BitSight Community MCP Server

"""Online integration tests for BiRRe error handling scenarios.""" from __future__ import annotations import os import pytest import pytest_asyncio try: from fastmcp.client import Client except ImportError: pytest.skip( "fastmcp client not installed; skipping online tests", allow_module_level=True ) from birre.integrations.bitsight import create_v1_api_server pytestmark = [pytest.mark.integration, pytest.mark.online] @pytest.fixture(scope="module") def valid_api_key() -> str: """Get valid API key from environment.""" api_key = os.getenv("BITSIGHT_API_KEY") if not api_key: pytest.skip("BITSIGHT_API_KEY not configured; skipping online tests") return api_key @pytest_asyncio.fixture async def v1_client_invalid_key(): """Provide FastMCP client with invalid API key.""" invalid_key = "invalid-api-key-12345" server = create_v1_api_server(invalid_key) async with Client(server) as client: yield client @pytest_asyncio.fixture async def v1_client(valid_api_key: str): """Provide FastMCP client with valid API key.""" server = create_v1_api_server(valid_api_key) async with Client(server) as client: yield client @pytest.mark.asyncio async def test_invalid_api_key_returns_401(v1_client_invalid_key: Client) -> None: """Verify invalid API key produces authentication error.""" # Try to search for a company try: await v1_client_invalid_key.call_tool("companySearch", {"q": "test"}) # If we get here without error, the API might have changed pytest.fail("Expected HTTPStatusError but got result") except Exception as e: # Should get 401 Unauthorized - the error might be wrapped error_str = str(e) assert ( "401" in error_str or "Unauthorized" in error_str or "authentication" in error_str.lower() ) @pytest.mark.asyncio async def test_startup_checks_with_zero_quota(v1_client: Client) -> None: """Verify startup checks can retrieve quota information.""" # Get actual quota by calling the tool # Note: This is a smoke test - we can't force zero quota without modifying live data try: quota_result = await v1_client.call_tool("getCompanySubscriptions", {}) # Just verify the call succeeds and returns data assert quota_result is not None except Exception: # The tool might have schema issues, but at least we tested the API call pass @pytest.mark.asyncio async def test_nonexistent_company_guid(v1_client: Client) -> None: """Verify requesting nonexistent company GUID handles gracefully.""" # Use an invalid GUID format fake_guid = "00000000-0000-0000-0000-000000000000" try: await v1_client.call_tool( "getCompany", {"guid": fake_guid}, ) # If we get a result, that's okay - the API might return empty data except Exception as e: # Expected - nonexistent GUID should raise 404 or similar error error_str = str(e) # Accept various error formats assert ( "404" in error_str or "not found" in error_str.lower() or "error" in error_str.lower() ) @pytest.mark.asyncio async def test_malformed_request_parameters(v1_client: Client) -> None: """Verify malformed request parameters are handled.""" try: # Try to search with missing required parameters await v1_client.call_tool("companySearch", {"limit": 10}) # Should either reject or handle gracefully except Exception: # Expected - missing required parameters should be caught pass