543,7 @@ def _test_app_callback_url(_create_test_app):
 def _test_app_id(nhsd_apim_config):
     return nhsd_apim_config["APIGEE_APP_ID"]
 
+
 @pytest.fixture()
 @log_method
 def trace(_apigee_proxy):
@@ -545,15 +551,16 @@ def trace(_apigee_proxy):
     Authenticated wrapper around the DebugSessionsAPI class
     """
     config = ApigeeNonProdCredentials()
-    client =  ApigeeClient(config=config)
+    client = ApigeeClient(config=config)
     debug = DebugSessionsAPI(
         client=client,
         env_name=_apigee_proxy["environment"],
         api_name=_apigee_proxy["name"],
-        revision_number=_apigee_proxy["revision"]
+        revision_number=_apigee_proxy["revision"],
     )
     return debug
 
+
 @pytest.fixture(scope="session")
 @log_method
 def access_token_api():
@@ -575,6 +582,7 @@ def products_api():
     client = ApigeeClient(config=config)
     return ApiProductsAPI(client=client)
 
+
 @pytest.fixture(scope="session")
 @log_method
 def developer_apps_api():
@@ -585,6 +593,7 @@ def developer_apps_api():
     client = ApigeeClient(config=config)
     return DeveloperAppsAPI(client=client)
 
+
 @pytest.fixture(scope="session")
 @log_method
 def developer_app_keys_api():

pytest_nhsd_apim/identity_service.py

@@ -1,8 +1,8 @@
 """
 This is a self-contained wrapper for a bunch of authentication
-methods in APIM. NOT ONLY the identity service is taken into 
-account in here, you will also find authenticators for keycloak 
-and more... Feel free to keep adding authenticators here and 
+methods in APIM. NOT ONLY the identity service is taken into
+account in here, you will also find authenticators for keycloak
+and more... Feel free to keep adding authenticators here and
 maybe move this file to its own library.
 """
 
@@ -20,6 +20,7 @@ from typing_extensions import Annotated
 
 HttpUrlString = Annotated[HttpUrl, AfterValidator(lambda v: str(v))]
 
+
 #### Config models
 class KeycloakConfig(BaseModel):
     """Basic Keycloak config"""
@@ -55,7 +56,7 @@ class KeycloakConfig(BaseModel):
 class KeycloakUserConfig(KeycloakConfig):
     client_id: str
     client_secret: str
-    redirect_uri: HttpUrlString = "https://example.org"
+    redirect_uri: HttpUrlString = "https://google.com"
     login_form: dict
 
 
@@ -92,9 +93,7 @@ class AuthorizationCodeConfig(BaseModel):
     @validator("environment")
     def validate_environment(cls, environment):
         if environment == "prod":
-            raise ValueError(
-                f"We dont support testing in the production environment"
-            )
+            raise ValueError(f"We dont support testing in the production environment")
         return environment
 
 
@@ -136,9 +135,7 @@ class ClientCredentialsConfig(BaseModel):
             "exp": int(time()) + 300,  # 5 minutes in the future
         }
         additional_headers = {"kid": self.jwt_kid}
-        client_assertion = jwt.encode(
-            claims, self.jwt_private_key, algorithm="RS512", headers=additional_headers
-        )
+        client_assertion = jwt.encode(claims, self.jwt_private_key, algorithm="RS512", headers=additional_headers)
         return client_assertion
 
 
@@ -150,6 +147,7 @@ class TokenExchangeConfig(ClientCredentialsConfig):
 class KeycloakSignedJWTConfig:
     pass
 
+
 # currently only targets AOS environment
 class NHSLoginConfig(BaseModel):
     """Config needed to authenticate using NHS Login"""
@@ -159,7 +157,7 @@ class NHSLoginConfig(BaseModel):
         self.nhs_login_base_url = openid_config["issuer"]
 
         well_known_jwks: list = requests.get(openid_config["jwks_uri"]).json()
-        well_known_key = well_known_jwks['keys'].pop()
+        well_known_key = well_known_jwks["keys"].pop()
         self.jwt_kid = well_known_key["kid"]
         self.alg = well_known_key["alg"]
 
