def test_auth_okta_unknown_error(self, _config_mock): keyman = Keyman(['foo', '-o', 'foo', '-u', 'bar', '-a', 'baz']) keyman.okta_client = mock.MagicMock() keyman.okta_client.auth.side_effect = okta.UnknownError with self.assertRaises(SystemExit): keyman.auth_okta()
def test_auth_okta_bad_password(self, _config_mock): keyman = Keyman(['foo', '-o', 'foo', '-u', 'bar', '-a', 'baz']) keyman.okta_client = mock.MagicMock() keyman.okta_client.auth.side_effect = okta.InvalidPassword with self.assertRaises(SystemExit): keyman.auth_okta()
def test_auth_okta_duo_mfa_no_factor(self, _config_mock): keyman = Keyman(['foo', '-o', 'foo', '-u', 'bar', '-a', 'baz']) keyman.okta_client = mock.MagicMock() keyman.handle_duo_factor_selection = mock.MagicMock() keyman.okta_client.auth.side_effect = [duo.FactorRequired('a', 'b'), True] keyman.okta_client.duo_auth.side_effect = [False, True] keyman.user_input = mock.MagicMock() keyman.auth_okta() keyman.handle_duo_factor_selection.assert_has_calls([mock.call()])
def test_auth_okta_duo_mfa_passcode(self, _config_mock): keyman = Keyman(['foo', '-o', 'foo', '-u', 'bar', '-a', 'baz']) keyman.okta_client = mock.MagicMock() keyman.okta_client.auth.side_effect = duo.PasscodeRequired('a', 'b') keyman.okta_client.duo_auth.return_value = True keyman.user_input = mock.MagicMock() keyman.user_input.return_value = '000000' keyman.auth_okta() keyman.okta_client.duo_auth.assert_has_calls([ mock.call('a', 'b', '000000'), ])
def test_auth_okta_answer(self, _config_mock): keyman = Keyman(['foo', '-o', 'foo', '-u', 'bar', '-a', 'baz']) keyman.okta_client = mock.MagicMock() factor = {'id': 'foo', 'profile': {'questionText': 'a'}} keyman.okta_client.auth.side_effect = okta.AnswerRequired(factor, 'b') keyman.okta_client.validate_answer.return_value = True keyman.user_input = mock.MagicMock() keyman.user_input.return_value = 'Someanswer' keyman.auth_okta() keyman.okta_client.validate_answer.assert_has_calls([ mock.call('foo', 'b', 'Someanswer'), ])
def test_auth_okta_duo_mfa_no_factor(self, _config_mock): keyman = Keyman(["foo", "-o", "foo", "-u", "bar", "-a", "baz"]) keyman.okta_client = mock.MagicMock() keyman.handle_duo_factor_selection = mock.MagicMock() keyman.okta_client.auth.side_effect = [ duo.FactorRequired("a", "b"), True, ] keyman.okta_client.duo_auth.side_effect = [False, True] keyman.user_input = mock.MagicMock() keyman.auth_okta() keyman.handle_duo_factor_selection.assert_has_calls([mock.call()])
def test_auth_okta_mfa(self, _config_mock): keyman = Keyman(['foo', '-o', 'foo', '-u', 'bar', '-a', 'baz']) keyman.okta_client = mock.MagicMock() keyman.okta_client.auth.side_effect = okta.PasscodeRequired('a', 'b', 'c') keyman.okta_client.validate_mfa.return_value = True keyman.user_input = mock.MagicMock() keyman.user_input.return_value = "000000" keyman.auth_okta() keyman.okta_client.validate_mfa.assert_has_calls([ mock.call('a', 'b', "000000") ])
def test_auth_okta_duo_mfa_passcode(self, _config_mock): keyman = Keyman(["foo", "-o", "foo", "-u", "bar", "-a", "baz"]) keyman.okta_client = mock.MagicMock() keyman.okta_client.auth.side_effect = duo.PasscodeRequired("a", "b") keyman.okta_client.duo_auth.return_value = True keyman.user_input = mock.MagicMock() keyman.user_input.return_value = "000000" keyman.auth_okta() keyman.okta_client.duo_auth.assert_has_calls( [ mock.call("a", "b", "000000"), ], )
def test_auth_okta_answer(self, _config_mock): keyman = Keyman(["foo", "-o", "foo", "-u", "bar", "-a", "baz"]) keyman.okta_client = mock.MagicMock() factor = {"id": "foo", "profile": {"questionText": "a"}} keyman.okta_client.auth.side_effect = okta.AnswerRequired(factor, "b") keyman.okta_client.validate_answer.return_value = True keyman.user_input = mock.MagicMock() keyman.user_input.return_value = "Someanswer" keyman.auth_okta() keyman.okta_client.validate_answer.assert_has_calls( [ mock.call("foo", "b", "Someanswer"), ], )
def test_auth_okta(self, _config_mock): keyman = Keyman(['foo', '-o', 'foo', '-u', 'bar', '-a', 'baz']) keyman.okta_client = mock.MagicMock() keyman.okta_client.auth.return_value = None ret = keyman.auth_okta() self.assertEqual(ret, None)
def test_auth_okta(self, _config_mock): keyman = Keyman(["foo", "-o", "foo", "-u", "bar", "-a", "baz"]) keyman.okta_client = mock.MagicMock() keyman.okta_client.auth.return_value = None ret = keyman.auth_okta() self.assertEqual(ret, None)
