oedb-backend/test_cors_embed.py

#!/usr/bin/env python3
"""
Script de test pour vérifier la configuration CORS avec embed.js
"""

import requests
import json

def test_cors_headers():
    """Test des headers CORS pour l'API OEDB"""
    
    # URL de l'API (à adapter selon votre configuration)
    api_url = "http://localhost:8080/events"
    
    print("🔍 Test de la configuration CORS pour embed.js")
    print("=" * 50)
    
    # Test 1: Requête GET simple
    print("\n1. Test requête GET simple...")
    try:
        response = requests.get(api_url, timeout=10)
        print(f"   Status: {response.status_code}")
        
        # Vérifier les headers CORS
        cors_headers = {
            'Access-Control-Allow-Origin': response.headers.get('Access-Control-Allow-Origin'),
            'Access-Control-Allow-Headers': response.headers.get('Access-Control-Allow-Headers'),
            'Access-Control-Allow-Methods': response.headers.get('Access-Control-Allow-Methods'),
            'Access-Control-Max-Age': response.headers.get('Access-Control-Max-Age'),
            'Access-Control-Expose-Headers': response.headers.get('Access-Control-Expose-Headers')
        }
        
        print("   Headers CORS:")
        for header, value in cors_headers.items():
            status = "✅" if value else "❌"
            print(f"   {status} {header}: {value}")
            
    except requests.exceptions.RequestException as e:
        print(f"   ❌ Erreur de connexion: {e}")
        return False
    
    # Test 2: Requête OPTIONS (preflight)
    print("\n2. Test requête OPTIONS (preflight)...")
    try:
        headers = {
            'Origin': 'https://example.com',
            'Access-Control-Request-Method': 'GET',
            'Access-Control-Request-Headers': 'Content-Type'
        }
        
        response = requests.options(api_url, headers=headers, timeout=10)
        print(f"   Status: {response.status_code}")
        
        if response.status_code == 200:
            print("   ✅ Requête preflight réussie")
        else:
            print("   ❌ Requête preflight échouée")
            
    except requests.exceptions.RequestException as e:
        print(f"   ❌ Erreur de connexion: {e}")
        return False
    
    # Test 3: Simulation d'une requête depuis embed.js
    print("\n3. Test simulation embed.js...")
    try:
        headers = {
            'Origin': 'https://example.com',
            'User-Agent': 'Mozilla/5.0 (compatible; OEDB-Embed/1.0)',
            'Referer': 'https://example.com/page-with-embed'
        }
        
        response = requests.get(api_url, headers=headers, timeout=10)
        print(f"   Status: {response.status_code}")
        
        # Vérifier que la réponse contient des données
        if response.status_code == 200:
            try:
                data = response.json()
                print(f"   ✅ Données reçues: {len(data.get('features', []))} événements")
            except json.JSONDecodeError:
                print("   ⚠️  Réponse reçue mais pas de JSON valide")
        else:
            print(f"   ❌ Erreur HTTP: {response.status_code}")
            
    except requests.exceptions.RequestException as e:
        print(f"   ❌ Erreur de connexion: {e}")
        return False
    
    print("\n" + "=" * 50)
    print("✅ Tests CORS terminés")
    return True

if __name__ == "__main__":
    test_cors_headers()