diff --git a/src/common/authlete_util.py b/src/common/authlete_util.py index 4a0fe615..8c963920 100644 --- a/src/common/authlete_util.py +++ b/src/common/authlete_util.py @@ -3,6 +3,7 @@ import requests import settings from record_not_found_error import RecordNotFoundError +from jsonschema import ValidationError class AuthleteUtil: @@ -24,9 +25,11 @@ def is_accessible_client(client_id, user_id): return developer == user_id - # 404以外はALIS上では異常な状態であるため、システムエラーとして扱い、検知対象にする + # 400, 404以外はALIS上では異常な状態であるため、システムエラーとして扱い、検知対象にする @staticmethod def verify_valid_response(response, request_client_id=None): + if response.status_code == 400: + raise ValidationError('Please check the input parameters') if request_client_id and response.status_code == 404: raise RecordNotFoundError('{0} is not found.'.format(request_client_id)) diff --git a/tests/common/test_authlete_util.py b/tests/common/test_authlete_util.py index bd69528e..f1ad6377 100644 --- a/tests/common/test_authlete_util.py +++ b/tests/common/test_authlete_util.py @@ -8,6 +8,7 @@ import settings from authlete_util import AuthleteUtil from record_not_found_error import RecordNotFoundError +from jsonschema import ValidationError class TestAuthleteUtil(TestCase): @@ -90,6 +91,11 @@ def test_verify_valid_response(self): 'request_client_id': '12345', 'exception': False }, + { + 'status_code': 400, + 'request_client_id': '12345', + 'exception': ValidationError + }, { 'status_code': 404, 'request_client_id': None, @@ -121,6 +127,10 @@ def test_verify_valid_response(self): with self.assertRaises(Exception): AuthleteUtil.verify_valid_response(response, case['request_client_id']) + if case['exception'] is ValidationError: + with self.assertRaises(ValidationError): + AuthleteUtil.verify_valid_response(response, case['request_client_id']) + if case['exception'] is RecordNotFoundError: with self.assertRaises(RecordNotFoundError): AuthleteUtil.verify_valid_response(response, case['request_client_id']) diff --git a/tests/handlers/me/applications/create/test_me_applications_create.py b/tests/handlers/me/applications/create/test_me_applications_create.py index c95d11bf..b97292b5 100644 --- a/tests/handlers/me/applications/create/test_me_applications_create.py +++ b/tests/handlers/me/applications/create/test_me_applications_create.py @@ -89,6 +89,40 @@ def test_main_ok_type_native(self): self.assertEqual('PUBLIC', json.loads(responses.calls[0].request.body).get('clientType')) self.assertEqual('NONE', json.loads(responses.calls[0].request.body).get('tokenAuthMethod')) + @responses.activate + def test_main_ng_authlete_api_response_400(self): + params = { + 'body': { + 'name': 'あ' * 80, + 'description': 'A' * 180, + 'application_type': 'NATIVE', + 'redirect_urls': ['http://example.com/1'] + }, + 'requestContext': { + 'authorizer': { + 'claims': { + 'cognito:username': 'user01', + 'phone_number_verified': 'true', + 'email_verified': 'true' + } + } + } + } + + params['body'] = json.dumps(params['body']) + + # 400 が返却されるように mock 化 + responses.add(responses.POST, settings.AUTHLETE_CLIENT_ENDPOINT + '/create', + json={"resultCode": "A031208", "resultMessage": "error_message"}, status=400) + + response = MeApplicationsCreate(params, {}).main() + + logging.fatal(response) + + self.assertEqual(response['statusCode'], 400) + self.assertEqual(json.loads(response['body']), + {"message": "Invalid parameter: Please check the input parameters"}) + @patch('requests.post', MagicMock(side_effect=requests.exceptions.RequestException())) def test_main_with_exception(self): params = { diff --git a/tests/handlers/me/applications/update/test_me_applications_update.py b/tests/handlers/me/applications/update/test_me_applications_update.py index 0a18471c..7836f21c 100644 --- a/tests/handlers/me/applications/update/test_me_applications_update.py +++ b/tests/handlers/me/applications/update/test_me_applications_update.py @@ -58,6 +58,47 @@ def test_main_ok(self): self.assertEqual(response['statusCode'], 200) self.assertEqual(json.loads(response['body']), {"developer": "user01"}) + @responses.activate + def test_main_ng_authlete_api_response_400(self): + params = { + 'pathParameters': { + 'client_id': '123456789' + }, + 'body': { + 'name': 'あ' * 80, + 'description': 'A' * 180, + 'redirect_urls': ['http://example.com/1'] + }, + 'requestContext': { + 'authorizer': { + 'claims': { + 'cognito:username': 'user01', + 'phone_number_verified': 'true', + 'email_verified': 'true' + } + } + } + } + + params['body'] = json.dumps(params['body']) + + # 400 が返却されるように mock 化 + responses.add(responses.POST, + settings.AUTHLETE_CLIENT_ENDPOINT + '/update/' + params['pathParameters']['client_id'], + json={"resultCode": "A031233", "resultMessage": "error_message"}, status=400) + # AuthleteUtilで呼ばれるAPI callをmockする + responses.add(responses.GET, settings.AUTHLETE_CLIENT_ENDPOINT + '/get/' + params['pathParameters']['client_id'], + json={'developer': "user01"}, status=200) + # アプリケーション情報取得で呼ばれるAPI callをmockする + responses.add(responses.GET, settings.AUTHLETE_CLIENT_ENDPOINT + '/get/' + params['pathParameters']['client_id'], + json={'developer': "user01"}, status=200) + + response = MeApplicationUpdate(params, {}).main() + + self.assertEqual(response['statusCode'], 400) + self.assertEqual(json.loads(response['body']), + {"message": "Invalid parameter: Please check the input parameters"}) + @patch('requests.post', MagicMock(side_effect=requests.exceptions.RequestException())) def test_main_with_exception(self): params = {