def test_setup_sso_should_not_fail_when_sso_config_cannot_be_loaded_due_to_404_error(
self, open_mock, is_server_runing_mock, get_silent_mock,
get_ambari_properties_mock, get_YN_input_mock,
get_cluster_name_mock, urlopen_mock,
perform_changes_via_rest_api_mock):
out = StringIO.StringIO()
sys.stdout = out
certificate_data = '-----BEGIN CERTIFICATE-----\n' \
'MIIE3DCCA8SgAwIBAgIJAKfbOMmFyOlNMA0GCSqGSIb3DQEBBQUAMIGkMQswCQYD\n' \
'................................................................\n' \
'dXRpbmcxFzAVBgNVBAMTDmNsb3VkYnJlYWstcmdsMSUwIwYJKoZIhvcNAQkBFhZy\n' \
'-----END CERTIFICATE-----'
mock_file = MagicFile(certificate_data)
open_mock.side_effect = [mock_file]
is_server_runing_mock.return_value = (True, 0)
get_silent_mock.return_value = False
get_ambari_properties_mock.return_value = Properties()
get_cluster_name_mock.return_value = 'cluster1'
get_YN_input_mock.__return_value = True
urlopen_mock.side_effect = HTTPError(MagicMock(status=404), 404,
'not found', None, None)
sso_enabled = 'true'
sso_provider_url = 'http://testHost:8080'
sso_public_cert_file = '/test/file/path'
sso_jwt_cookie_name = 'test_cookie'
sso_jwt_audience_list = 'test, audience, list'
options = self._create_empty_options_mock()
options.sso_enabled = sso_enabled
options.sso_enabled_ambari = sso_enabled
options.sso_manage_services = 'true'
options.sso_provider_url = sso_provider_url
options.sso_public_cert_file = sso_public_cert_file
options.sso_jwt_cookie_name = sso_jwt_cookie_name
options.sso_jwt_audience_list = sso_jwt_audience_list
setup_sso(options)
self.assertTrue(perform_changes_via_rest_api_mock.called)
requestCall = perform_changes_via_rest_api_mock.call_args_list[0]
args, kwargs = requestCall
requestData = args[5]
self.assertTrue(isinstance(requestData, dict))
ssoProperties = requestData['Configuration']['properties']
self.assertEqual(ssoProperties[AMBARI_SSO_AUTH_ENABLED], sso_enabled)
self.assertEqual(ssoProperties[SSO_PROVIDER_URL], sso_provider_url)
self.assertEqual(ssoProperties[SSO_CERTIFICATE], certificate_data)
self.assertEqual(ssoProperties[JWT_COOKIE_NAME], sso_jwt_cookie_name)
self.assertEqual(ssoProperties[JWT_AUDIENCES], sso_jwt_audience_list)
self.assertEqual(ssoProperties[SSO_MANAGE_SERVICES], "true")
self.assertEqual(ssoProperties[SSO_ENABLED_SERVICES], "*")
def test_all_cli_options_are_collected_when_enabling_sso(
self, open_mock, get_json_via_rest_api_mock, is_server_runing_mock,
get_silent_mock, get_ambari_properties_mock,
perform_changes_via_rest_api_mock):
out = StringIO.StringIO()
sys.stdout = out
certificate_data = '-----BEGIN CERTIFICATE-----\n' \
'MIIE3DCCA8SgAwIBAgIJAKfbOMmFyOlNMA0GCSqGSIb3DQEBBQUAMIGkMQswCQYD\n' \
'................................................................\n' \
'dXRpbmcxFzAVBgNVBAMTDmNsb3VkYnJlYWstcmdsMSUwIwYJKoZIhvcNAQkBFhZy\n' \
'-----END CERTIFICATE-----'
mock_file = MagicFile(certificate_data)
open_mock.side_effect = [mock_file]
get_json_via_rest_api_mock.return_value = (200, {})
is_server_runing_mock.return_value = (True, 0)
get_silent_mock.return_value = False
properties = Properties()
get_ambari_properties_mock.return_value = properties
sso_enabled = 'true'
sso_enabled_services = 'Ambari, SERVICE1, SERVICE2'
sso_provider_url = 'https://c7402.ambari.apache.org:8443/gateway/knoxsso/api/v1/websso'
sso_public_cert_file = '/test/file/path'
sso_jwt_cookie_name = 'test_cookie'
sso_jwt_audience_list = 'test, audience, list'
options = self._create_empty_options_mock()
options.sso_enabled = sso_enabled
options.sso_enabled_ambari = 'true'
options.sso_manage_services = 'true'
