def test_generate_token(self):
'''
Basic tests for test_generate_token: all exits
'''
mock = _mock_json_response({'auth': {'client_token': 'test'}})
with patch('requests.post', mock):
result = vault.generate_token('test-minion', 'signature')
log.debug('generate_token result: %s', result)
self.assertTrue(isinstance(result, dict))
self.assertFalse('error' in result)
self.assertTrue('token' in result)
self.assertEqual(result['token'], 'test')
mock.assert_called_with("http://fake_url", headers=ANY, json=ANY, verify=ANY)
mock = _mock_json_response({}, status_code=403, reason="no reason")
with patch('requests.post', mock):
result = vault.generate_token('test-minion', 'signature')
self.assertTrue(isinstance(result, dict))
self.assertTrue('error' in result)
self.assertEqual(result['error'], "no reason")
with patch('salt.runners.vault._get_policies', MagicMock(return_value=[])):
result = vault.generate_token('test-minion', 'signature')
self.assertTrue(isinstance(result, dict))
self.assertTrue('error' in result)
self.assertEqual(result['error'], 'No policies matched minion')
with patch('requests.post',
MagicMock(side_effect=Exception('Test Exception Reason'))):
result = vault.generate_token('test-minion', 'signature')
self.assertTrue(isinstance(result, dict))
self.assertTrue('error' in result)
self.assertEqual(result['error'], 'Test Exception Reason')
def test_generate_token(self):
"""
Basic test for test_generate_token with approle (two vault calls)
"""
mock = _mock_json_response({
"auth": {
"client_token": "test",
"renewable": False,
"lease_duration": 0
}
})
with patch("requests.post", mock):
result = vault.generate_token("test-minion", "signature")
log.debug("generate_token result: %s", result)
self.assertTrue(isinstance(result, dict))
self.assertFalse("error" in result)
self.assertTrue("token" in result)
self.assertEqual(result["token"], "test")
calls = [
call(
"http://127.0.0.1/v1/auth/approle/login",
headers=ANY,
json=ANY,
verify=ANY,
),
call("http://fake_url", headers=ANY, json=ANY, verify=ANY),
]
mock.assert_has_calls(calls)
def test_generate_token_with_namespace(self):
"""
Basic tests for test_generate_token: all exits
"""
mock = _mock_json_response({
"auth": {
"client_token": "test",
"renewable": False,
"lease_duration": 0
}
})
supplied_config = {"namespace": "test_namespace"}
with patch("requests.post", mock):
with patch.dict(vault.__opts__["vault"], supplied_config):
result = vault.generate_token("test-minion", "signature")
log.debug("generate_token result: %s", result)
self.assertIsInstance(result, dict)
self.assertNotIn("error", result)
self.assertIn("token", result)
self.assertEqual(result["token"], "test")
mock.assert_called_with(
"http://fake_url",
headers={
"X-Vault-Token": "test",
"X-Vault-Namespace": "test_namespace",
},
json=ANY,
verify=ANY,
)
def test_generate_token(self):
"""
Basic tests for test_generate_token: all exits
"""
mock = _mock_json_response({"auth": {"client_token": "test"}})
with patch("requests.post", mock):
result = vault.generate_token("test-minion", "signature")
log.debug("generate_token result: %s", result)
self.assertTrue(isinstance(result, dict))
self.assertFalse("error" in result)
self.assertTrue("token" in result)
self.assertEqual(result["token"], "test")
mock.assert_called_with("http://fake_url",
headers=ANY,
json=ANY,
verify=ANY)
mock = _mock_json_response({}, status_code=403, reason="no reason")
with patch("requests.post", mock):
result = vault.generate_token("test-minion", "signature")
self.assertTrue(isinstance(result, dict))
self.assertTrue("error" in result)
self.assertEqual(result["error"], "no reason")
with patch("salt.runners.vault._get_policies",
MagicMock(return_value=[])):
result = vault.generate_token("test-minion", "signature")
self.assertTrue(isinstance(result, dict))
self.assertTrue("error" in result)
self.assertEqual(result["error"], "No policies matched minion")
with patch("requests.post",
MagicMock(side_effect=Exception("Test Exception Reason"))):
result = vault.generate_token("test-minion", "signature")
self.assertTrue(isinstance(result, dict))
self.assertTrue("error" in result)
self.assertEqual(result["error"], "Test Exception Reason")
def test_generate_token(self):
'''
Basic test for test_generate_token with approle (two vault calls)
'''
mock = _mock_json_response({'auth': {'client_token': 'test'}})
with patch('requests.post', mock):
result = vault.generate_token('test-minion', 'signature')
log.debug('generate_token result: %s', result)
self.assertTrue(isinstance(result, dict))
self.assertFalse('error' in result)
self.assertTrue('token' in result)
self.assertEqual(result['token'], 'test')
calls = [
call("http://127.0.0.1/v1/auth/approle/login", json=ANY, verify=ANY),
call("http://fake_url", headers=ANY, json=ANY, verify=ANY)
]
mock.assert_has_calls(calls)
def test_generate_token(self):
"""
Basic tests for test_generate_token: all exits
"""
mock = _mock_json_response({
"auth": {
"client_token": "test",
"renewable": False,
"lease_duration": 0
}
})
with patch("requests.post", mock):
result = vault.generate_token("test-minion", "signature")
log.debug("generate_token result: %s", result)
self.assertTrue(isinstance(result, dict))
self.assertFalse("error" in result)
self.assertTrue("token" in result)
self.assertEqual(result["token"], "test")
mock.assert_called_with("http://fake_url",
headers=ANY,
json=ANY,
verify=ANY)
# Test uses
num_uses = 6
result = vault.generate_token("test-minion",
"signature",
uses=num_uses)
self.assertTrue("uses" in result)
self.assertEqual(result["uses"], num_uses)
json_request = {
"policies":
["saltstack/minion/test-minion", "saltstack/minions"],
"num_uses": num_uses,
"meta": {
"saltstack-jid": "<no jid set>",
"saltstack-minion": "test-minion",
"saltstack-user": "******",
},
}
mock.assert_called_with("http://fake_url",
headers=ANY,
json=json_request,
verify=ANY)
# Test ttl
expected_ttl = "6h"
result = vault.generate_token("test-minion",
"signature",
ttl=expected_ttl)
self.assertTrue(result["uses"] == 1)
json_request = {
"policies":
["saltstack/minion/test-minion", "saltstack/minions"],
"num_uses": 1,
"explicit_max_ttl": expected_ttl,
"meta": {
"saltstack-jid": "<no jid set>",
"saltstack-minion": "test-minion",
"saltstack-user": "******",
},
}
mock.assert_called_with("http://fake_url",
headers=ANY,
json=json_request,
verify=ANY)
mock = _mock_json_response({}, status_code=403, reason="no reason")
with patch("requests.post", mock):
result = vault.generate_token("test-minion", "signature")
self.assertTrue(isinstance(result, dict))
self.assertTrue("error" in result)
self.assertEqual(result["error"], "no reason")
with patch("salt.runners.vault._get_policies",
MagicMock(return_value=[])):
result = vault.generate_token("test-minion", "signature")
self.assertTrue(isinstance(result, dict))
self.assertTrue("error" in result)
self.assertEqual(result["error"], "No policies matched minion")
with patch("requests.post",
MagicMock(side_effect=Exception("Test Exception Reason"))):
result = vault.generate_token("test-minion", "signature")
self.assertTrue(isinstance(result, dict))
self.assertTrue("error" in result)
self.assertEqual(result["error"], "Test Exception Reason")