fixed header driven encryption

pqlMC · pqlMC · commit f0f76457ff50 · 2019-06-06T16:46:19.000+01:00
fixed tests
diff --git a/client_encryption/api_encryption.py b/client_encryption/api_encryption.py
@@ -25,7 +25,7 @@ def call_api_function(*args, **kwargs):
             """Wrap call_api and add field encryption layer to it."""
 
             in_body = kwargs.get("body", None)
-            kwargs["body"] = self._encrypt_payload(kwargs.get("headers", None), in_body) if in_body else in_body
+            kwargs["body"] = self._encrypt_payload(kwargs.get("header_params", None), in_body) if in_body else in_body
             kwargs["_preload_content"] = False
 
             response = func(*args, **kwargs)
@@ -95,9 +95,7 @@ def add_encryption_layer(api_client, encryption_conf_file):
 
 def __check_oauth(api_client):
     try:
-        oauth_layer = getattr(api_client.request, "__wrapped__").__oauth__
-        if not oauth_layer or type(oauth_layer) is not bool:
-            __oauth_warn()
+        api_client.request.__wrapped__
     except AttributeError:
         __oauth_warn()
 
diff --git a/client_encryption/field_level_encryption.py b/client_encryption/field_level_encryption.py
@@ -53,7 +53,10 @@ def decrypt_payload(payload, config, _params=None):
         if type(payload) is dict:
             json_payload = payload
         else:
-            json_payload = json.loads(payload)
+            try:
+                json_payload = json.loads(payload)
+            except json.JSONDecodeError:  # not a json response - return it as is
+                return payload
 
         for elem, target in config.paths["$"].to_decrypt.items():
             try:
@@ -90,7 +93,7 @@ def decrypt_payload(payload, config, _params=None):
         return json_payload
 
     except (IOError, ValueError, TypeError) as e:
-        raise EncryptionError("Payload encryption failed!", e)
+        raise EncryptionError("Payload decryption failed!", e)
 
 
 def _encrypt_value(_key, iv, node_str):
diff --git a/tests/test_api_encryption.py b/tests/test_api_encryption.py
@@ -170,10 +170,9 @@ def test_add_encryption_layer_post(self):
             }
         }, headers={"Content-Type": "application/json"})
 
-        self.assertIn("data", response.data)
-        self.assertIn("secret", response.data["data"])
-        self.assertEqual(secret2-secret1, response.data["data"]["secret"])
-        self.assertDictEqual({"Content-Type": "application/json"}, response.getheaders())
+        self.assertIn("data", response)
+        self.assertIn("secret", response["data"])
+        self.assertEqual(secret2-secret1, response["data"]["secret"])
 
     def test_add_encryption_layer_delete(self):
         secret1 = 394
@@ -187,18 +186,16 @@ def test_add_encryption_layer_delete(self):
             }
         }, headers={"Content-Type": "application/json"})
 
-        self.assertEqual("OK", response.data)
-        self.assertDictEqual({"Content-Type": "application/json"}, response.getheaders())
+        self.assertEqual("OK", response)
 
     def test_add_encryption_layer_get(self):
         test_client = MockApiClient()
         to_test.add_encryption_layer(test_client, self._json_config)
         response = MockService(test_client).do_something_get(headers={"Content-Type": "application/json"})
 
-        self.assertIn("data", response.data)
-        self.assertIn("secret", response.data["data"])
-        self.assertEqual([53, 84, 75], response.data["data"]["secret"])
-        self.assertDictEqual({"Content-Type": "application/json"}, response.getheaders())
+        self.assertIn("data", response)
+        self.assertIn("secret", response["data"])
+        self.assertEqual([53, 84, 75], response["data"]["secret"])
 
     def test_add_header_encryption_layer_post_no_oaep_algo(self):
         self._set_header_params_config()
@@ -216,10 +213,9 @@ def test_add_header_encryption_layer_post_no_oaep_algo(self):
             "encryptedData": {}
         }, headers={"Content-Type": "application/json"})
 
-        self.assertIn("data", response.data)
-        self.assertIn("secret", response.data["data"])
-        self.assertEqual(secret2-secret1, response.data["data"]["secret"])
-        self.assertDictEqual({"Content-Type": "application/json", "x-oaep-digest": "SHA256"}, response.getheaders())
+        self.assertIn("data", response)
+        self.assertIn("secret", response["data"])
+        self.assertEqual(secret2-secret1, response["data"]["secret"])
 
     def test_add_header_encryption_layer_post_no_cert_fingerprint(self):
         self._set_header_params_config()
@@ -237,10 +233,9 @@ def test_add_header_encryption_layer_post_no_cert_fingerprint(self):
             "encryptedData": {}
         }, headers={"Content-Type": "application/json"})
 
-        self.assertIn("data", response.data)
-        self.assertIn("secret", response.data["data"])
-        self.assertEqual(secret2-secret1, response.data["data"]["secret"])
-        self.assertDictEqual({"Content-Type": "application/json"}, response.getheaders())
+        self.assertIn("data", response)
+        self.assertIn("secret", response["data"])
+        self.assertEqual(secret2-secret1, response["data"]["secret"])
 
     def test_add_header_encryption_layer_post_no_pubkey_fingerprint(self):
         self._set_header_params_config()
@@ -258,10 +253,9 @@ def test_add_header_encryption_layer_post_no_pubkey_fingerprint(self):
             "encryptedData": {}
         }, headers={"Content-Type": "application/json"})
 
