orthanc-tests: NewTests/Authorization/auth

annotate NewTests/Authorization/auth_service.py @ 664:854640df43d3 default tip

fix version

author	Alain Mazy <am@orthanc.team>
date	Sat, 06 Jul 2024 11:59:44 +0200
parents	3ac37a99a093
children

rev	line source
576 80ba6f1d521c new tests for authorization plugin (native only) Alain Mazy <am@osimis.io> parents: diff changeset	1 from fastapi import FastAPI
80ba6f1d521c new tests for authorization plugin (native only) Alain Mazy <am@osimis.io> parents: diff changeset	2 import logging
80ba6f1d521c new tests for authorization plugin (native only) Alain Mazy <am@osimis.io> parents: diff changeset	3 from models import *
80ba6f1d521c new tests for authorization plugin (native only) Alain Mazy <am@osimis.io> parents: diff changeset	4 import pprint
80ba6f1d521c new tests for authorization plugin (native only) Alain Mazy <am@osimis.io> parents: diff changeset	5
80ba6f1d521c new tests for authorization plugin (native only) Alain Mazy <am@osimis.io> parents: diff changeset	6 # Sample Authorization service that is started when the test starts.
80ba6f1d521c new tests for authorization plugin (native only) Alain Mazy <am@osimis.io> parents: diff changeset	7 # It does not check token validity and simply implements a set of basic users
80ba6f1d521c new tests for authorization plugin (native only) Alain Mazy <am@osimis.io> parents: diff changeset	8
577 0649a19df194 new tests for auth-service Alain Mazy <am@osimis.io> parents: 576 diff changeset	9
0649a19df194 new tests for auth-service Alain Mazy <am@osimis.io> parents: 576 diff changeset	10 logger = logging.getLogger()
0649a19df194 new tests for auth-service Alain Mazy <am@osimis.io> parents: 576 diff changeset	11 logger.setLevel(logging.DEBUG)
0649a19df194 new tests for auth-service Alain Mazy <am@osimis.io> parents: 576 diff changeset	12
576 80ba6f1d521c new tests for authorization plugin (native only) Alain Mazy <am@osimis.io> parents: diff changeset	13 app = FastAPI()
80ba6f1d521c new tests for authorization plugin (native only) Alain Mazy <am@osimis.io> parents: diff changeset	14
80ba6f1d521c new tests for authorization plugin (native only) Alain Mazy <am@osimis.io> parents: diff changeset	15
80ba6f1d521c new tests for authorization plugin (native only) Alain Mazy <am@osimis.io> parents: diff changeset	16
80ba6f1d521c new tests for authorization plugin (native only) Alain Mazy <am@osimis.io> parents: diff changeset	17 @app.post("/user/get-profile")
80ba6f1d521c new tests for authorization plugin (native only) Alain Mazy <am@osimis.io> parents: diff changeset	18 def get_user_profile(user_profile_request: UserProfileRequest):
80ba6f1d521c new tests for authorization plugin (native only) Alain Mazy <am@osimis.io> parents: diff changeset	19 logging.info("get user profile: " + user_profile_request.json())
80ba6f1d521c new tests for authorization plugin (native only) Alain Mazy <am@osimis.io> parents: diff changeset	20
577 0649a19df194 new tests for auth-service Alain Mazy <am@osimis.io> parents: 576 diff changeset	21 p = UserProfileResponse(
0649a19df194 new tests for auth-service Alain Mazy <am@osimis.io> parents: 576 diff changeset	22 name="anonymous",
0649a19df194 new tests for auth-service Alain Mazy <am@osimis.io> parents: 576 diff changeset	23 permissions=[],
0649a19df194 new tests for auth-service Alain Mazy <am@osimis.io> parents: 576 diff changeset	24 authorized_labels=[],
0649a19df194 new tests for auth-service Alain Mazy <am@osimis.io> parents: 576 diff changeset	25 validity=60
0649a19df194 new tests for auth-service Alain Mazy <am@osimis.io> parents: 576 diff changeset	26 )
0649a19df194 new tests for auth-service Alain Mazy <am@osimis.io> parents: 576 diff changeset	27
