def test_entry_point_bad_input(self, pass_mock, config_mock, okta_mock): # Pretend that we got some bad input... pass_mock.return_value = '' okta_mock.side_effect = okta.EmptyInput # Mock out the arguments that were passed in fake_parser = mock.MagicMock(name='fake_parser') config_mock.return_value = fake_parser with self.assertRaises(SystemExit): main.main('test')
def test_entry_point_bad_password(self, pass_mock, config_mock, okta_mock): # Mock out the password getter and return a simple password pass_mock.return_value = 'test_password' # Just mock out the entire Okta object, we won't really instantiate it fake_okta = mock.MagicMock(name='fake_okta') fake_okta.auth.side_effect = okta.InvalidPassword okta_mock.return_value = fake_okta # Mock out the arguments that were passed in fake_parser = mock.MagicMock(name='fake_parser') config_mock.return_value = fake_parser with self.assertRaises(SystemExit): main.main('test')
def test_entry_point_multirole(self, pass_mock, config_mock, okta_mock, aws_mock, input_mock): # First call to this is the password. Second call is the mis-typed # passcode. Third call is a valid passcode. pass_mock.side_effect = ['test_password'] input_mock.side_effect = '0' # Just mock out the entire Okta object, we won't really instantiate it fake_okta = mock.MagicMock(name='OktaSaml') okta_mock.return_value = fake_okta aws_mock.return_value = mock.MagicMock(name='aws_mock') # Throw MultipleRoles to validate actions when there are multiple roles mocked_session = aws_mock.return_value mocked_session.assume_role.side_effect = [aws.MultipleRoles(), None] # Return multiple roles mocked_session.available_roles = mock.Mock() roles = [{ 'role': '1', 'principle': '' }, { 'role': '2', 'principle': '' }] mocked_session.available_roles.return_value = roles # Make sure we don't get stuck in a loop, always have to mock out the # reup option. fake_parser = mock.MagicMock(name='fake_parser') fake_parser.reup = 0 config_mock.return_value = fake_parser main.main('test') # Ensure that getpass was called once for the password pass_mock.assert_has_calls([ mock.call(), ]) # Ensure that user_input was called for the role selection input_mock.assert_has_calls([ mock.call('Select a role from above: '), ])
def test_entry_point_mfa(self, pass_mock, config_mock, okta_mock, aws_mock): # First call to this is the password. Second call is the mis-typed # passcode. Third call is a valid passcode. pass_mock.side_effect = ['test_password', '123', '123456'] # Just mock out the entire Okta object, we won't really instantiate it fake_okta = mock.MagicMock(name='OktaSaml') okta_mock.return_value = fake_okta aws_mock.return_value = mock.MagicMock() # Make sure we don't get stuck in a loop, always have to mock out the # reup option. fake_parser = mock.MagicMock(name='fake_parser') fake_parser.reup = 0 config_mock.return_value = fake_parser # Now, when we auth() throw a okta.PasscodeRequired exception to # trigger the MFA requirement. Note, this is only the manually entered # in passcode MFA req. OktaSaml client automatically handles Okta # Verify with Push MFA reqs. fake_okta.auth.side_effect = okta.PasscodeRequired( fid='test_factor_id', state_token='test_token') # Pretend that the validate_mfa() call fails the first time, and # succeeds the second time. This simulates a typo on the MFA code. fake_okta.validate_mfa.side_effect = [False, True] main.main('test') # Ensure that getpass was called twice - once for the password, and # once for the passcode after the okta.PasscodeRequired exception was # thrown. pass_mock.assert_has_calls([mock.call(), mock.call('MFA Passcode: ')]) # Ensure that we called auth, then called validate_mfa() twice - each # with different passcodes. Validating that the user was indeed asked # for a passcode on each iteration. fake_okta.assert_has_calls([ mock.call.auth(), mock.call.validate_mfa('test_factor_id', 'test_token', '123'), mock.call.validate_mfa('test_factor_id', 'test_token', '123456'), ])
def test_entry_point(self, pass_mock, config_mock, okta_mock, aws_mock): # Mock out the password getter and return a simple password pass_mock.return_value = 'test_password' # Just mock out the entire Okta object, we won't really instantiate it okta_mock.return_value = mock.MagicMock() aws_mock.return_value = mock.MagicMock() # Mock out the arguments that were passed in fake_parser = mock.MagicMock(name='fake_parser') fake_parser.org = 'server' fake_parser.username = '******' fake_parser.username = '******' fake_parser.debug = True fake_parser.reup = 0 config_mock.return_value = fake_parser main.main('test') okta_mock.assert_called_with('server', 'username', 'test_password')