Merge pull request #10 from Mastercard/enc_openapi_5.2.1

Changes to make compatible with OpenAPI Generator 5.2.1

Author: Akshaykdubey

client_encryption/api_encryption.py

@@ -1,4 +1,5 @@
 import json
+import inspect
 from functools import wraps
 from warnings import warn
 from client_encryption.field_level_encryption_config import FieldLevelEncryptionConfig
@@ -17,19 +18,41 @@ def __init__(self, encryption_conf_file):
             with open(encryption_conf_file, encoding='utf-8') as json_file:
                 self._encryption_conf = FieldLevelEncryptionConfig(json_file.read())
 
+    def field_encryption_call_api(self, func):
+        """Decorator for API call_api. func is APIClient.call_api"""
+
+        @wraps(func)
+        def call_api_function(*args, **kwargs):
+            check_type = inspect.signature(func.__self__.call_api).parameters.get("_check_type") is None
+            if check_type:
+                kwargs["_preload_content"] = False  # version 4.3.1
+            return func(*args, **kwargs)
+
+        call_api_function.__fle__ = True
+
+        return call_api_function
+
     def field_encryption(self, func):
         """Decorator for API call_api. func is APIClient.call_api"""
 
         @wraps(func)
         def call_api_function(*args, **kwargs):
             """Wrap call_api and add field encryption layer to it."""
 
+            check_type = inspect.signature(func.__self__.call_api).parameters.get("_check_type") is not None
+
             in_body = kwargs.get("body", None)
-            kwargs["body"] = self._encrypt_payload(args[4], in_body) if in_body else in_body
-            kwargs["_preload_content"] = False
+
+            in_headers = kwargs.get("headers", None)
+
+            kwargs["body"] = self._encrypt_payload(in_headers, in_body) if in_body else in_body
 
             response = func(*args, **kwargs)
-            response._body = self._decrypt_payload(response.getheaders(), response.data)
+
+            if check_type:
+                response.data = self._decrypt_payload(response.getheaders(), response.data)
+            else:
+                response._body = self._decrypt_payload(response.getheaders(), response.data)
 
             return response
 
@@ -98,14 +121,15 @@ def add_encryption_layer(api_client, encryption_conf_file):
     """Decorate APIClient.call_api with field level encryption"""
 
     api_encryption = ApiEncryption(encryption_conf_file)
-    api_client.call_api = api_encryption.field_encryption(api_client.call_api)
+    api_client.request = api_encryption.field_encryption(api_client.request)
+    api_client.call_api = api_encryption.field_encryption_call_api(api_client.call_api)
 
     __check_oauth(api_client)  # warn the user if authentication layer is missing/not set
 
 
 def __check_oauth(api_client):
     try:
-        api_client.request.__wrapped__
+        api_client.rest_client.request.__wrapped__
     except AttributeError:
         __oauth_warn()
 

client_encryption/json_path_utils.py

@@ -21,7 +21,7 @@ def get_node(tree, path, create=False):
     if __not_root(path):
         current = __get_node(tree, path.split(_SEPARATOR), create)
 
-    return current
+    return current  # is a dict
 
 
 def update_node(tree, path, node_str):
@@ -37,11 +37,15 @@ def update_node(tree, path, node_str):
         else:
             current_node = tree
 
-        if to_set in current_node and type(current_node[to_set]) is dict and type(json.loads(node_str)) is dict:
-            current_node[to_set].update(json.loads(node_str))
-        else:
-            current_node[to_set] = json.loads(node_str)
+        try:
+            node_json = json.loads(node_str)
+        except json.JSONDecodeError:
+            node_json = node_str
 
+        if to_set in current_node and type(current_node[to_set]) is dict and type(node_json) is dict:
+            current_node[to_set].update(node_json)
+        else:
+            current_node[to_set] = node_json
     else:
         tree.clear()
         tree.update(json.loads(node_str))
@@ -62,7 +66,11 @@ def pop_node(tree, path):
         else:
             node = tree
 
