def test_create_session_config(self):
env = TNCOEnvironment(address='http://test')
session_config = env.create_session_config()
self.assertIsInstance(session_config, LmSessionConfig)
self.assertEqual(session_config.env, env)
self.assertEqual(session_config.username, None)
self.assertEqual(session_config.password, None)
def test_init(self):
env = TNCOEnvironment(host='test', port=80, protocol='https', secure=True, username='******', password='******')
session_config = env.create_session_config()
session = LmSession(session_config)
self.assertEqual(session.env, env)
self.assertEqual(session.username, 'user')
self.assertEqual(session.password, 'secret')
def test_security_ctrl_builds_client_with_legacy_auth_on_default_address(self, mock_client_builder_init):
env = TNCOEnvironment(address='http://api:80', secure=True, username='******', password='******')
session_config = env.create_session_config()
session = LmSession(session_config)
driver = session.descriptor_driver #Force LmSecurityCtrl to be created
mock_client_builder = mock_client_builder_init.return_value
mock_client_builder.legacy_user_pass_auth.assert_called_once_with(username='******', password='******', legacy_auth_address='http://api:80')
mock_client_builder.user_pass_auth.assert_not_called()
mock_client_builder.client_credentials_auth.assert_not_called()
mock_client_builder.zen_api_key_auth.assert_not_called()
def test_security_ctrl_builds_client_with_token_auth(self, mock_client_builder_init):
env = TNCOEnvironment(address='http://api:80', secure=True, auth_mode='token', token='123')
session_config = env.create_session_config()
session = LmSession(session_config)
driver = session.descriptor_driver #Force LmSecurityCtrl to be created
mock_client_builder = mock_client_builder_init.return_value
mock_client_builder.address.assert_called_once_with(None)
mock_client_builder.legacy_user_pass_auth.assert_not_called()
mock_client_builder.user_pass_auth.assert_not_called()
mock_client_builder.client_credentials_auth.assert_not_called()
mock_client_builder.token_auth.assert_called_once_with(token='123')
def test_security_ctrl_builds_client_with_client_auth(self, mock_client_builder_init):
env = TNCOEnvironment(address='http://api:80', secure=True, client_id='UserClient', client_secret='c_secret', auth_address='http://auth:81')
session_config = env.create_session_config()
session = LmSession(session_config)
driver = session.descriptor_driver #Force LmSecurityCtrl to be created
mock_client_builder = mock_client_builder_init.return_value
mock_client_builder.address.assert_called_once_with('http://auth:81')
mock_client_builder.legacy_user_pass_auth.assert_not_called()
mock_client_builder.user_pass_auth.assert_not_called()
mock_client_builder.client_credentials_auth.assert_called_once_with(client_id='UserClient', client_secret='c_secret')
mock_client_builder.zen_api_key_auth.assert_not_called()
def test_build_client_token_auth(self):
config = TNCOEnvironment(
address='https://testing',
secure=True,
auth_mode='token',
token='123'
)
client = config.build_client()
self.assertIsInstance(client, TNCOClient)
self.assertIsInstance(client.auth_type, JwtTokenAuth)
self.assertEqual(client.auth_type.token, '123')
def test_build_client_credentials_auth(self):
config = TNCOEnvironment(
address='https://testing',
secure=True,
client_id='TNCOClient',
client_secret='sosecret'
)
client = config.build_client()
self.assertIsInstance(client, TNCOClient)
self.assertIsInstance(client.auth_type, ClientCredentialsAuth)
self.assertEqual(client.auth_type.client_id, 'TNCOClient')
self.assertEqual(client.auth_type.client_secret, 'sosecret')
def test_build_client_user_pass_auth(self):
config = TNCOEnvironment(
address='https://testing',
secure=True,
client_id='TNCOClient',
client_secret='sosecret',
username='******',
password='******'
)
client = config.build_client()
self.assertIsInstance(client, TNCOClient)
self.assertIsInstance(client.auth_type, UserPassAuth)
self.assertEqual(client.auth_type.username, 'user')
self.assertEqual(client.auth_type.password, 'secret')
self.assertEqual(client.auth_type.client_id, 'TNCOClient')
