def test_get_azure_credentials_no_auth(self): """Test to get Azure credentials from authentication service with auth not ready.""" resource_id = 2 authentication_id = 3 authentication = 'testclientcreds' client = SourcesHTTPClient(auth_header=Config.SOURCES_FAKE_HEADER, source_id=self.source_id) with requests_mock.mock() as m: m.get( f'http://www.sources.com/api/v1.0/endpoints?filter[source_id]={self.source_id}', status_code=200, json={'data': [{ 'id': resource_id }]}) m.get(( f'http://www.sources.com/api/v1.0/authentications?filter[resource_type]=Endpoint' f'&[authtype]=access_key_secret_key&[resource_id]={resource_id}' ), status_code=200, json={'data': []}) m.get(( f'http://www.sources.com/internal/v1.0/authentications/{authentication_id}' f'?expose_encrypted_attribute[]=password'), status_code=200, json={'password': authentication}) with self.assertRaises(SourcesHTTPClientError): client.get_azure_credentials()
def test_get_azure_credentials_no_auth(self): """Test to get Azure credentials from authentication service with auth not ready.""" resource_id = 2 authentication_id = 3 authentication = "testclientcreds" client = SourcesHTTPClient(auth_header=Config.SOURCES_FAKE_HEADER, source_id=self.source_id) with requests_mock.mock() as m: m.get( f"http://www.sources.com/api/v1.0/endpoints?filter[source_id]={self.source_id}", status_code=200, json={"data": [{ "id": resource_id }]}, ) m.get( (f"http://www.sources.com/api/v1.0/authentications?filter[resource_type]=Endpoint" f"&[authtype]=tenant_id_client_id_client_secret&[resource_id]={resource_id}" ), status_code=200, json={"data": []}, ) m.get( (f"http://www.sources.com/internal/v1.0/authentications/{authentication_id}" f"?expose_encrypted_attribute[]=password"), status_code=200, json={"password": authentication}, ) with self.assertRaises(SourcesHTTPClientError): client.get_azure_credentials()
def test_get_azure_credentials_connection_error(self): """Test to get Azure credentials from authentication service with connection error.""" client = SourcesHTTPClient(auth_header=Config.SOURCES_FAKE_HEADER, source_id=self.source_id) with requests_mock.mock() as m: m.get( f"http://www.sources.com/api/v1.0/endpoints?filter[source_id]={self.source_id}", exc=RequestException) with self.assertRaises(SourcesHTTPClientError): client.get_azure_credentials()
def test_get_azure_credentials_no_endpoint(self): """Test to get Azure credentials from authentication service with no endpoint.""" client = SourcesHTTPClient(auth_header=Config.SOURCES_FAKE_HEADER, source_id=self.source_id) with requests_mock.mock() as m: m.get( f"http://www.sources.com/api/v1.0/applications?filter[source_id]={self.source_id}", status_code=200, json={"data": []}, ) with self.assertRaises(SourcesHTTPClientError): client.get_azure_credentials()
def save_auth_info(auth_header, source_id): """ Store Sources Authentication information given an Source ID. This method is called when a Cost Management application is attached to a given Source as well as when an Authentication is created. We have to handle both cases since an Authentication.create event can occur before a Source is attached to the Cost Management application. Authentication is stored in the Sources database table. Args: source_id (Integer): Platform Sources ID. auth_header (String): Authentication Header. Returns: None """ source_type = storage.get_source_type(source_id) if source_type: sources_network = SourcesHTTPClient(auth_header, source_id) else: LOG.info(f'Source ID not found for ID: {source_id}') return try: if source_type == 'OCP': source_details = sources_network.get_source_details() # Check for imported to maintain temporary backwards compatibility # until the Sources Front End creates 'imported' entry with OCP Cluster ID. if source_details.get('source_ref'): authentication = { 'resource_name': source_details.get('source_ref') } else: uid = source_details.get('uid') LOG.info( f'OCP is using fallback Source UID ({str(uid)} for authentication.' ' Update frontend to add Cluster ID to the source_ref field on the Source.' ) authentication = {'resource_name': uid} elif source_type == 'AWS': authentication = { 'resource_name': sources_network.get_aws_role_arn() } elif source_type == 'AZURE': authentication = { 'credentials': sources_network.get_azure_credentials() } else: LOG.error(f'Unexpected source type: {source_type}') return storage.add_provider_sources_auth_info(source_id, authentication) except SourcesHTTPClientError: LOG.info( f'Authentication info not available for Source ID: {source_id}')
