def test_credentials_are_generated_from_user(self, mock_sts):
        mock_conn = MagicMock()
        mock_conn.assume_role.return_value = Struct({'credentials':
                                                     Struct({'expiration': 'SAML_TOKEN_EXPIRATION',
                                                             'access_key': 'SAML_ACCESS_KEY',
                                                             'secret_key': 'SAML_SECRET_KEY',
                                                             'session_token': 'SAML_TOKEN'})})
        mock_sts.connect_to_region.return_value = mock_conn

        arn = 'arn:role/developer'
        session_name = 'dev-session'

        cli.main(['test.py', 'user', arn, session_name,
                  '--profile', 'test-profile',
                  '--region', 'un-south-1'])

        self.assertItemsEqual(read_config_file(self.TEST_FILE),
                              ['[test-profile]',
                               'output = json',
                               'region = un-south-1',
                               'aws_access_key_id = SAML_ACCESS_KEY',
                               'aws_secret_access_key = SAML_SECRET_KEY',
                               'aws_security_token = SAML_TOKEN',
                               'aws_session_token = SAML_TOKEN',
                               ''])
    def test_credentials_are_generated_from_user(self, mock_sts):
        mock_conn = MagicMock()
        mock_conn.assume_role.return_value = Struct({
            'credentials':
            Struct({
                'expiration': 'SAML_TOKEN_EXPIRATION',
                'access_key': 'SAML_ACCESS_KEY',
                'secret_key': 'SAML_SECRET_KEY',
                'session_token': 'SAML_TOKEN'
            })
        })
        mock_sts.connect_to_region.return_value = mock_conn

        arn = 'arn:role/developer'
        session_name = 'dev-session'

        cli.main([
            'test.py', 'user', arn, session_name, '--profile', 'test-profile',
            '--region', 'un-south-1'
        ])

        six.assertCountEqual(self, read_config_file(self.TEST_FILE), [
            '[test-profile]', 'output = json', 'region = un-south-1',
            'aws_access_key_id = SAML_ACCESS_KEY',
            'aws_secret_access_key = SAML_SECRET_KEY',
            'aws_security_token = SAML_TOKEN',
            'aws_session_token = SAML_TOKEN', ''
        ])
    def test_credentials_are_generated_from_saml(self, mock_sts):
        mock_conn = MagicMock()
        mock_conn.assume_role_with_saml.return_value = Struct({
            'credentials':
            Struct({
                'expiration': 'SAML_TOKEN_EXPIRATION',
                'access_key': 'SAML_ACCESS_KEY',
                'secret_key': 'SAML_SECRET_KEY',
                'session_token': 'SAML_TOKEN'
            })
        })
        mock_sts.connect_to_region.return_value = mock_conn

        sys.stdin = StringIO(
            saml_assertion([
                'arn:aws:iam::1111:role/DevRole,arn:aws:iam::1111:saml-provider/IDP'
            ]))
        cli.main([
            'test.py', 'saml', '--profile', 'test-profile', '--region',
            'un-south-1'
        ])

        six.assertCountEqual(self, read_config_file(self.TEST_FILE), [
            '[test-profile]', 'output = json', 'region = un-south-1',
            'aws_access_key_id = SAML_ACCESS_KEY',
            'aws_secret_access_key = SAML_SECRET_KEY',
            'aws_security_token = SAML_TOKEN',
            'aws_session_token = SAML_TOKEN', ''
        ])
    def test_credentials_exec_command(self, mock_sts, mock_popen):
        mock_conn = MagicMock()
        mock_conn.assume_role.return_value = Struct({'credentials':
                                                     Struct({'expiration': 'SAML_TOKEN_EXPIRATION',
                                                             'access_key': 'SAML_ACCESS_KEY',
                                                             'secret_key': 'SAML_SECRET_KEY',
                                                             'session_token': 'SAML_TOKEN'})})

        cli.main(['test.py', 'user', 'arn:role/developer',
                  'dev-session',
                  '--exec', 'echo hello'])

        args, kwargs = mock_popen.call_args

        self.assertTrue(['echo', 'hello'] in args)
예제 #5
0
def run(args):
    """Run the package's main script. All arguments are passed to it."""
    # The main script expects to get the called executable's name as
    # argv[0]. However, paver doesn't provide that in args. Even if it did (or
    # we dove into sys.argv), it wouldn't be useful because it would be paver's
    # executable. So we just pass the package name in as the executable name,
    # since it's close enough. This should never be seen by an end user
    # installing through Setuptools anyway.
    from aws_role_credentials.cli import main
    raise SystemExit(main([CODE_DIRECTORY] + args))
예제 #6
0
def run(args):
    """Run the package's main script. All arguments are passed to it."""
    # The main script expects to get the called executable's name as
    # argv[0]. However, paver doesn't provide that in args. Even if it did (or
    # we dove into sys.argv), it wouldn't be useful because it would be paver's
    # executable. So we just pass the package name in as the executable name,
    # since it's close enough. This should never be seen by an end user
    # installing through Setuptools anyway.
    from aws_role_credentials.cli import main
    raise SystemExit(main([CODE_DIRECTORY] + args))
    def test_credentials_exec_command(self, mock_sts, mock_popen):
        mock_conn = MagicMock()
        mock_conn.assume_role.return_value = Struct({
            'credentials':
            Struct({
                'expiration': 'SAML_TOKEN_EXPIRATION',
                'access_key': 'SAML_ACCESS_KEY',
                'secret_key': 'SAML_SECRET_KEY',
                'session_token': 'SAML_TOKEN'
            })
        })

        cli.main([
            'test.py', 'user', 'arn:role/developer', 'dev-session', '--exec',
            'echo hello'
        ])

        args, kwargs = mock_popen.call_args

        self.assertTrue(['echo', 'hello'] in args)
    def test_credentials_are_generated_from_saml(self, mock_sts):
        mock_conn = MagicMock()
        mock_conn.assume_role_with_saml.return_value = Struct({'credentials':
                                                               Struct({'expiration': 'SAML_TOKEN_EXPIRATION',
                                                                       'access_key': 'SAML_ACCESS_KEY',
                                                                       'secret_key': 'SAML_SECRET_KEY',
                                                                       'session_token': 'SAML_TOKEN'})})
        mock_sts.connect_to_region.return_value = mock_conn

        sys.stdin = StringIO(saml_assertion(['arn:aws:iam::1111:role/DevRole,arn:aws:iam::1111:saml-provider/IDP']))
        cli.main(['test.py', 'saml',
                  '--profile', 'test-profile',
                  '--region', 'un-south-1'])

        self.assertItemsEqual(read_config_file(self.TEST_FILE),
                              ['[test-profile]',
                               'output = json',
                               'region = un-south-1',
                               'aws_access_key_id = SAML_ACCESS_KEY',
                               'aws_secret_access_key = SAML_SECRET_KEY',
                               'aws_security_token = SAML_TOKEN',
                               'aws_session_token = SAML_TOKEN',
                               ''])