move cli-specific auth to CliSession, add tests for CliSession

Author: jreiberkyle

planet/cli/data.py

@@ -37,10 +37,8 @@
 
 @asynccontextmanager
 async def data_client(ctx):
-    auth = ctx.obj['AUTH']
-    base_url = ctx.obj['BASE_URL']
-    async with CliSession(auth=auth) as sess:
-        cl = DataClient(sess, base_url=base_url)
+    async with CliSession() as sess:
+        cl = DataClient(sess, base_url=ctx.obj['BASE_URL'])
         yield cl
 
 
@@ -52,7 +50,6 @@ async def data_client(ctx):
               help='Assign custom base Orders API URL.')
 def data(ctx, base_url):
     '''Commands for interacting with the Data API'''
-    ctx.obj['AUTH'] = None
     ctx.obj['BASE_URL'] = base_url
 
 

planet/cli/orders.py

@@ -31,9 +31,8 @@
 
 @asynccontextmanager
 async def orders_client(ctx):
-    auth = ctx.obj['AUTH']
     base_url = ctx.obj['BASE_URL']
-    async with CliSession(auth=auth) as sess:
+    async with CliSession() as sess:
         cl = OrdersClient(sess, base_url=base_url)
         yield cl
 
@@ -46,7 +45,6 @@ async def orders_client(ctx):
               help='Assign custom base Orders API URL.')
 def orders(ctx, base_url):
     '''Commands for interacting with the Orders API'''
-    ctx.obj['AUTH'] = None
     ctx.obj['BASE_URL'] = base_url
 
 

planet/cli/session.py

@@ -1,12 +1,11 @@
 """CLI HTTP/auth sessions."""
 
-from planet.auth import AuthType
+from planet.auth import Auth
 from planet.http import Session
-from typing import Optional
 
 
 class CliSession(Session):
-
-    def __init__(self, auth: Optional[AuthType] = None):
-        super().__init__(auth)
+    """Session with CLI-specific auth and identifying header"""
+    def __init__(self):
+        super().__init__(Auth.from_file())
         self._client.headers.update({'X-Planet-App': 'python-cli'})

planet/cli/subscriptions.py

@@ -14,9 +14,7 @@
 @click.pass_context
 def subscriptions(ctx):
     '''Commands for interacting with the Subscriptions API'''
-    # None means that order of precedence is 1) environment variable,
-    # 2) secret file.
-    ctx.obj['AUTH'] = None
+    pass
 
 
 # We want our command to be known as "list" on the command line but
@@ -40,7 +38,7 @@ def subscriptions(ctx):
 @coro
 async def list_subscriptions_cmd(ctx, status, limit, pretty):
     """Prints a sequence of JSON-encoded Subscription descriptions."""
-    async with CliSession(auth=ctx.obj['AUTH']) as session:
+    async with CliSession() as session:
         client = SubscriptionsClient(session)
         subs_aiter = client.list_subscriptions_aiter(status=status,
                                                      limit=limit)
@@ -77,7 +75,7 @@ def parse_request(ctx, param, value: str) -> dict:
 @coro
 async def create_subscription_cmd(ctx, request, pretty):
     """Submits a subscription request and prints the API response."""
-    async with CliSession(auth=ctx.obj['AUTH']) as session:
+    async with CliSession() as session:
         client = SubscriptionsClient(session)
         sub = await client.create_subscription(request)
         echo_json(sub, pretty)
@@ -91,7 +89,7 @@ async def create_subscription_cmd(ctx, request, pretty):
 @coro
 async def cancel_subscription_cmd(ctx, subscription_id, pretty):
     """Cancels a subscription and prints the API response."""
-    async with CliSession(auth=ctx.obj['AUTH']) as session:
+    async with CliSession() as session:
         client = SubscriptionsClient(session)
         sub = await client.cancel_subscription(subscription_id)
         echo_json(sub, pretty)
@@ -106,7 +104,7 @@ async def cancel_subscription_cmd(ctx, subscription_id, pretty):
 @coro
 async def update_subscription_cmd(ctx, subscription_id, request, pretty):
     """Updates a subscription and prints the API response."""
-    async with CliSession(auth=ctx.obj['AUTH']) as session:
+    async with CliSession() as session:
         client = SubscriptionsClient(session)
         sub = await client.update_subscription(subscription_id, request)
         echo_json(sub, pretty)
@@ -120,7 +118,7 @@ async def update_subscription_cmd(ctx, subscription_id, request, pretty):
 @coro
 async def describe_subscription_cmd(ctx, subscription_id, pretty):
     """Gets the description of a subscription and prints the API response."""
-    async with CliSession(auth=ctx.obj['AUTH']) as session:
+    async with CliSession() as session:
         client = SubscriptionsClient(session)
         sub = await client.get_subscription(subscription_id)
         echo_json(sub, pretty)
@@ -156,7 +154,7 @@ async def list_subscription_results_cmd(ctx,
                                         status,
                                         limit):
     """Gets results of a subscription and prints the API response."""
-    async with CliSession(auth=ctx.obj['AUTH']) as session:
+    async with CliSession() as session:
         client = SubscriptionsClient(session)
         results_aiter = client.get_results_aiter(subscription_id,
                                                  status=status,

