vitor
/
orquestrador
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
feat/self-evolving-tools-foundation
main
chore/observability-latency-markers
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '3dcf80eaaa'
${ noResults }
orquestrador/tests/test_admin_credential_strat...

63 lines
2.6 KiB
Python
Raw Blame History

import unittest
from pydantic import ValidationError
from admin_app.core.security import AdminSecurityService
from admin_app.core.settings import AdminSettings
class AdminCredentialStrategyTests(unittest.TestCase):
def test_admin_settings_expose_secure_defaults_for_credentials(self):
settings = AdminSettings()
self.assertEqual(settings.admin_auth_password_hash_scheme, "pbkdf2_sha256")
self.assertEqual(settings.admin_auth_password_hash_iterations, 390000)
self.assertEqual(settings.admin_auth_password_min_length, 12)
self.assertEqual(settings.admin_auth_access_token_ttl_minutes, 30)
self.assertEqual(settings.admin_auth_refresh_token_ttl_days, 7)
self.assertFalse(settings.admin_bootstrap_enabled)
self.assertEqual(settings.admin_bootstrap_role, "diretor")
def test_admin_settings_reject_insecure_password_policy(self):
with self.assertRaises(ValidationError):
AdminSettings(admin_auth_password_min_length=8)
with self.assertRaises(ValidationError):
AdminSettings(admin_auth_password_hash_iterations=50000)
def test_admin_settings_normalize_optional_bootstrap_values(self):
settings = AdminSettings(
admin_bootstrap_email=" ",
admin_bootstrap_display_name=" ",
admin_bootstrap_password=" ",
admin_auth_password_pepper=" ",
)
self.assertIsNone(settings.admin_bootstrap_email)
self.assertIsNone(settings.admin_bootstrap_display_name)
self.assertIsNone(settings.admin_bootstrap_password)
self.assertIsNone(settings.admin_auth_password_pepper)
def test_admin_security_service_builds_runtime_credential_strategy(self):
settings = AdminSettings(
admin_auth_password_pepper="secret-pepper",
admin_bootstrap_enabled=True,
admin_bootstrap_email="diretor@empresa.com",
admin_bootstrap_display_name="Diretor Inicial",
admin_bootstrap_password="SenhaMuitoSegura!123",
)
strategy = AdminSecurityService(settings).build_credential_strategy()
self.assertEqual(strategy.password.hash_scheme, "pbkdf2_sha256")
self.assertTrue(strategy.password.pepper_configured)
self.assertEqual(strategy.tokens.access_token_ttl_minutes, 30)
self.assertTrue(strategy.bootstrap.enabled)
self.assertEqual(strategy.bootstrap.email, "diretor@empresa.com")
self.assertTrue(strategy.bootstrap.password_configured)
self.assertEqual(strategy.bootstrap.role, "diretor")
if __name__ == "__main__":
unittest.main()
Reference in New Issue View Git Blame Copy Permalink