-        return json.dumps(node.pop(to_delete))
+        deleted_elem = node.pop(to_delete)
+        if isinstance(deleted_elem, str):
+            return deleted_elem
+        else:
+            return json.dumps(deleted_elem)
 
     else:
         node = json.dumps(tree)

tests/test_api_encryption.py

@@ -1,7 +1,7 @@
 import unittest
 from unittest.mock import patch, Mock
 import json
-from tests.utils.api_encryption_test_utils import MockApiClient, MockService
+from tests.utils.api_encryption_test_utils import MockApiClient, MockService, MockRestApiClient
 from tests import get_config_for_test, TEST_CONFIG
 import client_encryption.api_encryption as to_test
 
@@ -170,9 +170,9 @@ def test_add_encryption_layer_post(self):
             }
         }, headers={"Content-Type": "application/json"})
 
-        self.assertIn("data", response.data)
-        self.assertIn("secret", response.data["data"])
-        self.assertEqual(secret2-secret1, response.data["data"]["secret"])
+        self.assertIn("data", json.loads(response.data))
+        self.assertIn("secret", json.loads(response.data)["data"])
+        self.assertEqual(secret2-secret1, json.loads(response.data)["data"]["secret"])
         self.assertDictEqual({"Content-Type": "application/json"}, response.getheaders())
 
     def test_add_encryption_layer_delete(self):
@@ -187,17 +187,18 @@ def test_add_encryption_layer_delete(self):
             }
         }, headers={"Content-Type": "application/json"})
 
-        self.assertEqual("OK", response.data)
+        self.assertEqual("OK", json.loads(response.data))
         self.assertDictEqual({"Content-Type": "application/json"}, response.getheaders())
 
     def test_add_encryption_layer_get(self):
         test_client = MockApiClient()
         to_test.add_encryption_layer(test_client, self._json_config)
         response = MockService(test_client).do_something_get(headers={"Content-Type": "application/json"})
+        json_res = json.loads(response.data)
 
-        self.assertIn("data", response.data)
-        self.assertIn("secret", response.data["data"])
-        self.assertEqual([53, 84, 75], response.data["data"]["secret"])
+        self.assertIn("data", json_res)
+        self.assertIn("secret", json_res['data'])
+        self.assertEqual([53, 84, 75], json_res["data"]["secret"])
         self.assertDictEqual({"Content-Type": "application/json"}, response.getheaders())
 
     def test_add_header_encryption_layer_post_no_oaep_algo(self):
@@ -216,9 +217,9 @@ def test_add_header_encryption_layer_post_no_oaep_algo(self):
             "encryptedData": {}
         }, headers={"Content-Type": "application/json"})
 
-        self.assertIn("data", response.data)
-        self.assertIn("secret", response.data["data"])
-        self.assertEqual(secret2-secret1, response.data["data"]["secret"])
+        self.assertIn("data", json.loads(response.data))
+        self.assertIn("secret", json.loads(response.data)["data"])
+        self.assertEqual(secret2-secret1, json.loads(response.data)["data"]["secret"])
         self.assertDictEqual({"Content-Type": "application/json", "x-oaep-digest": "SHA256"}, response.getheaders())
 
     def test_add_header_encryption_layer_post_no_cert_fingerprint(self):
@@ -237,9 +238,9 @@ def test_add_header_encryption_layer_post_no_cert_fingerprint(self):
             "encryptedData": {}
         }, headers={"Content-Type": "application/json"})
 
-        self.assertIn("data", response.data)
-        self.assertIn("secret", response.data["data"])
-        self.assertEqual(secret2-secret1, response.data["data"]["secret"])
+        self.assertIn("data", json.loads(response.data))
+        self.assertIn("secret", json.loads(response.data)["data"])
+        self.assertEqual(secret2-secret1, json.loads(response.data)["data"]["secret"])
         self.assertDictEqual({"Content-Type": "application/json"}, response.getheaders())
 
     def test_add_header_encryption_layer_post_no_pubkey_fingerprint(self):
@@ -258,9 +259,9 @@ def test_add_header_encryption_layer_post_no_pubkey_fingerprint(self):
             "encryptedData": {}
         }, headers={"Content-Type": "application/json"})
 