tests/unit/test_cli_session.py

@@ -0,0 +1,100 @@
+# Copyright 2022 Planet Labs PBC.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may not
+# use this file except in compliance with the License. You may obtain a copy of
+# the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations under
+# the License.
+import base64
+from http import HTTPStatus
+import json
+
+import httpx
+import respx
+
+import pytest
+
+# from planet.auth import _SecretFile
+from planet import auth
+from planet.cli import session
+from planet.exceptions import AuthException
+
+TEST_URL = 'mock://mock.com'
+
+
+# skip the global mock of _SecretFile.read
+# for this module
+@pytest.fixture(autouse=True, scope='module')
+def test_secretfile_read():
+    return
+
+
+@pytest.fixture()
+def test_valid_secretfile(tmp_path, monkeypatch):
+    # write our own secret file
+    secret_path = f'{tmp_path}/secret.test'
+    monkeypatch.setattr(auth, 'SECRET_FILE_PATH', secret_path)
+    with open(secret_path, 'w') as fp:
+        json.dump({'key': 'clisessiontest'}, fp)
+
+
+@respx.mock
+@pytest.mark.asyncio
+async def test_CliSession_headers(test_valid_secretfile):
+    async with session.CliSession() as sess:
+        route = respx.get(TEST_URL)
+        route.return_value = httpx.Response(HTTPStatus.OK)
+
+        await sess.request(method='GET', url=TEST_URL)
+
+        # the proper headers are included and they have the expected values
+        received_request = route.calls.last.request
+        assert received_request.headers['x-planet-app'] == 'python-cli'
+        assert 'planet-client-python/' in received_request.headers[
+            'user-agent']
+
+
+@respx.mock
+@pytest.mark.asyncio
+async def test_CliSession_auth_valid(test_valid_secretfile):
+    async with session.CliSession() as sess:
+        route = respx.get(TEST_URL)
+        route.return_value = httpx.Response(HTTPStatus.OK)
+
+        await sess.request(method='GET', url=TEST_URL)
+
+        # the proper headers are included and they have the expected values
+        received_request = route.calls.last.request
+        credentials = received_request.headers['authorization'].strip(
+            'Authorization: Basic ')
+        assert base64.b64decode(credentials) == b'clisessiontest:'
+
+
+@respx.mock
+@pytest.mark.asyncio
+async def test_CliSession_auth_invalid(tmp_path, monkeypatch):
+    # write invalid secret file
+    secret_path = f'{tmp_path}/secret.test'
+    monkeypatch.setattr(auth, 'SECRET_FILE_PATH', secret_path)
+    with open(secret_path, 'w') as fp:
+        json.dump({'invalidkey': 'clisessiontest'}, fp)
+
+    with pytest.raises(AuthException):
+        session.CliSession()
+
+
+@respx.mock
+@pytest.mark.asyncio
+async def test_CliSession_auth_nofile(tmp_path, monkeypatch):
+    # point to non-existant file
+    secret_path = f'{tmp_path}/doesnotexist.test'
+    monkeypatch.setattr(auth, 'SECRET_FILE_PATH', secret_path)
+
+    with pytest.raises(AuthException):
+        session.CliSession()