def test_init_with_keytab_env(config):
KrbCommand.kdestroy(config)
os.environ['KRB5_KTNAME'] = config.keytab
config.keytab = None
KrbTicket.init(DEFAULT_PRINCIPAL)
del os.environ['KRB5_KTNAME']
assert not os.environ.get('KRB5_KTNAME')
def test_skip_subsequent_updater_start_with_multiprocessing(
config_str, caplog):
KrbCommand.kdestroy(eval(config_str))
KrbTicket.init_by_config(eval(config_str))
# Subsequent updater.start should be skipped.
executor = ProcessPoolExecutor(max_workers=5)
for future in [
executor.submit(_updater_run, eval(config_str)) for i in range(10)
]:
future.result()
def test_init_without_keytab_env(config):
KrbCommand.kdestroy(config)
assert not os.environ.get('KRB5_KTNAME')
retry_options = {
'wait_exponential_multiplier': 100,
'wait_exponential_max': 1000,
'stop_max_attempt_number': 1 }
config.keytab = None
try:
KrbTicket.init(DEFAULT_PRINCIPAL, retry_options=retry_options)
pytest.fail()
except subprocess.CalledProcessError:
pass
def test_object_uniqueness(config):
KrbCommand.kdestroy(config)
ticket0 = KrbTicket.init_by_config(config)
ticket1 = KrbTicket.init_by_config(config)
ticket2 = KrbTicket.get_by_config(config)
config.ccache_name = '/tmp/krb5cc_{}'.format('dummy')
ticket3 = KrbTicket.init_by_config(config)
assert ticket0 == ticket1
assert ticket0 == ticket2
assert ticket0 != ticket3
KrbCommand.kdestroy(config)
def test_init_with_config(config):
KrbCommand.kdestroy(config)
ticket1 = KrbTicket.init_by_config(config)
ticket2 = KrbTicket.init(
DEFAULT_PRINCIPAL,
DEFAULT_KEYTAB,
renewal_threshold=timedelta(seconds=DEFAULT_TICKET_RENEWAL_THRESHOLD_SEC),
ticket_lifetime=DEFAULT_TICKET_LIFETIME,
ticket_renewable_lifetime=DEFAULT_TICKET_RENEWABLE_LIFETIME,
retry_options={
'wait_exponential_multiplier': 100,
'wait_exponential_max': 1000,
'stop_max_attempt_number': 3})
assert_ticket(ticket1, ticket2)
def test_renewal(config):
"""
This test assumes:
- 1 sec renewal threshold
- 4 sec ticket lifetime
- 8 sed renewal ticket lifetime
"""
KrbCommand.kdestroy(config)
ticket = KrbTicket.init_by_config(config)
starting = ticket.starting
expires = ticket.expires
renew_expires = ticket.renew_expires
updater = ticket.updater(interval=0.5)
updater.start()
# expect ticket renewal
time.sleep(DEFAULT_TICKET_LIFETIME_SEC +
DEFAULT_TICKET_RENEWAL_THRESHOLD_SEC)
assert ticket.starting > starting
assert ticket.expires > expires
assert ticket.renew_expires == renew_expires
starting = ticket.starting
expires = ticket.expires
# expect ticket re-initialize
time.sleep(DEFAULT_TICKET_RENEWABLE_LIFETIME_SEC -
DEFAULT_TICKET_LIFETIME_SEC +
DEFAULT_TICKET_RENEWAL_THRESHOLD_SEC)
assert ticket.starting > starting
assert ticket.expires > expires
assert ticket.renew_expires > renew_expires
updater.stop()
def test_updater_start(config):
KrbCommand.kdestroy(config)
ticket = KrbTicket.init_by_config(config)
ticket.updater_start(interval=1)
assert ticket.updater().is_alive()
ticket.updater().stop()
time.sleep(2)
assert not ticket.updater().is_alive()
def test_updater(config):
KrbCommand.kdestroy(config)
ticket = KrbTicket.init_by_config(config)
updater = ticket.updater(interval=1)
updater.start()
assert updater.is_alive()
updater.stop()
time.sleep(2)
assert not updater.is_alive()
def test_ticket(config):
KrbCommand.kdestroy(config)
ticket = KrbTicket.init_by_config(config)
assert_config(ticket.config, config)
assert ticket.file
assert ticket.principal == '*****@*****.**'
assert ticket.starting
assert ticket.expires
assert ticket.service_principal
assert ticket.renew_expires
def _create_connection(self):
if None is self.connection:
logger.debug('creating connection')
if None is not self.keytab_path:
self.ticket = KrbTicket.init(self.username, self.keytab_path)
self.ticket.updater_start()
connection = hdfs.connect()
assert connection is not None
self.connection = connection
def run():
t_ticket = KrbTicket.get_by_config(eval(config_str))
t_updater = t_ticket.updater(interval=0.5)
assert updater == t_updater
assert t_updater.is_alive()
t_updater.start()
assert ticket == t_ticket
assert_ticket(ticket, t_ticket)
time.sleep(3)
def test_multiprocessing_renewal(config_str, caplog):
KrbCommand.kdestroy(eval(config_str))
ticket = KrbTicket.init_by_config(eval(config_str))
def run():
"""
This test assumes:
- 1 sec renewal threshold
- 4 sec ticket lifetime
