def _create_creds_from_response(self, response):
config = self._get_role_config_values()
if config.get('mfa_serial') is not None:
# MFA would require getting a new TokenCode which would require
# prompting the user for a new token, so we use a different
# refresh_func.
refresh_func = create_mfa_serial_refresh()
else:
refresh_func = create_refresher_function(
self._create_client_from_config(config),
self._assume_role_base_kwargs(config))
return credentials.RefreshableCredentials(
access_key=response['Credentials']['AccessKeyId'],
secret_key=response['Credentials']['SecretAccessKey'],
token=response['Credentials']['SessionToken'],
method=self.METHOD,
expiry_time=parse(response['Credentials']['Expiration']),
refresh_using=refresh_func)
def setUp(self):
super(TestRefreshableCredentials, self).setUp()
self.refresher = mock.Mock()
self.metadata = {
'access_key': 'NEW-ACCESS',
'secret_key': 'NEW-SECRET',
'token': 'NEW-TOKEN',
'expiry_time': '2015-03-07T15:24:46Z',
'role_name': 'rolename',
}
self.refresher.return_value = self.metadata
self.expiry_time = \
datetime.datetime.now(tzlocal()) - datetime.timedelta(minutes=30)
self.mock_time = mock.Mock()
self.creds = credentials.RefreshableCredentials(
'ORIGINAL-ACCESS', 'ORIGINAL-SECRET', 'ORIGINAL-TOKEN',
self.expiry_time, self.refresher, 'iam-role',
time_fetcher=self.mock_time
)
def setUp(self):
super(RefreshableCredentialsTest, self).setUp()
self.creds = credentials.RefreshableCredentials()