def test_identity_map_batch_limit(client): meta1 = load_response(client.get_identities).metadata meta2 = load_response(client.get_identities, case="sirosen").metadata # setup the ID map with a size limit of 1 idmap = globus_sdk.IdentityMap(client, id_batch_size=1) idmap.add(meta2["id"]) idmap.add(meta1["id"]) # no requests yet... assert len(responses.calls) == 0 # do the first lookup, using the second ID to be added # only one call should be made assert idmap[meta1["id"]]["username"] == meta1["username"] assert len(responses.calls) == 1 # 1 ID left unresolved assert len(idmap.unresolved_ids) == 1 # the last (only) API call was by ID with one ID last_req = get_last_request() assert "usernames" not in last_req.params assert last_req.params == {"ids": meta1["id"]} # second lookup works as well assert idmap[meta2["id"]]["username"] == meta2["username"] assert len(responses.calls) == 2 # no IDs left unresolved assert len(idmap.unresolved_ids) == 0 # the last API call was by ID with one ID last_req = get_last_request() assert "usernames" not in last_req.params assert last_req.params == {"ids": meta2["id"]}
def test_identity_map_get_with_default(client): load_response(client.get_identities, case="sirosen") magic = object() # sentinel value idmap = globus_sdk.IdentityMap(client) # a name which doesn't come back, if looked up with `get()` should return the # default assert idmap.get("*****@*****.**", magic) is magic
def test_identity_map_add_after_lookup(client): meta = load_response(client.get_identities, case="sirosen").metadata idmap = globus_sdk.IdentityMap(client) x = idmap[meta["username"]]["id"] # this is the key: adding it will indicate that we've already seen this ID, perhaps # "unintuitively", and that's part of the value of `add()` returning a boolean value assert idmap.add(x) is False assert idmap[x] == idmap[meta["username"]]
def test_identity_map_get_with_default(client): register_api_route("auth", "/v2/api/identities", body=IDENTITIES_SINGLE_RESPONSE) magic = object() # sentinel value idmap = globus_sdk.IdentityMap(client) # a name which doesn't come back, if looked up with `get()` should return the # default assert idmap.get("*****@*****.**", magic) is magic
def test_identity_map_shared_cache_mismatch(client, lookup_style): meta = load_response(client.get_identities, case="multiple").metadata lookup1, lookup2 = meta[lookup_style] cache = {} idmap1 = globus_sdk.IdentityMap(client, [lookup1, lookup2], cache=cache) idmap2 = globus_sdk.IdentityMap(client, cache=cache) # no requests yet... assert len(responses.calls) == 0 # do the first lookup, it should make one request assert lookup1 in (idmap1[lookup1]["id"], idmap1[lookup1]["username"]) assert len(responses.calls) == 1 # lookup more values and make sure that "everything matches" assert lookup2 in (idmap2[lookup2]["id"], idmap2[lookup2]["username"]) assert idmap1[lookup1]["id"] == idmap2[lookup1]["id"] assert idmap1[lookup2]["id"] == idmap2[lookup2]["id"] # we've only made one request, because the shared cache captured this info on the # very first call assert len(responses.calls) == 1
def test_identity_map_add_after_lookup(client): register_api_route("auth", "/v2/api/identities", body=IDENTITIES_SINGLE_RESPONSE) idmap = globus_sdk.IdentityMap(client) x = idmap["*****@*****.**"]["id"] # this is the key: adding it will indicate that we've already seen this ID, perhaps # "unintuitively", and that's part of the value of `add()` returning a boolean value assert idmap.add(x) is False assert idmap[x] == idmap["*****@*****.**"]
def test_identity_map_del(client): meta = load_response(client.get_identities).metadata idmap = globus_sdk.IdentityMap(client) identity_id = idmap[meta["username"]]["id"] del idmap[identity_id] assert idmap.get(meta["username"])["id"] == identity_id # we've only made one request so far assert len(responses.calls) == 1 # but a lookup by ID after a del is going to trigger another request because we've # invalidated the cached ID data and are asking the IDMap to look it up again assert idmap.get(identity_id)["username"] == meta["username"] assert len(responses.calls) == 2