576 80ba6f1d521c new tests for authorization plugin (native only) Alain Mazy <am@osimis.io> parents: diff changeset	28 if user_profile_request.token_key == "user-token-key":
80ba6f1d521c new tests for authorization plugin (native only) Alain Mazy <am@osimis.io> parents: diff changeset	29 if user_profile_request.token_value == "token-uploader":
80ba6f1d521c new tests for authorization plugin (native only) Alain Mazy <am@osimis.io> parents: diff changeset	30 p = UserProfileResponse(
80ba6f1d521c new tests for authorization plugin (native only) Alain Mazy <am@osimis.io> parents: diff changeset	31 name="uploader",
80ba6f1d521c new tests for authorization plugin (native only) Alain Mazy <am@osimis.io> parents: diff changeset	32 permissions=["upload", "edit-labels", "delete", "view"],
80ba6f1d521c new tests for authorization plugin (native only) Alain Mazy <am@osimis.io> parents: diff changeset	33 authorized_labels=["*"],
80ba6f1d521c new tests for authorization plugin (native only) Alain Mazy <am@osimis.io> parents: diff changeset	34 validity=60
80ba6f1d521c new tests for authorization plugin (native only) Alain Mazy <am@osimis.io> parents: diff changeset	35 )
80ba6f1d521c new tests for authorization plugin (native only) Alain Mazy <am@osimis.io> parents: diff changeset	36 elif user_profile_request.token_value == "token-admin":
80ba6f1d521c new tests for authorization plugin (native only) Alain Mazy <am@osimis.io> parents: diff changeset	37 p = UserProfileResponse(
80ba6f1d521c new tests for authorization plugin (native only) Alain Mazy <am@osimis.io> parents: diff changeset	38 name="admin",
80ba6f1d521c new tests for authorization plugin (native only) Alain Mazy <am@osimis.io> parents: diff changeset	39 permissions=["all"],
80ba6f1d521c new tests for authorization plugin (native only) Alain Mazy <am@osimis.io> parents: diff changeset	40 authorized_labels=["*"],
80ba6f1d521c new tests for authorization plugin (native only) Alain Mazy <am@osimis.io> parents: diff changeset	41 validity=60
80ba6f1d521c new tests for authorization plugin (native only) Alain Mazy <am@osimis.io> parents: diff changeset	42 )
80ba6f1d521c new tests for authorization plugin (native only) Alain Mazy <am@osimis.io> parents: diff changeset	43 elif user_profile_request.token_value == "token-user-a":
80ba6f1d521c new tests for authorization plugin (native only) Alain Mazy <am@osimis.io> parents: diff changeset	44 p = UserProfileResponse(
80ba6f1d521c new tests for authorization plugin (native only) Alain Mazy <am@osimis.io> parents: diff changeset	45 name="user-a",
80ba6f1d521c new tests for authorization plugin (native only) Alain Mazy <am@osimis.io> parents: diff changeset	46 permissions=["view"],
80ba6f1d521c new tests for authorization plugin (native only) Alain Mazy <am@osimis.io> parents: diff changeset	47 authorized_labels=["label_a"],
80ba6f1d521c new tests for authorization plugin (native only) Alain Mazy <am@osimis.io> parents: diff changeset	48 validity=60
80ba6f1d521c new tests for authorization plugin (native only) Alain Mazy <am@osimis.io> parents: diff changeset	49 )
659 3ac37a99a093 new tests for auth: uploader-a Alain Mazy <am@orthanc.team> parents: 590 diff changeset	50 elif user_profile_request.token_value == "token-uploader-a": # this use shall be able to upload anything but view only the labeled studies
3ac37a99a093 new tests for auth: uploader-a Alain Mazy <am@orthanc.team> parents: 590 diff changeset	51 p = UserProfileResponse(
3ac37a99a093 new tests for auth: uploader-a Alain Mazy <am@orthanc.team> parents: 590 diff changeset	52 name="uploader-a",
3ac37a99a093 new tests for auth: uploader-a Alain Mazy <am@orthanc.team> parents: 590 diff changeset	53 permissions=["view", "upload"],
