def test_find_subscriptions_thru_username_password_adfs(self, mock_get_cloud, mock_acquire_token, mock_acquire_token_username_password): TEST_ADFS_AUTH_URL = 'https://adfs.local.azurestack.external/adfs' def test_acquire_token(self, resource, username, password, client_id): global acquire_token_invoked acquire_token_invoked = True if (self.authority.url == TEST_ADFS_AUTH_URL and self.authority.is_adfs_authority): return Test_Profile.token_entry1 else: raise ValueError('AuthContext was not initialized correctly for ADFS') mock_acquire_token_username_password.side_effect = test_acquire_token mock_acquire_token.return_value = self.token_entry1 mock_arm_client = mock.MagicMock() mock_arm_client.tenants.list.return_value = [TenantStub(self.tenant_id)] mock_arm_client.subscriptions.list.return_value = [self.subscription1] mock_get_cloud.endpoints.active_directory = TEST_ADFS_AUTH_URL finder = SubscriptionFinder(_AUTH_CTX_FACTORY, None, lambda _: mock_arm_client) mgmt_resource = 'https://management.core.windows.net/' # action subs = finder.find_from_user_account(self.user1, 'bar', None, mgmt_resource) # assert self.assertEqual([self.subscription1], subs) self.assertTrue(acquire_token_invoked)
def test_find_subscriptions_thru_username_password_adfs(self, mock_get_cloud, mock_acquire_token, mock_acquire_token_username_password): TEST_ADFS_AUTH_URL = 'https://adfs.local.azurestack.external/adfs' def test_acquire_token(self, resource, username, password, client_id): global acquire_token_invoked acquire_token_invoked = True if (self.authority.url == TEST_ADFS_AUTH_URL and self.authority.is_adfs_authority): return Test_Profile.token_entry1 else: raise ValueError('AuthContext was not initialized correctly for ADFS') mock_acquire_token_username_password.side_effect = test_acquire_token mock_acquire_token.return_value = self.token_entry1 mock_arm_client = mock.MagicMock() mock_arm_client.tenants.list.return_value = [TenantStub(self.tenant_id)] mock_arm_client.subscriptions.list.return_value = [self.subscription1] mock_get_cloud.endpoints.active_directory = TEST_ADFS_AUTH_URL finder = SubscriptionFinder(_AUTH_CTX_FACTORY, None, lambda _: mock_arm_client) mgmt_resource = 'https://management.core.windows.net/' # action subs = finder.find_from_user_account(self.user1, 'bar', None, mgmt_resource) # assert self.assertEqual([self.subscription1], subs) self.assertTrue(acquire_token_invoked)
def test_find_subscriptions_thru_username_password_with_account_disabled(self, mock_logger, mock_auth_context): mock_auth_context.acquire_token_with_username_password.return_value = self.token_entry1 mock_auth_context.acquire_token.side_effect = AdalError('Account is disabled') mock_arm_client = mock.MagicMock() mock_arm_client.tenants.list.return_value = [TenantStub(self.tenant_id)] finder = SubscriptionFinder(lambda _, _2: mock_auth_context, None, lambda _: mock_arm_client) mgmt_resource = 'https://management.core.windows.net/' # action subs = finder.find_from_user_account(self.user1, 'bar', None, mgmt_resource) # assert self.assertEqual([], subs) mock_logger.warning.assert_called_once_with(mock.ANY, mock.ANY, mock.ANY)
def test_create_account_without_subscriptions(self, mock_auth_context): mock_auth_context.acquire_token_with_client_credentials.return_value = self.token_entry1 mock_arm_client = mock.MagicMock() mock_arm_client.subscriptions.list.return_value = [] finder = SubscriptionFinder(lambda _, _2: mock_auth_context, None, lambda _: mock_arm_client) storage_mock = {'subscriptions': []} profile = Profile(storage_mock, use_global_creds_cache=False) profile._management_resource_uri = 'https://management.core.windows.net/' # action result = profile.find_subscriptions_on_login(False, '1234', 'my-secret', True, self.tenant_id, allow_no_subscriptions=True, subscription_finder=finder) # assert self.assertTrue(1, len(result)) self.assertEqual(result[0]['id'], self.tenant_id) self.assertEqual(result[0]['state'], 'Enabled') self.assertEqual(result[0]['tenantId'], self.tenant_id) self.assertEqual(result[0]['name'], 'N/A(tenant level account)')
