Added unit test cases for platform token.

Author: delinea-sagar

conftest.py

@@ -18,6 +18,17 @@ def env_vars():
         "folder_path": os.getenv("TSS_FOLDER_PATH"),
     }
 
+@pytest.fixture
+def platform_env_vars():
+    return {
+        "username": os.getenv("PLATFORM_USERNAME"),
+        "password": os.getenv("PLATFORM_PASSWORD"),
+        "base_url": os.getenv("PLATFORM_BASEURL"),
+        "secret_id": os.getenv("TSS_SECRET_ID"),
+        "secret_path": os.getenv("TSS_SECRET_PATH"),
+        "folder_id": os.getenv("TSS_FOLDER_ID"),
+        "folder_path": os.getenv("TSS_FOLDER_PATH"),
+    }
 
 @pytest.fixture
 def authorizer(env_vars):
@@ -27,7 +38,20 @@ def authorizer(env_vars):
         env_vars["password"],
     )
 
+@pytest.fixture
+def platform_authorizer(platform_env_vars):
+    from delinea.secrets.server import PasswordGrantAuthorizer
+    return PasswordGrantAuthorizer(
+        platform_env_vars["base_url"],
+        platform_env_vars["username"],
+        platform_env_vars["password"],
+    )
 
 @pytest.fixture
 def secret_server(env_vars, authorizer):
     return SecretServerCloud(env_vars["tenant"], authorizer)
+
+@pytest.fixture
+def platform_server(platform_env_vars, platform_authorizer):
+    from delinea.secrets.server import SecretServer
+    return SecretServer(platform_env_vars["base_url"], platform_authorizer)

delinea/secrets/server.py

@@ -198,8 +198,9 @@ class AccessTokenAuthorizer(Authorizer):
     def get_access_token(self):
         return self.access_token
 
-    def __init__(self, access_token):
+    def __init__(self, access_token, server_type='secret_server'):
         self.access_token = access_token
+        self._server_type = server_type.lower()
 
 
 class PasswordGrantAuthorizer(Authorizer):
@@ -283,25 +284,25 @@ def _refresh(self, seconds_of_drift=300):
                 else:
                     raise SecretServerError("Unknown server type for token request.")
             if self._server_type == "secret_server":
-                token_url = self.base_url.rstrip("/") + "/" + self.token_path_uri.strip("/")
+                self.token_url = self.base_url.rstrip("/") + "/" + self.token_path_uri.strip("/")
                 grant_request = {
                     "username": self.username,
                     "password": self.password,
                     "grant_type": "password",
                 }
                 if hasattr(self, "domain") and self.domain:
                     grant_request["domain"] = self.domain
-                self.access_grant = self.get_access_grant(token_url, grant_request)
+                self.access_grant = self.get_access_grant(self.token_url, grant_request)
                 self.access_grant_refreshed = datetime.now()
             elif self._server_type == "platform":
-                token_url = self.base_url.rstrip("/") + "/" + self.token_path_uri.strip("/")
+                self.token_url = self.base_url.rstrip("/") + "/" + self.token_path_uri.strip("/")
                 grant_request = {
                     "client_id": self.username,
                     "client_secret": self.password,
                     "grant_type": "client_credentials",
                     "scope": "xpmheadless",
                 }
-                self.access_grant = self.get_access_grant(token_url, grant_request)
+                self.access_grant = self.get_access_grant(self.token_url, grant_request)
                 self.access_grant_refreshed = datetime.now()
             else:
                 raise SecretServerError("Unknown server type for token request.")

tests/test_server.py

@@ -20,6 +20,7 @@ def test_bad_url(env_vars, authorizer):
 
 
 def test_token_url(env_vars, authorizer):
+    authorizer.get_access_token()
     assert (
         authorizer.token_url
         == f"https://{env_vars['tenant']}.secretservercloud.com/oauth2/token"
@@ -77,3 +78,62 @@ def test_server_child_folder_ids_by_folderid(env_vars, secret_server):
         type(secret_server.get_child_folder_ids_by_folderid(env_vars["folder_id"]))
         is list
     )
+
+def test_platform_bad_url(platform_env_vars, platform_authorizer):
+    bad_server = SecretServer(
+        f"{platform_env_vars['base_url']}/nonexistent",
+        platform_authorizer,
+    )
+    with pytest.raises(SecretServerError):
+        bad_server.get_secret(platform_env_vars["secret_id"])
+
+def test_platform_token_url(platform_env_vars, platform_authorizer):
+    platform_authorizer.get_access_token()
+    assert (
+        platform_authorizer.token_url
+        == f"{platform_env_vars['base_url']}/identity/api/oauth2/token/xpmplatform"
+    )
+
+def test_platform_api_url(platform_server, platform_env_vars):
+    assert (
+        platform_server.api_url
+        == f"{platform_env_vars['base_url']}/api/v1"
+    )
+
+def test_platform_access_token_authorizer(platform_env_vars, platform_authorizer):
+    assert SecretServer(
+        platform_env_vars["base_url"],
+        AccessTokenAuthorizer(platform_authorizer.get_access_token(), 'platform'),
+    ).get_secret(platform_env_vars["secret_id"])["id"] == int(platform_env_vars["secret_id"])
+
+def test_platform_server_secret(platform_env_vars, platform_server):
+    assert ServerSecret(**platform_server.get_secret(platform_env_vars["secret_id"])).id == int(
+        platform_env_vars["secret_id"]
+    )
+
+def test_platform_server_secret_by_path(platform_env_vars, platform_server):
+    assert ServerSecret(
+        **platform_server.get_secret_by_path(platform_env_vars["secret_path"])
+    ).id == int(platform_env_vars["secret_id"])
+
+def test_platform_server_folder_by_path(platform_env_vars, platform_server):
+    assert ServerFolder(
+        **platform_server.get_folder_by_path(platform_env_vars["folder_path"])
+    ).id == int(platform_env_vars["folder_id"])
+
+def test_platform_nonexistent_secret(platform_server):
+    with pytest.raises(SecretServerClientError):
+        platform_server.get_secret(1000)
+
+def test_platform_nonexistent_folder(platform_server):
+    with pytest.raises(SecretServerClientError):
+        platform_server.get_folder(1000)
+
+def test_platform_server_secret_ids_by_folderid(platform_env_vars, platform_server):
+    assert type(platform_server.get_secret_ids_by_folderid(platform_env_vars["folder_id"])) is list
+
+def test_platform_server_child_folder_ids_by_folderid(platform_env_vars, platform_server):
+    assert (
+        type(platform_server.get_child_folder_ids_by_folderid(platform_env_vars["folder_id"]))
+        is list
+    )

tox.ini

@@ -6,7 +6,7 @@
 # Docs for tox config -> https://tox.readthedocs.io/en/latest/config.html
 
 [tox]
-envlist = 3.8, 3.9, 3.10, 3.11
+envlist = 3.8, 3.9, 3.10, 3.11, 3.12
 isolated_build = True
 skipsdist = True
 
@@ -23,5 +23,8 @@ passenv =
     TSS_SECRET_PATH
     TSS_FOLDER_ID
     TSS_FOLDER_PATH
+    PLATFORM_USERNAME
+    PLATFORM_PASSWORD
+    PLATFORM_BASEURL
 commands =
     pytest