Adding logic for production google login (#268)

* Adding env. variables for the environment plus rewriting unit tests * Removing unecessary import * Removing extra lines * Changing a comment to be more descriptive of the unit test
cds-snc · Sep 20, 2023 · 00ac6f7 · 00ac6f7
1 parent 59895b4
commit 00ac6f7
Show file tree

Hide file tree

Showing 3 changed files with 41 additions and 1 deletion.
diff --git a/.devcontainer/docker-compose.yml b/.devcontainer/docker-compose.yml
@@ -27,3 +27,4 @@ services:
       AWS_ACCESS_KEY_ID: 'AWS_ACCESS_KEY_ID'
       AWS_SECRET_ACCESS_KEY: 'AWS_SECRET_ACCESS_KEY'
       SHELL: /bin/zsh
+      ENVIRONMENT: 'dev'
diff --git a/app/server/server.py b/app/server/server.py
@@ -130,12 +130,16 @@ async def logout(request: Request):
 # Login route. You will be redirected to the google login page
 @handler.get("/login")
 async def login(request: Request):
+    # get the current environment (ie dev or prod)
+    environment = os.environ.get("ENVIRONMENT")
     # this is the route that will be called after the user logs in
     redirect_uri = request.url_for(
         "auth",
     )
-    if (request.url.__str__()).startswith("https"):
+    # if the environment is production, then make sure to replace the http to https, else don't do anything (ie if you are in dev)
+    if environment == "prod":
         redirect_uri = redirect_uri.__str__().replace("http", "https")
+
     return await oauth.google.authorize_redirect(request, redirect_uri)
 
 

diff --git a/app/tests/server/test_server.py b/app/tests/server/test_server.py
@@ -1,4 +1,6 @@
+from unittest import mock
 from server import bot_middleware, server
+import urllib.parse
 
 import os
 import pytest
@@ -319,6 +321,39 @@ def test_login_endpoint():
     assert "https://accounts.google.com/o/oauth2/v2/auth" in str(response.url)
 
 
+# Test the login endpoint converts the redirect_uri to https
+@mock.patch.dict(os.environ, {"ENVIRONMENT": "prod"})
+def test_login_endpoint_redirect_uri_prod():
+    # Make a test request to the login endpoint
+    response = client.get("/login")
+
+    # assert the call is successful
+    assert response.status_code == 200
+
+    if os.environ.get("ENVIRONMENT") == "prod":
+        redirect_uri = urllib.parse.quote_plus("http://testserver/auth")
+        redirect_uri = redirect_uri.__str__().replace("http", "https")
+
+    # assert that the response url we get from the login endpoint contains the redirect_uri replaced with https
+    assert response.url.__str__().__contains__("redirect_uri=" + redirect_uri)
+
+
+# Test the login endpoing that does not convert the redirect uri
+@mock.patch.dict(os.environ, {"ENVIRONMENT": "dev"})
+def test_login_endpoint_redirect_uri_dev():
+    # Make a test request to the login endpoint
+    response = client.get("/login")
+
+    # assert the call is successful
+    assert response.status_code == 200
+
+    if os.environ.get("ENVIRONMENT") == "dev":
+        redirect_uri = urllib.parse.quote_plus("http://testserver/auth")
+
+    # assert that the response url we get from the login endpoint contains the redirect_uri is not replaced with https (we need to keep the http)
+    assert response.url.__str__().__contains__("redirect_uri=" + redirect_uri)
+
+
 # Test the auth endpoint
 def test_auth_endpoint():
     response = client.get("/auth")