| import os | |
| import json | |
| from src.api_key_manager import APIKeyManager | |
| from cryptography.fernet import Fernet | |
| def test_api_key_manager_load_resilience(tmp_path): | |
| mgr = APIKeyManager(str(tmp_path)) | |
| # Save a valid key | |
| mgr.save("good_provider", "good_value") | |
| # Create another key manager/Fernet instance with a different key to produce an undecryptable token | |
| other_key = Fernet.generate_key() | |
| other_f = Fernet(other_key) | |
| undecryptable_token = other_f.encrypt(b"bad_value").decode() | |
| # Manually edit api_keys.json to include the undecryptable token | |
| with open(mgr.api_keys_file, "r", encoding="utf-8") as f: | |
| keys = json.load(f) | |
| keys["bad_provider"] = undecryptable_token | |
| # Also add a malformed/garbage token (causes ValueError/binascii.Error) | |
| keys["garbage_provider"] = "not-a-valid-base64-fernet-token" | |
| with open(mgr.api_keys_file, "w", encoding="utf-8") as f: | |
| json.dump(keys, f) | |
| # Load keys | |
| loaded = mgr.load() | |
| # Assert load() returns the still-decryptable key and skips the bad ones without raising | |
| assert "good_provider" in loaded | |
| assert loaded["good_provider"] == "good_value" | |
| assert "bad_provider" not in loaded | |
| assert "garbage_provider" not in loaded | |