def serviceCCAWS_AuthWithObject(self): falconWithObject = FalconAWS.Cloud_Connect_AWS(auth_object=FalconAuth.OAuth2(creds={ 'client_id': auth.config["falcon_client_id"], 'client_secret': auth.config["falcon_client_secret"] })) return falconWithObject.authenticated()
def serviceCCAWS_AuthWithCreds(self): falconWithCreds = FalconAWS.Cloud_Connect_AWS(creds={ 'client_id': auth.config["falcon_client_id"], 'client_secret': auth.config["falcon_client_secret"] }) return falconWithCreds.authenticated()
def serviceCCAWS_GetAWSSettings(self): auth = Authorization.TestAuthorization() auth.serviceAuth() falcon = FalconAWS.Cloud_Connect_AWS(access_token=auth.token) if falcon.GetAWSSettings()["status_code"] > 0: auth.serviceRevoke() return True else: auth.serviceRevoke() return False
def serviceCCAWS_RefreshToken(self): falconWithObject = FalconAWS.Cloud_Connect_AWS(auth_object=FalconAuth.OAuth2(creds={ 'client_id': auth.config["falcon_client_id"], 'client_secret': auth.config["falcon_client_secret"] })) if not falconWithObject.token_expired(): falconWithObject.auth_object.token_expiration = 0 # Forcibly expire the current token if falconWithObject.QueryAWSAccounts(parameters={"limit": 1})["status_code"] in AllowedResponses: return True else: return False else: return False
def serviceCCAWS_InvalidPayloads(self): result = True falconWithObject = FalconAWS.Cloud_Connect_AWS(auth_object=FalconAuth.OAuth2(creds={ 'client_id': auth.config["falcon_client_id"], 'client_secret': auth.config["falcon_client_secret"] })) if falconWithObject.QueryAWSAccounts(parameters={"limite": 1})["status_code"] != 500: result = False if falconWithObject.QueryAWSAccounts(parameters={"limit": "1"})["status_code"] != 500: result = False if falconWithObject.UpdateAWSAccounts(body={"resources": "I'm gonna go Boom!"})["status_code"] != 500: result = False return result
import os import sys import pytest # Authentication via the test_authorization.py from tests import test_authorization as Authorization # Import our sibling src folder into the path sys.path.append(os.path.abspath('src')) # Classes to test - manually imported from sibling folder from falconpy import cloud_connect_aws as FalconAWS from falconpy import oauth2 as FalconAuth from falconpy._util import service_request auth = Authorization.TestAuthorization() auth.serviceAuth() falcon = FalconAWS.Cloud_Connect_AWS(access_token=auth.token) AllowedResponses = [200, 201, 429] # Adding rate-limiting as an allowed response for now accountPayload = {"resources": [{"rate_limit_reqs": 0, "rate_limit_time": 0}]} falconWithCreds = None falconWithObject = None class TestCloudConnectAWS: def serviceCCAWS_AuthWithCreds(self): falconWithCreds = FalconAWS.Cloud_Connect_AWS( creds={ 'client_id': auth.config["falcon_client_id"], 'client_secret': auth.config["falcon_client_secret"] })
'client_id': falcon_client_id, 'client_secret': falcon_client_secret }) except Exception: # We can't communicate with the endpoint, return a false token authorized.token = lambda: False # Try to retrieve a token from our authentication, returning false on failure try: token = authorized.token()["body"]["access_token"] except Exception: token = False # Confirm the token was successfully retrieved if token: # Connect using our token and return an instance of the API gateway object falcon_discover = FalconAWS.Cloud_Connect_AWS(access_token=token) try: # Execute the requested command if command.lower() == "delete": delete_account() elif command.lower() == "register": register_account() elif command.lower() == "update": update_account() else: check_account() except Exception as e: # Handle any previously unhandled errors print("Command failed with error: {}.".format(str(e))) # Discard our token before we exit authorized.revoke(token)
if command.lower() in "update,register": if (args.data_file is None): parser.error( "The {} command requires the -d arguments to also be specified.".format(command)) else: filename = args.data_file falcon_client_id = args.falcon_client_id falcon_client_secret = args.falcon_client_secret else: parser.error("The {} command is not recognized.".format(command)) # These globals exist for all requests accounts = import_accounts_from_file(filename) # Authenticate using our provided falcon client_id and client_secret falcon_discover = FalconAWS.Cloud_Connect_AWS(creds={'client_id': falcon_client_id, 'client_secret': falcon_client_secret}) # Confirm we authenticated if not falcon_discover.authenticated(): # Report that authentication failed and stop processing print("Failed to retrieve authentication token.") else: try: # Execute the command by calling the named function if command.lower() == "register": register_account(accounts) elif command.lower() == "update": update_accounts(accounts) else: print(f"{command} is not a valid command.") except Exception as e: # Handle any previously unhandled errors