options.sso_provider_url = sso_provider_url
options.sso_public_cert_file = sso_public_cert_file
options.sso_jwt_cookie_name = sso_jwt_cookie_name
options.sso_jwt_audience_list = sso_jwt_audience_list
options.sso_enabled_services = sso_enabled_services
setup_sso(options)
self.assertTrue(perform_changes_via_rest_api_mock.called)
requestCall = perform_changes_via_rest_api_mock.call_args_list[0]
args, kwargs = requestCall
requestData = args[5]
self.assertTrue(isinstance(requestData, dict))
ssoProperties = requestData['Configuration']['properties']
self.assertEqual(ssoProperties[AMBARI_SSO_AUTH_ENABLED], sso_enabled)
self.assertEqual(ssoProperties[SSO_PROVIDER_URL], sso_provider_url)
self.assertEqual(ssoProperties[SSO_CERTIFICATE], certificate_data)
self.assertEqual(ssoProperties[JWT_COOKIE_NAME], sso_jwt_cookie_name)
self.assertEqual(ssoProperties[JWT_AUDIENCES], sso_jwt_audience_list)
sys.stdout = sys.__stdout__
pass
def test_sso_is_enabled_for_all_services_via_user_input(
self, is_root_mock, is_server_runing_mock, get_silent_mock,
get_ambari_properties_mock, update_properties_mock,
get_YN_input_mock, perform_changes_via_rest_api_mock):
out = StringIO.StringIO()
sys.stdout = out
is_root_mock.return_value = True
is_server_runing_mock.return_value = (True, 0)
get_silent_mock.return_value = False
get_ambari_properties_mock.return_value = Properties()
def yn_input_side_effect(*args, **kwargs):
if 'all services' in args[0]:
return True
else:
raise Exception(
"ShouldNotBeInvoked"
) # only the 'Use SSO for all services' question should be asked for now
get_YN_input_mock.side_effect = yn_input_side_effect
options = self._create_empty_options_mock()
options.sso_enabled = 'true'
options.sso_provider_url = 'http://testHost:8080'
options.sso_public_cert_file = '/test/file/path'
options.sso_jwt_cookie_name = 'test_cookie'
options.sso_jwt_audience_list = 'test, audience, list'
setup_sso(options)
requestCall = perform_changes_via_rest_api_mock.call_args_list[0]
args, kwargs = requestCall
requestData = args[5]
self.assertTrue(isinstance(requestData, dict))
ssoProperties = requestData['Configuration']['properties']
properties_updated_in_ambari_db = sorted(ssoProperties.iteritems(),
key=operator.itemgetter(0))
properties_should_be_updated_in_ambari_db = sorted(
{
"ambari.sso.enabled_services": "*",
"ambari.sso.manage_services": "true"
}.iteritems(),
key=operator.itemgetter(0))
self.assertEqual(properties_should_be_updated_in_ambari_db,
properties_updated_in_ambari_db)
sys.stdout = sys.__stdout__
pass
def test_only_sso_enabled_cli_option_is_collected_when_disabling_sso(
self, open_mock, get_json_via_rest_api_mock, is_server_runing_mock,
get_silent_mock, get_ambari_properties_mock,
perform_changes_via_rest_api_mock):
out = StringIO.StringIO()
sys.stdout = out
certificate_data = '-----BEGIN CERTIFICATE-----\n' \
'MIIE3DCCA8SgAwIBAgIJAKfbOMmFyOlNMA0GCSqGSIb3DQEBBQUAMIGkMQswCQYD\n' \
'................................................................\n' \
'dXRpbmcxFzAVBgNVBAMTDmNsb3VkYnJlYWstcmdsMSUwIwYJKoZIhvcNAQkBFhZy\n' \
'-----END CERTIFICATE-----'
mock_file = MagicFile(certificate_data)
open_mock.side_effect = [mock_file]
get_json_via_rest_api_mock.return_value = (200, {})
is_server_runing_mock.return_value = (True, 0)
get_silent_mock.return_value = False
properties = Properties()
get_ambari_properties_mock.return_value = properties
sso_enabled = 'false'
sso_provider_url = 'http://testHost:8080'
sso_public_cert_file = '/test/file/path'
sso_jwt_cookie_name = 'test_cookie'
sso_jwt_audience_list = 'test, audience, list'