@@ -184,16 +182,14 @@ class NHSLoginConfig(BaseModel):
             "exp": int(time()) + 300,  # 5 minutes in the future
         }
         additional_headers = {"kid": self.jwt_kid}
-        client_assertion = jwt.encode(
-            claims, self.jwt_private_key, algorithm=self.alg, headers=additional_headers
-        )
+        client_assertion = jwt.encode(claims, self.jwt_private_key, algorithm=self.alg, headers=additional_headers)
         return client_assertion
-    
 
 
 class BananaAuthenticatorConfig:  # Placeholder
     pass
 
+
 ### Authenticators
 class Authenticator(ABC):
     """Defines the interface"""
@@ -263,9 +259,7 @@ class AuthorizationCodeAuthenticator(Authenticator):
             },
         )
         if resp.status_code != 200:
-            raise RuntimeError(
-                f"{auth_url} request returned {resp.status_code}: {resp.text}"
-            )
+            raise RuntimeError(f"{auth_url} request returned {resp.status_code}: {resp.text}")
         return resp
 
     @staticmethod
@@ -299,9 +293,7 @@ class AuthorizationCodeAuthenticator(Authenticator):
         form_submission_data,
     ):
         form_submit_url = authorize_form.action or authorize_response.request.url
-        resp = session.request(
-            authorize_form.method, form_submit_url, data=form_submission_data
-        )
+        resp = session.request(authorize_form.method, form_submit_url, data=form_submission_data)
         # TODO: Investigate why when using the fixtures it returns 404 and when
         # using with external credentials returns 200
         # if resp.status_code != 200:
@@ -312,9 +304,7 @@ class AuthorizationCodeAuthenticator(Authenticator):
 
     @staticmethod
     def _get_auth_code_from_mock_auth(response_identity_service_login):
-        qs = urlparse(
-            response_identity_service_login.history[-1].headers["Location"]
-        ).query
+        qs = urlparse(response_identity_service_login.history[-1].headers["Location"]).query
         auth_code = parse_qs(qs)["code"]
         if isinstance(auth_code, list):
             # in case there's multiple, this was a bug at one stage
@@ -336,16 +326,12 @@ class AuthorizationCodeAuthenticator(Authenticator):
             self.config.scope,
         )
 
-        authorize_form = self._get_authorization_form(
-            authorize_response.content.decode()
-        )
+        authorize_form = self._get_authorization_form(authorize_response.content.decode())
         # 2. Parse the login page.  For keycloak this presents an
         # HTML form, which must be filled in with valid data.  The tester
         # can submits their login data with the `login_form` field.
 
-        form_submission_data = self._get_authorize_form_submission_data(
-            authorize_form, self.config.login_form
-        )
+        form_submission_data = self._get_authorize_form_submission_data(authorize_form, self.config.login_form)
 
         # form_submission_data["username"] = 656005750104
         #     # And here we inject a valid mock username for keycloak.
@@ -508,6 +494,7 @@ class NHSLoginSandpitAuthenticator(Authenticator):
 
 class NHSLoginAosAuthenticator(Authenticator):
     """Authenticates you against NHS-Login aos environment"""
+
     # This is only partially implemented. See below for usage:
     # https://nhsd-confluence.digital.nhs.uk/display/APM/KOP-085+Generating+NHS+login+ID+tokens
 

{pytest_nhsd_apim-5.0.0.dist-info → pytest_nhsd_apim-5.0.2.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: pytest-nhsd-apim
-Version: 5.0.0
+Version: 5.0.2
 Summary: Pytest plugin accessing NHSDigital's APIM proxies
 Home-page: https://github.com/NHSDigital/pytest-nhsd-apim
 Author: Adrian Ciobanita

