From f9d6f089014007193996e51757f72a8bf7ec78b9 Mon Sep 17 00:00:00 2001 From: John Estabrook Date: Sun, 24 Jul 2022 13:23:02 -0500 Subject: graphql: T3993: add smoketest for GraphQL key authorization --- smoketest/scripts/cli/test_service_https.py | 57 +++++++++++++++++++++++++++++ 1 file changed, 57 insertions(+) (limited to 'smoketest') diff --git a/smoketest/scripts/cli/test_service_https.py b/smoketest/scripts/cli/test_service_https.py index 71fb3e177..72c1d4e43 100755 --- a/smoketest/scripts/cli/test_service_https.py +++ b/smoketest/scripts/cli/test_service_https.py @@ -138,5 +138,62 @@ class TestHTTPSService(VyOSUnitTestSHIM.TestCase): # Must get HTTP code 401 on missing key (Unauthorized) self.assertEqual(r.status_code, 401) + # GraphQL auth test: a missing key will return status code 400, as + # 'key' is a non-nullable field in the schema; an incorrect key is + # caught by the resolver, and returns success 'False', so one must + # check the return value. + + self.cli_set(base_path + ['api', 'gql']) + self.cli_commit() + + gql_url = f'https://{address}/graphql' + + query_valid_key = f""" + {{ + SystemStatus (data: {{key: "{key}"}}) {{ + success + errors + data {{ + result + }} + }} + }} + """ + + r = request('POST', gql_url, verify=False, headers=headers, json={'query': query_valid_key}) + success = r.json()['data']['SystemStatus']['success'] + self.assertTrue(success) + + query_invalid_key = """ + { + SystemStatus (data: {key: "invalid"}) { + success + errors + data { + result + } + } + } + """ + + r = request('POST', gql_url, verify=False, headers=headers, json={'query': query_invalid_key}) + success = r.json()['data']['SystemStatus']['success'] + self.assertFalse(success) + + query_no_key = """ + { + SystemStatus (data: {}) { + success + errors + data { + result + } + } + } + """ + + r = request('POST', gql_url, verify=False, headers=headers, json={'query': query_no_key}) + self.assertEqual(r.status_code, 400) + if __name__ == '__main__': unittest.main(verbosity=2) -- cgit v1.2.3