self.assertEqual(client.auth_type.client_secret, 'sosecret')
def test_build_client_legacy_auth(self):
config = TNCOEnvironment(
address='https://testing',
secure=True,
username='******',
password='******',
auth_host='auth',
auth_port=81,
auth_protocol='https'
)
client = config.build_client()
self.assertIsInstance(client, TNCOClient)
self.assertIsInstance(client.auth_type, LegacyUserPassAuth)
self.assertEqual(client.auth_type.username, 'user')
self.assertEqual(client.auth_type.password, 'secret')
self.assertEqual(client.auth_type.legacy_auth_address, 'https://auth:81')
def test_init_with_all_as_parts(self):
config = TNCOEnvironment(host='test', port=80, protocol='http', path='gateway', secure=True, username='******', password='******', auth_host='auth', auth_port=81, auth_protocol='https', brent_name='alt_brent')
self.assertEqual(config.address, 'http://test:80/gateway')
self.assertEqual(config.auth_address, 'https://auth:81')
self.assertEqual(config.secure, True)
self.assertEqual(config.username, 'user')
self.assertEqual(config.brent_name, 'alt_brent')
def test_build_client_zen_auth(self):
config = TNCOEnvironment(
address='https://testing',
secure=True,
auth_mode='zen',
username='******',
api_key='secret',
auth_host='auth',
auth_port=81,
auth_protocol='https'
)
client = config.build_client()
self.assertIsInstance(client, TNCOClient)
self.assertIsInstance(client.auth_type, ZenAPIKeyAuth)
self.assertEqual(client.auth_type.username, 'user')
self.assertEqual(client.auth_type.api_key, 'secret')
self.assertEqual(client.auth_type.zen_auth_address, 'https://auth:81')
def test_build_client_sets_address(self):
config = TNCOEnvironment(
host='test',
port=80,
protocol='http',
path='gateway',
secure=True,
username='******',
password='******',
auth_host='auth',
auth_port=81,
auth_protocol='https'
)
client = config.build_client()
self.assertIsInstance(client, TNCOClient)
self.assertEqual(client.address, 'http://test:80/gateway')
self.assertEqual(client.kami_address, 'http://test:31289')
def test_minimum_init(self):
config = TNCOEnvironment(address='testing')
self.assertEqual(config.address, 'testing')
self.assertEqual(config.secure, False)
# Defaults
self.assertEqual(config.brent_name, 'brent')
self.assertEqual(config.protocol, 'https')
self.assertEqual(config.auth_protocol, 'https')
self.assertEqual(config.kami_port, '31289')
self.assertEqual(config.kami_protocol, 'http')
def test_create_session_config_with_username_password(self):
env = TNCOEnvironment(host='test', port=80, protocol='https', secure=True, username='******')
session_config = env.create_session_config()
self.assertEqual(session_config.username, 'user')
self.assertEqual(session_config.password, None)
env = TNCOEnvironment(host='test', port=80, protocol='https', secure=True, username='******', password='******')
session_config = env.create_session_config()
self.assertEqual(session_config.username, 'user')
self.assertEqual(session_config.password, 'secret')
self.assertEqual(session_config.auth_mode, 'oauth')
def test_address_from_parts(self):
env = TNCOEnvironment(host='test')
self.assertEqual(env.address, 'https://test')
env = TNCOEnvironment(host='test', port=32455)
self.assertEqual(env.address, 'https://test:32455')
env = TNCOEnvironment(host='test', port=32455, protocol='http')
self.assertEqual(env.address, 'http://test:32455')
env = TNCOEnvironment(host='test', port=None, protocol='http')
self.assertEqual(env.address, 'http://test')
env = TNCOEnvironment(host='test', port=None, protocol='http', path='gateway')
self.assertEqual(env.address, 'http://test/gateway')
env = TNCOEnvironment(host='test', port=32455, protocol='http', path='gateway')
self.assertEqual(env.address, 'http://test:32455/gateway')
def test_config_to_file(self):
config = Config(
environments={
'test':
EnvironmentGroup(
name='test',
description='Just testing',
tnco=TNCOEnvironment(address='https://localhost:80',
secure=True,
username='******',
client_id='client'),
arms={
'defaultrm': ArmEnvironment(
address='https://localhost:81')
})
})
target_path = os.path.join(self.tmp_dir, 'write-config.yaml')
ConfigIO().config_to_file(config, target_path)
self.assertTrue(os.path.exists(target_path))