options = self._create_empty_options_mock()
options.sso_enabled = sso_enabled
options.sso_provider_url = sso_provider_url
options.sso_public_cert_file = sso_public_cert_file
options.sso_jwt_cookie_name = sso_jwt_cookie_name
options.sso_jwt_audience_list = sso_jwt_audience_list
setup_sso(options)
self.assertTrue(perform_changes_via_rest_api_mock.called)
requestCall = perform_changes_via_rest_api_mock.call_args_list[0]
args, kwargs = requestCall
requestData = args[5]
self.assertTrue(isinstance(requestData, dict))
ssoProperties = requestData['Configuration']['properties']
self.assertEqual(ssoProperties[SSO_MANAGE_SERVICES], "false")
self.assertEqual(ssoProperties[AMBARI_JWT_AUTH_ENBABLED], "false")
sys.stdout = sys.__stdout__
pass
def test_non_root_user_should_not_be_able_to_setup_sso(self, is_root_mock):
out = StringIO.StringIO()
sys.stdout = out
is_root_mock.return_value = False
options = self._create_empty_options_mock()
try:
setup_sso(options)
self.fail("Should fail with non-fatal exception")
except FatalException as e:
self.assertTrue("ambari-server setup-sso should be run with root-level privileges" in e.reason)
pass
sys.stdout = sys.__stdout__
pass
def test_sso_setup_should_fail_if_server_is_not_running(
self, is_server_runing_mock):
out = StringIO.StringIO()
sys.stdout = out
is_server_runing_mock.return_value = (False, 0)
options = self._create_empty_options_mock()
try:
setup_sso(options)
self.fail("Should fail with non-fatal exception")
except FatalException as e:
self.assertTrue("Ambari Server is not running" in e.reason)
pass
sys.stdout = sys.__stdout__
pass
def test_all_cli_options_are_collected_when_enabling_sso(
self, is_root_mock, is_server_runing_mock, get_silent_mock,
get_ambari_properties_mock, update_properties_mock,
perform_changes_via_rest_api_mock):
out = StringIO.StringIO()
sys.stdout = out
is_root_mock.return_value = True
is_server_runing_mock.return_value = (True, 0)
get_silent_mock.return_value = False
properties = Properties()
get_ambari_properties_mock.return_value = properties
sso_enabled = 'true'
sso_enabled_services = 'Ambari, SERVICE1, SERVICE2'
sso_provider_url = 'https://c7402.ambari.apache.org:8443/gateway/knoxsso/api/v1/websso'
sso_public_cert_file = '/test/file/path'
sso_jwt_cookie_name = 'test_cookie'
sso_jwt_audience_list = 'test, audience, list'
options = self._create_empty_options_mock()
options.sso_enabled = sso_enabled
options.sso_provider_url = sso_provider_url
options.sso_public_cert_file = sso_public_cert_file
options.sso_jwt_cookie_name = sso_jwt_cookie_name
options.sso_jwt_audience_list = sso_jwt_audience_list
options.sso_enabled_services = sso_enabled_services
setup_sso(options)
self.assertTrue(update_properties_mock.called)
self.assertEqual(properties.get_property(JWT_AUTH_ENBABLED),
sso_enabled)
self.assertEqual(properties.get_property(JWT_AUTH_PROVIDER_URL),
sso_provider_url)
self.assertEqual(properties.get_property(JWT_PUBLIC_KEY),
sso_public_cert_file)
self.assertEqual(properties.get_property(JWT_COOKIE_NAME),
sso_jwt_cookie_name)
self.assertEqual(properties.get_property(JWT_AUDIENCES),
sso_jwt_audience_list)
self.assertTrue(perform_changes_via_rest_api_mock.called)
sys.stdout = sys.__stdout__
pass
def test_silent_mode_is_not_allowed(self, is_root_mock, get_silent_mock):
out = StringIO.StringIO()
sys.stdout = out
is_root_mock.return_value = True
get_silent_mock.return_value = True
options = self._create_empty_options_mock()
try:
setup_sso(options)
self.fail("Should fail with fatal exception")
except NonFatalException as e:
