def test_https_credentials_user_can_login_successfully_when_another_user_is_already_logged_in_keyring(self,
mock_input):
self.invoke_cli(self.cli_auth_params,
['login', '-i', 'admin', '-p', self.client_params.env_api_key])
# Load in new user
self.invoke_cli(self.cli_auth_params,
['policy', 'replace', '-b', 'root', '-f',
self.environment.path_provider.get_policy_path('conjur')])
# Rotate the new user's API key
user_api_key = self.invoke_cli(self.cli_auth_params,
['user', 'rotate-api-key', '-i', 'someuser'])
extract_api_key_from_message = user_api_key.split(":")[1].strip()
# Login to change personal password
self.invoke_cli(self.cli_auth_params,
['login', '-i', 'someuser', '-p', extract_api_key_from_message])
# Creates a password that meets Conjur password complexity standards
password = string.hexdigits + "$!@"
self.invoke_cli(self.cli_auth_params,
['user', 'change-password', '-p', password])
self.invoke_cli(self.cli_auth_params,
['logout'])
# Attempt to login with newly created password
output = self.invoke_cli(self.cli_auth_params,
['login', '-i', 'someuser', '-p', password])
self.assertIn("Successfully logged in to Conjur", output.strip())
utils.get_credentials()
self.validate_credentials(f"{self.client_params.hostname}", "someuser", extract_api_key_from_message)
self.assertFalse(utils.is_netrc_exists())
def test_https_credentials_created_with_all_parameters_given_netrc(
self, keystore_disable_mock):
utils.setup_cli(self)
self.invoke_cli(
self.cli_auth_params,
['login', '-i', 'admin', '-p', self.client_params.env_api_key])
utils.get_credentials()
self.validate_netrc(f"{self.client_params.hostname}", "admin",
self.client_params.env_api_key)
def test_cli_simple_login_logout_flow_keyring(self):
utils.setup_cli(self)
creds = utils.get_credentials()
assert creds.machine == self.client_params.hostname
self.invoke_cli(self.cli_auth_params, ['logout'])
assert not utils.is_credentials_exist(creds.machine)
self.invoke_cli(self.cli_auth_params, ['list'], exit_code=1)
def test_https_credentials_is_created_with_all_parameters_given_interactively_keyring(self, mock_pass):
with patch('getpass.getpass', return_value=self.client_params.env_api_key):
output = self.invoke_cli(self.cli_auth_params, ['login'])
assert utils.get_credentials() is not None
self.assertIn("Successfully logged in to Conjur", output.strip())
self.validate_credentials(f"{self.client_params.hostname}", "admin", self.client_params.env_api_key)
self.assertFalse(utils.is_netrc_exists())
def test_https_netrc_is_created_when_provided_user_api_key_netrc(
self, mock_pass, keystore_disable_mock):
utils.setup_cli(self)
with patch('getpass.getpass',
return_value=self.client_params.env_api_key):
output = self.invoke_cli(self.cli_auth_params, ['login'])
assert utils.get_credentials() is not None
self.assertIn("Successfully logged in to Conjur", output.strip())
self.validate_netrc(f"{self.client_params.hostname}", "admin",
self.client_params.env_api_key)
def validate_credentials(self, machine, username, password):
creds = utils.get_credentials()
assert creds.machine == machine
assert creds.username == username
assert creds.password == password
def test_https_credentials_created_with_all_parameters_given_keyring(self, mock_input):
self.invoke_cli(self.cli_auth_params,
['login', '-i', 'admin', '-p', self.client_params.env_api_key])
utils.get_credentials()
self.validate_credentials(f"{self.client_params.hostname}", "admin", self.client_params.env_api_key)
self.assertFalse(utils.is_netrc_exists())