- 8 sed renewal ticket lifetime
"""
starting = ticket.starting
expires = ticket.expires
renew_expires = ticket.renew_expires
updater = ticket.updater(interval=0.5)
updater.start()
# expect ticket renewal
time.sleep(DEFAULT_TICKET_LIFETIME_SEC +
DEFAULT_TICKET_RENEWAL_THRESHOLD_SEC)
if 'SingleProcessKrbTicketUpdater' in config_str:
# needs manual reload since SingleProcessTicketUpdater is stopped
ticket.reload()
assert ticket.starting > starting
assert ticket.expires > expires
assert ticket.renew_expires == renew_expires
starting = ticket.starting
expires = ticket.expires
# expect ticket re-initialize
time.sleep(DEFAULT_TICKET_RENEWABLE_LIFETIME_SEC -
DEFAULT_TICKET_LIFETIME_SEC +
DEFAULT_TICKET_RENEWAL_THRESHOLD_SEC)
if 'SingleProcessKrbTicketUpdater' in config_str:
# needs manual reload since SingleProcessTicketUpdater is stopped
ticket.reload()
assert ticket.starting > starting
assert ticket.expires > expires
assert ticket.renew_expires > renew_expires
updater.stop()
processes = [Process(target=run) for i in range(10)]
for p in processes:
p.start()
for p in processes:
p.join()
assert not p.exitcode
def test_parse_klist_output(config):
output = """
Ticket cache: FILE:/tmp/krb5cc_1000
Default principal: [email protected]
Valid starting Expires Service principal
11/22/19 00:23:10 11/22/19 00:23:12 krbtgt/[email protected]
renew until 12/20/19 00:23:10
""".strip()
ticket = KrbTicket.parse_from_klist(config, output)
assert ticket.principal == '*****@*****.**'
assert ticket.service_principal == 'krbtgt/[email protected]'
assert ticket.starting == datetime(2019, 11, 22, 0, 23, 10)
assert ticket.expires == datetime(2019, 11, 22, 0, 23, 12)
assert ticket.renew_expires == datetime(2019, 12, 20, 0, 23, 10)
def _create_connection(self):
if None is self.connection:
logger.debug('creating connection')
# Updater automatically let kinit take ``KRB5_KTNAME``
# variable. If /etc/krb5.keytab doesn't exist, krbticket
# tries to update the ticket with ``kinit -R`` as much as
# possible.
self.ticket = KrbTicket.get_or_init(self.username)
self.ticket.updater_start()
connection = hdfs.connect()
assert connection is not None
self.connection = connection
# set nameservice
_file_in_root = self.connection.ls("/")[0]
self.nameservice = _file_in_root[:_file_in_root.rfind("/")]
def test_single_thread_updater_in_multithreading(config_str, caplog):
KrbCommand.kdestroy(eval(config_str))
ticket = KrbTicket.init_by_config(eval(config_str))
updater = ticket.updater(interval=0.5)
updater.start()
def run():
t_ticket = KrbTicket.get_by_config(eval(config_str))
t_updater = t_ticket.updater(interval=0.5)
assert updater == t_updater
assert t_updater.is_alive()
t_updater.start()
assert ticket == t_ticket
assert_ticket(ticket, t_ticket)
time.sleep(3)
executor = ThreadPoolExecutor(max_workers=10)
for future in [executor.submit(run) for i in range(10)]:
future.result()
def teardown_function(function):
KrbTicket._destroy()
def test_init(config):
KrbCommand.kdestroy(config)
KrbTicket.init(DEFAULT_PRINCIPAL, DEFAULT_KEYTAB)
def _updater_run(config):
ticket = KrbTicket.init_by_config(config)
updater = ticket.updater(interval=0.5)
updater.start()
updater.start()
def test_expires(config):
ticket = KrbTicket(
config,
starting=datetime(2019, 11, 10, 0, 0, 0),
expires=datetime(2019, 11, 21, 0, 0, 0),
renew_expires=datetime(2019, 11, 24, 0, 0, 0),
)
assert ticket.is_expired() == False
assert ticket.is_renewalable() == True
ticket = KrbTicket(
config,
starting=datetime(2019, 11, 10, 0, 0, 0),
expires=datetime(2019, 11, 21, 0, 0, 0),
renew_expires=None,
)
assert ticket.is_expired() == False
assert ticket.is_renewalable() == False
ticket = KrbTicket(
config,
starting=datetime(2019, 11, 10, 0, 0, 0),
expires=datetime(2019, 11, 19, 0, 0, 0),
renew_expires=datetime(2019, 11, 24, 0, 0, 0),
)
assert ticket.is_expired() == True
assert ticket.is_renewalable() == True
ticket = KrbTicket(
config,
starting=datetime(2019, 11, 10, 0, 0, 0),
expires=datetime(2019, 11, 15, 0, 0, 0),
renew_expires=datetime(2019, 11, 19, 0, 0, 0),
)
assert ticket.is_expired() == True
assert ticket.is_renewalable() == False
def test_get_or_init(config):
KrbCommand.kdestroy(config)
ticket0 = KrbTicket.get_or_init(DEFAULT_PRINCIPAL, DEFAULT_KEYTAB)
ticket1 = KrbTicket.get_or_init(DEFAULT_PRINCIPAL, DEFAULT_KEYTAB)
assert_ticket(ticket0, ticket1)