self.assertTrue(
"setup-sso is not enabled in silent mode." in e.reason)
pass
sys.stdout = sys.__stdout__
pass
def test_invalid_sso_enabled_cli_option_should_result_in_error(self, is_root_mock, is_server_runing_mock, get_silent_mock):
out = StringIO.StringIO()
sys.stdout = out
is_root_mock.return_value = True
is_server_runing_mock.return_value = (True, 0)
get_silent_mock.return_value = False
options = self._create_empty_options_mock()
options.sso_enabled = 'not_true_or_false'
try:
setup_sso(options)
self.fail("Should fail with fatal exception")
except FatalException as e:
self.assertTrue("--sso-enabled should be to either 'true' or 'false'" in e.reason)
pass
sys.stdout = sys.__stdout__
pass
def test_only_sso_enabled_cli_option_is_collected_when_disabling_sso(
self, is_root_mock, is_server_runing_mock, get_silent_mock,
get_ambari_properties_mock, update_properties_mock, urlopen_mock):
out = StringIO.StringIO()
sys.stdout = out
is_root_mock.return_value = True
is_server_runing_mock.return_value = (True, 0)
get_silent_mock.return_value = False
properties = Properties()
get_ambari_properties_mock.return_value = properties
sso_enabled = 'false'
sso_provider_url = 'http://testHost:8080'
sso_public_cert_file = '/test/file/path'
sso_jwt_cookie_name = 'test_cookie'
sso_jwt_audience_list = 'test, audience, list'
options = self._create_empty_options_mock()
options.sso_enabled = sso_enabled
options.sso_provider_url = sso_provider_url
options.sso_public_cert_file = sso_public_cert_file
options.sso_jwt_cookie_name = sso_jwt_cookie_name
options.sso_jwt_audience_list = sso_jwt_audience_list
response = MagicMock()
response.getcode.return_value = 200
urlopen_mock.return_value = response
setup_sso(options)
self.assertTrue(update_properties_mock.called)
self.assertEqual(properties.get_property(JWT_AUTH_ENBABLED),
sso_enabled)
self.assertTrue(
JWT_AUTH_PROVIDER_URL not in properties.propertyNames())
self.assertTrue(JWT_PUBLIC_KEY not in properties.propertyNames())
self.assertTrue(JWT_COOKIE_NAME not in properties.propertyNames())
self.assertTrue(JWT_AUDIENCES not in properties.propertyNames())
sys.stdout = sys.__stdout__
pass
def test_invalid_sso_provider_url_cli_option_when_enabling_sso_should_result_in_error(
self, is_root_mock, get_silent_mock):
out = StringIO.StringIO()
sys.stdout = out
is_root_mock.return_value = True
get_silent_mock.return_value = False
options = self._create_empty_options_mock()
options.sso_enabled = 'true'
options.sso_provider_url = '!invalidHost:invalidPort'
try:
setup_sso(options)
self.fail("Should fail with fatal exception")
except FatalException as e:
self.assertTrue("Invalid --sso-provider-url" in e.reason)
pass
sys.stdout = sys.__stdout__
pass
def test_missing_sso_public_cert_file_cli_option_when_enabling_sso_should_result_in_error(self, is_root_mock, is_server_runing_mock, get_silent_mock):
out = StringIO.StringIO()
sys.stdout = out
is_root_mock.return_value = True
is_server_runing_mock.return_value = (True, 0)
get_silent_mock.return_value = False
options = self._create_empty_options_mock()
options.sso_enabled = 'true'
options.sso_public_cert_file = ''
try:
setup_sso(options)
self.fail("Should fail with fatal exception")
except FatalException as e:
self.assertTrue("Missing option: --sso-public-cert-file" in e.reason)
pass
sys.stdout = sys.__stdout__
pass
def test_all_cli_options_are_collected_when_enabling_sso(
self, is_root_mock, get_silent_mock, get_ambari_properties_mock,
update_properties_mock):
out = StringIO.StringIO()
sys.stdout = out
is_root_mock.return_value = True
