crypto: add more tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

authentik/core/tests/test_models.py

@@ -49,7 +49,7 @@ def provider_tester_factory(test_model: Type[Stage]) -> Callable:
 
     def tester(self: TestModels):
         model_class = None
-        if test_model._meta.abstract:
+        if test_model._meta.abstract:  # pragma: no cover
             model_class = test_model.__bases__[0]()
         else:
             model_class = test_model()

authentik/crypto/models.py

@@ -55,7 +55,7 @@ class CertificateKeyPair(ManagedModel, CreatedUpdatedModel):
     @property
     def private_key(self) -> Optional[RSAPrivateKey]:
         """Get python cryptography PrivateKey instance"""
-        if not self._private_key and self._private_key != "":
+        if not self._private_key and self.key_data != "":
             try:
                 self._private_key = load_pem_private_key(
                     str.encode("\n".join([x.strip() for x in self.key_data.split("\n")])),

authentik/crypto/tests.py

@@ -1,8 +1,8 @@
 """Crypto tests"""
 import datetime
 
-from django.test import TestCase
 from django.urls import reverse
+from rest_framework.test import APITestCase
 
 from authentik.core.api.used_by import DeleteAction
 from authentik.core.models import User
@@ -14,9 +14,18 @@ from authentik.lib.generators import generate_key
 from authentik.providers.oauth2.models import OAuth2Provider
 
 
-class TestCrypto(TestCase):
+class TestCrypto(APITestCase):
     """Test Crypto validation"""
 
+    def test_model_private(self):
+        """Test model private key"""
+        cert = CertificateKeyPair.objects.create(
+            name="test",
+            certificate_data="foo",
+            key_data="foo",
+        )
+        self.assertIsNone(cert.private_key)
+
     def test_serializer(self):
         """Test API Validation"""
         keypair = CertificateKeyPair.objects.first()
@@ -54,6 +63,38 @@ class TestCrypto(TestCase):
         self.assertEqual(instance.name, "test-cert")
         self.assertEqual((instance.certificate.not_valid_after - now).days, 2)
 
+    def test_builder_api(self):
+        """Test Builder (via API)"""
+        self.client.force_login(User.objects.get(username="akadmin"))
+        response = self.client.post(
+            reverse("authentik_api:certificatekeypair-generate"),
+            data={
+                "common_name": "foo",
+                "subject_alt_name": "bar,baz",
+                "validity_days": 3
+            },
+        )
+        self.assertTrue(CertificateKeyPair.objects.filter(name="foo").exists())
+
+    def test_builder_api_invalid(self):
+        """Test Builder (via API) (invalid)"""
+        self.client.force_login(User.objects.get(username="akadmin"))
+        response = self.client.post(
+            reverse("authentik_api:certificatekeypair-generate"),
+            data={},
+        )
+        self.assertEqual(response.status_code, 400)
+
+    def test_list(self):
+        """Test API List"""
+        self.client.force_login(User.objects.get(username="akadmin"))
+        response = self.client.get(
+            reverse(
+                "authentik_api:certificatekeypair-list",
+            )
+        )
+        self.assertEqual(200, response.status_code)
+
     def test_certificate_download(self):
         """Test certificate export (download)"""
         self.client.force_login(User.objects.get(username="akadmin"))

authentik/flows/tests/test_stage_model.py

@@ -17,7 +17,7 @@ def model_tester_factory(test_model: Type[Stage]) -> Callable:
 
     def tester(self: TestModels):
         model_class = None
-        if test_model._meta.abstract:
+        if test_model._meta.abstract:  # pragma: no cover
             model_class = test_model.__bases__[0]()
         else:
             model_class = test_model()