def test_identity_map_keyerror(client): register_api_route("auth", "/v2/api/identities", body=IDENTITIES_SINGLE_RESPONSE) idmap = globus_sdk.IdentityMap(client) # a name which doesn't come back, indicating that it was not found, will KeyError with pytest.raises(KeyError): idmap["*****@*****.**"] last_req = httpretty.last_request() assert last_req.querystring["usernames"] == ["*****@*****.**"] assert last_req.querystring["provision"] == ["false"]
def test_identity_map_keyerror(client): load_response(client.get_identities, case="sirosen") idmap = globus_sdk.IdentityMap(client) # a name which doesn't come back, indicating that it was not found, will KeyError with pytest.raises(KeyError): idmap["*****@*****.**"] last_req = get_last_request() assert last_req.params == { "usernames": "*****@*****.**", "provision": "false" }
def session_show(): """List all identities in your current CLI auth session. Lists identities that are in the session tied to the CLI's access tokens along with the time the user authenticated with that identity. """ # get a token to introspect, refreshing if neccecary auth_client = internal_auth_client() try: auth_client.authorizer._check_expiration_time() except AttributeError: # if we have no RefreshTokenAuthorizor pass access_token = lookup_option(AUTH_AT_OPTNAME) # only instance clients can introspect tokens if isinstance(auth_client, globus_sdk.ConfidentialAppAuthClient): res = auth_client.oauth2_token_introspect(access_token, include="session_info") session_info = res.get("session_info", {}) authentications = session_info.get("authentications") or {} # empty session if still using Native App Client else: session_info = {} authentications = {} # resolve ids to human readable usernames resolved_ids = globus_sdk.IdentityMap(get_auth_client(), list(authentications)) # put the nested dicts in a format table output can work with # while also converting vals into human readable formats list_data = [{ "id": key, "username": resolved_ids.get(key, {}).get("username"), "auth_time": time.strftime("%Y-%m-%d %H:%M %Z", time.localtime(vals["auth_time"])), } for key, vals in authentications.items()] print_command_hint( "For information on your primary identity or full identity set see\n" " globus whoami\n") formatted_print( list_data, json_converter=lambda x: session_info, fields=[("Username", "username"), ("ID", "id"), ("Auth Time", "auth_time")], )
def test_identity_map_prepopulated_cache(client): meta = load_response(client.get_identities).metadata # populate the cache, even with nulls it should stop any lookups from happening cache = {meta["id"]: None, meta["username"]: None} idmap = globus_sdk.IdentityMap(client, cache=cache) # no requests yet... assert len(responses.calls) == 0 # do the lookups assert idmap[meta["id"]] is None assert idmap[meta["username"]] is None # still no calls made assert len(responses.calls) == 0
def test_identity_map_shared_cache_match(client, initial_add, lookup1, lookup2): meta = load_response(client.get_identities, case="sirosen").metadata lookup1, lookup2 = meta[lookup1], meta[lookup2] cache = {} idmap1 = globus_sdk.IdentityMap(client, cache=cache) idmap2 = globus_sdk.IdentityMap(client, cache=cache) if initial_add: idmap1.add(lookup1) idmap2.add(lookup2) # no requests yet... assert len(responses.calls) == 0 # do the first lookup, it should make one request assert idmap1[lookup1]["organization"] == meta["org"] assert len(responses.calls) == 1 # lookup more values and make sure that "everything matches" assert idmap2[lookup2]["organization"] == meta["org"] assert idmap1[lookup1]["id"] == idmap2[lookup2]["id"] assert idmap1[lookup2]["id"] == idmap2[lookup1]["id"] # we've only made one request, because the shared cache captured this info on the # very first call assert len(responses.calls) == 1
