def test_bash_out(tmpdir, mocker, samldata):
output_file = str(tmpdir.join('awscreds.sh'))
if os.path.exists(output_file):
os.path.remove(output_file)
args = [
'dummy',
'--output', output_file,
'--shell', 'bash',
'--account', '070163433501',
'--role', 'nlm_aws_users',
]
getpass = mocker.patch('nlmfedcred.cli.getpass', return_value='fake password')
make_idp = mocker.patch('nlmfedcred.cli.make_idp',
side_effect=RuntimeError('make_idp should not be called'))
get_saml_assertion = mocker.patch('nlmfedcred.cli.fedcred.get_saml_assertion', return_value=samldata)
expected_credentials = Credentials(access_key='7777', secret_key='8888', session_token='9999')
assume_role = mocker.patch('nlmfedcred.cli.fedcred.assume_role_with_saml', return_value=expected_credentials)
write_error = mocker.patch('nlmfedcred.cli.sys.stderr.write', return_value=0)
output_creds_mm = mocker.patch('nlmfedcred.cli.output_creds', wraps=output_creds)
save_creds = mocker.patch('nlmfedcred.cli.update_aws_credentials', return_value=0)
rc = main(args)
assert rc == 0
assert getpass.call_count == 1
assert make_idp.call_count == 0
assert get_saml_assertion.call_count == 1
assert write_error.call_count == 0
assert assume_role.call_count == 1
assert output_creds_mm.call_count == 1
assert save_creds.call_count == 0
def test_default_profile(tmpdir, mocker, samldata):
args = [
'dummy',
'--profile',
]
# build temporary configuration file
inipath = tmpdir.join('config.ini')
inipath.write(SBOX_MLB_CONFIG)
getpass = mocker.patch('nlmfedcred.cli.getpass', return_value='fake-password')
make_idp = mocker.patch('nlmfedcred.cli.make_idp', return_value=DEFAULT_IDP)
get_saml_assertion = mocker.patch('nlmfedcred.cli.fedcred.get_saml_assertion', return_value=samldata)
expected_credentials = Credentials(access_key='7777', secret_key='8888', session_token='9999')
assume_role = mocker.patch('nlmfedcred.cli.fedcred.assume_role_with_saml', return_value=expected_credentials)
write_error = mocker.patch('nlmfedcred.cli.sys.stderr.write', return_value=0)
get_awscreds_config_path = mocker.patch('nlmfedcred.config.get_awscreds_config_path', return_value=inipath)
output_creds_mm = mocker.patch('nlmfedcred.cli.output_creds', wraps=output_creds)
save_creds = mocker.patch('nlmfedcred.cli.update_aws_credentials', return_value=0)
rc = main(args)
assert rc == 0
assert get_awscreds_config_path.call_count == 1
assert getpass.call_count == 1
assert make_idp.call_count == 0
assert get_saml_assertion.call_count == 1
assert write_error.call_count == 0
assert assume_role.call_count == 1
assert output_creds_mm.call_count == 0
assert save_creds.called_once_with('us-east-1', expected_credentials, 'default', None)
def test_setup_certs(tmpdir):
testbundle = str(tmpdir.join('test-bundle.pem'))
if os.path.exists(testbundle):
os.path.remove(testbundle)
args = [
'dummy',
'--setupcerts',
testbundle,
]
rc = main(args=args)
assert os.path.exists(testbundle)
assert rc == 0
def test_bad_password(mocker):
args = [
'dummy',
'--password', 'fake password'
]
getpass = mocker.patch('nlmfedcred.cli.getpass',
side_effect=RuntimeError('getpass should not be called'))
make_idp = mocker.patch('nlmfedcred.cli.make_idp',
side_effect=RuntimeError('make_idp should not be called'))
get_saml_assertion = mocker.patch('nlmfedcred.cli.fedcred.get_saml_assertion', return_value='US-EN')
write_error = mocker.patch('nlmfedcred.cli.sys.stderr.write', return_value=0)
rc = main(args)
assert rc == 1
assert getpass.call_count == 0
assert make_idp.call_count == 0
assert get_saml_assertion.call_count == 1
assert write_error.call_count == 1
assert 'invalid password' in write_error.call_args[0][0]
def test_samlout(tmpdir, mocker, samldata):
samlout = str(tmpdir.join('samlout.b64'))
if os.path.exists(samlout):
os.path.remove(samlout)
args = [
'dummy',
'--idp', 'idpauth.example.com',
'--ca-bundle', 'test-bundle.pem',
'--samlout', samlout
]
getpass = mocker.patch('nlmfedcred.cli.getpass', return_value='fake password')
make_idp = mocker.patch('nlmfedcred.cli.make_idp', return_value=DEFAULT_IDP)
get_saml_assertion = mocker.patch('nlmfedcred.cli.fedcred.get_saml_assertion', return_value=samldata)
rc = main(args)
assert rc == 0
assert getpass.call_count == 1
assert make_idp.call_count == 1
assert get_saml_assertion.call_count == 1
assert os.path.exists(samlout)
assert 'REQUESTS_CA_BUNDLE' in os.environ
assert os.environ['REQUESTS_CA_BUNDLE'] == 'test-bundle.pem'
#!/usr/bin/env python3
import os
import sys
lib_dir = os.path.dirname(os.path.dirname(__file__))
sys.path.insert(0, lib_dir)
from nlmfedcred import cli
if __name__ == '__main__':
sys.exit(cli.main())