tests/test_a2a_mtls.py

"""Tests for A2A mutual TLS (#806)."""

import sys
import tempfile
from pathlib import Path

sys.path.insert(0, str(Path(__file__).parent.parent))


def test_import():
    """Module imports cleanly."""
    from agent.a2a_mtls import get_server_ssl_context, get_client_ssl_context, verify_agent_cert
    assert callable(get_server_ssl_context)
    assert callable(get_client_ssl_context)
    assert callable(verify_agent_cert)


def test_default_paths():
    """Default cert paths resolve correctly."""
    from agent.a2a_mtls import DEFAULT_CERTS_DIR
    assert DEFAULT_CERTS_DIR is not None
    assert "fleet-certs" in str(DEFAULT_CERTS_DIR)


def test_server_context_creation():
    """Server SSL context can be created with agent name."""
    # This will fail if certs don't exist, which is expected
    from agent.a2a_mtls import get_server_ssl_context
    try:
        ctx = get_server_ssl_context(agent_name="timmy")
        assert ctx is not None
    except FileNotFoundError:
        pass  # Expected when certs don't exist


def test_client_context_creation():
    """Client SSL context can be created with agent name."""
    from agent.a2a_mtls import get_client_ssl_context
    try:
        ctx = get_client_ssl_context(agent_name="timmy")
        assert ctx is not None
    except FileNotFoundError:
        pass  # Expected when certs don't exist


def test_verify_agent_cert_invalid():
    """Invalid cert returns False."""
    from agent.a2a_mtls import verify_agent_cert
    valid, msg = verify_agent_cert("not a cert")
    assert not valid


if __name__ == "__main__":
    tests = [test_import, test_default_paths, test_server_context_creation,
             test_client_context_creation, test_verify_agent_cert_invalid]
    for t in tests:
        print(f"Running {t.__name__}...")
        t()
        print("  PASS")
    print("\nAll tests passed.")
test: A2A mTLS tests Part of #806 2026-04-15 16:18:14 +00:00			`"""Tests for A2A mutual TLS (#806)."""`

			`import sys`
			`import tempfile`
			`from pathlib import Path`

			`sys.path.insert(0, str(Path(__file__).parent.parent))`


			`def test_import():`
			`"""Module imports cleanly."""`
			`from agent.a2a_mtls import get_server_ssl_context, get_client_ssl_context, verify_agent_cert`
			`assert callable(get_server_ssl_context)`
			`assert callable(get_client_ssl_context)`
			`assert callable(verify_agent_cert)`


			`def test_default_paths():`
			`"""Default cert paths resolve correctly."""`
			`from agent.a2a_mtls import DEFAULT_CERTS_DIR`
			`assert DEFAULT_CERTS_DIR is not None`
			`assert "fleet-certs" in str(DEFAULT_CERTS_DIR)`


			`def test_server_context_creation():`
			`"""Server SSL context can be created with agent name."""`
			`# This will fail if certs don't exist, which is expected`
			`from agent.a2a_mtls import get_server_ssl_context`
			`try:`
			`ctx = get_server_ssl_context(agent_name="timmy")`
			`assert ctx is not None`
			`except FileNotFoundError:`
			`pass # Expected when certs don't exist`


			`def test_client_context_creation():`
			`"""Client SSL context can be created with agent name."""`
			`from agent.a2a_mtls import get_client_ssl_context`
			`try:`
			`ctx = get_client_ssl_context(agent_name="timmy")`
			`assert ctx is not None`
			`except FileNotFoundError:`
			`pass # Expected when certs don't exist`


			`def test_verify_agent_cert_invalid():`
			`"""Invalid cert returns False."""`
			`from agent.a2a_mtls import verify_agent_cert`
			`valid, msg = verify_agent_cert("not a cert")`
			`assert not valid`


			`if __name__ == "__main__":`
			`tests = [test_import, test_default_paths, test_server_context_creation,`
			`test_client_context_creation, test_verify_agent_cert_invalid]`
			`for t in tests:`
			`print(f"Running {t.__name__}...")`
			`t()`
			`print(" PASS")`
			`print("\nAll tests passed.")`