def test_identity_map_del(client): register_api_route("auth", "/v2/api/identities", body=IDENTITIES_SINGLE_RESPONSE) idmap = globus_sdk.IdentityMap(client) identity_id = idmap["*****@*****.**"]["id"] del idmap[identity_id] assert idmap.get("*****@*****.**")["id"] == identity_id # we've only made one request so far assert len(responses.calls) == 1 # but a lookup by ID after a del is going to trigger another request because we've # invalidated the cached ID data and are asking the IDMap to look it up again assert idmap.get(identity_id)["username"] == "*****@*****.**" assert len(responses.calls) == 2
def test_identity_map(client): meta = load_response(client.get_identities, case="sirosen").metadata idmap = globus_sdk.IdentityMap(client, [meta["username"]]) assert idmap[meta["username"]]["organization"] == meta["org"] # lookup by ID also works assert idmap[meta["id"]]["organization"] == meta["org"] # the last (only) API call was the one by username last_req = get_last_request() assert "ids" not in last_req.params assert last_req.params == { "usernames": meta["username"], "provision": "false" }
def test_identity_map(client): register_api_route("auth", "/v2/api/identities", body=IDENTITIES_SINGLE_RESPONSE) idmap = globus_sdk.IdentityMap(client, ["*****@*****.**"]) assert idmap["*****@*****.**"]["organization"] == "Globus Team" # lookup by ID also works assert (idmap["ae341a98-d274-11e5-b888-dbae3a8ba545"]["organization"] == "Globus Team") # the last (only) API call was the one by username last_req = httpretty.last_request() assert "ids" not in last_req.querystring assert last_req.querystring["usernames"] == ["*****@*****.**"] assert last_req.querystring["provision"] == ["false"]
def test_identity_map_multiple(client): meta = load_response(client.get_identities, case="multiple").metadata idmap = globus_sdk.IdentityMap(client, ["*****@*****.**", "*****@*****.**"]) assert idmap["*****@*****.**"]["organization"] == "Globus Team" assert idmap["*****@*****.**"]["organization"] is None last_req = get_last_request() # order doesn't matter, but it should be just these two # if IdentityMap doesn't deduplicate correctly, it could send # `[email protected],[email protected],[email protected]` on the first lookup assert last_req.params["usernames"].split(",") in [ meta["usernames"], meta["usernames"][::-1], ] assert last_req.params["provision"] == "false"
def test_identity_map_multiple(client): register_api_route("auth", ("/v2/api/identities"), body=IDENTITIES_MULTIPLE_RESPONSE) idmap = globus_sdk.IdentityMap(client, ["*****@*****.**", "*****@*****.**"]) assert idmap["*****@*****.**"]["organization"] == "Globus Team" assert idmap["*****@*****.**"]["organization"] is None last_req = get_last_request() # order doesn't matter, but it should be just these two # if IdentityMap doesn't deduplicate correctly, it could send # `[email protected],[email protected],[email protected]` on the first lookup assert last_req.params["usernames"] in [ "[email protected],[email protected]", "[email protected],[email protected]", ] assert last_req.params["provision"] == "false"
def test_identity_map_initialization_mixed_and_duplicate_values(client): # splits things up and deduplicates values into sets idmap = globus_sdk.IdentityMap( client, [ "*****@*****.**", "ae341a98-d274-11e5-b888-dbae3a8ba545", "*****@*****.**", "*****@*****.**", "*****@*****.**", "ae341a98-d274-11e5-b888-dbae3a8ba545", "*****@*****.**", "ae341a98-d274-11e5-b888-dbae3a8ba545", ], ) assert idmap.unresolved_ids == {"ae341a98-d274-11e5-b888-dbae3a8ba545"} assert idmap.unresolved_usernames == { "*****@*****.**", "*****@*****.**" }
def test_identity_map_add(client): idmap = globus_sdk.IdentityMap(client) assert idmap.add("*****@*****.**") is True assert idmap.add("*****@*****.**") is False assert idmap.add("46bd0f56-e24f-11e5-a510-131bef46955c") is True assert idmap.add("46bd0f56-e24f-11e5-a510-131bef46955c") is False
def test_identity_map_initialization_batch_size(client): idmap = globus_sdk.IdentityMap(client, id_batch_size=10) assert idmap.unresolved_ids == set() assert idmap.unresolved_usernames == set() assert idmap.id_batch_size == 10
def test_identity_map_initialization_no_values(client): idmap = globus_sdk.IdentityMap(client) assert idmap.unresolved_ids == set() assert idmap.unresolved_usernames == set()