def test_overwrite_default_profile(self):
        credentials_filename = self.tempdir + 'credentials'

        with open(credentials_filename, "w") as credentials_file:
            credentials_file.write((
                '[default]\n'
                'aws_access_key_id = AccessKeyIdToOverwrite\n'
                'aws_secret_access_key = SecretAccessKeyToOverwrite\n'
                'aws_session_token = TokenToOverwrite\n'
                'aws_security_token = TokenToOverwrite\n\n'
            ))

        aws_credentials_file.write({
            'AWS_ACCESS_KEY_ID': 'AccessKeyId',
            'AWS_SECRET_ACCESS_KEY': 'SecretAccessKey',
            'AWS_SESSION_TOKEN': 'Token',
            'AWS_SECURITY_TOKEN': 'Token',
            'AWS_EXPIRATION_DATE': 'Expiration'
        }, credentials_filename)

        self.assertEqual(open(credentials_filename).read(), (
            '[default]\n'
            'aws_access_key_id = AccessKeyId\n'
            'aws_secret_access_key = SecretAccessKey\n'
            'aws_session_token = Token\n'
            'aws_security_token = Token\n\n'
        ))
Example #2
0
def main():
    """Main function for script execution"""
    arguments = docopt(__doc__)
    if arguments['--debug']:
        global DEBUG
        DEBUG = True
    debug(arguments)

    try:
        config = load_config()
    except Exception as exc:
        error("Failed to load configuration: %s" % exc)

    api_url = arguments['--api-url'] or config.get('api_url') or \
              'https://{fqdn}/afp-api/latest'.format(fqdn=get_default_afp_server())
    username = arguments['--user'] or config.get("user") or getpass.getuser()
    password = '******' if arguments['--no-ask-pw'] else get_password(username)
    federation_client = AWSFederationClientCmd(api_url=api_url,
                                               username=username,
                                               password=password)
    if arguments['<accountname>']:
        account = arguments['<accountname>']
        role = arguments['<rolename>'] or get_first_role(federation_client, account)
        aws_credentials = get_aws_credentials(federation_client, account, role)

        if arguments['--show']:
            print(cli.format_aws_credentials(aws_credentials))

        elif arguments['--export']:
            if os.name == "nt":
                print(cli.format_aws_credentials(aws_credentials, prefix='set '))
            else:
                print(cli.format_aws_credentials(aws_credentials, prefix='export '))
        elif arguments['--write']:
            aws_credentials_file.write(aws_credentials)
        else:
            print("Entering AFP subshell for account {0}, role {1}.".format(
                account, role))
            try:
                if os.name == "nt":
                    start_subcmd(aws_credentials=aws_credentials, role=role, account=account)
                else:
                    start_subshell(aws_credentials=aws_credentials, role=role, account=account)
            except Exception as exc:
                error("Failed to start subshell: %s" % exc)
    else:
        try:
            print(cli.format_account_and_role_list(federation_client.get_account_and_role_list()))
        except Exception as exc:
            error("Failed to get account list from AWS: %s" % exc)
    def test_write_profile_to_new_file(self):
        credentials_filename = self.tempdir + 'credentials'
        aws_credentials_file.write({
            'AWS_ACCESS_KEY_ID': 'AccessKeyId',
            'AWS_SECRET_ACCESS_KEY': 'SecretAccessKey',
            'AWS_SESSION_TOKEN': 'Token',
            'AWS_SECURITY_TOKEN': 'Token',
            'AWS_EXPIRATION_DATE': 'Expiration'
        }, credentials_filename, 'profile')

        self.assertEqual(open(credentials_filename).read(), (
            '[profile]\n'
            'aws_access_key_id = AccessKeyId\n'
            'aws_secret_access_key = SecretAccessKey\n'
            'aws_session_token = Token\n'
            'aws_security_token = Token\n\n'
        ))