From 8431fa80b7d06275e3fa7d719d713f31111cb4b8 Mon Sep 17 00:00:00 2001 From: Laura Soddu Date: Wed, 20 Nov 2024 12:36:07 +0100 Subject: [PATCH] feat: dynamic MongoDB config via PYEUDIW_MONGO_TEST_AUTH_INLINE - Replaced hardcoded MongoDB credentials with dynamic env variable. - Added fallback to 'satosa:thatpassword' for unauthenticated setups. - Updated config to parse username/password inline. - Documented usage and default behavior. --- example/satosa/integration_test/README.md | 30 ++++++++++++++++++--- example/satosa/integration_test/settings.py | 7 ++--- pyeudiw/tests/settings.py | 9 ++++--- pyeudiw/tests/storage/test_mongo_cache.py | 3 ++- pyeudiw/tests/storage/test_mongo_storage.py | 3 ++- 5 files changed, 40 insertions(+), 12 deletions(-) diff --git a/example/satosa/integration_test/README.md b/example/satosa/integration_test/README.md index 811e330a..baf5c14c 100644 --- a/example/satosa/integration_test/README.md +++ b/example/satosa/integration_test/README.md @@ -7,15 +7,39 @@ This integration test will verify a full authentication flow of a simulated IT-W ### Environment An up an running Openid4VP Relying Party is a requirement of this project. -The intended Relying Party of this integration test is the example one provided in the repostiory [https://github.com/italia/Satosa-Saml2Spid](https://github.com/italia/Satosa-Saml2Spid). +The intended Relying Party of this integration test is the example one provided in the repository [https://github.com/italia/Satosa-Saml2Spid](https://github.com/italia/Satosa-Saml2Spid). That project will provide full instruction on how to setup such an environment with Docker. -Before starting, make sure that the `pyeudiw_backend.yaml` is properly configured and included in the file `proxy_conf.yaml` that is running in your Docker environemnt. +Before starting, make sure that the `pyeudiw_backend.yaml` is properly configured and included in the file `proxy_conf.yaml` that is running in your Docker environment. This project folder always provide up to date example of the pyeudiw plugin configuration in the file [pyeudiw_backend.yaml](./pyeudiw_backend.yaml), as well as other configuration file of the module in [static](./static/) and [template](./template/) folders. +#### MongoDB Configuration for Tests + +The MongoDB connection is configured dynamically using the environment variable `PYEUDIW_MONGO_TEST_AUTH_INLINE`. + +#### How It Works +- The value of `PYEUDIW_MONGO_TEST_AUTH_INLINE` should be in the format `username:password`. +- If the variable is not set, the configuration defaults to: + - **Authentication**: Defaults to `satosa:thatpassword`. + - **MongoDB URL**: `mongodb://satosa:thatpassword@localhost:27017/?timeoutMS=2000`. + +#### Example Usage +1. **With Authentication**: + Set the environment variable: + ```bash + export PYEUDIW_MONGO_TEST_AUTH_INLINE="satosa:thatpassword" + ``` + +#### Custom Behavior +You can override the default credentials by setting the environment variable: + +```bash +export PYEUDIW_MONGO_TEST_AUTH_INLINE="customuser:custompassword" +``` + ### Dependencies -Requirements eexclusive to the integration test can be installed with +Requirements exclusive to the integration test can be installed with pip install -r requirements_test.txt diff --git a/example/satosa/integration_test/settings.py b/example/satosa/integration_test/settings.py index 76d2f123..b5416e71 100644 --- a/example/satosa/integration_test/settings.py +++ b/example/satosa/integration_test/settings.py @@ -1,3 +1,4 @@ +import os from cryptojwt.jws.jws import JWS from cryptojwt.jwk.jwk import key_from_jwk_dict from pyeudiw.tests.federation.base import ( @@ -21,7 +22,7 @@ "class": "MongoStorage", "init_params": { # according to Satosa-Saml2Spid demo - "url": "mongodb://satosa:thatpassword@localhost:27017/?timeoutMS=2000", + "url": f"mongodb://{os.getenv('PYEUDIW_MONGO_TEST_AUTH_INLINE', 'satosa:thatpassword')}@localhost:27017/?timeoutMS=2000", "conf": { "db_name": "eudiw", "db_sessions_collection": "sessions", @@ -29,8 +30,8 @@ "db_trust_anchors_collection": "trust_anchors" }, "connection_params": { - "username": "satosa", - "password": "thatpassword" + "username": os.getenv('PYEUDIW_MONGO_TEST_AUTH_INLINE', 'satosa:thatpassword').split(':')[0], + "password": os.getenv('PYEUDIW_MONGO_TEST_AUTH_INLINE', 'satosa:thatpassword').split(':')[1] if ':' in os.getenv('PYEUDIW_MONGO_TEST_AUTH_INLINE', 'satosa:thatpassword') else "" } } } diff --git a/pyeudiw/tests/settings.py b/pyeudiw/tests/settings.py index 95dc7ca9..17cb0420 100644 --- a/pyeudiw/tests/settings.py +++ b/pyeudiw/tests/settings.py @@ -1,3 +1,4 @@ +import os import pathlib from pyeudiw.tools.utils import exp_from_now, iat_now @@ -157,7 +158,7 @@ "class": "MongoCache", "init_params": { # according to Satosa-Saml2Spid demo - "url": "mongodb://satosa:thatpassword@localhost:27017/?timeoutMS=2000", + "url": f"mongodb://{os.getenv('PYEUDIW_MONGO_TEST_AUTH_INLINE', 'satosa:thatpassword')}@localhost:27017/?timeoutMS=2000", "conf": { "db_name": "eudiw" }, @@ -169,7 +170,7 @@ "class": "MongoStorage", "init_params": { # according to Satosa-Saml2Spid demo - "url": "mongodb://satosa:thatpassword@localhost:27017/?timeoutMS=2000", + "url": f"mongodb://{os.getenv('PYEUDIW_MONGO_TEST_AUTH_INLINE', 'satosa:thatpassword')}@localhost:27017/?timeoutMS=2000", "conf": { "db_name": "test-eudiw", "db_sessions_collection": "sessions", @@ -462,7 +463,7 @@ "class": "MongoCache", "init_params": { # according to Satosa-Saml2Spid demo - "url": "mongodb://satosa:thatpassword@localhost:27017/?timeoutMS=2000", + "url": f"mongodb://{os.getenv('PYEUDIW_MONGO_TEST_AUTH_INLINE', 'satosa:thatpassword')}@localhost:27017/?timeoutMS=2000", "conf": { "db_name": "eudiw" }, @@ -474,7 +475,7 @@ "class": "MongoStorage", "init_params": { # according to Satosa-Saml2Spid demo - "url": "mongodb://satosa:thatpassword@localhost:27017/?timeoutMS=2000", + "url": f"mongodb://{os.getenv('PYEUDIW_MONGO_TEST_AUTH_INLINE', 'satosa:thatpassword')}@localhost:27017/?timeoutMS=2000", "conf": { "db_name": "test-eudiw", "db_sessions_collection": "sessions", diff --git a/pyeudiw/tests/storage/test_mongo_cache.py b/pyeudiw/tests/storage/test_mongo_cache.py index dea295f4..4cdaac66 100644 --- a/pyeudiw/tests/storage/test_mongo_cache.py +++ b/pyeudiw/tests/storage/test_mongo_cache.py @@ -1,3 +1,4 @@ +import os import uuid import pytest @@ -10,7 +11,7 @@ class TestMongoCache: def create_storage_instance(self): self.cache = MongoCache( {"db_name": "eudiw"}, - "mongodb://satosa:thatpassword@localhost:27017/", + f"mongodb://{os.getenv('PYEUDIW_MONGO_TEST_AUTH_INLINE', 'satosa:thatpassword')}@localhost:27017/?timeoutMS=2000", {} ) diff --git a/pyeudiw/tests/storage/test_mongo_storage.py b/pyeudiw/tests/storage/test_mongo_storage.py index b71401d3..231caaf8 100644 --- a/pyeudiw/tests/storage/test_mongo_storage.py +++ b/pyeudiw/tests/storage/test_mongo_storage.py @@ -1,3 +1,4 @@ +import os import uuid import time import pytest @@ -15,7 +16,7 @@ def create_storage_instance(self): "db_trust_attestations_collection": "trust_attestations", "db_trust_anchors_collection": "trust_anchors" }, - "mongodb://satosa:thatpassword@localhost:27017/", + f"mongodb://{os.getenv('PYEUDIW_MONGO_TEST_AUTH_INLINE', 'satosa:thatpassword')}@localhost:27017/?timeoutMS=2000", {} )