Add support for ApplicationAuth CR

Author: Martin Kudlej

README.md

@@ -95,6 +95,7 @@ see https://github.com/3scale/3scale-operator/blob/master/doc/backend-reference.
 - ProxyConfigPromote
 - Applications
 - Methods
+- ApplicationAuth
 
 Command to run integration unit tests: `pipenv run pytest --log-cli-level=10 -vvvv -s ./tests/integration/ |& tee x`
 

tests/integration/conftest.py

@@ -1,5 +1,7 @@
 import os
 import secrets
+import random
+import string
 from distutils.util import strtobool
 
 import pytest
@@ -9,7 +11,6 @@
 
 import threescale_api
 import threescale_api_crd
-from threescale_api.resources import Application
 
 from threescale_api_crd.resources import (
     Service,
@@ -24,6 +25,7 @@
     ApplicationPlan,
     Proxy,
     PricingRule,
+    Application,
 )
 
 load_dotenv()
@@ -210,6 +212,30 @@ def application(service, application_plan, application_params, account) -> Appli
     cleanup(resource)
 
 
+@pytest.fixture(scope="module")
+def app_key_params(account, application):
+    value = "".join(
+        random.choices(
+            string.ascii_uppercase
+            + string.digits
+            + "!\"#$%&'()*+,-./:;<=>?@[\\]^_`{|}~",
+            k=100,
+        )
+    )
+    return {
+        "application_id": application["id"],
+        "account_id": account["id"],
+        "key": value,
+    }
+
+
+@pytest.fixture(scope="module")
+def app_key(application, app_key_params) -> threescale_api.resources.ApplicationKey:
+    resource = application.keys.create(params=app_key_params)
+    yield resource
+    cleanup(resource)
+
+
 @pytest.fixture(scope="module")
 def proxy(service) -> Proxy:
     return service.proxy.list()

tests/integration/test_integration_application.py

@@ -1,5 +1,7 @@
-import pytest
 import secrets
+import random
+import string
+import pytest
 
 from tests.integration import asserts
 
@@ -36,12 +38,12 @@ def test_application_can_be_read_by_name(api, application_params, application):
 @pytest.fixture(scope="module")
 def application_plan_params2():
     suffix = secrets.token_urlsafe(8)
-    return dict(
-        name=f"test-{suffix}",
-        setup_fee="1.00",
-        state_event="publish",
-        cost_per_month="3.00",
-    )
+    return {
+        "name": f"test-{suffix}",
+        "setup_fee": "1.00",
+        "state_event": "publish",
+        "cost_per_month": "3.00",
+    }
 
 
 @pytest.fixture(scope="module")
@@ -55,7 +57,7 @@ def application_plan2(service, application_plan_params2):
 def update_application_params(application_plan2):
     suffix = secrets.token_urlsafe(8)
     name = f"updated-{suffix}"
-    return dict(name=name, description=name, plan_id=application_plan2["id"])
+    return {"name": name, "description": name, "plan_id": application_plan2["id"]}
 
 
 def test_application_update(update_application_params, application):
@@ -74,3 +76,38 @@ def test_application_set_state(application):
     assert application["state"] == "suspended"
     application = application.set_state("resume")
     assert application["state"] == "live"
+
+
+# Application Atuhentication - Application keys
+
+
+def test_application_key_list(application, app_key):
+    keys = application.keys.list()
+    assert len(keys) > 0
+
+
+def test_application_key_can_be_created(app_key, app_key_params):
+    asserts.assert_resource(app_key)
+    asserts.assert_resource_params(app_key, app_key_params)
+
+
+def test_application_autogenerated_key_can_be_created(application, app_key_params):
+    keys_len = len(application.keys.list())
+    key_params = app_key_params.copy()
+    key_params.pop("key", None)
+    key_params["generateSecret"] = True
+    new_key = application.keys.create(params=key_params)
+    asserts.assert_resource(new_key)
+    asserts.assert_resource_params(new_key, key_params)
+    assert new_key["value"]
+    assert len(application.keys.list()) == keys_len + 1
+
+
+def test_application_update_userkey(application):
+    new_key = "".join(
+        random.choices(string.ascii_letters + string.digits + "-_.", k=100)
+    )
+    application.update(params={"user_key": new_key})
+    application.read()
+    asserts.assert_resource(application)
+    assert application["user_key"] == new_key

threescale_api_crd/client.py

@@ -45,9 +45,12 @@ def __init__(self, url, token, ocp_provider_ref=None, ocp_namespace=None, *args,
         self._applications = resources.Applications(
             parent=self, account=None, instance_klass=resources.Application
         )
+        self._app_auths = resources.AppAuths(
+            parent=self, instance_klass=resources.AppAuth
+        )
 
     @classmethod
-    def get_namespace(_ignore, namespace):
+    def get_namespace(cls, namespace):
         """
         Returns namespace. If there is no valid Openshift 'oc' session, returns "NOT LOGGED IN".
         """
@@ -126,6 +129,13 @@ def applications(self) -> resources.Applications:
         """
         return self._applications
 
+    @property
+    def app_auths(self) -> resources.AppAuths:
+        """Gets Application Auth client
+        Returns(resources.Auths): Application Auth client
+        """
+        return self._app_auths
+
     @property
     def ocp_provider_ref(self):
         """Gets provider reference"""

threescale_api_crd/constants.py

@@ -7,7 +7,8 @@
 SERVICE_AUTH_DEFS = {
     "1": {
         "userkey": {
-            "authUserKey": "token",
+            #  "token", see https://issues.redhat.com/browse/THREESCALE-11072
+            "authUserKey": "user_key",
             "credentials": "authorization",
             "gatewayResponse": {},
         },
@@ -57,7 +58,8 @@
             "apicastHosted": {
                 "authentication": {
                     "userkey": {
-                        "authUserKey": "token",
+                        #  "token", see https://issues.redhat.com/browse/THREESCALE-11072
+                        "authUserKey": "user_key",
                         "credentials": "query",
                         "gatewayResponse": {},
                     },
@@ -309,6 +311,26 @@
     },
 }
 
+SPEC_APP_AUTH = {
+    "apiVersion": "capabilities.3scale.net/v1beta1",
+    "kind": "ApplicationAuth",
+    "metadata": {
+        "name": None,
+        "namespace": None,
+        "annotations": {"insecure_skip_verify": "true"},
+    },
+    "spec": {
+        "providerAccountRef": {
+            "name": None,
+        },
+        "applicationCRName": None,
+        "generateSecret": False,
+        "authSecretRef": {
+            "name": None,
+        },
+    },
+}
+
 SPEC_APPLICATION = {
     "apiVersion": "capabilities.3scale.net/v1beta1",
     "kind": "Application",
@@ -534,6 +556,12 @@
     "deleteCR": "deleteCR",
 }
 
+KEYS_APP_AUTH = {
+    "applicationCRName": "applicationCRName",
+    "generateSecret": "generateSecret",
+    "authSecretRef": "authSecretRef",
+}
+
 KEYS_APPLICATION = {
     "description": "description",
     "name": "name",