get_silent_mock.return_value = False
properties = Properties()
get_ambari_properties_mock.return_value = properties
sso_enabled = 'true'
sso_provider_url = 'http://testHost:8080'
sso_public_cert_file = '/test/file/path'
sso_jwt_cookie_name = 'test_cookie'
sso_jwt_audience_list = 'test, audience, list'
options = self._create_empty_options_mock()
options.sso_enabled = sso_enabled
options.sso_provider_url = sso_provider_url
options.sso_public_cert_file = sso_public_cert_file
options.sso_jwt_cookie_name = sso_jwt_cookie_name
options.sso_jwt_audience_list = sso_jwt_audience_list
setup_sso(options)
self.assertTrue(update_properties_mock.called)
self.assertEqual(properties.get_property(JWT_AUTH_ENBABLED),
sso_enabled)
self.assertEqual(properties.get_property(JWT_AUTH_PROVIDER_URL),
sso_provider_url)
self.assertEqual(properties.get_property(JWT_PUBLIC_KEY),
sso_public_cert_file)
self.assertEqual(properties.get_property(JWT_COOKIE_NAME),
sso_jwt_cookie_name)
self.assertEqual(properties.get_property(JWT_AUDIENCES),
sso_jwt_audience_list)
sys.stdout = sys.__stdout__
pass
def test_setup_sso_should_not_fail_when_sso_config_cannot_be_loaded_due_to_404_error(self, is_root_mock, is_server_runing_mock, get_silent_mock, get_ambari_properties_mock, update_properties_mock, get_YN_input_mock,
get_cluster_name_mock, perform_changes_via_rest_api_mock, urlopen_mock):
out = StringIO.StringIO()
sys.stdout = out
is_root_mock.return_value = True
is_server_runing_mock.return_value = (True, 0)
get_silent_mock.return_value = False
get_ambari_properties_mock.return_value = Properties()
get_cluster_name_mock.return_value = 'cluster1'
get_YN_input_mock.__return_value = True
urlopen_mock.side_effect = HTTPError(MagicMock(status=404), 404, 'not found', None, None)
options = self._create_empty_options_mock()
options.sso_provider_url = 'http://testHost:8080'
options.sso_public_cert_file = '/test/file/path'
options.sso_jwt_cookie_name = 'test_cookie'
options.sso_jwt_audience_list = 'test, audience, list'
setup_sso(options)
self.assertTrue(update_properties_mock.called)
pass
def test_invalid_sso_provider_url_cli_option_when_enabling_sso_should_result_in_error(
self, is_root_mock, is_server_runing_mock, get_silent_mock):
out = StringIO.StringIO()
sys.stdout = out
is_root_mock.return_value = True
is_server_runing_mock.return_value = (True, 0)
get_silent_mock.return_value = False
options = self._create_empty_options_mock()
options.sso_enabled = 'true'
options.sso_provider_url = '!invalidHost:invalidPort'
try:
setup_sso(options)
self.fail("Should fail with fatal exception")
except FatalException as e:
self.assertTrue("Invalid --sso-provider-url" in e.reason)
pass
options.sso_provider_url = 'The SSO provider URL is https://c7402.ambari.apache.org:8443/gateway/knoxsso/api/v1/websso'
try:
setup_sso(options)
self.fail("Should fail with fatal exception")
except FatalException as e:
self.assertTrue("Invalid --sso-provider-url" in e.reason)
pass
options.sso_provider_url = 'https://c7402.ambari.apache.org:8443/gateway/knoxsso/api/v1/websso is the SSO provider URL'
try:
setup_sso(options)
self.fail("Should fail with fatal exception")
except FatalException as e:
self.assertTrue("Invalid --sso-provider-url" in e.reason)
pass
sys.stdout = sys.__stdout__
pass
def test_sso_enabled_services_are_collected_via_user_input(
self, is_root_mock, is_server_runing_mock, get_silent_mock,
get_ambari_properties_mock, update_properties_mock,
get_YN_input_mock, get_cluster_name_mock,
perform_changes_via_rest_api_mock, urlopen_mock):
out = StringIO.StringIO()
