def generate_authorization_provider(tenant_id): # Creates an AuthorizationProvider instance based on the environment. if using_cloud_sim: provider = ExampleAuthorizationProvider(tenant_id) elif using_service: if principal == 'user principal': if credentials_file is None: raise IllegalArgumentException( 'Must specify the credentials file path.') provider = SignatureProvider(config_file=credentials_file) elif principal == 'instance principal': if isinstance(endpoint, str): region = Regions.from_region_id(endpoint) else: region = endpoint provider = SignatureProvider.create_with_instance_principal( region=region) elif principal == 'resource principal': provider = SignatureProvider.create_with_resource_principal() else: raise IllegalArgumentException('Must specify the principal.') elif using_on_prem: if user_name is None and password is None: provider = StoreAccessTokenProvider() else: if user_name is None or password is None: raise IllegalArgumentException( 'Please set both the user_name and password.') provider = StoreAccessTokenProvider(user_name, password) else: raise IllegalArgumentException('Please set the test server.') return provider
def testAccessTokenProviderGets(self): self.token_provider = StoreAccessTokenProvider( USER_NAME, PASSWORD).set_auto_renew(False).set_endpoint(self.base) self.assertTrue(self.token_provider.is_secure()) self.assertFalse(self.token_provider.is_auto_renew()) self.assertEqual(self.token_provider.get_endpoint(), self.base) self.assertIsNone(self.token_provider.get_logger())
def set_access_token_provider(config, tenant_id): if is_cloudsim(): authorization_provider = NoSecurityAccessTokenProvider(tenant_id) elif is_dev_pod() or is_minicloud(): authorization_provider = KeystoreAccessTokenProvider().set_tenant( tenant_id) elif is_prod_pod(): if credentials_file is None: raise IllegalArgumentException( 'Must specify the credentials file path.') creds_provider = PropertiesCredentialsProvider().set_properties_file( credentials_file) authorization_provider = DefaultAccessTokenProvider( idcs_url=idcs_url(), entitlement_id=entitlement_id, creds_provider=creds_provider, timeout_ms=timeout) elif is_onprem(): if user_name is None and password is None: authorization_provider = StoreAccessTokenProvider() else: if user_name is None or password is None: raise IllegalArgumentException( 'Please set both the user_name and password.') authorization_provider = StoreAccessTokenProvider( user_name, password) else: raise IllegalArgumentException('Please set the test server.') config.set_authorization_provider(authorization_provider)
def create_access_token_provider(tenant_id): # Creates an AccessTokenProvider instance based on the environment. if using_cloud_sim: provider = NoSecurityAccessTokenProvider(tenant_id) elif using_service: if use_properties_credentials: if credentials_file is None: raise IllegalArgumentException( 'Must specify the credentials file path.') creds_provider = PropertiesCredentialsProvider( ).set_properties_file(credentials_file) else: creds_provider = MyCredentialsProvider() provider = DefaultAccessTokenProvider(idcs_url=idcs_url, entitlement_id=entitlement_id, creds_provider=creds_provider) elif using_on_prem: if user_name is None and password is None: provider = StoreAccessTokenProvider() else: if user_name is None or password is None: raise IllegalArgumentException( 'Please set both the user_name and password.') provider = StoreAccessTokenProvider(user_name, password) else: raise IllegalArgumentException('Please set the test server.') return provider
def testAccessTokenProviderMultiThreads(self): self.token_provider = StoreAccessTokenProvider(USER_NAME, PASSWORD) self.token_provider.set_endpoint(self.base) self.token_provider.set_url_for_test() threads = list() for i in range(5): t = Thread(target=self._run) t.start() threads.append(t) for t in threads: t.join()