3ac37a99a093 new tests for auth: uploader-a Alain Mazy <am@orthanc.team> parents: 590 diff changeset	54 authorized_labels=["label_a"],
3ac37a99a093 new tests for auth: uploader-a Alain Mazy <am@orthanc.team> parents: 590 diff changeset	55 validity=60
3ac37a99a093 new tests for auth: uploader-a Alain Mazy <am@orthanc.team> parents: 590 diff changeset	56 )
577 0649a19df194 new tests for auth-service Alain Mazy <am@osimis.io> parents: 576 diff changeset	57
0649a19df194 new tests for auth-service Alain Mazy <am@osimis.io> parents: 576 diff changeset	58 return p
0649a19df194 new tests for auth-service Alain Mazy <am@osimis.io> parents: 576 diff changeset	59
0649a19df194 new tests for auth-service Alain Mazy <am@osimis.io> parents: 576 diff changeset	60
0649a19df194 new tests for auth-service Alain Mazy <am@osimis.io> parents: 576 diff changeset	61 @app.post("/tokens/validate")
0649a19df194 new tests for auth-service Alain Mazy <am@osimis.io> parents: 576 diff changeset	62 def validate_authorization(request: TokenValidationRequest):
0649a19df194 new tests for auth-service Alain Mazy <am@osimis.io> parents: 576 diff changeset	63
0649a19df194 new tests for auth-service Alain Mazy <am@osimis.io> parents: 576 diff changeset	64 logging.info("validating token: " + request.json())
576 80ba6f1d521c new tests for authorization plugin (native only) Alain Mazy <am@osimis.io> parents: diff changeset	65
577 0649a19df194 new tests for auth-service Alain Mazy <am@osimis.io> parents: 576 diff changeset	66 granted = False
590 c28bd957cb93 new tests for auth wrt /tools/create-media Alain Mazy <am@osimis.io> parents: 577 diff changeset	67 if request.token_value == "token-a-study":
577 0649a19df194 new tests for auth-service Alain Mazy <am@osimis.io> parents: 576 diff changeset	68 granted = request.orthanc_id == "b9c08539-26f93bde-c81ab0d7-bffaf2cb-a4d0bdd0"
590 c28bd957cb93 new tests for auth wrt /tools/create-media Alain Mazy <am@osimis.io> parents: 577 diff changeset	69 if request.token_value == "token-b-study":
c28bd957cb93 new tests for auth wrt /tools/create-media Alain Mazy <am@osimis.io> parents: 577 diff changeset	70 granted = request.orthanc_id == "27f7126f-4f66fb14-03f4081b-f9341db2-53925988"
c28bd957cb93 new tests for auth wrt /tools/create-media Alain Mazy <am@osimis.io> parents: 577 diff changeset	71 if request.token_value == "token-both-studies":
c28bd957cb93 new tests for auth wrt /tools/create-media Alain Mazy <am@osimis.io> parents: 577 diff changeset	72 granted = request.orthanc_id in ["b9c08539-26f93bde-c81ab0d7-bffaf2cb-a4d0bdd0", "27f7126f-4f66fb14-03f4081b-f9341db2-53925988"]
577 0649a19df194 new tests for auth-service Alain Mazy <am@osimis.io> parents: 576 diff changeset	73
0649a19df194 new tests for auth-service Alain Mazy <am@osimis.io> parents: 576 diff changeset	74 response = TokenValidationResponse(
0649a19df194 new tests for auth-service Alain Mazy <am@osimis.io> parents: 576 diff changeset	75 granted=granted,
0649a19df194 new tests for auth-service Alain Mazy <am@osimis.io> parents: 576 diff changeset	76 validity=60
0649a19df194 new tests for auth-service Alain Mazy <am@osimis.io> parents: 576 diff changeset	77 )
0649a19df194 new tests for auth-service Alain Mazy <am@osimis.io> parents: 576 diff changeset	78
0649a19df194 new tests for auth-service Alain Mazy <am@osimis.io> parents: 576 diff changeset	79 logging.info("validate token: " + response.json())
0649a19df194 new tests for auth-service Alain Mazy <am@osimis.io> parents: 576 diff changeset	80 return response

Mercurial > hg > orthanc-tests

annotate NewTests/Authorization/auth_service.py @ 664:854640df43d3 default tip