config_dict = self.test_helper.read_workspace_yaml_file(
'write-config.yaml')
self.assertEqual(
config_dict, {
'environments': {
'test': {
'description': 'Just testing',
'tnco': {
'address': 'https://localhost:80',
'secure': True,
'username': '******',
'client_id': 'client'
},
'arms': {
'defaultrm': {
'address': 'https://localhost:81'
}
}
}
}
})
def test_config_to_dict(self):
config = Config(
environments={
'test':
EnvironmentGroup(
name='test',
description='Just testing',
tnco=TNCOEnvironment(address='https://localhost:80',
secure=True,
username='******',
client_id='client'),
arms={
'defaultrm': ArmEnvironment(
address='https://localhost:81')
})
})
config_dict = ConfigIO().config_to_dict(config)
self.assertEqual(
config_dict, {
'environments': {
'test': {
'description': 'Just testing',
'tnco': {
'address': 'https://localhost:80',
'secure': True,
'username': '******',
'client_id': 'client'
},
'arms': {
'defaultrm': {
'address': 'https://localhost:81'
}
}
}
}
})
def test_init_with_password(self):
config = TNCOEnvironment(host='test', port=80, secure=True, username='******', password='******')
self.assertEqual(config.username, 'test')
self.assertEqual(config.password, 'secret')
def test_zen_auth_mode(self):
env = TNCOEnvironment(address='http://test:8080', secure=True, auth_mode='zen', username='******', api_key='12345', auth_address='http://zen:8000/api')
self.assertEqual(env.auth_mode, 'zen')
self.assertEqual(env.username, 'Zenny')
self.assertEqual(env.api_key, '12345')
self.assertEqual(env.auth_address, 'http://zen:8000/api')
def test_kami_address_override_protocol(self):
env = TNCOEnvironment(address='http://test:8080', kami_protocol='https')
self.assertEqual(env.kami_address, 'https://test:31289')
def test_kami_address_override_port(self):
env = TNCOEnvironment(address='http://test:8080', kami_port=5678)
self.assertEqual(env.kami_address, 'http://test:5678')
def test_init_auth_defaults_auth_address(self):
config = TNCOEnvironment(host='test', port=80, secure=True, username='******')
self.assertEqual(config.auth_address, 'https://test:80')
def test_kami_address_from_parts(self):
env = TNCOEnvironment(host='test', port=80, protocol='http', secure=True, username='******', auth_host='auth', auth_port=82, auth_protocol='https')
self.assertEqual(env.kami_address, 'http://test:31289')
def test_init_auth_defaults_auth_mode(self):
config = TNCOEnvironment(host='test', port=80, secure=True, username='******')
self.assertEqual(config.auth_mode, 'oauth')
def test_is_secure(self):
insecure_env = TNCOEnvironment(host='test', port=80)
self.assertFalse(insecure_env.secure)
secure_env = TNCOEnvironment(host='test', port=80, secure=True, username='******')
self.assertTrue(secure_env.secure)
def test_init_with_address(self):
config = TNCOEnvironment(address='https://test:8080/api')
self.assertEqual(config.address, 'https://test:8080/api')
self.assertEqual(config.auth_address, 'https://test:8080/api')
self.assertEqual(config.kami_address, 'http://test:31289')
def test_infrastructure_keys_driver_with_security(self, infrastructure_keys_driver_init, mock_security_ctrl_init):
session = LmSession(LmSessionConfig(TNCOEnvironment(host='test', port=80, protocol='https', secure=True, username='******', auth_host='auth', auth_port=81, auth_protocol='http'), 'user', 'secret', auth_mode='oauth'))
driver = session.infrastructure_keys_driver
mock_security_ctrl_init.assert_called_once_with('http://auth:81', username='******', password='******', client_id=None, client_secret=None, token=None, api_key=None, auth_mode='oauth')
infrastructure_keys_driver_init.assert_called_once_with('https://test:80', mock_security_ctrl_init.return_value)
self.assertEqual(driver, infrastructure_keys_driver_init.return_value)
def test_infrastructure_keys_driver(self, infrastructure_keys_driver_init):
session = LmSession(LmSessionConfig(TNCOEnvironment(host='test', port=80, protocol='https'), None))
driver = session.infrastructure_keys_driver
infrastructure_keys_driver_init.assert_called_once_with('https://test:80', None)
self.assertEqual(driver, infrastructure_keys_driver_init.return_value)
def login(ctx: click.Context,