-        self.assertIn("data", response.data)
-        self.assertIn("secret", response.data["data"])
-        self.assertEqual(secret2-secret1, response.data["data"]["secret"])
+        self.assertIn("data", json.loads(response.data))
+        self.assertIn("secret", json.loads(response.data)["data"])
+        self.assertEqual(secret2-secret1, json.loads(response.data)["data"]["secret"])
         self.assertDictEqual({"Content-Type": "application/json"}, response.getheaders())
 
     def test_add_header_encryption_layer_no_iv(self):
@@ -294,9 +295,9 @@ def test_add_header_encryption_layer_post(self):
             "encryptedData": {}
         }, headers={"Content-Type": "application/json"})
 
-        self.assertIn("data", response.data)
-        self.assertIn("secret", response.data["data"])
-        self.assertEqual(secret2-secret1, response.data["data"]["secret"])
+        self.assertIn("data", json.loads(response.data))
+        self.assertIn("secret", json.loads(response.data)["data"])
+        self.assertEqual(secret2-secret1, json.loads(response.data)["data"]["secret"])
         self.assertDictEqual({"Content-Type": "application/json"}, response.getheaders())
 
     def test_add_header_encryption_layer_delete(self):
@@ -324,15 +325,16 @@ def test_add_header_encryption_layer_get(self):
         to_test.add_encryption_layer(test_client, self._json_config)
         response = MockService(test_client).do_something_get_use_headers(headers={"Content-Type": "application/json"})
 
-        self.assertIn("data", response.data)
-        self.assertIn("secret", response.data["data"])
-        self.assertEqual([53, 84, 75], response.data["data"]["secret"])
+        self.assertIn("data", json.loads(response.data))
+        self.assertIn("secret", json.loads(response.data)["data"])
+        self.assertEqual([53, 84, 75], json.loads(response.data)["data"]["secret"])
         self.assertDictEqual({"Content-Type": "application/json"}, response.getheaders())
 
     @patch('client_encryption.api_encryption.__oauth_warn')
     def test_add_encryption_layer_oauth_set(self, __oauth_warn):
         test_client = MockApiClient()
-        to_test.add_encryption_layer(test_client, self._json_config)
+        test_rest_client = MockRestApiClient(test_client)
+        to_test.add_encryption_layer(test_rest_client, self._json_config)
 
         assert not __oauth_warn.called
 

tests/test_field_level_encryption.py

@@ -128,6 +128,15 @@ def test_encrypt_payload_with_type_integer(self):
         encrypted_payload = to_test.encrypt_payload(payload, self._config)
         self.__assert_payload_encrypted(payload, encrypted_payload, self._config)
 
+    def test_encrypt_payload_with_type_float(self):
+        payload = {
+            "data": 123.34,
+            "encryptedData": {}
+        }
+
+        encrypted_payload = to_test.encrypt_payload(payload, self._config)
+        self.__assert_payload_encrypted(payload, encrypted_payload, self._config)
+
     def test_encrypt_payload_with_type_boolean(self):
         payload = {
             "data": False,

tests/test_json_path_utils.py

@@ -147,8 +147,9 @@ def test_update_node_empty_path(self):
 
     def test_update_node_not_json(self):
         sample_json = self.__get_sample_json()
+        node = to_test.update_node(sample_json, "node1.node2", "not a json string")
 
-        self.assertRaises(json.JSONDecodeError, to_test.update_node, sample_json, "node1.node2", "not a json string")
+        self.assertIsInstance(node["node1"]["node2"], str, "not a json string")
 
     def test_update_node_primitive_type(self):
         sample_json = self.__get_sample_json()
@@ -204,7 +205,7 @@ def test_pop_node(self):
         sample_json = self.__get_sample_json()
         node = to_test.pop_node(sample_json, "node1.node2.colour")
         self.assertIsInstance(node, str, "Not a string")
-        self.assertEqual("red", json.loads(node))
+        self.assertEqual("red", node)
         self.assertDictEqual({"node1": {
                                 "node2": {
                                     "shape": "circle",

tests/utils/api_encryption_test_utils.py

@@ -25,22 +25,32 @@ def __init__(self, api_client=None):
         self.api_client = api_client
 
