- Use correct function for key retrieval in resource provenance code

- Fix configuration typo
- Tidy tests

resource/api/exceptions.py

@@ -1,14 +1,14 @@
-class ConfigrationError(Exception):
+class ConfigurationError(Exception):
     """
     Base class for configuration errors
     """
 
 
-class KeyNotFoundError(ConfigrationError):
+class KeyNotFoundError(ConfigurationError):
     pass
 
 
-class CertificateNotFoundError(ConfigrationError):
+class CertificateNotFoundError(ConfigurationError):
     pass
 
 

resource/api/provenance.py

@@ -37,8 +37,7 @@ def create_provenance_records(
     signer_edp_certs = x509.load_pem_x509_certificates(
         get_certificate(conf.SIGNING_BUNDLE)
     )
-    with open(conf.SIGNING_KEY, "rb") as key_file:
-        private_key = serialization.load_pem_private_key(key_file.read(), password=None)
+    private_key = get_key(conf.SIGNING_KEY)
     signer_edp = SignerInMemory(
         certificate_provider,
         signer_edp_certs,  # list containing certificate and issuer chain

resource/tests/test_keystores.py

@@ -8,32 +8,22 @@
 @patch("api.auth.ssm_client.get_parameter")
 @patch("builtins.open", new_callable=mock_open, read_data=b"local_key_data")
 def test_get_key_local_file(mock_open, mock_ssm_client):
-    # Arrange
     mock_ssm_client.side_effect = ClientError(
         {"Error": {"Code": "ParameterNotFound", "Message": "Parameter not found"}},
         "get_parameter",
     )
     expected_key = b"local_key_data"
-
-    # Act
     key = api.auth.get_key()
-
-    # Assert
     mock_open.assert_called_once_with(api.auth.conf.SIGNING_KEY, "rb")
     assert key == expected_key
     assert isinstance(key, bytes)
 
 
 @patch("api.auth.ssm_client.get_parameter")
 def test_get_key_ssm(mock_ssm_client):
-    # Arrange
     mock_ssm_client.return_value = {"Parameter": {"Value": "ssm_key_data"}}
     expected_key = b"ssm_key_data"
-
-    # Act
     key = api.auth.get_key()
-
-    # Assert
     mock_ssm_client.assert_called_once()
     assert key == expected_key
     assert isinstance(key, bytes)
@@ -42,13 +32,10 @@ def test_get_key_ssm(mock_ssm_client):
 @patch("api.auth.ssm_client.get_parameter")
 @patch("builtins.open", new_callable=mock_open)
 def test_get_key_not_found(mock_open, mock_ssm_client):
-    # Arrange
     mock_ssm_client.side_effect = ClientError(
         {"Error": {"Code": "ParameterNotFound", "Message": "Parameter not found"}},
         "get_parameter",
     )
     mock_open.side_effect = FileNotFoundError
-
-    # Act & Assert
     with pytest.raises(KeyNotFoundError):
         api.auth.get_key()