diff options
Diffstat (limited to 'service/test/unit/bitmask_libraries/test_provider.py')
-rw-r--r-- | service/test/unit/bitmask_libraries/test_provider.py | 29 |
1 files changed, 15 insertions, 14 deletions
diff --git a/service/test/unit/bitmask_libraries/test_provider.py b/service/test/unit/bitmask_libraries/test_provider.py index 0771c7cc..1fe5a66d 100644 --- a/service/test/unit/bitmask_libraries/test_provider.py +++ b/service/test/unit/bitmask_libraries/test_provider.py @@ -20,8 +20,8 @@ from httmock import all_requests, HTTMock, urlmatch from requests import HTTPError from pixelated.bitmask_libraries.config import LeapConfig from pixelated.bitmask_libraries.provider import LeapProvider +from pixelated.bitmask_libraries.certs import LeapCertificate from test_abstract_leap import AbstractLeapTest -from requests import Session import requests @@ -133,13 +133,14 @@ VeJ6 """ -CA_CERT = '/tmp/ca.crt' -BOOTSTRAP_CA_CERT = '/tmp/bootstrap-ca.crt' +PROVIDER_API_CERT = '/tmp/ca.crt' +PROVIDER_WEB_CERT = '/tmp/bootstrap-ca.crt' class LeapProviderTest(AbstractLeapTest): def setUp(self): - self.config = LeapConfig(verify_ssl=False, leap_home='/tmp/foobar', bootstrap_ca_cert_bundle=BOOTSTRAP_CA_CERT, ca_cert_bundle=CA_CERT) + self.config = LeapConfig(leap_home='/tmp/foobar') + LeapCertificate.set_cert_and_fingerprint(PROVIDER_WEB_CERT, None) def test_provider_fetches_provider_json(self): with HTTMock(provider_json_mock): @@ -195,6 +196,7 @@ class LeapProviderTest(AbstractLeapTest): session = MagicMock(wraps=requests.session()) session_func = MagicMock(return_value=session) get_func = MagicMock(wraps=requests.get) + LeapCertificate.LEAP_CERT = PROVIDER_WEB_CERT with patch('pixelated.bitmask_libraries.provider.requests.session', new=session_func): with patch('pixelated.bitmask_libraries.provider.requests.get', new=get_func): @@ -202,29 +204,28 @@ class LeapProviderTest(AbstractLeapTest): provider = LeapProvider('some-provider.test', self.config) provider.fetch_valid_certificate() - session.get.assert_any_call('https://some-provider.test/ca.crt', verify=BOOTSTRAP_CA_CERT, timeout=15) - session.get.assert_any_call('https://some-provider.test/provider.json', verify=BOOTSTRAP_CA_CERT, timeout=15) + session.get.assert_any_call('https://some-provider.test/ca.crt', verify=PROVIDER_WEB_CERT, timeout=15) + session.get.assert_any_call('https://some-provider.test/provider.json', verify=PROVIDER_WEB_CERT, timeout=15) def test_that_provider_cert_is_used_to_fetch_soledad_json(self): get_func = MagicMock(wraps=requests.get) + LeapCertificate.provider_api_cert = PROVIDER_API_CERT with patch('pixelated.bitmask_libraries.provider.requests.get', new=get_func): with HTTMock(provider_json_mock, soledad_json_mock, not_found_mock): provider = LeapProvider('some-provider.test', self.config) provider.fetch_soledad_json() - - get_func.assert_called_with('https://api.some-provider.test:4430/1/config/soledad-service.json', verify=CA_CERT, timeout=15) + get_func.assert_called_with('https://api.some-provider.test:4430/1/config/soledad-service.json', verify=PROVIDER_API_CERT, timeout=15) def test_that_leap_fingerprint_is_validated(self): session = MagicMock(wraps=requests.session()) session_func = MagicMock(return_value=session) + LeapCertificate.set_cert_and_fingerprint(None, 'some fingerprint') - with patch('pixelated.bitmask_libraries.provider.which_bootstrap_cert_fingerprint', return_value='some fingerprint'): - with patch('pixelated.bitmask_libraries.provider.which_bootstrap_CA_bundle', return_value=False): - with patch('pixelated.bitmask_libraries.provider.requests.session', new=session_func): - with HTTMock(provider_json_mock, ca_cert_mock, not_found_mock): - provider = LeapProvider('some-provider.test', self.config) - provider.fetch_valid_certificate() + with patch('pixelated.bitmask_libraries.provider.requests.session', new=session_func): + with HTTMock(provider_json_mock, ca_cert_mock, not_found_mock): + provider = LeapProvider('some-provider.test', self.config) + provider.fetch_valid_certificate() session.get.assert_any_call('https://some-provider.test/ca.crt', verify=False, timeout=15) session.mount.assert_called_with('https://', ANY) |