address: str,
username: str = None,
pwd: str = None,
api_key: str = None,
client_id: str = None,
client_secret: str = None,
token: str = None,
name: str = None,
auth_address: str = None,
save_creds: bool = False,
yes_to_prompts: bool = False,
print_token: bool = False,
is_zen: bool = False):
# Support missing config file by pre-creating one
path = find_config_location(ignore_not_found=True)
if not os.path.exists(path):
with open(path, 'w') as f:
f.write('environments: {}')
ctl = get_global_controller(override_config_path=path)
_error_if_set(ctx, '--token', token, '--username', username)
_error_if_set(ctx, '--token', token, '-p, --pwd, --password', pwd)
_error_if_set(ctx, '--token', token, '--client', client_id)
_error_if_set(ctx, '--token', token, '--client-secret', client_secret)
_error_if_set(ctx, '--token', token, '--auth-address', auth_address)
_error_if_set(ctx, '--token', token, '--api-key', api_key)
if is_zen:
# Only test "is_zen" when set to True
_error_if_set(ctx, '--token', token, '--zen', is_zen)
if token is None and client_id is None and username is None:
# No credentials passed, must prompt
if is_zen:
auth_address = _prompt_if_not_set(ctl, 'Auth Address',
auth_address)
username = _prompt_if_not_set(ctl, 'Username', username)
api_key = _prompt_if_not_set(ctl, 'API Key', api_key, secret=True)
else:
# If auth address is not set then we must prompt for client credentials in addition to username/password
if auth_address is None:
client_id = _prompt_if_not_set(ctl, 'Client ID', client_id)
client_secret = _prompt_if_not_set(ctl,
'Client Secret',
client_secret,
secret=True)
username = _prompt_if_not_set(ctl, 'Username', username)
pwd = _prompt_if_not_set(ctl, 'Password', pwd, secret=True)
elif token is None:
if client_id is not None:
client_secret = _prompt_if_not_set(ctl,
'Client Secret',
client_secret,
secret=True)
if username is not None:
if client_id is None and auth_address is None:
raise click.BadArgumentUsage(
message=
f'Must specify "--auth-address" option when attempting to authenticate with username/password/api_key but without client/client-secret',
ctx=ctx)
if is_zen:
api_key = _prompt_if_not_set(ctl,
'API Key',
api_key,
secret=True)
else:
pwd = _prompt_if_not_set(ctl, 'Password', pwd, secret=True)
auth_mode = OAUTH_MODE
if token is not None:
auth_mode = TOKEN_AUTH_MODE
elif is_zen:
auth_mode = ZEN_AUTH_MODE
tnco_env = TNCOEnvironment(address=address,
secure=True,
client_id=client_id,
client_secret=client_secret,
username=username,
password=pwd,
api_key=api_key,
token=token,
auth_mode=auth_mode,
auth_address=auth_address)
client = tnco_env.build_client()
access_token = client.get_access_token()
if print_token:
ctl.io.print(access_token)
else:
ctl.io.print('Login success')
name = _ensure_name(ctl, name, yes_to_prompts)
if not save_creds or token is not None:
tnco_env_dict = {
'address': address,
'secure': True,
'token': access_token,
'auth_mode': TOKEN_AUTH_MODE
}
else:
tnco_env_dict = {
'address': address,
'secure': True,
'auth_mode': auth_mode
}
if client_id is not None:
tnco_env_dict['client_id'] = client_id
if client_secret is not None:
tnco_env_dict['client_secret'] = client_secret
if username is not None:
tnco_env_dict['username'] = username
if pwd is not None:
tnco_env_dict['password'] = pwd
if auth_address is not None:
tnco_env_dict['auth_address'] = auth_address
if api_key is not None:
tnco_env_dict['api_key'] = api_key
tnco_env = TNCOEnvironment(**tnco_env_dict)
# Write
if name not in ctl.config.environments:
ctl.config.environments[name] = EnvironmentGroup(name=name)
ctl.config.environments[name].tnco = tnco_env
ctl.config.active_environment = name
ctl.io.print(f'Updating config at: {ctl.config_path}')
write_config(ctl.config, override_config_path=ctl.config_path)
def test_deployment_location_driver(self, deployment_location_driver_init):
session = LmSession(LmSessionConfig(TNCOEnvironment(host='test', port=80, protocol='https'), None))
driver = session.deployment_location_driver
deployment_location_driver_init.assert_called_once_with('https://test:80', None)
self.assertEqual(driver, deployment_location_driver_init.return_value)