def test_named_temporary_credentials():
tempCred = subject.createTemporaryCredentials(
'tester',
'no-secret',
datetime.datetime.utcnow(),
datetime.datetime.utcnow() + datetime.timedelta(hours=1), ['test:xyz'],
name='credName')
client = subject.Auth({
'rootUrl': base.REAL_ROOT_URL,
'credentials': tempCred,
})
result = client.testAuthenticate({
'clientScopes': ['test:*', 'auth:create-client:credName'],
'requiredScopes': ['test:xyz'],
})
assert result == {'scopes': ['test:xyz'], 'clientId': 'credName'}
def test_named_temporary_credentials(self):
tempCred = subject.createTemporaryCredentials(
'tester',
'no-secret',
datetime.datetime.utcnow() - datetime.timedelta(hours=10),
datetime.datetime.utcnow() + datetime.timedelta(hours=10),
['test:xyz'],
name='credName'
)
client = subject.Auth({
'credentials': tempCred,
})
result = client.testAuthenticate({
'clientScopes': ['test:*', 'auth:create-client:credName'],
'requiredScopes': ['test:xyz'],
})
self.assertEqual(result, {'scopes': ['test:xyz'], 'clientId': 'credName'})
def test_temp_credentials_signed_url(self):
tempCred = subject.createTemporaryCredentials(
'tester',
'no-secret',
datetime.datetime.utcnow() - datetime.timedelta(hours=10),
datetime.datetime.utcnow() + datetime.timedelta(hours=10),
['test:*'],
)
client = subject.Auth({
'credentials': tempCred,
})
signedUrl = client.buildSignedUrl('testAuthenticateGet')
response = requests.get(signedUrl)
response.raise_for_status()
response = response.json()
self.assertEqual(response, {
'scopes': ['test:*'],
'clientId': 'tester',
})
def test_temporary_credentials_authorizedScopes(self):
tempCred = subject.createTemporaryCredentials(
'tester',
'no-secret',
datetime.datetime.utcnow() - datetime.timedelta(hours=10),
datetime.datetime.utcnow() + datetime.timedelta(hours=10),
['test:xyz:*'],
)
client = subject.Auth({
'credentials': tempCred,
'authorizedScopes': ['test:xyz:abc'],
})
result = client.testAuthenticate({
'clientScopes': ['test:*'],
'requiredScopes': ['test:xyz:abc'],
})
self.assertEqual(result, {'scopes': ['test:xyz:abc'],
'clientId': 'tester'})
def test_temporary_credentials(self):
"""we can call methods which require authentication with temporary
credentials generated by python client"""
tempCred = subject.createTemporaryCredentials(
'tester',
'no-secret',
datetime.datetime.utcnow() - datetime.timedelta(hours=10),
datetime.datetime.utcnow() + datetime.timedelta(hours=10),
['test:xyz'],
)
client = subject.Auth({
'credentials': tempCred,
})
result = client.testAuthenticate({
'clientScopes': ['test:*'],
'requiredScopes': ['test:xyz'],
})
self.assertEqual(result, {'scopes': ['test:xyz'], 'clientId': 'tester'})
def test_temp_credentials_signed_url(self):
tempCred = subject.createTemporaryCredentials(
'tester',
'no-secret',
datetime.datetime.utcnow(),
datetime.datetime.utcnow() + datetime.timedelta(hours=1),
['test:*'],
)
client = subject.Auth({
'credentials': tempCred,
})
signedUrl = client.buildSignedUrl('testAuthenticateGet')
response = requests.get(signedUrl)
response.raise_for_status()
response = response.json()
self.assertEqual(response, {
'scopes': ['test:*'],
'clientId': 'tester',
})
def test_temporary_credentials_authorizedScopes():
tempCred = subject.createTemporaryCredentials(
'tester',
'no-secret',
datetime.datetime.utcnow(),
datetime.datetime.utcnow() + datetime.timedelta(hours=1),
['test:xyz:*'],
)
client = subject.Auth({
'rootUrl': base.REAL_ROOT_URL,
'credentials': tempCred,
'authorizedScopes': ['test:xyz:abc'],
})
result = client.testAuthenticate({
'clientScopes': ['test:*'],
'requiredScopes': ['test:xyz:abc'],
})
assert result == {'scopes': ['assume:anonymous', 'test:xyz:abc'], 'clientId': 'tester'}
def test_temporary_credentials():
"""we can call methods which require authentication with temporary
credentials generated by python client"""
tempCred = subject.createTemporaryCredentials(
'tester',
'no-secret',
datetime.datetime.utcnow(),
datetime.datetime.utcnow() + datetime.timedelta(hours=1),
['test:xyz'],
)
client = subject.Auth({
'rootUrl': base.REAL_ROOT_URL,
'credentials': tempCred,
})
result = client.testAuthenticate({
'clientScopes': ['test:*'],
'requiredScopes': ['test:xyz'],
})
assert result == {'scopes': ['test:xyz'], 'clientId': 'tester'}
def test_named_temporary_credentials(self):
tempCred = subject.createTemporaryCredentials(
'tester',
'no-secret',
datetime.datetime.utcnow(),
datetime.datetime.utcnow() + datetime.timedelta(hours=1),
['test:xyz'],
name='credName')
client = subject.Auth({
'credentials': tempCred,
})
result = client.testAuthenticate({
'clientScopes': ['test:*', 'auth:create-client:credName'],
'requiredScopes': ['test:xyz'],
})
self.assertEqual(result, {
'scopes': ['test:xyz'],
'clientId': 'credName'
})
def test_temp_credentials_signed_url():
tempCred = subject.createTemporaryCredentials(
'tester',
'no-secret',
datetime.datetime.utcnow(),
datetime.datetime.utcnow() + datetime.timedelta(hours=1),
['test:*'],
)
client = subject.Auth({
'rootUrl': base.REAL_ROOT_URL,
'credentials': tempCred,
})
signedUrl = client.buildSignedUrl('testAuthenticateGet')
response = requests.get(signedUrl)
response.raise_for_status()
response = response.json()
assert response == {
'scopes': ['assume:anonymous', 'test:*'],
'clientId': 'tester',
}
def test_temporary_credentials_authorizedScopes(self):
tempCred = subject.createTemporaryCredentials(
'tester',
'no-secret',
datetime.datetime.utcnow(),
datetime.datetime.utcnow() + datetime.timedelta(hours=1),
['test:xyz:*'],
)
client = subject.Auth({
'credentials': tempCred,
'authorizedScopes': ['test:xyz:abc'],
})
result = client.testAuthenticate({
'clientScopes': ['test:*'],
'requiredScopes': ['test:xyz:abc'],
})
self.assertEqual(result, {
'scopes': ['test:xyz:abc'],
'clientId': 'tester'
})
def test_temporary_credentials(self):
"""we can call methods which require authentication with temporary
credentials generated by python client"""
tempCred = subject.createTemporaryCredentials(
'tester',
'no-secret',
datetime.datetime.utcnow() - datetime.timedelta(hours=10),
datetime.datetime.utcnow() + datetime.timedelta(hours=10),
['test:xyz'],
)
client = subject.Auth({
'credentials': tempCred,
})
result = client.testAuthenticate({
'clientScopes': ['test:*'],
'requiredScopes': ['test:xyz'],
})
self.assertEqual(result, {
'scopes': ['test:xyz'],
'clientId': 'tester'
})