def test_find_subscriptions_interactive_from_particular_tenent(self, mock_auth_context): def just_raise(ex): raise ex mock_arm_client = mock.MagicMock() mock_arm_client.tenants.list.side_effect = lambda: just_raise( ValueError("'tenants.list' should not occur")) mock_arm_client.subscriptions.list.return_value = [self.subscription1] finder = SubscriptionFinder(lambda _, _2: mock_auth_context, None, lambda _: mock_arm_client) # action subs = finder.find_through_interactive_flow('NiceTenant', 'http://someresource') # assert self.assertEqual([self.subscription1], subs)
def test_find_subscriptions_thru_username_password_with_account_disabled(self, mock_logger, mock_auth_context): mock_auth_context.acquire_token_with_username_password.return_value = self.token_entry1 mock_auth_context.acquire_token.side_effect = AdalError('Account is disabled') mock_arm_client = mock.MagicMock() mock_arm_client.tenants.list.return_value = [TenantStub(self.tenant_id)] finder = SubscriptionFinder(lambda _, _2: mock_auth_context, None, lambda _: mock_arm_client) mgmt_resource = 'https://management.core.windows.net/' # action subs = finder.find_from_user_account(self.user1, 'bar', None, mgmt_resource) # assert self.assertEqual([], subs) mock_logger.warning.assert_called_once_with(mock.ANY, mock.ANY, mock.ANY)
def test_find_subscriptions_interactive_from_particular_tenent(self, mock_auth_context): def just_raise(ex): raise ex mock_arm_client = mock.MagicMock() mock_arm_client.tenants.list.side_effect = lambda: just_raise( ValueError("'tenants.list' should not occur")) mock_arm_client.subscriptions.list.return_value = [self.subscription1] finder = SubscriptionFinder(lambda _, _2: mock_auth_context, None, lambda _: mock_arm_client) # action subs = finder.find_through_interactive_flow('NiceTenant', 'http://someresource') # assert self.assertEqual([self.subscription1], subs)
def test_get_expanded_subscription_info_for_logged_in_service_principal(self, mock_auth_context): mock_auth_context.acquire_token_with_client_credentials.return_value = self.token_entry1 mock_arm_client = mock.MagicMock() mock_arm_client.subscriptions.list.return_value = [self.subscription1] finder = SubscriptionFinder(lambda _, _2: mock_auth_context, None, lambda _: mock_arm_client) storage_mock = {'subscriptions': []} profile = Profile(storage_mock, use_global_creds_cache=False) profile._management_resource_uri = 'https://management.core.windows.net/' profile.find_subscriptions_on_login(False, '1234', 'my-secret', True, self.tenant_id, False, finder) # action extended_info = profile.get_expanded_subscription_info() # assert self.assertEqual(self.id1.split('/')[-1], extended_info['subscriptionId']) self.assertEqual(self.display_name1, extended_info['subscriptionName']) self.assertEqual('1234', extended_info['client']) self.assertEqual('https://login.microsoftonline.com', extended_info['endpoints'].active_directory)
def test_find_subscriptions_from_service_principal_id(self, mock_auth_context): mock_auth_context.acquire_token_with_client_credentials.return_value = self.token_entry1 mock_arm_client = mock.MagicMock() mock_arm_client.subscriptions.list.return_value = [self.subscription1] finder = SubscriptionFinder(lambda _, _2: mock_auth_context, None, lambda _: mock_arm_client) mgmt_resource = 'https://management.core.windows.net/' # action subs = finder.find_from_service_principal_id('my app', ServicePrincipalAuth('my secret'), self.tenant_id, mgmt_resource) # assert self.assertEqual([self.subscription1], subs) mock_arm_client.tenants.list.assert_not_called() mock_auth_context.acquire_token.assert_not_called() mock_auth_context.acquire_token_with_client_credentials.assert_called_once_with( mgmt_resource, 'my app', 'my secret')
