Fix security tests by using spec_set for Mock

spec-first · Apr 4, 2023 · 3934b32 · 3934b32
1 parent d62e20c
commit 3934b32
Show file tree

Hide file tree

Showing 2 changed files with 26 additions and 13 deletions.
diff --git a/connexion/lifecycle.py b/connexion/lifecycle.py
@@ -28,6 +28,10 @@ def content_type(self) -> str:
     def mimetype(self) -> str:
         raise NotImplementedError
 
+    @property
+    def headers(self) -> t.Any:
+        raise NotImplementedError
+
     @property
     def path_params(self) -> t.Dict[str, t.Any]:
         raise NotImplementedError
@@ -76,6 +80,10 @@ def content_type(self) -> str:
     def mimetype(self) -> str:
         return self._werkzeug_request.mimetype
 
+    @property
+    def headers(self):
+        return self._werkzeug_request.headers
+
     @property
     def path_params(self):
         if self._path_params is None:
@@ -146,6 +154,10 @@ def mimetype(self):
             self._mimetype = mimetype.decode()
         return self._mimetype
 
+    @property
+    def headers(self) -> t.Any:
+        return self._starlette_request.headers
+
     @property
     def path_params(self) -> t.Dict[str, t.Any]:
         if self._path_params is None:

diff --git a/tests/decorators/test_security.py b/tests/decorators/test_security.py
@@ -10,6 +10,7 @@
     OAuthResponseProblem,
     OAuthScopeProblem,
 )
+from connexion.lifecycle import ASGIRequest
 from connexion.security import (
     ApiKeySecurityHandler,
     BasicSecurityHandler,
@@ -59,7 +60,7 @@ def somefunc(token):
         somefunc, security_handler.validate_scope, ["admin"]
     )
 
-    request = MagicMock()
+    request = MagicMock(spec_set=ASGIRequest)
     request.headers = {}
 
     assert wrapped_func(request) is security_handler.no_value
@@ -82,7 +83,7 @@ async def get_tokeninfo_response(*args, **kwargs):
         token_info_func, security_handler.validate_scope, ["admin"]
     )
 
-    request = MagicMock()
+    request = MagicMock(spec_set=ASGIRequest)
     request.headers = {"Authorization": "Bearer 123"}
 
     client = MagicMock()
@@ -122,7 +123,7 @@ def somefunc(token):
         somefunc, security_handler.validate_scope, ["admin"]
     )
 
-    request = MagicMock()
+    request = MagicMock(spec_set=ASGIRequest)
     request.headers = {"Authorization": "Bearer 123"}
 
     with pytest.raises(OAuthResponseProblem):
@@ -140,7 +141,7 @@ def token_info(token):
         token_info, security_handler.validate_scope, ["admin"]
     )
 
-    request = MagicMock()
+    request = MagicMock(spec_set=ASGIRequest)
     request.headers = {"Authorization": "Bearer 123"}
 
     with pytest.raises(OAuthScopeProblem) as exc_info:
@@ -174,7 +175,7 @@ def somefunc(username, password, required_scopes=None):
     security_handler = BasicSecurityHandler()
     wrapped_func = security_handler._get_verify_func(somefunc)
 
-    request = MagicMock()
+    request = MagicMock(spec_set=ASGIRequest)
     request.headers = {"Authorization": "Bearer 123"}
 
     assert wrapped_func(request) is security_handler.no_value
@@ -189,7 +190,7 @@ def basic_info(username, password, required_scopes=None):
     security_handler = BasicSecurityHandler()
     wrapped_func = security_handler._get_verify_func(basic_info)
 
-    request = MagicMock()
+    request = MagicMock(spec_set=ASGIRequest)
     request.headers = {"Authorization": "Basic Zm9vOmJhcg=="}
 
     assert await wrapped_func(request) is not None
@@ -206,8 +207,8 @@ def apikey_info(apikey, required_scopes=None):
         apikey_info, "query", "auth"
     )
 
-    request = MagicMock()
-    request.query = {"auth": "foobar"}
+    request = MagicMock(spec_set=ASGIRequest)
+    request.query_params = {"auth": "foobar"}
 
     assert await wrapped_func(request) is not None
 
@@ -223,7 +224,7 @@ def apikey_info(apikey, required_scopes=None):
         apikey_info, "header", "X-Auth"
     )
 
-    request = MagicMock()
+    request = MagicMock(spec_set=ASGIRequest)
     request.headers = {"X-Auth": "foobar"}
 
     assert await wrapped_func(request) is not None
@@ -255,18 +256,18 @@ def apikey2_info(apikey, required_scopes=None):
     wrapped_func = security_handler_factory.verify_multiple_schemes(schemes)
 
     # Single key does not succeed
-    request = MagicMock()
+    request = MagicMock(spec_set=ASGIRequest)
     request.headers = {"X-Auth-1": "foobar"}
 
     assert await wrapped_func(request) is security_handler_factory.no_value
 
-    request = MagicMock()
+    request = MagicMock(spec_set=ASGIRequest)
     request.headers = {"X-Auth-2": "bar"}
 
     assert await wrapped_func(request) is security_handler_factory.no_value
 
     # Supplying both keys does succeed
-    request = MagicMock()
+    request = MagicMock(spec_set=ASGIRequest)
     request.headers = {"X-Auth-1": "foobar", "X-Auth-2": "bar"}
 
     expected_token_info = {
@@ -281,7 +282,7 @@ async def test_verify_security_oauthproblem():
     security_handler_factory = SecurityHandlerFactory()
     security_func = security_handler_factory.verify_security([])
 
-    request = MagicMock()
+    request = MagicMock(spec_set=ASGIRequest)
     with pytest.raises(OAuthProblem) as exc_info:
         await security_func(request)