Fix tests and update requirements

2024-11-24 17:28:08 +00:00 · 2021-04-05 17:43:35 +09:30 · 2021-04-05 17:43:35 +09:30 · 170e83e589
commit 170e83e589
parent 5217dbf3a3
4 changed files with 14 additions and 10 deletions
--- a/dev-requirements.txt
+++ b/dev-requirements.txt
@ -1,6 +1,6 @@
 -r requirements.txt

-pytest==6.2.2
+pytest==6.2.3
 flake8==3.9.0
 pytest-timeout==1.4.2
 pytest-asyncio==0.14.0
--- a/gns3server/services/authentication.py
+++ b/gns3server/services/authentication.py
@ -77,7 +77,7 @@ class AuthService:
            secret_key = self._server_config.get("jwt_secret_key", None)
        if secret_key is None:
            secret_key = DEFAULT_JWT_SECRET_KEY
-            log.error("A JWT secret key must be configured to secure the server, using default key...")
+            log.error("A JWT secret key must be configured to secure the server, using an unsecured default key!")
        algorithm = self._server_config.get("jwt_algorithm", "HS256")
        encoded_jwt = jwt.encode(to_encode, secret_key, algorithm=algorithm)
        return encoded_jwt
@ -94,7 +94,7 @@ class AuthService:
                secret_key = self._server_config.get("jwt_secret_key", None)
            if secret_key is None:
                secret_key = DEFAULT_JWT_SECRET_KEY
-                log.error("A JWT secret key must be configured to secure the server, using default key...")
+                log.error("A JWT secret key must be configured to secure the server, using an unsecured default key!")
            algorithm = self._server_config.get("jwt_algorithm", "HS256")
            payload = jwt.decode(token, secret_key, algorithms=[algorithm])
            username: str = payload.get("sub")
--- a/requirements.txt
+++ b/requirements.txt
@ -10,11 +10,10 @@ psutil==5.8.0
 async-timeout==3.0.1
 distro==1.5.0
 py-cpuinfo==7.0.0
-sqlalchemy==1.4.4
+sqlalchemy==1.4.5
 aiosqlite===0.17.0
 passlib[bcrypt]==1.7.4
 python-jose==3.2.0
 email-validator==1.1.2
 async-exit-stack==1.0.1  ; python_version < "3.7"
 async-generator==1.10  ; python_version < "3.7"
-greenlet==0.4.7  ; python_version < "3.7"  # workaround for https://github.com/sqlalchemy/sqlalchemy/issues/6166
--- a/tests/api/routes/controller/test_users.py
+++ b/tests/api/routes/controller/test_users.py
@ -127,19 +127,22 @@ class TestAuthTokens:
            self,
            app: FastAPI,
            client: AsyncClient,
-            test_user: User
+            test_user: User,
+            config: Config
    ) -> None:

+        jwt_secret = config.get_section_config("Server").get("jwt_secret_key", DEFAULT_JWT_SECRET_KEY)
        token = auth_service.create_access_token(test_user.username)
-        payload = jwt.decode(token, DEFAULT_JWT_SECRET_KEY, algorithms=["HS256"])
+        payload = jwt.decode(token, jwt_secret, algorithms=["HS256"])
        username = payload.get("sub")
        assert username == test_user.username

    async def test_token_missing_user_is_invalid(self, app: FastAPI, client: AsyncClient, config: Config) -> None:

+        jwt_secret = config.get_section_config("Server").get("jwt_secret_key", DEFAULT_JWT_SECRET_KEY)
        token = auth_service.create_access_token(None)
        with pytest.raises(jwt.JWTError):
-            jwt.decode(token, DEFAULT_JWT_SECRET_KEY, algorithms=["HS256"])
+            jwt.decode(token, jwt_secret, algorithms=["HS256"])

    async def test_can_retrieve_username_from_token(
            self,
@ -172,7 +175,7 @@ class TestAuthTokens:

        token = auth_service.create_access_token(test_user.username)
        if wrong_secret == "use correct secret":
-            wrong_secret = auth_service._server_config.get("jwt_secret_key")
+            wrong_secret = auth_service._server_config.get("jwt_secret_key", DEFAULT_JWT_SECRET_KEY)
        if wrong_token == "use correct token":
            wrong_token = token
        with pytest.raises(HTTPException):
@ -186,8 +189,10 @@ class TestUserLogin:
            app: FastAPI,
            client: AsyncClient,
            test_user: User,
+            config: Config
    ) -> None:

+        jwt_secret = config.get_section_config("Server").get("jwt_secret_key", DEFAULT_JWT_SECRET_KEY)
        client.headers["content-type"] = "application/x-www-form-urlencoded"
        login_data = {
            "username": test_user.username,
@ -198,7 +203,7 @@ class TestUserLogin:

        # check that token exists in response and has user encoded within it
        token = res.json().get("access_token")
-        payload = jwt.decode(token, DEFAULT_JWT_SECRET_KEY, algorithms=["HS256"])
+        payload = jwt.decode(token, jwt_secret, algorithms=["HS256"])
        assert "sub" in payload
        username = payload.get("sub")
        assert username == test_user.username