def test_find_subscriptions_from_service_principal_id(self, mock_auth_context): mock_auth_context.acquire_token_with_client_credentials.return_value = self.token_entry1 mock_arm_client = mock.MagicMock() mock_arm_client.subscriptions.list.return_value = [self.subscription1] finder = SubscriptionFinder(lambda _, _2: mock_auth_context, None, lambda _: mock_arm_client) mgmt_resource = 'https://management.core.windows.net/' #action subs = finder.find_from_service_principal_id('my app', 'my secret', self.tenant_id, mgmt_resource) #assert self.assertEqual([self.subscription1], subs) mock_arm_client.tenants.list.assert_not_called() mock_auth_context.acquire_token.assert_not_called() mock_auth_context.acquire_token_with_client_credentials.assert_called_once_with( mgmt_resource, 'my app', 'my secret')
def test_find_subscriptions_thru_username_password(self, mock_auth_context): mock_auth_context.acquire_token_with_username_password.return_value = self.token_entry1 mock_auth_context.acquire_token.return_value = self.token_entry1 mock_arm_client = mock.MagicMock() mock_arm_client.tenants.list.return_value = [TenantStub(self.tenant_id)] mock_arm_client.subscriptions.list.return_value = [self.subscription1] finder = SubscriptionFinder(lambda _, _2: mock_auth_context, None, lambda _: mock_arm_client) mgmt_resource = 'https://management.core.windows.net/' # action subs = finder.find_from_user_account(self.user1, 'bar', None, mgmt_resource) # assert self.assertEqual([self.subscription1], subs) mock_auth_context.acquire_token_with_username_password.assert_called_once_with( mgmt_resource, self.user1, 'bar', mock.ANY) mock_auth_context.acquire_token.assert_called_once_with( mgmt_resource, self.user1, mock.ANY)
def test_find_subscriptions_thru_username_password(self, mock_auth_context): mock_auth_context.acquire_token_with_username_password.return_value = self.token_entry1 mock_auth_context.acquire_token.return_value = self.token_entry1 mock_arm_client = mock.MagicMock() mock_arm_client.tenants.list.return_value = [TenantStub(self.tenant_id)] mock_arm_client.subscriptions.list.return_value = [self.subscription1] finder = SubscriptionFinder(lambda _, _2: mock_auth_context, None, lambda _: mock_arm_client) mgmt_resource = 'https://management.core.windows.net/' #action subs = finder.find_from_user_account(self.user1, 'bar', mgmt_resource) #assert self.assertEqual([self.subscription1], subs) mock_auth_context.acquire_token_with_username_password.assert_called_once_with( mgmt_resource, self.user1, 'bar', mock.ANY) mock_auth_context.acquire_token.assert_called_once_with( mgmt_resource, self.user1, mock.ANY)
def test_find_subscriptions_through_interactive_flow(self, mock_auth_context): test_nonsense_code = {'message': 'magic code for you'} mock_auth_context.acquire_user_code.return_value = test_nonsense_code mock_auth_context.acquire_token_with_device_code.return_value = self.token_entry1 mock_arm_client = mock.MagicMock() mock_arm_client.tenants.list.return_value = [TenantStub(self.tenant_id)] mock_arm_client.subscriptions.list.return_value = [self.subscription1] finder = SubscriptionFinder(lambda _, _2: mock_auth_context, None, lambda _: mock_arm_client) mgmt_resource = 'https://management.core.windows.net/' # action subs = finder.find_through_interactive_flow(None, mgmt_resource) # assert self.assertEqual([self.subscription1], subs) mock_auth_context.acquire_user_code.assert_called_once_with( mgmt_resource, mock.ANY) mock_auth_context.acquire_token_with_device_code.assert_called_once_with( mgmt_resource, test_nonsense_code, mock.ANY) mock_auth_context.acquire_token.assert_called_once_with( mgmt_resource, self.user1, mock.ANY)