sys.stdout = out
is_root_mock.return_value = True
is_server_runing_mock.return_value = (True, 0)
get_silent_mock.return_value = False
get_ambari_properties_mock.return_value = Properties()
get_cluster_name_mock.return_value = 'cluster1'
def yn_input_side_effect(*args, **kwargs):
if 'all services' in args[0]:
return False
else:
return True
get_YN_input_mock.side_effect = yn_input_side_effect
eligible_services = \
"""
{
"href": "http://c7401:8080/api/v1/clusters/cluster1/services?ServiceInfo/sso_integration_supported=true",
"items": [
{
"href": "http://c7401:8080/api/v1/clusters/cluster1/services/HDFS",
"ServiceInfo": {
"cluster_name": "cluster1",
"service_name": "HDFS"
}
},
{
"href": "http://c7401:8080/api/v1/clusters/cluster1/services/ZOOKEPER",
"ServiceInfo": {
"cluster_name": "cluster1",
"service_name": "ZOOKEPER"
}
}
]
}
"""
response = MagicMock()
response.getcode.return_value = 200
response.read.return_value = eligible_services
urlopen_mock.return_value = response
options = self._create_empty_options_mock()
options.sso_enabled = 'true'
options.sso_provider_url = 'http://testHost:8080'
options.sso_public_cert_file = '/test/file/path'
options.sso_jwt_cookie_name = 'test_cookie'
options.sso_jwt_audience_list = 'test, audience, list'
setup_sso(options)
requestCall = perform_changes_via_rest_api_mock.call_args_list[0]
args, kwargs = requestCall
requestData = args[5]
self.assertTrue(isinstance(requestData, dict))
ssoProperties = requestData['Configuration']['properties']
properties_updated_in_ambari_db = sorted(ssoProperties.iteritems(),
key=operator.itemgetter(0))
properties_should_be_updated_in_ambari_db = sorted(
{
"ambari.sso.enabled_services": "Ambari, HDFS, ZOOKEPER",
"ambari.sso.manage_services": "true"
}.iteritems(),
key=operator.itemgetter(0))
self.assertEqual(properties_should_be_updated_in_ambari_db,
properties_updated_in_ambari_db)
sys.stdout = sys.__stdout__
pass
def test_sso_enabled_services_are_collected_via_user_input(
self, open_mock, get_json_via_rest_api_mock, is_server_runing_mock,
get_silent_mock, get_ambari_properties_mock, get_YN_input_mock,
get_cluster_name_mock, perform_changes_via_rest_api_mock):
out = StringIO.StringIO()
sys.stdout = out
certificate_data = '-----BEGIN CERTIFICATE-----\n' \
'MIIE3DCCA8SgAwIBAgIJAKfbOMmFyOlNMA0GCSqGSIb3DQEBBQUAMIGkMQswCQYD\n' \
'................................................................\n' \
'dXRpbmcxFzAVBgNVBAMTDmNsb3VkYnJlYWstcmdsMSUwIwYJKoZIhvcNAQkBFhZy\n' \
'-----END CERTIFICATE-----'
mock_file = MagicFile(certificate_data)
open_mock.side_effect = [mock_file]
eligible_services = \
"""
{
"href": "http://c7401:8080/api/v1/clusters/cluster1/services?ServiceInfo/sso_integration_supported=true",
"items": [
{
"href": "http://c7401:8080/api/v1/clusters/cluster1/services/HDFS",
"ServiceInfo": {
"cluster_name": "cluster1",
"service_name": "HDFS"
}
},
{
"href": "http://c7401:8080/api/v1/clusters/cluster1/services/ZOOKEPER",
"ServiceInfo": {
"cluster_name": "cluster1",
"service_name": "ZOOKEPER"
}
}
]
}
"""
eligible_services_json = {
"href":
"http://c7401:8080/api/v1/clusters/cluster1/services?ServiceInfo/sso_integration_supported=true",
"items": [{
"href":
"http://c7401:8080/api/v1/clusters/cluster1/services/HDFS",
"ServiceInfo": {
"cluster_name": "cluster1",
"service_name": "HDFS"
}
}, {
"href":
"http://c7401:8080/api/v1/clusters/cluster1/services/ZOOKEPER",
"ServiceInfo": {
"cluster_name": "cluster1",
"service_name": "ZOOKEPER"
}
}]
}
get_json_via_rest_api_mock.return_value = (200, {})
get_json_via_rest_api_mock.return_value = (200, eligible_services_json)