def testAccessTokenProviderMultiThreads(self): httpd, port = self._find_port_start_server(TokenHandler) self.base = 'https://localhost:' + str(port) self.token_provider = StoreAccessTokenProvider(USER_NAME, PASSWORD) self.token_provider.set_endpoint(self.base) self.token_provider.set_url_for_test() threads = list() for i in range(5): t = Thread(target=self._run) t.start() threads.append(t) for t in threads: t.join()
def testAccessTokenProviderGetAuthorizationString(self): self.token_provider = StoreAccessTokenProvider(USER_NAME, PASSWORD) self.token_provider.set_endpoint(self.base) self.token_provider.set_url_for_test() # get authorization string. result = self.token_provider.get_authorization_string() self.assertIsNotNone(result) self.assertTrue(result.startswith(AUTH_TOKEN_PREFIX)) self.assertEqual(result[len(AUTH_TOKEN_PREFIX):], LOGIN_TOKEN) # Wait for the refresh to complete sleep(10) result = self.token_provider.get_authorization_string() self.assertEqual(result[len(AUTH_TOKEN_PREFIX):], RENEW_TOKEN) self.token_provider.close() self.assertIsNone(self.token_provider.get_authorization_string())
def testNoSQLHandleConfigIllegalInit(self): # illegal endpoint self.assertRaises(IllegalArgumentException, NoSQLHandleConfig, {'IllegalEndpoint': endpoint}) # illegal provider self.assertRaises(IllegalArgumentException, NoSQLHandleConfig, endpoint, provider='IllegalProvider') # no endpoint and provider self.assertRaises(IllegalArgumentException, NoSQLHandleConfig) # only StoreAccessTokenProvider self.assertRaises(IllegalArgumentException, NoSQLHandleConfig, None, StoreAccessTokenProvider()) # only SignatureProvider without region provider = SignatureProvider( tenant_id='ocid1.tenancy.oc1..tenancy', user_id='ocid1.user.oc1..user', fingerprint='fingerprint', private_key=fake_key_file) self.assertRaises(IllegalArgumentException, NoSQLHandleConfig, None, provider) provider.close() # both endpoint and provider, region not match provider = SignatureProvider( tenant_id='ocid1.tenancy.oc1..tenancy', user_id='ocid1.user.oc1..user', fingerprint='fingerprint', private_key=fake_key_file, region=Regions.US_ASHBURN_1) self.assertRaises(IllegalArgumentException, NoSQLHandleConfig, 'us-phoenix-1', provider) provider.close()
def get_handle(): """ Constructs a NoSQLHandle. Additional configuration options can be added here. Use the tenant_id as the default compartment for all operations. This puts tables in the root compartment of the tenancy. """ provider = StoreAccessTokenProvider() config = NoSQLHandleConfig(endpoint) config.set_authorization_provider(provider) return NoSQLHandle(config)
def generate_authorization_provider(tenant_id): if is_cloudsim(): authorization_provider = InsecureAuthorizationProvider(tenant_id) elif is_dev_pod() or is_minicloud(): authorization_provider = TestSignatureProvider(tenant_id) elif is_prod_pod(): if iam_principal() == 'user principal': if credentials_file is None: raise IllegalArgumentException( 'Must specify the credentials file path.') authorization_provider = SignatureProvider( config_file=credentials_file) elif iam_principal() == 'instance principal': if isinstance(endpoint, str): region = Regions.from_region_id(endpoint) else: region = endpoint if region is None: authorization_provider = ( SignatureProvider.create_with_instance_principal()) else: authorization_provider = ( SignatureProvider.create_with_instance_principal( region=region)) elif iam_principal() == 'resource principals': authorization_provider = ( SignatureProvider.create_with_resource_principal()) else: raise IllegalArgumentException('Must specify the principal.') elif is_onprem(): if user_name is None and password is None: authorization_provider = StoreAccessTokenProvider() else: if user_name is None or password is None: raise IllegalArgumentException( 'Please set both the user_name and password.') authorization_provider = StoreAccessTokenProvider( user_name, password) else: raise IllegalArgumentException('Please set the test server.') return authorization_provider
