Python Amazon Examples

Programming Language: Python

Namespace/Package Name: aws_google_auth.amazon

Method/Function: Amazon

Examples at hotexamples.com: 5

Python Amazon - 5 examples found. These are the top rated real world Python examples of aws_google_auth.amazon.Amazon extracted from open source projects. You can rate examples to help us improve the quality of examples.

Example #1

Show file

    def test_sts_client_with_invalid_profile(self):
        a = amazon.Amazon(self.valid_config, "dummy-encoded-saml")

        self.assertIsNotNone(a.sts_client)

        self.assertEqual('xxx-xxxx', os.environ['AWS_PROFILE'])
        self.assertEqual('blart', os.environ['DEFAULT_AWS_PROFILE'])

Example #2

Show file

 def test_role_extraction(self):
     saml_xml = self.read_local_file('valid-response.xml')
     a = amazon.Amazon(self.valid_config, saml_xml)
     self.assertIsInstance(a.roles, dict)
     list_of_testing_roles = [
         "arn:aws:iam::123456789012:role/admin",
         "arn:aws:iam::123456789012:role/read-only",
         "arn:aws:iam::123456789012:role/test"
     ]
     self.assertEqual(sorted(list(a.roles.keys())),
                      sorted(list_of_testing_roles))

Example #3

Show file

 def test_role_extraction_too_many_commas(self):
     # See https://github.com/cevoaustralia/aws-google-auth/issues/12
     saml_xml = self.read_local_file('too-many-commas.xml')
     a = amazon.Amazon(self.valid_config, saml_xml)
     self.assertIsInstance(a.roles, dict)
     list_of_testing_roles = [
         "arn:aws:iam::123456789012:role/admin",
         "arn:aws:iam::123456789012:role/read-only",
         "arn:aws:iam::123456789012:role/test"
     ]
     self.assertEqual(sorted(list(a.roles.keys())),
                      sorted(list_of_testing_roles))

Example #4

Show file

def process_auth(args, config):
    # Set up logging
    logging.getLogger().setLevel(getattr(logging, args.log_level.upper(), None))

    if config.region is None:
        config.region = util.Util.get_input("AWS Region: ")
        logging.debug('%s: region is: %s', __name__, config.region)

    # If there is a valid cache and the user opted to use it, use that instead
    # of prompting the user for input (it will also ignroe any set variables
    # such as username or sp_id and idp_id, as those are built into the SAML
    # response). The user does not need to be prompted for a password if the
    # SAML cache is used.
    if args.saml_assertion:
        saml_xml = base64.b64decode(args.saml_assertion)
    elif args.saml_cache and config.saml_cache:
        saml_xml = config.saml_cache
        logging.info('%s: SAML cache found', __name__)
    else:
        # No cache, continue without.
        logging.info('%s: SAML cache not found', __name__)
        if config.username is None:
            config.username = util.Util.get_input("Google username: "******"Google IDP ID: ")
            logging.debug('%s: idp is: %s', __name__, config.idp_id)
        if config.sp_id is None:
            config.sp_id = util.Util.get_input("Google SP ID: ")
            logging.debug('%s: sp is: %s', __name__, config.sp_id)

        # There is no way (intentional) to pass in the password via the command
        # line nor environment variables. This prevents password leakage.
        keyring_password = None
        if config.keyring:
            keyring_password = keyring.get_password("aws-google-auth", config.username)
            if keyring_password:
                config.password = keyring_password
            else:
                config.password = util.Util.get_password("Google Password: "******"Google Password: "******"aws-google-auth", config.username, config.password)

    # We now have a new SAML value that can get cached (If the user asked
    # for it to be)
    if args.saml_cache:
        config.saml_cache = saml_xml

    # The amazon_client now has the SAML assertion it needed (Either via the
    # cache or freshly generated). From here, we can get the roles and continue
    # the rest of the workflow regardless of cache.
    amazon_client = amazon.Amazon(config, saml_xml)
    roles = amazon_client.roles

    # Determine the provider and the role arn (if the the user provided isn't an option)
    if config.role_arn in roles and not config.ask_role:
        config.provider = roles[config.role_arn]
    else:
        if config.account and config.resolve_aliases:
            aliases = amazon_client.resolve_aws_aliases(roles)
            config.role_arn, config.provider = util.Util.pick_a_role(roles, aliases, config.account)
        elif config.account:
            config.role_arn, config.provider = util.Util.pick_a_role(roles, account=config.account)
        elif config.resolve_aliases:
            aliases = amazon_client.resolve_aws_aliases(roles)
            config.role_arn, config.provider = util.Util.pick_a_role(roles, aliases)
        else:
            config.role_arn, config.provider = util.Util.pick_a_role(roles)
    if not config.quiet:
        print("Assuming " + config.role_arn)
        print("Credentials Expiration: " + format(amazon_client.expiration.astimezone(get_localzone())))

    if config.print_creds:
        amazon_client.print_export_line()

    if config.profile:
        config.write(amazon_client)

Example #5

Show file

 def test_sts_client(self):
     a = amazon.Amazon(self.valid_config, "dummy-encoded-saml")
     self.assertEqual(str(a.sts_client.__class__),
                      "<class 'botocore.client.STS'>")