Improve test coverage

rkoopmans · rkoopmans · commit 8451d9f6c056 · 2024-08-11T12:15:44.000+02:00
diff --git a/.coveragerc b/.coveragerc
@@ -8,4 +8,6 @@ source =
     */cert_chain_resolver
 
 [report]
-include = cert_chain_resolver/*
+include = cert_chain_resolver/*
+exclude_also =
+    if TYPE_CHECKING:
diff --git a/cert_chain_resolver/models.py b/cert_chain_resolver/models.py
@@ -44,13 +44,8 @@ def __init__(self, x509_obj):
 
     def __repr__(self):
         # type: () -> str
-        try:
-            common_name = self.common_name
-        except MissingCertProperty:
-            common_name = None
-
         return '<Cert common_name="{0}" subject="{1}" issuer="{2}">'.format(
-            common_name, self.subject, self.issuer
+            self.common_name, self.subject, self.issuer
         )
 
     def __eq__(self, other):
diff --git a/tests/test_api.py b/tests/test_api.py
@@ -0,0 +1,18 @@
+from cert_chain_resolver import api
+import pytest
+from cert_chain_resolver.resolver import resolve
+from cert_chain_resolver.models import CertificateChain, Cert
+from cert_chain_resolver.castore.file_system import FileSystemStore
+
+
+@pytest.mark.parametrize(
+    "exported,obj",
+    [
+        ("resolve", resolve),
+        ("CertificateChain", CertificateChain),
+        ("Cert", Cert),
+        ("FileSystemStore", FileSystemStore),
+    ],
+)
+def test_api_exports_right_objects(exported, obj):
+    assert getattr(api, exported) == obj
diff --git a/tests/test_cli.py b/tests/test_cli.py
@@ -1,7 +1,7 @@
 import pytest
 from cert_chain_resolver import __is_py3__
 
-from cert_chain_resolver.cli import cli
+from cert_chain_resolver.cli import cli, parse_args
 from cert_chain_resolver.castore.file_system import FileSystemStore
 from .fixtures import BUNDLE_FIXTURES, certfixture_to_id
 
@@ -11,6 +11,82 @@
     unicode = str
 
 
+@pytest.mark.parametrize(
+    "cli_args, expected",
+    [
+        (
+            [],
+            {
+                "file_name": "-",
+                "info": False,
+                "include_root": False,
+                "ca_bundle_path": None,
+            },
+        ),
+        (
+            ["test.crt"],
+            {
+                "file_name": "test.crt",
+                "info": False,
+                "include_root": False,
+                "ca_bundle_path": None,
+            },
+        ),
+        (
+            ["-i"],
+            {
+                "file_name": "-",
+                "info": True,
+                "include_root": False,
+                "ca_bundle_path": None,
+            },
+        ),
+        (
+            ["--include-root"],
+            {
+                "file_name": "-",
+                "info": False,
+                "include_root": True,
+                "ca_bundle_path": None,
+            },
+        ),
+        (
+            ["--ca-bundle-path", "/path/to/ca/bundle"],
+            {
+                "file_name": "-",
+                "info": False,
+                "include_root": False,
+                "ca_bundle_path": "/path/to/ca/bundle",
+            },
+        ),
+        (
+            [
+                "test.crt",
+                "-i",
+                "--include-root",
+                "--ca-bundle-path",
+                "/path/to/ca/bundle",
+            ],
+            {
+                "file_name": "test.crt",
+                "info": True,
+                "include_root": True,
+                "ca_bundle_path": "/path/to/ca/bundle",
+            },
+        ),
+    ],
+)
+def test_parse_args(cli_args, expected, monkeypatch):
+    monkeypatch.setattr("sys.argv", ["script_name"] + cli_args)
+
+    args = parse_args()
+
+    assert args.file_name == expected["file_name"]
+    assert args.info == expected["info"]
+    assert args.include_root == expected["include_root"]
+    assert args.ca_bundle_path == expected["ca_bundle_path"]
+
+
 @pytest.mark.parametrize("bundle", BUNDLE_FIXTURES, ids=certfixture_to_id)
 def test_cert_returns_completed_chain(capsys, bundle):
     cli(file_bytes=bundle[0]["cert_pem"])
diff --git a/tests/test_models.py b/tests/test_models.py
@@ -1,5 +1,9 @@
+from unittest.mock import Mock
+from cert_chain_resolver.exceptions import MissingCertProperty
 from .fixtures import BUNDLE_FIXTURES, CERT_FIXTURES, certfixture_to_id
+from cryptography import x509
 from cert_chain_resolver.models import Cert, CertificateChain
+from cryptography.x509.oid import ExtensionOID, AuthorityInformationAccessOID, NameOID
 import pytest
 
 try:
@@ -88,3 +92,52 @@ def test_certificatechain_constructs_from_pem_in_order(bundle):
 
     chain = CertificateChain.load_from_pem(pem_bundle)
     assert list(chain) == [Cert(x["cert_x509"]) for x in bundle]
+
+
+@pytest.mark.parametrize(
+    "prop,extension_oid,expected",
+    [
+        ("ca_issuer_access_location", ExtensionOID.AUTHORITY_INFORMATION_ACCESS, None),
+        ("subject_alternative_names", ExtensionOID.SUBJECT_ALTERNATIVE_NAME, []),
+        ("is_ca", ExtensionOID.BASIC_CONSTRAINTS, False),
+    ],
+)
+def test_missing_cert_extensions_return_defaults_when_missing(
+    mocker, prop, extension_oid, expected
+):
+    m = mocker.Mock(spec=x509.Certificate)
+    mock_extensions = mocker.Mock()
+    mock_extensions.get_extension_for_oid.side_effect = (
+        x509.extensions.ExtensionNotFound("Extension not found", extension_oid)
+    )
+    m.extensions = mock_extensions
+    c = Cert(m)
+    assert getattr(c, prop) == expected
+
+
+@pytest.mark.parametrize(
+    "prop,cert_prop, cert_value",
+    [
+        ("signature_hash_algorithm", "signature_hash_algorithm", None),
+        ("common_name", "subject", Mock(get_attributes_for_oid=Mock(return_value=[]))),
+    ],
+)
+def test_missing_cert_properties_raise(mocker, prop, cert_prop, cert_value):
+    m = mocker.Mock(spec=x509.Certificate)
+    setattr(m, cert_prop, cert_value)
+    c = Cert(m)
+
+    with pytest.raises(MissingCertProperty):
+        getattr(c, prop)
+
+
+def test_repr():
+    class CertOverride(Cert):
+        subject = "Subject"
+        issuer = "Issuer"
+        common_name = "CN"
+        __init__ = lambda *_: None
+
+    c = CertOverride()
+
+    assert repr(c) == '<Cert common_name="CN" subject="Subject" issuer="Issuer">'