def testAccessTokenProviderSetIllegalEndpoint(self): self.token_provider = StoreAccessTokenProvider(USER_NAME, PASSWORD) self.assertRaises(IllegalArgumentException, self.token_provider.set_endpoint, None) self.assertRaises(IllegalArgumentException, self.token_provider.set_endpoint, {'endpoint': self.base}) self.assertRaises(IllegalArgumentException, self.token_provider.set_endpoint, 'localhost:notanint') self.assertRaises(IllegalArgumentException, self.token_provider.set_endpoint, 'localhost:-1') self.assertRaises(IllegalArgumentException, self.token_provider.set_endpoint, 'localhost:8080') self.assertRaises(IllegalArgumentException, self.token_provider.set_endpoint, 'ttp://localhost') self.assertRaises(IllegalArgumentException, self.token_provider.set_endpoint, 'http://localhost') self.assertRaises(IllegalArgumentException, self.token_provider.set_endpoint, 'localhost:8080:foo') self.assertRaises(IllegalArgumentException, self.token_provider.set_endpoint, 'https://localhost:-1:x')
def testAccessTokenProviderSetIllegalAutoRenew(self): self.token_provider = StoreAccessTokenProvider() self.assertRaises(IllegalArgumentException, self.token_provider.set_auto_renew, 'IllegalRenew')
class TestStoreAccessTokenProvider(unittest.TestCase): @classmethod def setUpClass(cls): global LOGIN_PATH, LOGOUT_PATH, RENEW_PATH LOGIN_PATH = '/V2/nosql/security/login' LOGOUT_PATH = '/V2/nosql/security/logout' RENEW_PATH = '/V2/nosql/security/renew' # basicAuthString matching user name test and password NoSql00__123456 global USER_NAME, PASSWORD, BASIC_AUTH_STRING USER_NAME = 'test' PASSWORD = '******' BASIC_AUTH_STRING = 'Basic dGVzdDpOb1NxbDAwX18xMjM0NTY=' global AUTH_TOKEN_PREFIX, LOGIN_TOKEN, RENEW_TOKEN AUTH_TOKEN_PREFIX = 'Bearer ' LOGIN_TOKEN = 'LOGIN_TOKEN' RENEW_TOKEN = 'RENEW_TOKEN' global PORT PORT = cls._find_port_start_server(TokenHandler) @classmethod def tearDownClass(cls): if cls.httpd is not None: cls.httpd.shutdown() cls.httpd.server_close() cls.httpd = None def setUp(self): self.base = 'https://localhost:' + str(PORT) self.token_provider = None def tearDown(self): if self.token_provider is not None: self.token_provider.close() self.token_provider = None def testAccessTokenProviderIllegalInit(self): # illegal user name self.assertRaises(IllegalArgumentException, StoreAccessTokenProvider, {'user_name': USER_NAME}, PASSWORD) self.assertRaises(IllegalArgumentException, StoreAccessTokenProvider, '', PASSWORD) # illegal password self.assertRaises(IllegalArgumentException, StoreAccessTokenProvider, USER_NAME, {'password': PASSWORD}) self.assertRaises(IllegalArgumentException, StoreAccessTokenProvider, USER_NAME, '') # one of the required parameters is None self.assertRaises(IllegalArgumentException, StoreAccessTokenProvider, None, PASSWORD) def testAccessTokenProviderSetIllegalAutoRenew(self): self.token_provider = StoreAccessTokenProvider() self.assertRaises(IllegalArgumentException, self.token_provider.set_auto_renew, 'IllegalRenew') def testAccessTokenProviderSetIllegalEndpoint(self): self.token_provider = StoreAccessTokenProvider(USER_NAME, PASSWORD) self.assertRaises(IllegalArgumentException, self.token_provider.set_endpoint, None) self.assertRaises(IllegalArgumentException, self.token_provider.set_endpoint, {'endpoint': self.base}) self.assertRaises(IllegalArgumentException, self.token_provider.set_endpoint, 'localhost:notanint') self.assertRaises(IllegalArgumentException, self.token_provider.set_endpoint, 'localhost:-1') self.assertRaises(IllegalArgumentException, self.token_provider.set_endpoint, 'localhost:8080') self.assertRaises(IllegalArgumentException, self.token_provider.set_endpoint, 'ttp://localhost') self.assertRaises(IllegalArgumentException, self.token_provider.set_endpoint, 'http://localhost') self.assertRaises(IllegalArgumentException, self.token_provider.set_endpoint, 