def test_credentials_are_generated_from_user(self, mock_sts):
mock_conn = MagicMock()
mock_conn.assume_role.return_value = Struct({'credentials':
Struct({'expiration': 'SAML_TOKEN_EXPIRATION',
'access_key': 'SAML_ACCESS_KEY',
'secret_key': 'SAML_SECRET_KEY',
'session_token': 'SAML_TOKEN'})})
mock_sts.connect_to_region.return_value = mock_conn
arn = 'arn:role/developer'
session_name = 'dev-session'
cli.main(['test.py', 'user', arn, session_name,
'--profile', 'test-profile',
'--region', 'un-south-1'])
self.assertItemsEqual(read_config_file(self.TEST_FILE),
['[test-profile]',
'output = json',
'region = un-south-1',
'aws_access_key_id = SAML_ACCESS_KEY',
'aws_secret_access_key = SAML_SECRET_KEY',
'aws_security_token = SAML_TOKEN',
'aws_session_token = SAML_TOKEN',
''])
def test_credentials_are_generated_from_user(self, mock_sts):
mock_conn = MagicMock()
mock_conn.assume_role.return_value = Struct({
'credentials':
Struct({
'expiration': 'SAML_TOKEN_EXPIRATION',
'access_key': 'SAML_ACCESS_KEY',
'secret_key': 'SAML_SECRET_KEY',
'session_token': 'SAML_TOKEN'
})
})
mock_sts.connect_to_region.return_value = mock_conn
arn = 'arn:role/developer'
session_name = 'dev-session'
cli.main([
'test.py', 'user', arn, session_name, '--profile', 'test-profile',
'--region', 'un-south-1'
])
six.assertCountEqual(self, read_config_file(self.TEST_FILE), [
'[test-profile]', 'output = json', 'region = un-south-1',
'aws_access_key_id = SAML_ACCESS_KEY',
'aws_secret_access_key = SAML_SECRET_KEY',
'aws_security_token = SAML_TOKEN',
'aws_session_token = SAML_TOKEN', ''
])
def test_credentials_are_generated_from_saml(self, mock_sts):
mock_conn = MagicMock()
mock_conn.assume_role_with_saml.return_value = Struct({
'credentials':
Struct({
'expiration': 'SAML_TOKEN_EXPIRATION',
'access_key': 'SAML_ACCESS_KEY',
'secret_key': 'SAML_SECRET_KEY',
'session_token': 'SAML_TOKEN'
})
})
mock_sts.connect_to_region.return_value = mock_conn
sys.stdin = StringIO(
saml_assertion([
'arn:aws:iam::1111:role/DevRole,arn:aws:iam::1111:saml-provider/IDP'
]))
cli.main([
'test.py', 'saml', '--profile', 'test-profile', '--region',
'un-south-1'
])
six.assertCountEqual(self, read_config_file(self.TEST_FILE), [
'[test-profile]', 'output = json', 'region = un-south-1',
'aws_access_key_id = SAML_ACCESS_KEY',
'aws_secret_access_key = SAML_SECRET_KEY',
'aws_security_token = SAML_TOKEN',
'aws_session_token = SAML_TOKEN', ''
])
def test_credentials_exec_command(self, mock_sts, mock_popen):
mock_conn = MagicMock()
mock_conn.assume_role.return_value = Struct({'credentials':
Struct({'expiration': 'SAML_TOKEN_EXPIRATION',
'access_key': 'SAML_ACCESS_KEY',
'secret_key': 'SAML_SECRET_KEY',
'session_token': 'SAML_TOKEN'})})
cli.main(['test.py', 'user', 'arn:role/developer',
'dev-session',
'--exec', 'echo hello'])
args, kwargs = mock_popen.call_args
self.assertTrue(['echo', 'hello'] in args)
def run(args):
"""Run the package's main script. All arguments are passed to it."""
# The main script expects to get the called executable's name as
# argv[0]. However, paver doesn't provide that in args. Even if it did (or
# we dove into sys.argv), it wouldn't be useful because it would be paver's
# executable. So we just pass the package name in as the executable name,
# since it's close enough. This should never be seen by an end user
# installing through Setuptools anyway.
from aws_role_credentials.cli import main
raise SystemExit(main([CODE_DIRECTORY] + args))
def run(args):
"""Run the package's main script. All arguments are passed to it."""
# The main script expects to get the called executable's name as
# argv[0]. However, paver doesn't provide that in args. Even if it did (or
# we dove into sys.argv), it wouldn't be useful because it would be paver's
# executable. So we just pass the package name in as the executable name,
# since it's close enough. This should never be seen by an end user
# installing through Setuptools anyway.
from aws_role_credentials.cli import main
raise SystemExit(main([CODE_DIRECTORY] + args))
def test_credentials_exec_command(self, mock_sts, mock_popen):
mock_conn = MagicMock()
mock_conn.assume_role.return_value = Struct({
'credentials':
Struct({
'expiration': 'SAML_TOKEN_EXPIRATION',
'access_key': 'SAML_ACCESS_KEY',
'secret_key': 'SAML_SECRET_KEY',
'session_token': 'SAML_TOKEN'
})
})
cli.main([
'test.py', 'user', 'arn:role/developer', 'dev-session', '--exec',
'echo hello'
])
args, kwargs = mock_popen.call_args
self.assertTrue(['echo', 'hello'] in args)
def test_credentials_are_generated_from_saml(self, mock_sts):
mock_conn = MagicMock()
mock_conn.assume_role_with_saml.return_value = Struct({'credentials':
Struct({'expiration': 'SAML_TOKEN_EXPIRATION',
'access_key': 'SAML_ACCESS_KEY',
'secret_key': 'SAML_SECRET_KEY',
'session_token': 'SAML_TOKEN'})})
mock_sts.connect_to_region.return_value = mock_conn
sys.stdin = StringIO(saml_assertion(['arn:aws:iam::1111:role/DevRole,arn:aws:iam::1111:saml-provider/IDP']))
cli.main(['test.py', 'saml',
'--profile', 'test-profile',
'--region', 'un-south-1'])
self.assertItemsEqual(read_config_file(self.TEST_FILE),
['[test-profile]',
'output = json',
'region = un-south-1',
'aws_access_key_id = SAML_ACCESS_KEY',
'aws_secret_access_key = SAML_SECRET_KEY',
'aws_security_token = SAML_TOKEN',
'aws_session_token = SAML_TOKEN',
''])
