From c386f19a1614cc7e9a2cb9d70ec6fdb5d7503559 Mon Sep 17 00:00:00 2001 From: ekneg54 Date: Mon, 25 Mar 2024 14:44:32 +0100 Subject: [PATCH] add test for oauth password flow with client secrets and extra params --- logprep/util/credentials.py | 14 +++++++------- tests/unit/util/test_credentials.py | 18 ++++++++++++++++++ 2 files changed, 25 insertions(+), 7 deletions(-) diff --git a/logprep/util/credentials.py b/logprep/util/credentials.py index 4ca441c3d..1ffd99b57 100644 --- a/logprep/util/credentials.py +++ b/logprep/util/credentials.py @@ -128,10 +128,8 @@ def from_target(cls, target_url: str) -> "Credentials": raw_content: dict = cls._get_content(Path(credentials_file_path)) domain = urlparse(target_url).netloc scheme = urlparse(target_url).scheme - raw_credentials = raw_content.get(f"{scheme}://{domain}") - if raw_credentials: - cls._get_secret_content(raw_credentials) - credentials = cls._get_credentials_from_mapping(raw_credentials) + credential_mapping = raw_content.get(f"{scheme}://{domain}") + credentials = cls.from_dict(credential_mapping) return credentials @staticmethod @@ -171,7 +169,7 @@ def _get_content(file_path: Path) -> dict: ) from error @staticmethod - def _get_secret_content(credential_mapping: dict): + def _resolve_secret_content(credential_mapping: dict): """gets content from given secret_file in credentials file and updates credentials_mapping with this content. @@ -194,8 +192,10 @@ def _get_secret_content(credential_mapping: dict): credential_mapping.update(secret_content) @classmethod - def _get_credentials_from_mapping(cls, credential_mapping: dict) -> "Credentials": + def from_dict(cls, credential_mapping: dict) -> "Credentials": """matches the given credentials of the credentials mapping with the expected credential object""" + if credential_mapping: + cls._resolve_secret_content(credential_mapping) try: return cls._match_credentials(credential_mapping) except TypeError as error: @@ -235,7 +235,7 @@ def _match_credentials(cls, credential_mapping: dict) -> "Credentials": }: if extra_params: cls._logger.warning( - "Other parameters were given: %s but OAuth client authorization was chosen", + "Other parameters were given: %s but OAuth password authorization for confidential clients was chosen", extra_params.keys(), ) return OAuth2PasswordFlowCredentials( diff --git a/tests/unit/util/test_credentials.py b/tests/unit/util/test_credentials.py index 0aaa92e73..dcc427315 100644 --- a/tests/unit/util/test_credentials.py +++ b/tests/unit/util/test_credentials.py @@ -1,5 +1,6 @@ # pylint: disable=missing-docstring # pylint: disable=protected-access +import re from datetime import datetime, timedelta from unittest import mock @@ -945,3 +946,20 @@ def test_credentials_reads_secret_file_content_from_every_given_file(self, tmp_p with mock.patch.dict("os.environ", mock_env): creds = CredentialsFactory.from_target("http://some.url/configuration") assert isinstance(creds, Credentials) + + @mock.patch.object(CredentialsFactory, "_logger") + def test_warning_logged_when_extra_params_given(self, mock_logger): + credentials_file_content_with_extra_params = { + "endpoint": "https://endpoint.end", + "client_id": "test", + "client_secret": "test", + "username": "user1", + "password": "password", + "extra_param": "extra", + } + creds = CredentialsFactory.from_dict(credentials_file_content_with_extra_params) + mock_logger.warning.assert_called_once() + assert re.search( + r"OAuth password authorization for confidential clients", + mock_logger.mock_calls[0][1][0], + )