def test_https_credentials_user_can_login_successfully_when_another_user_is_already_logged_in_keyring(self, mock_input): self.invoke_cli(self.cli_auth_params, ['login', '-i', 'admin', '-p', self.client_params.env_api_key]) # Load in new user self.invoke_cli(self.cli_auth_params, ['policy', 'replace', '-b', 'root', '-f', self.environment.path_provider.get_policy_path('conjur')]) # Rotate the new user's API key user_api_key = self.invoke_cli(self.cli_auth_params, ['user', 'rotate-api-key', '-i', 'someuser']) extract_api_key_from_message = user_api_key.split(":")[1].strip() # Login to change personal password self.invoke_cli(self.cli_auth_params, ['login', '-i', 'someuser', '-p', extract_api_key_from_message]) # Creates a password that meets Conjur password complexity standards password = string.hexdigits + "$!@" self.invoke_cli(self.cli_auth_params, ['user', 'change-password', '-p', password]) self.invoke_cli(self.cli_auth_params, ['logout']) # Attempt to login with newly created password output = self.invoke_cli(self.cli_auth_params, ['login', '-i', 'someuser', '-p', password]) self.assertIn("Successfully logged in to Conjur", output.strip()) utils.get_credentials() self.validate_credentials(f"{self.client_params.hostname}", "someuser", extract_api_key_from_message) self.assertFalse(utils.is_netrc_exists())
def test_https_credentials_is_created_with_all_parameters_given_interactively_keyring(self, mock_pass): with patch('getpass.getpass', return_value=self.client_params.env_api_key): output = self.invoke_cli(self.cli_auth_params, ['login']) assert utils.get_credentials() is not None self.assertIn("Successfully logged in to Conjur", output.strip()) self.validate_credentials(f"{self.client_params.hostname}", "admin", self.client_params.env_api_key) self.assertFalse(utils.is_netrc_exists())
def test_cli_configured_in_insecure_mode_and_run_in_insecure_mode_passes_keyring(self, mock_input): utils.remove_file(DEFAULT_NETRC_FILE) self.invoke_cli(self.cli_auth_params, ['--insecure', 'init', '--url', self.client_params.hostname, '--account', self.client_params.account]) output = self.invoke_cli(self.cli_auth_params, ['--insecure', 'login', '-i', 'admin', '-p', self.client_params.env_api_key]) self.assertIn('Successfully logged in to Conjur', output) self.assertFalse(utils.is_netrc_exists())
def test_https_credentials_is_created_with_host_keyring(self): # Setup for fetching the API key of a host. To fetch we need to login credentials = CredentialsData(self.client_params.hostname, "admin", self.client_params.env_api_key) utils.save_credentials(credentials) self.invoke_cli(self.cli_auth_params, ['policy', 'replace', '-b', 'root', '-f', self.environment.path_provider.get_policy_path('conjur')]) host_api_key = self.invoke_cli(self.cli_auth_params, ['host', 'rotate-api-key', '-i', 'somehost']) extract_api_key_from_message = host_api_key.split(":")[1].strip() self.invoke_cli(self.cli_auth_params, ['logout']) output = self.invoke_cli(self.cli_auth_params, ['login', '-i', 'host/somehost', '-p', f'{extract_api_key_from_message}']) self.validate_credentials(f"{self.client_params.hostname}", "host/somehost", extract_api_key_from_message) self.assertIn("Successfully logged in to Conjur", output.strip()) self.assertFalse(utils.is_netrc_exists())
def test_https_credentials_created_with_all_parameters_given_keyring(self, mock_input): self.invoke_cli(self.cli_auth_params, ['login', '-i', 'admin', '-p', self.client_params.env_api_key]) utils.get_credentials() self.validate_credentials(f"{self.client_params.hostname}", "admin", self.client_params.env_api_key) self.assertFalse(utils.is_netrc_exists())