-        self.assertIn("data", response.data)
-        self.assertIn("secret", response.data["data"])
-        self.assertEqual(secret2-secret1, response.data["data"]["secret"])
-        self.assertDictEqual({"Content-Type": "application/json"}, response.getheaders())
+        self.assertIn("data", response)
+        self.assertIn("secret", response["data"])
+        self.assertEqual(secret2-secret1, response["data"]["secret"])
 
     def test_add_header_encryption_layer_no_iv(self):
         self._set_header_params_config()
@@ -294,10 +288,9 @@ def test_add_header_encryption_layer_post(self):
             "encryptedData": {}
         }, headers={"Content-Type": "application/json"})
 
-        self.assertIn("data", response.data)
-        self.assertIn("secret", response.data["data"])
-        self.assertEqual(secret2-secret1, response.data["data"]["secret"])
-        self.assertDictEqual({"Content-Type": "application/json"}, response.getheaders())
+        self.assertIn("data", response)
+        self.assertIn("secret", response["data"])
+        self.assertEqual(secret2-secret1, response["data"]["secret"])
 
     def test_add_header_encryption_layer_delete(self):
         self._set_header_params_config()
@@ -314,8 +307,7 @@ def test_add_header_encryption_layer_delete(self):
             "encryptedData": {}
         }, headers={"Content-Type": "application/json"})
 
-        self.assertEqual("OK", response.data)
-        self.assertDictEqual({"Content-Type": "application/json"}, response.getheaders())
+        self.assertEqual("OK", response)
 
     def test_add_header_encryption_layer_get(self):
         self._set_header_params_config()
@@ -324,10 +316,9 @@ def test_add_header_encryption_layer_get(self):
         to_test.add_encryption_layer(test_client, self._json_config)
         response = MockService(test_client).do_something_get_use_headers(headers={"Content-Type": "application/json"})
 
-        self.assertIn("data", response.data)
-        self.assertIn("secret", response.data["data"])
-        self.assertEqual([53, 84, 75], response.data["data"]["secret"])
-        self.assertDictEqual({"Content-Type": "application/json"}, response.getheaders())
+        self.assertIn("data", response)
+        self.assertIn("secret", response["data"])
+        self.assertEqual([53, 84, 75], response["data"]["secret"])
 
     @patch('client_encryption.api_encryption.__oauth_warn')
     def test_add_encryption_layer_oauth_set(self, __oauth_warn):
diff --git a/tests/utils/api_encryption_test_utils.py b/tests/utils/api_encryption_test_utils.py
@@ -25,22 +25,22 @@ def __init__(self, api_client=None):
         self.api_client = api_client
 
     def do_something_get(self, **kwargs):
-        return self.api_client.request("GET", "localhost/testservice", headers=kwargs["headers"])
+        return self.api_client.call_api("testservice", "GET", header_params=kwargs["headers"])
 
     def do_something_post(self, **kwargs):
-        return self.api_client.request("POST", "localhost/testservice", headers=kwargs["headers"], body=kwargs["body"])
+        return self.api_client.call_api("testservice", "POST", header_params=kwargs["headers"], body=kwargs["body"])
 
     def do_something_delete(self, **kwargs):
-        return self.api_client.request("DELETE", "localhost/testservice", headers=kwargs["headers"], body=kwargs["body"])
+        return self.api_client.call_api("testservice", "DELETE", header_params=kwargs["headers"], body=kwargs["body"])
 
     def do_something_get_use_headers(self, **kwargs):
-        return self.api_client.request("GET", "localhost/testservice/headers", headers=kwargs["headers"])
+        return self.api_client.call_api("testservice/headers", "GET", header_params=kwargs["headers"])
 
     def do_something_post_use_headers(self, **kwargs):
-        return self.api_client.request("POST", "localhost/testservice/headers", headers=kwargs["headers"], body=kwargs["body"])
+        return self.api_client.call_api("testservice/headers", "POST", header_params=kwargs["headers"], body=kwargs["body"])
 
     def do_something_delete_use_headers(self, **kwargs):
-        return self.api_client.request("DELETE", "localhost/testservice/headers", headers=kwargs["headers"], body=kwargs["body"])
+        return self.api_client.call_api("testservice/headers", "DELETE", header_params=kwargs["headers"], body=kwargs["body"])
 
 
 class MockApiClient(object):
@@ -56,13 +56,21 @@ def __init__(self, configuration=None, header_name=None, header_value=None,
     def request(self, method, url, query_params=None, headers=None,
                 post_params=None, body=None, _preload_content=True,
                 _request_timeout=None):
+        pass
+
+    def call_api(self, resource_path, method,
+                 path_params=None, query_params=None, header_params=None,
+                 body=None, post_params=None, files=None,
+                 response_type=None, auth_settings=None, async_req=None,
+                 _return_http_data_only=None, collection_formats=None,
+                 _preload_content=True, _request_timeout=None):
         check = -1
 
         if body:
-            if url == "localhost/testservice/headers":
-                iv = headers["x-iv"]
-                encrypted_key = headers["x-key"]
-                oaep_digest_algo = headers["x-oaep-digest"] if "x-oaep-digest" in headers else None
+            if resource_path == "testservice/headers":
+                iv = header_params["x-iv"]
+                encrypted_key = header_params["x-key"]
+                oaep_digest_algo = header_params["x-oaep-digest"] if "x-oaep-digest" in header_params else None
 
                 params = SessionKeyParams(self._config, encrypted_key, iv, oaep_digest_algo)
             else:
@@ -74,7 +82,7 @@ def request(self, method, url, query_params=None, headers=None,
         else:
             res = {"data": {"secret": [53, 84, 75]}}
 
-        if url == "localhost/testservice/headers" and method in ["GET", "POST", "PUT"]:
+        if resource_path == "testservice/headers" and method in ["GET", "POST", "PUT"]:
             params = SessionKeyParams.generate(self._config)
             json_resp = encryption.encrypt_payload(res, self._config, params)
 
