def _assert_valid_token_authenticates(self):
user_pass_header = util.get_auth_header(username='******',
password='******')
client = CloudifyClient(host=self.env.management_ip,
headers=user_pass_header)
token_header = util.get_auth_header(token=client.tokens.get().value)
self.client = CloudifyClient(self.env.management_ip,
headers=token_header)
self._assert_authorized()
def _assert_valid_token_authenticates(self):
user_pass_header = util.get_auth_header(username="******", password="******")
client = CloudifyClient(host=self.env.management_ip, headers=user_pass_header)
token_header = util.get_auth_header(token=client.tokens.get().value)
client = CloudifyClient(self.env.management_ip, headers=token_header)
response = client.manager.get_status()
if not response["status"] == "running":
raise RuntimeError("Failed to get manager status using token")
def _assert_valid_token_authenticates(self):
user_pass_header = util.get_auth_header(username='******',
password='******')
client = CloudifyClient(host=self.env.management_ip,
headers=user_pass_header)
token_header = util.get_auth_header(token=client.tokens.get().value)
client = CloudifyClient(self.env.management_ip, headers=token_header)
response = client.manager.get_status()
if not response['status'] == 'running':
raise RuntimeError('Failed to get manager status using token')
def _assert_valid_token_authenticates(self):
user_pass_header = util.get_auth_header(username='******',
password='******')
client = CloudifyClient(host=self.env.management_ip,
headers=user_pass_header)
token_header = util.get_auth_header(token=client.tokens.get().value)
client = CloudifyClient(self.env.management_ip, headers=token_header)
response = client.blueprints.list()
if not response['status'] == 'running':
raise RuntimeError('Failed to get manager status using token')
def _assert_unauthorized_user_fails(self):
client = CloudifyClient(host=self.env.management_ip,
headers=util.get_auth_header(
username='******',
password='******'))
self.assertRaisesRegexp(CloudifyClientError, '401: user unauthorized',
client.blueprints.list())
def _assert_unauthorized_user_fails(self):
client = CloudifyClient(host=self.env.management_ip,
headers=util.get_auth_header(
username='******',
password='******'))
self.assertRaisesRegexp(UserUnauthorizedError,
'401: user unauthorized',
client.manager.get_status)
def _assert_unauthorized_user_fails(self):
client = CloudifyClient(host=self.env.management_ip,
headers=util.get_auth_header(
username='******',
password='******'))
self.assertRaisesRegexp(UserUnauthorizedError,
'401: user unauthorized',
client.manager.get_status)
def _test_verify_missing_cert(self):
client = CloudifyClient(host=self.env.management_ip,
port=constants.SECURED_REST_PORT,
protocol=constants.SECURED_PROTOCOL,
headers=util.get_auth_header(
username=TEST_CFY_USERNAME,
password=TEST_CFY_PASSWORD),
trust_all=False)
try:
client.manager.get_status()
self.fail('certification verification expected to fail')
except SSLError as e:
self.assertIn('certificate verify failed', str(e.message))
def _test_no_verify_cert(self):
client = CloudifyClient(
host=self.env.management_ip,
port=constants.SECURED_REST_PORT,
protocol=constants.SECURED_PROTOCOL,
headers=util.get_auth_header(username=TEST_CFY_USERNAME,
password=TEST_CFY_PASSWORD),
trust_all=True)
response = client.manager.get_status()
if not response['status'] == 'running':
raise RuntimeError('Manager at {0} is not running.'