def test_find_subscriptions_through_interactive_flow(self, mock_auth_context): test_nonsense_code = {'message':'magic code for you'} mock_auth_context.acquire_user_code.return_value = test_nonsense_code mock_auth_context.acquire_token_with_device_code.return_value = self.token_entry1 mock_arm_client = mock.MagicMock() mock_arm_client.tenants.list.return_value = [TenantStub(self.tenant_id)] mock_arm_client.subscriptions.list.return_value = [self.subscription1] finder = SubscriptionFinder(lambda _, _2: mock_auth_context, None, lambda _: mock_arm_client) mgmt_resource = 'https://management.core.windows.net/' #action subs = finder.find_through_interactive_flow(mgmt_resource) #assert self.assertEqual([self.subscription1], subs) mock_auth_context.acquire_user_code.assert_called_once_with( mgmt_resource, mock.ANY) mock_auth_context.acquire_token_with_device_code.assert_called_once_with( mgmt_resource, test_nonsense_code, mock.ANY) mock_auth_context.acquire_token.assert_called_once_with( mgmt_resource, self.user1, mock.ANY)
def test_find_subscriptions_from_service_principal_using_cert(self, mock_auth_context): mock_auth_context.acquire_token_with_client_certificate.return_value = self.token_entry1 mock_arm_client = mock.MagicMock() mock_arm_client.subscriptions.list.return_value = [self.subscription1] finder = SubscriptionFinder(lambda _, _2: mock_auth_context, None, lambda _: mock_arm_client) mgmt_resource = 'https://management.core.windows.net/' curr_dir = os.path.dirname(os.path.realpath(__file__)) test_cert_file = os.path.join(curr_dir, 'sp_cert.pem') # action subs = finder.find_from_service_principal_id('my app', ServicePrincipalAuth(test_cert_file), self.tenant_id, mgmt_resource) # assert self.assertEqual([self.subscription1], subs) mock_arm_client.tenants.list.assert_not_called() mock_auth_context.acquire_token.assert_not_called() mock_auth_context.acquire_token_with_client_certificate.assert_called_once_with( mgmt_resource, 'my app', mock.ANY, mock.ANY)
def test_find_subscriptions_from_service_principal_using_cert(self, mock_auth_context): mock_auth_context.acquire_token_with_client_certificate.return_value = self.token_entry1 mock_arm_client = mock.MagicMock() mock_arm_client.subscriptions.list.return_value = [self.subscription1] finder = SubscriptionFinder(lambda _, _2: mock_auth_context, None, lambda _: mock_arm_client) mgmt_resource = 'https://management.core.windows.net/' curr_dir = os.path.dirname(os.path.realpath(__file__)) test_cert_file = os.path.join(curr_dir, 'sp_cert.pem') # action subs = finder.find_from_service_principal_id('my app', ServicePrincipalAuth(test_cert_file), self.tenant_id, mgmt_resource) # assert self.assertEqual([self.subscription1], subs) mock_arm_client.tenants.list.assert_not_called() mock_auth_context.acquire_token.assert_not_called() mock_auth_context.acquire_token_with_client_certificate.assert_called_once_with( mgmt_resource, 'my app', mock.ANY, mock.ANY)
def test_subscription_finder_constructor(self, get_api_mock, cloud_mock): get_api_mock.return_value = '2016-06-01' cloud_mock.endpoints.resource_manager = 'http://foo_arm' finder = SubscriptionFinder(None, None, arm_client_factory=None) result = finder._arm_client_factory(mock.MagicMock()) self.assertEquals(result.config.base_url, 'http://foo_arm')
def test_subscription_finder_constructor(self, get_api_mock, cloud_mock): get_api_mock.return_value = '2016-06-01' cloud_mock.endpoints.resource_manager = 'http://foo_arm' finder = SubscriptionFinder(None, None, arm_client_factory=None) result = finder._arm_client_factory(mock.MagicMock()) self.assertEquals(result.config.base_url, 'http://foo_arm')