'localhost:8080:foo') self.assertRaises(IllegalArgumentException, self.token_provider.set_endpoint, 'https://localhost:-1:x') def testAccessTokenProviderSetIllegalLogger(self): self.token_provider = StoreAccessTokenProvider() self.assertRaises(IllegalArgumentException, self.token_provider.set_logger, 'IllegalLogger') def testAccessTokenProviderGetAuthorizationStringWithIllegalRequest(self): self.token_provider = StoreAccessTokenProvider() self.assertRaises(IllegalArgumentException, self.token_provider.get_authorization_string, 'IllegalRequest') def testAccessTokenProviderGets(self): base = 'https://localhost:80' self.token_provider = StoreAccessTokenProvider( USER_NAME, PASSWORD).set_auto_renew(False).set_endpoint(base) self.assertTrue(self.token_provider.is_secure()) self.assertFalse(self.token_provider.is_auto_renew()) self.assertEqual(self.token_provider.get_endpoint(), base) self.assertIsNone(self.token_provider.get_logger()) def testAccessTokenProviderGetAuthorizationString(self): self.token_provider = StoreAccessTokenProvider(USER_NAME, PASSWORD) self.token_provider.set_endpoint(self.base) self.token_provider.set_url_for_test() # get authorization string. result = self.token_provider.get_authorization_string() self.assertIsNotNone(result) self.assertTrue(result.startswith(AUTH_TOKEN_PREFIX)) self.assertEqual(result[len(AUTH_TOKEN_PREFIX):], LOGIN_TOKEN) # Wait for the refresh to complete sleep(10) result = self.token_provider.get_authorization_string() self.assertEqual(result[len(AUTH_TOKEN_PREFIX):], RENEW_TOKEN) self.token_provider.close() self.assertIsNone(self.token_provider.get_authorization_string()) def testAccessTokenProviderMultiThreads(self): self.token_provider = StoreAccessTokenProvider(USER_NAME, PASSWORD) self.token_provider.set_endpoint(self.base) self.token_provider.set_url_for_test() threads = list() for i in range(5): t = Thread(target=self._run) t.start() threads.append(t) for t in threads: t.join() @classmethod def _find_port_start_server(cls, token_handler): port = 9000 while True: try: cls.httpd = TCPServer(('', port), token_handler) except error: port += 1 else: break thread = Thread(target=cls.httpd.serve_forever) thread.setDaemon(True) thread.start() return port def _run(self): try: for i in range(5): self.token_provider.bootstrap_login() finally: self.token_provider.close()
def testAccessTokenProviderGetAuthorizationStringWithIllegalRequest(self): self.token_provider = StoreAccessTokenProvider() self.assertRaises(IllegalArgumentException, self.token_provider.get_authorization_string, 'IllegalRequest')
def testAccessTokenProviderSetIllegalLogger(self): self.token_provider = StoreAccessTokenProvider() self.assertRaises(IllegalArgumentException, self.token_provider.set_logger, 'IllegalLogger')
# # For more information, check the SDK documentation at the link below: # https://nosql-python-sdk.readthedocs.io/en/latest/installation.html#configure-for-the-cloud-simulator # # #---------------------------------------------------------------------------- # This Git repository belongs to my ([email protected]) studies about # Oracle NoSQL. To known more, check the blog post (pt-br): # # https://blogs.oracle.com/lad-cloud-experts/pt/introducao-ao-oracle-nosql-database-cloud-parte-1 # https://blogs.oracle.com/lad-cloud-experts/pt/introducao-ao-oracle-nosql-database-cloud-parte-2 # --------------------------------------------------------------------------- from borneo import NoSQLHandle, NoSQLHandleConfig from borneo.kv import StoreAccessTokenProvider # NoSQL Cloud Simulator endpoint simulator_endpoint = 'http://localhost:5000' # create the AuthorizationProvider for a not secure store: ap = StoreAccessTokenProvider() # create handle config handle_config = NoSQLHandleConfig(simulator_endpoint) handle_config.set_authorization_provider(ap) # create the handle. nosql_handle = NoSQLHandle(handle_config) nosql_handle.close()