Merge pull request #101 from JaurbanRH/anonymous

Add test for anonymous identity
Kuadrant · Sep 23, 2022 · a97f6f6 · a97f6f6
2 parents be41f04 + 4b1863d
commit a97f6f6
Show file tree

Hide file tree

Showing 3 changed files with 44 additions and 0 deletions.
diff --git a/testsuite/objects/__init__.py b/testsuite/objects/__init__.py
@@ -40,6 +40,10 @@ def add_oidc_identity(self, name, endpoint):
     def add_api_key_identity(self, name, all_namespaces, match_label, match_expression):
         """Adds API Key identity"""
 
+    @abc.abstractmethod
+    def add_anonymous_identity(self, name):
+        """Adds anonymous identity"""
+
     @abc.abstractmethod
     def remove_all_identities(self):
         """Removes all identities from AuthConfig"""

diff --git a/testsuite/openshift/objects/auth_config.py b/testsuite/openshift/objects/auth_config.py
@@ -105,6 +105,12 @@ def add_api_key_identity(self, name, all_namespaces: bool = False,
             }
         })
 
+    @modify
+    def add_anonymous_identity(self, name):
+        """Adds anonymous identity"""
+        identities = self.model.spec.setdefault("identity", [])
+        identities.append({"name": name, "anonymous": {}})
+
     @modify
     def add_role_rule(self, name: str, role: str, path: str, metrics=False, priority=0):
         """

diff --git a/testsuite/tests/kuadrant/authorino/identity/test_anonymous_identity.py b/testsuite/tests/kuadrant/authorino/identity/test_anonymous_identity.py
@@ -0,0 +1,34 @@
+"""Test for anonymous identity"""
+import pytest
+
+
+@pytest.fixture(scope="module")
+def authorization(authorization, rhsso):
+    """Add RHSSO identity"""
+    authorization.add_oidc_identity("rhsso", rhsso.well_known["issuer"])
+    return authorization
+
+
+def test_anonymous_identity(client, auth, authorization):
+    """
+    Setup:
+        - Create AuthConfig with RHSSO identity
+    Test:
+        - Send request with authentication
+        - Assert that response status code is 200
+        - Send request without authentication
+        - Assert that response status code is 401 (Unauthorized)
+        - Add anonymous identity
+        - Send request without authentication
+        - Assert that response status code is 200
+    """
+    response = client.get("/get", auth=auth)
+    assert response.status_code == 200
+
+    response = client.get("/get")
+    assert response.status_code == 401
+
+    authorization.add_anonymous_identity("anonymous")
+
+    response = client.get("/get")
+    assert response.status_code == 200