.format(self.env.management_ip))
def _test_verify_missing_cert(self):
client = CloudifyClient(
host=self.env.management_ip,
port=constants.SECURED_REST_PORT,
protocol=constants.SECURED_PROTOCOL,
headers=util.get_auth_header(username=TEST_CFY_USERNAME,
password=TEST_CFY_PASSWORD),
trust_all=False)
try:
client.manager.get_status()
self.fail('certification verification expected to fail')
except SSLError as e:
self.assertIn('certificate verify failed', str(e.message))
def _test_no_verify_cert(self):
client = CloudifyClient(host=self.env.management_ip,
port=constants.SECURED_REST_PORT,
protocol=constants.SECURED_PROTOCOL,
headers=util.get_auth_header(
username=TEST_CFY_USERNAME,
password=TEST_CFY_PASSWORD),
trust_all=True)
response = client.manager.get_status()
if not response['status'] == 'running':
raise RuntimeError('Manager at {0} is not running.'.format(
self.env.management_ip))
def _test_try_to_connect_to_manager_on_non_secured_port(self):
try:
client = CloudifyClient(
host=self.env.management_ip,
port=constants.DEFAULT_REST_PORT,
protocol=constants.DEFAULT_PROTOCOL,
headers=util.get_auth_header(username=TEST_CFY_USERNAME,
password=TEST_CFY_PASSWORD))
client.manager.get_status()
self.fail(
'manager should not be available on port '
.format(constants.DEFAULT_REST_PORT))
except ConnectionError as e:
self.assertIn('Connection refused', str(e.message))
def _test_try_to_connect_to_manager_on_non_secured_port(self):
client = CloudifyClient(host=self.env.management_ip,
port=constants.DEFAULT_REST_PORT,
protocol=constants.DEFAULT_PROTOCOL,
headers=util.get_auth_header(
username=TEST_CFY_USERNAME,
password=TEST_CFY_PASSWORD),
cert=self.cert_path,
trust_all=False)
response = client.manager.get_status()
if not response['status'] == 'running':
raise RuntimeError(
'Failed to get server status from {0}://{1}:{2}'.format(
constants.DEFAULT_PROTOCOL, self.env.management_ip,
constants.DEFAULT_REST_PORT))
def set_rest_client(self):
self.client = CloudifyClient(
host=self.env.management_ip,
port=constants.SECURED_REST_PORT,
protocol=constants.SECURED_PROTOCOL,
headers=util.get_auth_header(username=TEST_CFY_USERNAME,
password=TEST_CFY_PASSWORD),
trust_all=True)
# def _running_env_setup(self):
# self.env.management_ip = self.cfy.get_management_ip()
# self.set_rest_client()
def clean_mgmt_ip():
self.env.management_ip = None
self.addCleanup(clean_mgmt_ip)
def _test_try_to_connect_to_manager_on_non_secured_port(self):
client = CloudifyClient(
host=self.env.management_ip,
port=constants.DEFAULT_REST_PORT,
protocol=constants.DEFAULT_PROTOCOL,
headers=util.get_auth_header(username=TEST_CFY_USERNAME,
password=TEST_CFY_PASSWORD),
cert=self.cert_path,
trust_all=False)
response = client.manager.get_status()
if not response['status'] == 'running':
raise RuntimeError('Failed to get server status from {0}://{1}:{2}'
.format(constants.DEFAULT_PROTOCOL,
self.env.management_ip,
constants.DEFAULT_REST_PORT))
def set_rest_client(self):
self.client = CloudifyClient(
host=self.env.management_ip,
port=constants.SECURED_REST_PORT,
protocol=constants.SECURED_PROTOCOL,
headers=util.get_auth_header(username=TEST_CFY_USERNAME,
password=TEST_CFY_PASSWORD),
trust_all=True)
# def _running_env_setup(self):
# self.env.management_ip = self.cfy.get_management_ip()
# self.set_rest_client()
def clean_mgmt_ip():
self.env.management_ip = None
self.addCleanup(clean_mgmt_ip)
def _test_verify_wrong_cert(self):
cert_path = os.path.join(self.workdir, 'wrong.cert')
key_path = os.path.join(self.workdir, 'wrong.key')
self.create_self_signed_certificate(cert_path, key_path, 'test')
client = CloudifyClient(host=self.env.management_ip,
port=constants.SECURED_REST_PORT,
protocol=constants.SECURED_PROTOCOL,
headers=util.get_auth_header(
username=TEST_CFY_USERNAME,
password=TEST_CFY_PASSWORD),
cert=util.get_resource_path(cert_path),
trust_all=False)
try:
client.manager.get_status()
self.fail('certification verification expected to fail')
except SSLError as e:
self.assertIn('certificate verify failed', str(e.message))
def _test_verify_wrong_cert(self):
cert_path = os.path.join(self.workdir, 'wrong.cert')
key_path = os.path.join(self.workdir, 'wrong.key')
self.create_self_signed_certificate(cert_path, key_path, 'test')
client = CloudifyClient(
host=self.env.management_ip,
port=constants.SECURED_REST_PORT,
protocol=constants.SECURED_PROTOCOL,
headers=util.get_auth_header(username=TEST_CFY_USERNAME,
password=TEST_CFY_PASSWORD),