def save_auth_info(auth_header, source_id): """ Store Sources Authentication information given an Source ID. This method is called when a Cost Management application is attached to a given Source as well as when an Authentication is created. We have to handle both cases since an Authentication.create event can occur before a Source is attached to the Cost Management application. Authentication is stored in the Sources database table. Args: source_id (Integer): Platform Sources ID. auth_header (String): Authentication Header. Returns: None """ source_type = storage.get_source_type(source_id) if source_type: sources_network = SourcesHTTPClient(auth_header, source_id) else: LOG.info(f"Source ID not found for ID: {source_id}") return try: if source_type == Provider.PROVIDER_OCP: source_details = sources_network.get_source_details() if source_details.get("source_ref"): authentication = { "resource_name": source_details.get("source_ref") } else: raise SourcesHTTPClientError("Unable to find Cluster ID") elif source_type in (Provider.PROVIDER_AWS, Provider.PROVIDER_AWS_LOCAL): authentication = { "resource_name": sources_network.get_aws_role_arn() } elif source_type in (Provider.PROVIDER_AZURE, Provider.PROVIDER_AZURE_LOCAL): authentication = { "credentials": sources_network.get_azure_credentials() } else: LOG.error(f"Unexpected source type: {source_type}") return storage.add_provider_sources_auth_info(source_id, authentication) storage.clear_update_flag(source_id) LOG.info(f"Authentication attached to Source ID: {source_id}") except SourcesHTTPClientError as error: LOG.info( f"Authentication info not available for Source ID: {source_id}") sources_network.set_source_status(str(error))
def test_get_azure_credentials(self): """Test to get Azure credentials from authentication service.""" resource_id = 2 authentication_id = 3 authentication = "testclientcreds" username = "******" tenent_id = "test_tenent_id" authentications_response = { "id": authentication_id, "username": username, "extra": { "azure": { "tenant_id": tenent_id } }, } client = SourcesHTTPClient(auth_header=Config.SOURCES_FAKE_HEADER, source_id=self.source_id) with requests_mock.mock() as m: m.get( f"http://www.sources.com/api/v1.0/applications?filter[source_id]={self.source_id}", status_code=200, json={"data": []}, ) m.get( f"http://www.sources.com/api/v1.0/endpoints?filter[source_id]={self.source_id}", status_code=200, json={"data": [{ "id": resource_id }]}, ) m.get( (f"http://www.sources.com/api/v1.0/authentications?" f"[authtype]=tenant_id_client_id_client_secret&[resource_id]={resource_id}" ), status_code=200, json={"data": [authentications_response]}, ) m.get( (f"http://www.sources.com/internal/v1.0/authentications/{authentication_id}" f"?expose_encrypted_attribute[]=password"), status_code=200, json={"password": authentication}, ) response = client.get_azure_credentials() self.assertEqual( response, { "client_id": username, "client_secret": authentication, "tenant_id": tenent_id })
def save_auth_info(auth_header, source_id): """ Store Sources Authentication information given an Source ID. This method is called when a Cost Management application is attached to a given Source as well as when an Authentication is created. We have to handle both cases since an Authentication.create event can occur before a Source is attached to the Cost Management application. Authentication is stored in the Sources database table. Args: source_id (Integer): Platform Sources ID. auth_header (String): Authentication Header. Returns: None """ source_type = storage.get_source_type(source_id) if source_type: sources_network = SourcesHTTPClient(auth_header, source_id) else: LOG.info(f'Source ID not found for ID: {source_id}') return try: if source_type == 'OCP': source_details = sources_network.get_source_details() authentication = {'resource_name': source_details.get('uid')} elif source_type == 'AWS': authentication = { 'resource_name': sources_network.get_aws_role_arn() } elif source_type == 'AZURE': authentication = { 'credentials': sources_network.get_azure_credentials() } else: LOG.error(f'Unexpected source type: {source_type}') return storage.add_provider_sources_auth_info(source_id, authentication) except SourcesHTTPClientError: LOG.info( f'Authentication info not available for Source ID: {source_id}')
def test_get_azure_credentials(self): """Test to get Azure credentials from authentication service.""" resource_id = 2 authentication_id = 3 authentication = 'testclientcreds' username = '******' tenent_id = 'test_tenent_id' authentications_response = { 'id': authentication_id, 'username': username, 'extra': { 'azure': { 'tenant_id': tenent_id } } } client = SourcesHTTPClient(auth_header=Config.SOURCES_FAKE_HEADER, source_id=self.source_id) with requests_mock.mock() as m: m.get( f'http://www.sources.com/api/v1.0/endpoints?filter[source_id]={self.source_id}', status_code=200, json={'data': [{ 'id': resource_id }]}) m.get(( f'http://www.sources.com/api/v1.0/authentications?filter[resource_type]=Endpoint' f'&[authtype]=tenant_id_client_id_client_secret&[resource_id]={resource_id}' ), status_code=200, json={'data': [authentications_response]}) m.get(( f'http://www.sources.com/internal/v1.0/authentications/{authentication_id}' f'?expose_encrypted_attribute[]=password'), status_code=200, json={'password': authentication}) response = client.get_azure_credentials() self.assertEqual( response, { 'client_id': username, 'client_secret': authentication, 'tenant_id': tenent_id })