def test_https_credentials_user_can_login_successfully_when_another_user_is_already_logged_in_keyring(self,
mock_input):
self.invoke_cli(self.cli_auth_params,
['login', '-i', 'admin', '-p', self.client_params.env_api_key])
# Load in new user
self.invoke_cli(self.cli_auth_params,
['policy', 'replace', '-b', 'root', '-f',
self.environment.path_provider.get_policy_path('conjur')])
# Rotate the new user's API key
user_api_key = self.invoke_cli(self.cli_auth_params,
['user', 'rotate-api-key', '-i', 'someuser'])
extract_api_key_from_message = user_api_key.split(":")[1].strip()
# Login to change personal password
self.invoke_cli(self.cli_auth_params,
['login', '-i', 'someuser', '-p', extract_api_key_from_message])
# Creates a password that meets Conjur password complexity standards
password = string.hexdigits + "$!@"
self.invoke_cli(self.cli_auth_params,
['user', 'change-password', '-p', password])
self.invoke_cli(self.cli_auth_params,
['logout'])
# Attempt to login with newly created password
output = self.invoke_cli(self.cli_auth_params,
['login', '-i', 'someuser', '-p', password])
self.assertIn("Successfully logged in to Conjur", output.strip())
utils.get_credentials()
self.validate_credentials(f"{self.client_params.hostname}", "someuser", extract_api_key_from_message)
self.assertFalse(utils.is_netrc_exists())
def test_https_credentials_is_created_with_all_parameters_given_interactively_keyring(self, mock_pass):
with patch('getpass.getpass', return_value=self.client_params.env_api_key):
output = self.invoke_cli(self.cli_auth_params, ['login'])
assert utils.get_credentials() is not None
self.assertIn("Successfully logged in to Conjur", output.strip())
self.validate_credentials(f"{self.client_params.hostname}", "admin", self.client_params.env_api_key)
self.assertFalse(utils.is_netrc_exists())
def test_cli_configured_in_insecure_mode_and_run_in_insecure_mode_passes_keyring(self, mock_input):
utils.remove_file(DEFAULT_NETRC_FILE)
self.invoke_cli(self.cli_auth_params,
['--insecure', 'init', '--url', self.client_params.hostname, '--account',
self.client_params.account])
output = self.invoke_cli(self.cli_auth_params,
['--insecure', 'login', '-i', 'admin', '-p', self.client_params.env_api_key])
self.assertIn('Successfully logged in to Conjur', output)
self.assertFalse(utils.is_netrc_exists())
def test_https_credentials_is_created_with_host_keyring(self):
# Setup for fetching the API key of a host. To fetch we need to login
credentials = CredentialsData(self.client_params.hostname, "admin", self.client_params.env_api_key)
utils.save_credentials(credentials)
self.invoke_cli(self.cli_auth_params,
['policy', 'replace', '-b', 'root', '-f',
self.environment.path_provider.get_policy_path('conjur')])
host_api_key = self.invoke_cli(self.cli_auth_params,
['host', 'rotate-api-key', '-i', 'somehost'])
extract_api_key_from_message = host_api_key.split(":")[1].strip()
self.invoke_cli(self.cli_auth_params,
['logout'])
output = self.invoke_cli(self.cli_auth_params,
['login', '-i', 'host/somehost', '-p', f'{extract_api_key_from_message}'])
self.validate_credentials(f"{self.client_params.hostname}", "host/somehost", extract_api_key_from_message)
self.assertIn("Successfully logged in to Conjur", output.strip())
self.assertFalse(utils.is_netrc_exists())
def test_https_credentials_created_with_all_parameters_given_keyring(self, mock_input):
self.invoke_cli(self.cli_auth_params,
['login', '-i', 'admin', '-p', self.client_params.env_api_key])
utils.get_credentials()
self.validate_credentials(f"{self.client_params.hostname}", "admin", self.client_params.env_api_key)
self.assertFalse(utils.is_netrc_exists())