SurfSense/surfsense_mcp/tests/test_auth_headers.py
CREDO23 116291a3b6 refactor(mcp): flatten to mcp_server package, drop src layout
Rename the import package surfsense_mcp -> mcp_server and remove the
src/ layer so the project mirrors the backend's shape (project folder
!= package name, e.g. surfsense_backend/app). Kills the redundant
surfsense_mcp/src/surfsense_mcp nesting.

Distribution name and console command (surfsense-mcp) are unchanged;
only python -m and internal import paths move to mcp_server. Dockerfile
CMD updated; no PYTHONPATH added since the editable install already
makes the package importable.
2026-07-07 20:24:53 +02:00

40 lines
1.1 KiB
Python

"""API key extraction from request headers: Bearer, fallback, and rejection."""
from __future__ import annotations
from starlette.datastructures import Headers
from mcp_server.core.auth.headers import extract_api_key
def _headers(**pairs: str) -> Headers:
return Headers(pairs)
def test_reads_bearer_token():
assert extract_api_key(_headers(authorization="Bearer ss_pat_abc")) == "ss_pat_abc"
def test_bearer_scheme_is_case_insensitive():
assert extract_api_key(_headers(authorization="bearer ss_pat_abc")) == "ss_pat_abc"
def test_falls_back_to_x_api_key():
assert extract_api_key(Headers({"x-api-key": "ss_pat_xyz"})) == "ss_pat_xyz"
def test_bearer_wins_over_fallback():
headers = Headers({"authorization": "Bearer primary", "x-api-key": "secondary"})
assert extract_api_key(headers) == "primary"
def test_missing_headers_return_none():
assert extract_api_key(_headers()) is None
def test_empty_bearer_is_rejected():
assert extract_api_key(_headers(authorization="Bearer ")) is None
def test_non_bearer_authorization_is_ignored():
assert extract_api_key(_headers(authorization="Basic abc123")) is None