def test_aws_auth_loop_invalidsaml(self, config_mock, _sleep_mock):
config_mock().reup = False
keyman = Keyman(["foo", "-o", "foo", "-u", "bar", "-a", "baz"])
keyman.start_session = mock.MagicMock()
keyman.start_session.side_effect = aws.InvalidSaml()
keyman.okta_client = mock.MagicMock()
ret = keyman.aws_auth_loop()
assert keyman.start_session.called
self.assertEqual(ret, 1)
def start_session(self):
"""Initialize AWS session object."""
self.log.info('Getting SAML Assertion from {org}'.format(
org=self.config.org))
assertion = self.okta_client.get_assertion(
appid=self.config.appid)
try:
session = aws.Session(assertion, profile=self.config.name,
role=self.role)
except xml.etree.ElementTree.ParseError:
self.log.error('Could not find any Role in the SAML assertion')
self.log.error(assertion.__dict__)
raise aws.InvalidSaml()
return session
def start_session(self):
"""Initialize AWS session object."""
self.log.info(
"Getting SAML Assertion from {org}".format(
org=self.config.org, ), )
assertion = self.okta_client.get_assertion(appid=self.config.appid, )
try:
self.log.info(
"Starting AWS session for {}".format(self.config.region, ), )
session = aws.Session(
assertion,
profile=self.config.name,
role=self.role,
region=self.config.region,
session_duration=self.config.duration,
)
except xml.etree.ElementTree.ParseError:
self.log.error("Could not find any Role in the SAML assertion")
self.log.error(assertion.__dict__)
raise aws.InvalidSaml()
return session