def test_auth_okta_mfa_retry(self, _config_mock): keyman = Keyman(["foo", "-o", "foo", "-u", "bar", "-a", "baz"]) keyman.okta_client = mock.MagicMock() keyman.okta_client.auth.side_effect = okta.PasscodeRequired( "a", "b", "c", ) keyman.okta_client.validate_mfa.side_effect = [False, True] keyman.user_input = mock.MagicMock() keyman.user_input.return_value = "000000" keyman.auth_okta() keyman.okta_client.validate_mfa.assert_has_calls( [ mock.call("a", "b", "000000"), mock.call("a", "b", "000000"), ], )
def test_main_no_aws_accounts(self, _config_mock): keyman = Keyman(['foo', '-o', 'foo', '-u', 'bar', '-a', 'baz']) keyman.handle_appid_selection = mock.MagicMock() keyman.user_password = mock.MagicMock() keyman.user_password.return_value = 'foo' keyman.init_okta = mock.MagicMock() keyman.auth_okta = mock.MagicMock() keyman.aws_auth_loop = mock.MagicMock() keyman.aws_auth_loop.return_value = 1 with self.assertRaises(SystemExit): keyman.main()
def test_main_aws_auth_error(self, _config_mock): keyman = Keyman(["foo", "-o", "foo", "-u", "bar", "-a", "baz"]) keyman.handle_appid_selection = mock.MagicMock() keyman.handle_appid_selection.side_effect = NoAWSAccounts() keyman.user_password = mock.MagicMock() keyman.user_password.return_value = "foo" keyman.init_okta = mock.MagicMock() keyman.auth_okta = mock.MagicMock() keyman.aws_auth_loop = mock.MagicMock() with self.assertRaises(SystemExit): keyman.main()
def test_main_update(self, config_mock): config_mock().update = True keyman = Keyman(["foo", "-o", "foo", "-u", "bar", "-a", "baz"]) keyman.update = mock.MagicMock() keyman.handle_appid_selection = mock.MagicMock() keyman.user_password = mock.MagicMock() keyman.user_password.return_value = "foo" keyman.init_okta = mock.MagicMock() keyman.auth_okta = mock.MagicMock() keyman.aws_auth_loop = mock.MagicMock() with self.assertRaises(SystemExit): keyman.main() keyman.update.assert_has_calls([mock.call(__version__)])
def test_aws_auth_loop_reauth(self, config_mock, _sleep_mock): config_mock().reup = False keyman = Keyman(['foo', '-o', 'foo', '-u', 'bar', '-a', 'baz']) session_instance = mock.MagicMock() session_instance.assume_role.side_effect = okta.ReauthNeeded session_instance.is_valid = False keyman.start_session = mock.MagicMock() keyman.start_session.side_effect = session_instance, Exception() keyman.handle_multiple_roles = mock.MagicMock() keyman.auth_okta = mock.MagicMock() with self.assertRaises(Exception): keyman.aws_auth_loop() keyman.auth_okta.assert_has_calls([mock.call(state_token=None)])
def test_main_post_okta_appid_selection(self, _config_mock): keyman = Keyman(['foo', '-o', 'foo', '-u', 'bar']) keyman.handle_appid_selection = mock.MagicMock() keyman.config.appid = None keyman.user_password = mock.MagicMock() keyman.user_password.return_value = 'foo' keyman.init_okta = mock.MagicMock() keyman.auth_okta = mock.MagicMock() keyman.aws_auth_loop = mock.MagicMock() keyman.aws_auth_loop.return_value = None keyman.handle_appid_selection = mock.MagicMock() keyman.main() keyman.handle_appid_selection.assert_has_calls( [mock.call(), mock.call(okta_ready=True)])
def test_main(self, _config_mock): keyman = Keyman(['foo', '-o', 'foo', '-u', 'bar', '-a', 'baz']) keyman.handle_appid_selection = mock.MagicMock() keyman.user_password = mock.MagicMock() keyman.user_password.return_value = 'foo' keyman.init_okta = mock.MagicMock() keyman.auth_okta = mock.MagicMock() keyman.aws_auth_loop = mock.MagicMock() keyman.main() assert keyman.handle_appid_selection.called assert keyman.user_password.called keyman.init_okta.assert_called_with('foo') assert keyman.auth_okta.called assert keyman.aws_auth_loop.called
def test_main(self, _config_mock): keyman = Keyman(["foo", "-o", "foo", "-u", "bar", "-a", "baz"]) keyman.handle_appid_selection = mock.MagicMock() keyman.user_password = mock.MagicMock() keyman.user_password.return_value = "foo" keyman.init_okta = mock.MagicMock() keyman.auth_okta = mock.MagicMock() keyman.aws_auth_loop = mock.MagicMock() keyman.aws_auth_loop.return_value = None keyman.main() assert keyman.handle_appid_selection.called assert keyman.user_password.called keyman.init_okta.assert_called_with("foo") assert keyman.auth_okta.called assert keyman.aws_auth_loop.called