     def do_something_get(self, **kwargs):
-        return self.api_client.call_api("testservice", "GET", None, None, kwargs["headers"])
+        return self.api_client.request("GET", "testservice", None, kwargs["headers"])
 
     def do_something_post(self, **kwargs):
-        return self.api_client.call_api("testservice", "POST", None, None, kwargs["headers"], body=kwargs["body"])
+        return self.api_client.request("POST", "testservice", None, kwargs["headers"], post_params=None, body=kwargs["body"])
 
     def do_something_delete(self, **kwargs):
-        return self.api_client.call_api("testservice", "DELETE", None, None, kwargs["headers"], body=kwargs["body"])
+        return self.api_client.request("DELETE", "testservice", None, kwargs["headers"], post_params=None, body=kwargs["body"])
 
     def do_something_get_use_headers(self, **kwargs):
-        return self.api_client.call_api("testservice/headers", "GET", None, None, kwargs["headers"])
+        return self.api_client.request("GET", "testservice/headers", None, kwargs["headers"])
 
     def do_something_post_use_headers(self, **kwargs):
-        return self.api_client.call_api("testservice/headers", "POST", None, None, kwargs["headers"], body=kwargs["body"])
+        return self.api_client.request("POST", "testservice/headers", None, headers=kwargs["headers"], post_params=None, body=kwargs["body"])
 
     def do_something_delete_use_headers(self, **kwargs):
-        return self.api_client.call_api("testservice/headers", "DELETE", None, None, kwargs["headers"], body=kwargs["body"])
+        return self.api_client.request("DELETE", "testservice/headers", None, headers=kwargs["headers"], post_params=None, body=kwargs["body"])
+
+
+class MockRestApiClient(object):
+
+    def __init__(self, request):
+        self.request = request
+        self.rest_client = request
+
+    def call_api(self):
+        pass
 
 
 class MockApiClient(object):
@@ -56,33 +66,25 @@ def __init__(self, configuration=None, header_name=None, header_value=None,
     def request(self, method, url, query_params=None, headers=None,
                 post_params=None, body=None, _preload_content=True,
                 _request_timeout=None):
-        pass
-
-    def call_api(self, resource_path, method,
-                 path_params=None, query_params=None, header_params=None,
-                 body=None, post_params=None, files=None,
-                 response_type=None, auth_settings=None, async_req=None,
-                 _return_http_data_only=None, collection_formats=None,
-                 _preload_content=True, _request_timeout=None):
         check = -1
 
         if body:
-            if resource_path == "testservice/headers":
-                iv = header_params["x-iv"]
-                encrypted_key = header_params["x-key"]
-                oaep_digest_algo = header_params["x-oaep-digest"] if "x-oaep-digest" in header_params else None
+            if url == "testservice/headers":
+                iv = headers["x-iv"]
+                encrypted_key = headers["x-key"]
+                oaep_digest_algo = headers["x-oaep-digest"] if "x-oaep-digest" in headers else None
 
                 params = SessionKeyParams(self._config, encrypted_key, iv, oaep_digest_algo)
             else:
                 params = None
 
             plain = encryption.decrypt_payload(body, self._config, params)
-            check = plain["data"]["secret2"]-plain["data"]["secret1"]
+            check = plain["data"]["secret2"] - plain["data"]["secret1"]
             res = {"data": {"secret": check}}
         else:
             res = {"data": {"secret": [53, 84, 75]}}
 
-        if resource_path == "testservice/headers" and method in ["GET", "POST", "PUT"]:
+        if url == "testservice/headers" and method in ["GET", "POST", "PUT"]:
             params = SessionKeyParams.generate(self._config)
             json_resp = encryption.encrypt_payload(res, self._config, params)
 
@@ -106,3 +108,11 @@ def call_api(self, resource_path, method,
             response.data = "OK" if check == 0 else "KO"
 
         return response
+
+    def call_api(self, resource_path, method,
+                 path_params=None, query_params=None, header_params=None,
+                 body=None, post_params=None, files=None,
+                 response_type=None, auth_settings=None, async_req=None,
+                 _return_http_data_only=None, collection_formats=None,
+                 _preload_content=True, _request_timeout=None, _check_type=None):
+        pass