def setUp(self):
super(CredentialResolverTest, self).setUp()
self.environ['AWS_CONFIG_FILE'] = path('aws_config_nocreds')
self.environ['BOTO_CONFIG'] = ''
self.environ['AWS_ACCESS_KEY_ID'] = 'foo'
self.environ['AWS_SECRET_ACCESS_KEY'] = 'bar'
self.session = create_session(session_vars=TESTENVVARS)
self.default_resolver = credentials.CredentialResolver(
session=self.session)
self.small_resolver = credentials.CredentialResolver(
session=self.session,
methods=[credentials.BotoProvider(),
credentials.ConfigProvider()])
def test_inject_additional_providers_after_existing(self):
self.provider1.load.return_value = None
self.provider2.load.return_value = self.fake_creds
resolver = credentials.CredentialResolver(
providers=[self.provider1, self.provider2])
# Now, if we were to call resolver.load() now, provider2 would
# win because it's returning a non None response.
# However we can inject a new provider before provider2 to
# override this process.
# Providers can be added by the METHOD name of each provider.
new_provider = mock.Mock()
new_provider.METHOD = 'new_provider'
new_provider.load.return_value = credentials.Credentials('d', 'e', 'f')
resolver.insert_after('provider1', new_provider)
creds = resolver.load_credentials()
self.assertIsNotNone(creds)
self.assertEqual(creds.access_key, 'd')
self.assertEqual(creds.secret_key, 'e')
self.assertEqual(creds.token, 'f')
# Provider 1 should have been called, but provider2 should
# *not* have been called because new_provider already returned
# a non-None response.
self.provider1.load.assert_called_with()
self.assertTrue(not self.provider2.called)
def test_no_creds_loaded(self):
self.provider1.load.return_value = None
self.provider2.load.return_value = None
resolver = credentials.CredentialResolver(
providers=[self.provider1, self.provider2])
creds = resolver.load_credentials()
self.assertIsNone(creds)
def test_load_credentials_single_provider(self):
self.provider1.load.return_value = self.fake_creds
resolver = credentials.CredentialResolver(providers=[self.provider1])
creds = resolver.load_credentials()
self.assertEqual(creds.access_key, 'a')
self.assertEqual(creds.secret_key, 'b')
self.assertEqual(creds.token, 'c')
def test_provider_unknown(self):
resolver = credentials.CredentialResolver(
providers=[self.provider1, self.provider2])
# No error is raised if you try to remove an unknown provider.
resolver.remove('providerFOO')
# But an error IS raised if you try to insert after an unknown
# provider.
with self.assertRaises(botocore.exceptions.UnknownCredentialError):
resolver.insert_after('providerFoo', None)
def test_custom_init(self):
resolver = credentials.CredentialResolver(
methods=[credentials.BotoProvider(),
credentials.ConfigProvider()])
self.assertEqual(resolver.available_methods, [
'boto',
'config',
])
self.assertEqual(len(resolver.methods), 2)
def test_first_credential_non_none_wins(self):
self.provider1.load.return_value = None
self.provider2.load.return_value = self.fake_creds
resolver = credentials.CredentialResolver(
providers=[self.provider1, self.provider2])
creds = resolver.load_credentials()
self.assertEqual(creds.access_key, 'a')
self.assertEqual(creds.secret_key, 'b')
self.assertEqual(creds.token, 'c')
self.provider1.load.assert_called_with()
self.provider2.load.assert_called_with()
def setUp(self):
super(AlternateCredentialResolverTest, self).setUp()
self.environ['AWS_CONFIG_FILE'] = path('aws_config')
self.environ['BOTO_CONFIG'] = ''
self.session = create_session(session_vars=TESTENVVARS)
self.small_resolver = credentials.CredentialResolver(
session=self.session,
methods=[
credentials.BotoProvider(),
credentials.ConfigProvider(session=self.session)
])
def test_inject_provider_before_existing(self):
new_provider = mock.Mock()
new_provider.METHOD = 'override'
new_provider.load.return_value = credentials.Credentials('x', 'y', 'z')
resolver = credentials.CredentialResolver(
providers=[self.provider1, self.provider2])
resolver.insert_before(self.provider1.METHOD, new_provider)
creds = resolver.load_credentials()
self.assertEqual(creds.access_key, 'x')
self.assertEqual(creds.secret_key, 'y')
self.assertEqual(creds.token, 'z')
def test_can_remove_providers(self):
self.provider1.load.return_value = credentials.Credentials(
'a', 'b', 'c')
self.provider2.load.return_value = credentials.Credentials(
'd', 'e', 'f')
resolver = credentials.CredentialResolver(
providers=[self.provider1, self.provider2])
resolver.remove('provider1')
creds = resolver.load_credentials()
self.assertIsNotNone(creds)
self.assertEqual(creds.access_key, 'd')
self.assertEqual(creds.secret_key, 'e')
self.assertEqual(creds.token, 'f')
self.assertTrue(not self.provider1.load.called)
self.provider2.load.assert_called_with()
def test_get_unknown_provider_raises_error(self):
resolver = credentials.CredentialResolver(providers=[self.provider1])
with self.assertRaises(botocore.exceptions.UnknownCredentialError):
resolver.get_provider('unknown-foo')
def test_get_provider_by_name(self):
resolver = credentials.CredentialResolver(providers=[self.provider1])
result = resolver.get_provider('provider1')
self.assertIs(result, self.provider1)