cert=util.get_resource_path(cert_path),
trust_all=False)
try:
client.manager.get_status()
self.fail('certification verification expected to fail')
except SSLError as e:
self.assertIn('certificate verify failed', str(e.message))
def _create_client(self, username=None, password=None, token=None):
user_pass_header = util.get_auth_header(username=username,
password=password,
token=token)
return util.create_rest_client(self.env.management_ip,
headers=user_pass_header)
def _assert_invalid_user_fails(self):
client = CloudifyClient(host=self.env.management_ip,
headers=util.get_auth_header(username='******',
password='******'))
self.assertRaisesRegexp(CloudifyClientError, '401: user unauthorized',
client.manager.get_status)
def set_rest_client(self):
self.client = CloudifyClient(host=self.env.management_ip,
headers=util.get_auth_header(
username='******',
password='******'))
def _assert_empty_token_fails(self):
token_header = util.get_auth_header(token='')
self.client = CloudifyClient(host=self.env.management_ip,
headers=token_header)
self._assert_unauthorized()
def _assert_invalid_token_fails(self):
token_header = util.get_auth_header(token='wrong_token')
self.client = CloudifyClient(self.env.management_ip,
headers=token_header)
self._assert_unauthorized()
def _get_execution_ids(self):
auth_header = util.get_auth_header(ADMIN_USERNAME, ADMIN_PASSWORD)
alice_client = CloudifyClient(host=self.env.management_ip,
headers=auth_header)
return [execution.id for execution in alice_client.executions.list()]
def set_rest_client(self):
self.client = CloudifyClient(
host=self.env.management_ip,
headers=util.get_auth_header(username='******',
password='******'))
def _assert_valid_credentials_authenticate(self):
user_pass_header = util.get_auth_header(username='******',
password='******')
self.client = CloudifyClient(host=self.env.management_ip,
headers=user_pass_header)
self._assert_authorized()
def _assert_authorized_user_succeeds(self):
user_pass_header = util.get_auth_header(username='******',
password='******')
CloudifyClient(host=self.env.management_ip, headers=user_pass_header)
def _assert_invalid_token_fails(self):
token_header = util.get_auth_header(token='wrong_token')
client = CloudifyClient(self.env.management_ip, headers=token_header)
self.assertRaisesRegexp(CloudifyClientError, '401: user unauthorized',
client.blueprints.list())
def set_rest_client(self):
self.client = util.create_rest_client(
self.env.management_ip,
headers=util.get_auth_header(username=self.TEST_CFY_USERNAME,
password=self.TEST_CFY_PASSWORD))
self.env.rest_client = self.client
def _assert_unauthorized_user_fails(self):
client = CloudifyClient(
host=self.env.management_ip, headers=util.get_auth_header(username="******", password="******")
)
self.assertRaisesRegexp(CloudifyClientError, "401: user unauthorized", client.manager.get_status)
def _create_client(self, username=None, password=None, token=None):
user_pass_header = util.get_auth_header(username=username,
password=password,
token=token)
return CloudifyClient(host=self.env.management_ip,
headers=user_pass_header)
def _assert_invalid_token_fails(self):
token_header = util.get_auth_header(token='wrong_token')
client = CloudifyClient(self.env.management_ip, headers=token_header)
self.assertRaisesRegexp(CloudifyClientError, '401: user unauthorized',
client.manager.get_status)
def _assert_empty_credentials_fails(self):
user_pass_header = util.get_auth_header(username='',
password='')
self.client = CloudifyClient(host=self.env.management_ip,
headers=user_pass_header)
self._assert_unauthorized()
def set_rest_client(self):
self.client = CloudifyClient(
host=self.env.management_ip,
headers=util.get_auth_header(username=TEST_CFY_USERNAME,
password=TEST_CFY_PASSWORD))
def _assert_invalid_token_fails(self):
token_header = util.get_auth_header(token="wrong_token")
client = CloudifyClient(self.env.management_ip, headers=token_header)
self.assertRaisesRegexp(CloudifyClientError, "401: user unauthorized", client.manager.get_status)
def _assert_invalid_user_fails(self):
client = CloudifyClient(host=self.env.management_ip,
headers=util.get_auth_header(username='******',
password='******'))
self.assertRaisesRegexp(CloudifyClientError, '401: user unauthorized',
client.manager.get_status)
def set_rest_client(self):
self.client = CloudifyClient(host=self.env.management_ip,
headers=util.get_auth_header(
username=TEST_CFY_USERNAME,
password=TEST_CFY_PASSWORD))
