From ae46fba56f079d3ef4921dbb5d4761fcd19d1756 Mon Sep 17 00:00:00 2001 From: Alex Zgabur Date: Thu, 2 Nov 2023 18:28:43 +0100 Subject: [PATCH] Authpolicy upgrade to v2 dynamic envoy --- .../openshift/objects/auth_config/sections.py | 25 +++++++++++++------ .../kuadrant/authorino/wristband/conftest.py | 4 +-- .../authorino/wristband/test_wristband.py | 3 --- 3 files changed, 18 insertions(+), 14 deletions(-) diff --git a/testsuite/openshift/objects/auth_config/sections.py b/testsuite/openshift/objects/auth_config/sections.py index ff2344a9..855c08ab 100644 --- a/testsuite/openshift/objects/auth_config/sections.py +++ b/testsuite/openshift/objects/auth_config/sections.py @@ -197,27 +197,36 @@ def add_uma(self, name, endpoint, credentials_secret, **common_features): class ResponseSection(Section): - """Section which contains response configuration. todo envoyDynamicMetadata""" + """Section which contains response configuration.""" @property def success_headers(self): - """Nested dict for most of the section.""" + """Nested dict for items wrapped as HTTP headers.""" return self.section.setdefault("success", {}).setdefault("headers", {}) - @modify - def clear_success_headers(self): - """Clears content of a success headers""" - self.success_headers.clear() + @property + def success_dynamic_metadata(self): + """Nested dict for items wrapped as Envoy Dynamic Metadata.""" + return self.section.setdefault("success", {}).setdefault("dynamicMetadata", {}) def _add( self, name: str, value: dict, + wrapper: Literal["headers", "dynamicMetadata"] = "headers", **common_features, ): - """Add response to AuthConfig""" + """ + Add response to AuthConfig. + + :param wrapper: This variable configures if the response should be wrapped as HTTP headers or + as Envoy Dynamic Metadata. Default is "headers" + """ add_common_features(value, **common_features) - self.success_headers.update({name: value}) + if wrapper == "headers": + self.success_headers.update({name: value}) + if wrapper == "dynamicMetadata": + self.success_dynamic_metadata.update({name: value}) def add_simple(self, auth_json: str, name="simple", key="data", **common_features): """ diff --git a/testsuite/tests/kuadrant/authorino/wristband/conftest.py b/testsuite/tests/kuadrant/authorino/wristband/conftest.py index 0a7d0173..c258590c 100644 --- a/testsuite/tests/kuadrant/authorino/wristband/conftest.py +++ b/testsuite/tests/kuadrant/authorino/wristband/conftest.py @@ -70,9 +70,7 @@ def wristband_endpoint(openshift, authorino, authorization_name): @pytest.fixture(scope="module") def authorization(authorization, wristband_secret, wristband_endpoint) -> AuthConfig: """Add wristband response with the signing key to the AuthConfig""" - authorization.responses.add_wristband( - "wristband", wristband_endpoint, wristband_secret, wrapper="envoyDynamicMetadata" - ) + authorization.responses.add_wristband("wristband", wristband_endpoint, wristband_secret, wrapper="dynamicMetadata") return authorization diff --git a/testsuite/tests/kuadrant/authorino/wristband/test_wristband.py b/testsuite/tests/kuadrant/authorino/wristband/test_wristband.py index 581682b6..4877592f 100644 --- a/testsuite/tests/kuadrant/authorino/wristband/test_wristband.py +++ b/testsuite/tests/kuadrant/authorino/wristband/test_wristband.py @@ -1,9 +1,6 @@ """Test api authentication with wristband-token that was acquired after authentication on the edge layer""" -import pytest from jose import jwt -pytest.skip("Envoy dynamic metadata not yet implemented due to v1beta2 AuthConfig change", allow_module_level=True) - def test_wristband_token_claims(oidc_provider, auth, wristband_token, wristband_endpoint, certificates): """Verify acquired jwt token claims"""