Wikipedia MCP Server

""" Tests for Personal Access Token functionality. """ import os import pytest from unittest.mock import Mock, patch, call from wikipedia_mcp.wikipedia_client import WikipediaClient from wikipedia_mcp.server import create_server class TestAccessTokenClient: """Test WikipediaClient with access token functionality.""" def test_client_init_without_token(self): """Test client initialization without access token.""" client = WikipediaClient() assert client.access_token is None def test_client_init_with_token(self): """Test client initialization with access token.""" token = "test_token_123" client = WikipediaClient(access_token=token) assert client.access_token == token def test_get_request_headers_without_token(self): """Test request headers without access token.""" client = WikipediaClient() headers = client._get_request_headers() assert 'User-Agent' in headers assert 'Authorization' not in headers def test_get_request_headers_with_token(self): """Test request headers with access token.""" token = "test_token_123" client = WikipediaClient(access_token=token) headers = client._get_request_headers() assert 'User-Agent' in headers assert 'Authorization' in headers assert headers['Authorization'] == f'Bearer {token}' @patch('wikipedia_mcp.wikipedia_client.requests.get') def test_search_uses_auth_headers(self, mock_get): """Test that search method uses authentication headers when token is provided.""" token = "test_token_123" client = WikipediaClient(access_token=token) # Mock successful response mock_response = Mock() mock_response.raise_for_status.return_value = None mock_response.json.return_value = { 'query': { 'search': [ { 'title': 'Test Article', 'snippet': 'Test snippet', 'pageid': 123, 'wordcount': 100, 'timestamp': '2023-01-01T00:00:00Z' } ] } } mock_get.return_value = mock_response # Perform search client.search("test query") # Verify request was made with auth headers mock_get.assert_called_once() call_args = mock_get.call_args # Check that headers include authorization headers = call_args[1]['headers'] assert 'Authorization' in headers assert headers['Authorization'] == f'Bearer {token}' @patch('wikipedia_mcp.wikipedia_client.requests.get') def test_get_coordinates_uses_auth_headers(self, mock_get): """Test that get_coordinates method uses authentication headers when token is provided.""" token = "test_token_123" client = WikipediaClient(access_token=token) # Mock successful response mock_response = Mock() mock_response.raise_for_status.return_value = None mock_response.json.return_value = { 'query': { 'pages': { '123': { 'pageid': 123, 'title': 'Test Article', 'coordinates': [ { 'lat': 40.7128, 'lon': -74.0060, 'primary': True, 'globe': 'earth' } ] } } } } mock_get.return_value = mock_response # Perform get_coordinates client.get_coordinates("Test Article") # Verify request was made with auth headers mock_get.assert_called_once() call_args = mock_get.call_args # Check that headers include authorization headers = call_args[1]['headers'] assert 'Authorization' in headers assert headers['Authorization'] == f'Bearer {token}' def test_token_not_logged(self, caplog): """Test that access token is not logged for security.""" import logging caplog.set_level(logging.DEBUG) token = "secret_token_123" WikipediaClient(access_token=token) # Check that token doesn't appear in logs for record in caplog.records: assert token not in record.getMessage() class TestAccessTokenServer: """Test server creation with access token.""" def test_create_server_without_token(self): """Test server creation without access token.""" server = create_server() assert server is not None def test_create_server_with_token(self): """Test server creation with access token.""" token = "test_token_123" server = create_server(access_token=token) assert server is not None class TestAccessTokenCLI: """Test CLI argument and environment variable handling.""" @patch('wikipedia_mcp.__main__.create_server') @patch('sys.argv', ['wikipedia-mcp', '--access-token', 'cli_token_123']) def test_cli_access_token_argument(self, mock_create_server): """Test CLI access token argument is passed to server.""" from wikipedia_mcp.__main__ import main # Mock server to avoid actually starting it mock_server = Mock() mock_create_server.return_value = mock_server mock_server.run = Mock() try: main() except SystemExit: pass # Expected when server.run() is mocked # Verify create_server was called with the token mock_create_server.assert_called_once() call_args = mock_create_server.call_args assert call_args[1]['access_token'] == 'cli_token_123' @patch('wikipedia_mcp.__main__.create_server') @patch('sys.argv', ['wikipedia-mcp']) @patch.dict(os.environ, {'WIKIPEDIA_ACCESS_TOKEN': 'env_token_123'}) def test_cli_environment_variable(self, mock_create_server): """Test environment variable is used when CLI argument not provided.""" from wikipedia_mcp.__main__ import main # Mock server to avoid actually starting it mock_server = Mock() mock_create_server.return_value = mock_server mock_server.run = Mock() try: main() except SystemExit: pass # Expected when server.run() is mocked # Verify create_server was called with the env var token mock_create_server.assert_called_once() call_args = mock_create_server.call_args assert call_args[1]['access_token'] == 'env_token_123' @patch('wikipedia_mcp.__main__.create_server') @patch('sys.argv', ['wikipedia-mcp', '--access-token', 'cli_token_123']) @patch.dict(os.environ, {'WIKIPEDIA_ACCESS_TOKEN': 'env_token_123'}) def test_cli_argument_overrides_environment(self, mock_create_server): """Test CLI argument takes priority over environment variable.""" from wikipedia_mcp.__main__ import main # Mock server to avoid actually starting it mock_server = Mock() mock_create_server.return_value = mock_server mock_server.run = Mock() try: main() except SystemExit: pass # Expected when server.run() is mocked # Verify create_server was called with CLI token, not env var mock_create_server.assert_called_once() call_args = mock_create_server.call_args assert call_args[1]['access_token'] == 'cli_token_123' @patch('wikipedia_mcp.__main__.create_server') @patch('sys.argv', ['wikipedia-mcp']) def test_cli_no_token_provided(self, mock_create_server): """Test no token is passed when neither CLI arg nor env var is set.""" from wikipedia_mcp.__main__ import main # Mock server to avoid actually starting it mock_server = Mock() mock_create_server.return_value = mock_server mock_server.run = Mock() # Ensure env var is not set if 'WIKIPEDIA_ACCESS_TOKEN' in os.environ: del os.environ['WIKIPEDIA_ACCESS_TOKEN'] try: main() except SystemExit: pass # Expected when server.run() is mocked # Verify create_server was called with None token mock_create_server.assert_called_once() call_args = mock_create_server.call_args assert call_args[1]['access_token'] is None class TestAccessTokenSecurity: """Test security aspects of access token handling.""" def test_token_in_repr(self): """Test that token doesn't appear in object representation.""" token = "secret_token_123" client = WikipediaClient(access_token=token) # Check that token doesn't appear in string representation client_str = str(client) assert token not in client_str client_repr = repr(client) assert token not in client_repr @patch('wikipedia_mcp.wikipedia_client.requests.get') def test_error_logging_no_token_exposure(self, mock_get, caplog): """Test that errors don't expose the access token.""" import logging caplog.set_level(logging.ERROR) token = "secret_token_123" client = WikipediaClient(access_token=token) # Mock request to raise an exception mock_get.side_effect = Exception("API Error") # Perform search that will fail client.search("test query") # Check that token doesn't appear in error logs for record in caplog.records: assert token not in record.getMessage()