Change the unit test to lambdas/lambda_authorizer

Author: nss10

.github/workflows/ci.yaml

@@ -43,3 +43,23 @@ jobs:
         run: |
           cd bmh_admin_portal_backend
           poetry run pytest -vv --cov-report xml tests
+
+  lambda_auth_unit_test:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Check out code
+        uses: actions/checkout@v3
+      - name: Set up python
+        uses: actions/setup-python@v4
+        with:
+          python-version: "3.9"
+      - name: Install pip requirements
+        run: |
+            cd bmh_admin_portal_backend/lambdas/lambda_authorizer
+            pip --version
+            pip install -r requirements.txt
+      - name: Run test
+        run: |
+          cd bmh_admin_portal_backend/lambdas/lambda_authorizer
+          pytest -vv --cov-report xml tests

.secrets.baseline

@@ -3,7 +3,7 @@
     "files": "bmh_admin_portal_ui/package-lock.json|^.secrets.baseline$|^../.secrets.baseline$",
     "lines": null
   },
-  "generated_at": "2024-06-11T18:37:34Z",
+  "generated_at": "2024-06-13T15:50:28Z",
   "plugins_used": [
     {
       "name": "AWSKeyDetector"
@@ -58,21 +58,37 @@
     }
   ],
   "results": {
-    "lambdas/workspaces_api_resource/workspaces_api_resource_handler.py": [
+    "bmh_admin_portal_backend/lambdas/workspaces_api_resource/workspaces_api_resource_handler.py": [
       {
         "hashed_secret": "505032eaf8a3acf9b094a326dfb1cd0537c75a0d",
         "is_verified": false,
         "line_number": 439,
         "type": "Secret Keyword"
       }
     ],
-    "poetry.lock": [
+    "bmh_admin_portal_backend/poetry.lock": [
       {
-        "hashed_secret": "7ea91fd4bc39f6ced54285ea67cfa7b247b33376",
+        "hashed_secret": "c1dd1514fc9014ac7cb6fe5f5c71e5a6f71a01ce",
         "is_verified": false,
-        "line_number": 2772,
+        "line_number": 2740,
         "type": "Hex High Entropy String"
       }
+    ],
+    "bmh_admin_portal_ui/README_DEPLOYMENT.md": [
+      {
+        "hashed_secret": "a033a528b603fed46f861d4b3542c417b99d41c8",
+        "is_verified": false,
+        "line_number": 74,
+        "type": "Secret Keyword"
+      }
+    ],
+    "bmh_workspace/templates/BMHAccountBaseline.yml": [
+      {
+        "hashed_secret": "5ef4751aeb252031285d28e935b86bbbe959d6f5",
+        "is_verified": false,
+        "line_number": 290,
+        "type": "Secret Keyword"
+      }
     ]
   },
   "version": "0.13.1",

bmh_admin_portal_backend/lambdas/lambda_authorizer/requirements.txt

@@ -1,2 +1,3 @@
 PyJWT==2.4.0
 cryptography==42.0.6
+jwcrypto==1.5.6

bmh_admin_portal_backend/tests/test_lambda_authorizer.py bmh_admin_portal_backend/lambdas/lambda_authorizer/tests/test_lambda_authorizer.py

@@ -1,5 +1,6 @@
 import pytest
 import io
+import os
 import json
 import jwt
 import time
@@ -16,6 +17,8 @@ def test_validate_token():
     Tests the functionality of validate token by creating a dummy JWT token using RS256 algorithm.
     Note: We also create an RSA key pair and a JWK for the public key for the test.
     """
+    os.environ["allowed_client_id_audience"] = "Valid test audience"
+    os.environ["auth_base_url"] = "https://mock.data-commons.org/user"
 
     # Generate RSA private key
     private_key = rsa.generate_private_key(public_exponent=65537, key_size=2048)
@@ -94,3 +97,7 @@ def test_validate_token():
     ):
         with pytest.raises(ExpiredSignatureError):
             payload = lambda_authorizer.validate_token(mock_jwt_token)
+
+    # teardown env vars
+    del os.environ["allowed_client_id_audience"]
+    del os.environ["auth_base_url"]

bmh_admin_portal_backend/poetry.lock

@@ -46,9 +46,6 @@ openapi-core = "^0.17.0"
 pytest = "^6.0.0"
 pytest-cov = "*"
 pyyaml = "^6.0.0"
-PyJWT = "^2.4.0"
-cryptography = "^42.0.6"
-jwcrypto = "^1.5.6"
 
 [build-system]
 requires = ["poetry-core>=1.0.0"]

bmh_admin_portal_backend/pyproject.toml

@@ -30,8 +30,6 @@ def setup_env_vars():
             "api_usage_id_param_name": "testUsageId",
             "total_usage_trigger_lambda_arn": "testTotalUsageArn",
             "user_services_email": "DummyUserServices@email.com",
-            "allowed_client_id_audience": "Valid test audience",
-            "auth_base_url": "https://mock.data-commons.org/user",
         },
     ):
         yield