{pytest_nhsd_apim-5.0.0.dist-info → pytest_nhsd_apim-5.0.2.dist-info}/RECORD

@@ -1,16 +1,16 @@
 pytest_nhsd_apim/__init__.py,sha256=CRwQfUDrbXIqvJX6OfTR4jGdhlU9kjGmBAptJasRg7E,72
 pytest_nhsd_apim/apigee_apis.py,sha256=u_sHjISj4XKgidVje1Uzq4LblMGnX4lrrrMWZM-SEF4,67289
-pytest_nhsd_apim/apigee_edge.py,sha256=NQrW8PeA_-X4zt2torTmBOaFIzRKjh6pT1ksolNjpmA,19065
+pytest_nhsd_apim/apigee_edge.py,sha256=STfwfXpdGLURCfZ3AoXwyAhfP2vIyVDY1U_W0350SE8,19076
 pytest_nhsd_apim/auth_journey.py,sha256=UovbLXhokUnikrMOaXIhjV8t5aRrcxinAbS96nfZWcY,5154
 pytest_nhsd_apim/config.py,sha256=ScKfV8iURqDXX2ajgGsRDcVn9RZy2DxLoEU2QQt9lmA,4246
-pytest_nhsd_apim/identity_service.py,sha256=0ymDSEsTuBYcMU15zFNuqEV6PMvC7Z0Vde0PkN8NQ2E,19899
+pytest_nhsd_apim/identity_service.py,sha256=naVMtBJR7cRYLbP1mJyyGGrit9YqWF50CpELM2vgp4g,19702
 pytest_nhsd_apim/log.py,sha256=8gYHqzlQM546FB2XvFmLTk1YfZRNeNhIwLmOy0GScr8,2685
 pytest_nhsd_apim/nhsd_apim_authorization.py,sha256=GR8GfbIZyqBC4jsSZMYNifDH52E3VWoIa7lrpuvIbaM,3513
 pytest_nhsd_apim/pytest_nhsd_apim.py,sha256=ZCItUqcM23CCmcRyGU8bEwI3vJnNcGdoOlbSfvYILR8,5242
 pytest_nhsd_apim/secrets.py,sha256=yIYwOZwpliIomtqSJGIYRbAE2HYvLvQU4W2kOa9TnXo,2354
 pytest_nhsd_apim/token_cache.py,sha256=6L08taTlSyRsx2NCb0LSGsHdWx_wmqwlFtcF7pZMhUg,3540
-pytest_nhsd_apim-5.0.0.dist-info/METADATA,sha256=8t_2m8WWcrUJ30Y8Cv4y4Mr_jC6cWo9z-TVZA0crtZM,4704
-pytest_nhsd_apim-5.0.0.dist-info/WHEEL,sha256=iAkIy5fosb7FzIOwONchHf19Qu7_1wCWyFNR5gu9nU0,91
-pytest_nhsd_apim-5.0.0.dist-info/entry_points.txt,sha256=XWicT3meTpqLXnZcXNoAd2IfXspFPlNgMgLBMy4nqwQ,57
-pytest_nhsd_apim-5.0.0.dist-info/top_level.txt,sha256=ZK5GZP-g_K8gNfm4a58T9JCRb0i1X267ngvNelCGgfQ,17
-pytest_nhsd_apim-5.0.0.dist-info/RECORD,,
+pytest_nhsd_apim-5.0.2.dist-info/METADATA,sha256=eovd0I30Nv0B0-RFskDi1FFdxuOQiK_VPfEpP93Y7eU,4704
+pytest_nhsd_apim-5.0.2.dist-info/WHEEL,sha256=iAkIy5fosb7FzIOwONchHf19Qu7_1wCWyFNR5gu9nU0,91
+pytest_nhsd_apim-5.0.2.dist-info/entry_points.txt,sha256=XWicT3meTpqLXnZcXNoAd2IfXspFPlNgMgLBMy4nqwQ,57
+pytest_nhsd_apim-5.0.2.dist-info/top_level.txt,sha256=ZK5GZP-g_K8gNfm4a58T9JCRb0i1X267ngvNelCGgfQ,17
+pytest_nhsd_apim-5.0.2.dist-info/RECORD,,