is_server_runing_mock.return_value = (True, 0)
get_silent_mock.return_value = False
get_ambari_properties_mock.return_value = Properties()
get_cluster_name_mock.return_value = 'cluster1'
def yn_input_side_effect(*args, **kwargs):
if 'all services' in args[0]:
return False
else:
return True
get_YN_input_mock.side_effect = yn_input_side_effect
response = MagicMock()
response.getcode.return_value = 200
response.read.return_value = eligible_services
options = self._create_empty_options_mock()
options.sso_enabled = 'true'
options.sso_provider_url = 'http://testHost:8080'
options.sso_public_cert_file = '/test/file/path'
options.sso_jwt_cookie_name = 'test_cookie'
options.sso_jwt_audience_list = 'test, audience, list'
setup_sso(options)
self.assertTrue(perform_changes_via_rest_api_mock.called)
requestCall = perform_changes_via_rest_api_mock.call_args_list[0]
args, kwargs = requestCall
requestData = args[5]
self.assertTrue(isinstance(requestData, dict))
ssoProperties = requestData['Configuration']['properties']
self.assertEqual(ssoProperties[SSO_MANAGE_SERVICES], "true")
self.assertEqual(ssoProperties[SSO_ENABLED_SERVICES],
"AMBARI,HDFS,ZOOKEPER")
sys.stdout = sys.__stdout__
pass
def test_sso_is_enabled_for_all_services_via_user_input(
self, open_mock, get_json_via_rest_api_mock, is_server_runing_mock,
get_silent_mock, get_ambari_properties_mock, get_YN_input_mock,
perform_changes_via_rest_api_mock):
out = StringIO.StringIO()
sys.stdout = out
certificate_data = '-----BEGIN CERTIFICATE-----\n' \
'MIIE3DCCA8SgAwIBAgIJAKfbOMmFyOlNMA0GCSqGSIb3DQEBBQUAMIGkMQswCQYD\n' \
'................................................................\n' \
'dXRpbmcxFzAVBgNVBAMTDmNsb3VkYnJlYWstcmdsMSUwIwYJKoZIhvcNAQkBFhZy\n' \
'-----END CERTIFICATE-----'
mock_file = MagicFile(certificate_data)
open_mock.side_effect = [mock_file]
get_json_via_rest_api_mock.return_value = (200, {})
is_server_runing_mock.return_value = (True, 0)
get_silent_mock.return_value = False
get_ambari_properties_mock.return_value = Properties()
def yn_input_side_effect(*args, **kwargs):
if 'all services' in args[0]:
return True
else:
raise Exception(
"ShouldNotBeInvoked"
) # only the 'Use SSO for all services' question should be asked for now
get_YN_input_mock.side_effect = yn_input_side_effect
sso_enabled = 'true'
sso_provider_url = 'http://testHost:8080'
sso_public_cert_file = '/test/file/path'
sso_jwt_cookie_name = 'test_cookie'
sso_jwt_audience_list = 'test, audience, list'
options = self._create_empty_options_mock()
options.sso_enabled = sso_enabled
options.sso_provider_url = sso_provider_url
options.sso_public_cert_file = sso_public_cert_file
options.sso_jwt_cookie_name = sso_jwt_cookie_name
options.sso_jwt_audience_list = sso_jwt_audience_list
setup_sso(options)
self.assertTrue(perform_changes_via_rest_api_mock.called)
requestCall = perform_changes_via_rest_api_mock.call_args_list[0]
args, kwargs = requestCall
requestData = args[5]
self.assertTrue(isinstance(requestData, dict))
ssoProperties = requestData['Configuration']['properties']
self.assertEqual(ssoProperties[AMBARI_JWT_AUTH_ENBABLED], sso_enabled)
self.assertEqual(ssoProperties[SSO_PROVIDER_URL], sso_provider_url)
self.assertEqual(ssoProperties[SSO_CERTIFICATE], certificate_data)
self.assertEqual(ssoProperties[JWT_COOKIE_NAME], sso_jwt_cookie_name)
self.assertEqual(ssoProperties[JWT_AUDIENCES], sso_jwt_audience_list)
self.assertEqual(ssoProperties[SSO_MANAGE_SERVICES], "true")
self.assertEqual(ssoProperties[SSO_ENABLED_SERVICES], "*")
sys.stdout = sys.__stdout__
pass
