def test_get_docker_credentials(self, mock_requests_get, mock_requests_post, mock_get_registry_by_name, mock_get_raw_token): cmd = mock.MagicMock() cmd.cli_ctx = TestCli() registry = Registry(location='westus', sku=Sku(name='Standard')) registry.login_server = 'testregistry.azurecr.io' mock_get_registry_by_name.return_value = registry, None # Set up challenge response challenge_response = mock.MagicMock() challenge_response.headers = { 'WWW-Authenticate': 'Bearer realm="https://testregistry.azurecr.io/oauth2/token",service="testregistry.azurecr.io"' } challenge_response.status_code = 401 mock_requests_get.return_value = challenge_response # Set up refresh/access token response refresh_token_response = mock.MagicMock() refresh_token_response.headers = {} refresh_token_response.status_code = 200 refresh_token_response.content = json.dumps({ 'refresh_token': 'testrefreshtoken', 'access_token': 'testaccesstoken'}).encode() mock_requests_post.return_value = refresh_token_response # Set up AAD token with only access token mock_get_raw_token.return_value = ('Bearer', 'aadaccesstoken', {}), 'testsubscription', 'testtenant' get_login_credentials(cmd.cli_ctx, 'testregistry') mock_requests_get.assert_called_with('https://testregistry.azurecr.io/v2/', verify=mock.ANY) mock_requests_post.assert_called_with( 'https://testregistry.azurecr.io/oauth2/exchange', urlencode({ 'grant_type': 'access_token', 'service': 'testregistry.azurecr.io', 'tenant': 'testtenant', 'access_token': 'aadaccesstoken' }), headers={'Content-Type': 'application/x-www-form-urlencoded'}, verify=mock.ANY) get_access_credentials(cmd.cli_ctx, 'testregistry', repository='testrepository', permission='*') mock_requests_post.assert_called_with( 'https://testregistry.azurecr.io/oauth2/token', urlencode({ 'grant_type': 'refresh_token', 'service': 'testregistry.azurecr.io', 'scope': 'repository:testrepository:*', 'refresh_token': 'testrefreshtoken' }), headers={'Content-Type': 'application/x-www-form-urlencoded'}, verify=mock.ANY)
def _core_token_scenarios(self, mock_get_raw_token, mock_requests_get, mock_requests_post, mock_get_registry_by_name, registry_exists, registry_name, login_server, tenant_suffix): cmd = self._setup_cmd() if registry_exists: registry = Registry(location='westus', sku=Sku(name='Standard')) registry.login_server = login_server mock_get_registry_by_name.return_value = registry, None else: # Mock the registry could not be found mock_get_registry_by_name.side_effect = ResourceNotFound( 'The resource could not be found.') self._setup_mock_token_requests(mock_get_raw_token, mock_requests_get, mock_requests_post, login_server) # Test get refresh token get_login_credentials(cmd, registry_name, tenant_suffix=tenant_suffix) self._validate_refresh_token_request(mock_requests_get, mock_requests_post, login_server) # Test get access token for container image repository get_access_credentials( cmd, registry_name, tenant_suffix=tenant_suffix, repository=TEST_REPOSITORY, permission=RepoAccessTokenPermission.METADATA_READ.value) self._validate_access_token_request( mock_requests_get, mock_requests_post, login_server, 'repository:{}:{}'.format( TEST_REPOSITORY, RepoAccessTokenPermission.METADATA_READ.value)) # Test get access token for artifact image repository get_access_credentials(cmd, registry_name, tenant_suffix=tenant_suffix, artifact_repository=TEST_REPOSITORY, permission=HelmAccessTokenPermission.PULL.value) self._validate_access_token_request( mock_requests_get, mock_requests_post, login_server, 'artifact-repository:{}:{}'.format( TEST_REPOSITORY, HelmAccessTokenPermission.PULL.value))
def _core_token_scenarios(self, mock_get_raw_token, mock_requests_get, mock_requests_post, mock_get_registry_by_name, registry_exists, registry_name, login_server, tenant_suffix): cmd = self._setup_cmd() if registry_exists: registry = Registry(location='westus', sku=Sku(name='Standard')) registry.login_server = login_server mock_get_registry_by_name.return_value = registry, None else: # Mock the registry could not be found mock_get_registry_by_name.side_effect = ResourceNotFound('The resource could not be found.') self._setup_mock_token_requests(mock_get_raw_token, mock_requests_get, mock_requests_post, login_server) # Test get refresh token get_login_credentials(cmd, registry_name, tenant_suffix=tenant_suffix) self._validate_refresh_token_request(mock_requests_get, mock_requests_post, login_server) # Test get access token for container image repository get_access_credentials(cmd, registry_name, tenant_suffix=tenant_suffix, repository=TEST_REPOSITORY, permission='pull') self._validate_access_token_request(mock_requests_get, mock_requests_post, login_server, 'repository:{}:pull'.format(TEST_REPOSITORY)) # Test get access token for artifact image repository get_access_credentials(cmd, registry_name, tenant_suffix=tenant_suffix, artifact_repository=TEST_REPOSITORY, permission='pull') self._validate_access_token_request(mock_requests_get, mock_requests_post, login_server, 'artifact-repository:{}:pull'.format(TEST_REPOSITORY))