예제 #1
0
    def test_get_row_token(self, get_raw_token_mcok):
        cmd = mock.MagicMock()
        cmd.cli_ctx = TestCli()

        # arrange
        get_raw_token_mcok.return_value = ([
            'bearer', 'token123', {
                'expiresOn': '2100-01-01'
            }
        ], 'sub123', 'tenant123')

        # action
        result = get_access_token(cmd)

        # assert
        get_raw_token_mcok.assert_called_with(
            mock.ANY, 'https://management.core.windows.net/', None)
        expected_result = {
            'tokenType': 'bearer',
            'accessToken': 'token123',
            'expiresOn': '2100-01-01',
            'subscription': 'sub123',
            'tenant': 'tenant123'
        }
        self.assertEqual(result, expected_result)

        # assert it takes customized resource, subscription
        get_access_token(cmd, subscription='foosub', resource='foores')
        get_raw_token_mcok.assert_called_with(mock.ANY, 'foores', 'foosub')
예제 #2
0
    def test_get_raw_token(self, get_raw_token_mock):
        cmd = mock.MagicMock()
        cmd.cli_ctx = DummyCli()

        # arrange
        get_raw_token_mock.return_value = (['bearer', 'token123', {'expiresOn': '2100-01-01'}], 'sub123', 'tenant123')

        # action
        result = get_access_token(cmd)

        # assert
        get_raw_token_mock.assert_called_with(mock.ANY, 'https://management.core.windows.net/', None, None)
        expected_result = {
            'tokenType': 'bearer',
            'accessToken': 'token123',
            'expiresOn': '2100-01-01',
            'subscription': 'sub123',
            'tenant': 'tenant123'
        }
        self.assertEqual(result, expected_result)

        # assert it takes customized resource, subscription
        resource = 'https://graph.microsoft.com/'
        subscription_id = '00000001-0000-0000-0000-000000000000'
        get_raw_token_mock.return_value = (['bearer', 'token123', {'expiresOn': '2100-01-01'}], subscription_id,
                                           'tenant123')
        result = get_access_token(cmd, subscription=subscription_id, resource=resource)
        get_raw_token_mock.assert_called_with(mock.ANY, resource, subscription_id, None)
        expected_result = {
            'tokenType': 'bearer',
            'accessToken': 'token123',
            'expiresOn': '2100-01-01',
            'subscription': subscription_id,
            'tenant': 'tenant123'
        }
        self.assertEqual(result, expected_result)

        # test get token with tenant
        tenant_id = '00000000-0000-0000-0000-000000000000'
        get_raw_token_mock.return_value = (['bearer', 'token123', {'expiresOn': '2100-01-01'}], None, tenant_id)
        result = get_access_token(cmd, tenant=tenant_id)
        get_raw_token_mock.assert_called_with(mock.ANY, 'https://management.core.windows.net/', None, tenant_id)
        expected_result = {
            'tokenType': 'bearer',
            'accessToken': 'token123',
            'expiresOn': '2100-01-01',  # subscription shouldn't be present
            'tenant': tenant_id
        }
        self.assertEqual(result, expected_result)
예제 #3
0
    def test_get_row_token(self, get_raw_token_mcok):
        # arrange
        get_raw_token_mcok.return_value = (['bearer', 'token123', {'expiresOn': '2100-01-01'}], 'sub123', 'tenant123')

        # action
        result = get_access_token()

        # assert
        get_raw_token_mcok.assert_called_with(mock.ANY, 'https://management.core.windows.net/', None)
        expected_result = {
            'tokenType': 'bearer',
            'accessToken': 'token123',
            'expiresOn': '2100-01-01',
            'subscription': 'sub123',
            'tenant': 'tenant123'
        }
        self.assertEqual(result, expected_result)

        # assert it takes customized resource, subscription
        get_access_token(subscription='foosub', resource='foores')
        get_raw_token_mcok.assert_called_with(mock.ANY, 'foores', 'foosub')
예제 #4
0
    def do_GET(self):
        url = urlparse(self.path)
        if url.path != "/MSI/token":
            print(f"{url.path} does not match /MSI/token")
            self.send_response(404)
            return

        identity_header = self.headers.get("secret")
        if identity_header != self.secret:
            print("Identity header missing or invalid")
            self.send_response(400)
            return

        query = parse_qs(url.query)
        resource = query.get("resource")[0]
        if not resource:
            print("No resource specified")
            self.send_response(400)
            return

        api_version = query.get("api-version")[0]
        if api_version != "2017-09-01":
            print("api-version missing or invalid")
            self.send_response(400)
            return

        cli_token = get_access_token(self.cmd, resource=resource)
        jwt = cli_token["accessToken"]
        payload = json.loads(b64decode(jwt.split(".")[1] + "==="))

        token = {
            "access_token":
            cli_token["accessToken"],
            "client_id":
            "",
            "expires_on":
            time.strftime("%m/%d/%Y %H:%M:%S +00:00",
                          time.localtime(payload["exp"])),
            "not_before":
            str(payload["nbf"]),
            "resource":
            resource,
            "token_type":
            "Bearer",
        }

        self.send_response(200)
        self.send_header("Content-type", "application/json")
        self.end_headers()
        self.wfile.write(json.dumps(token).encode("utf-8"))
예제 #5
0
    def test_get_raw_token_managed_identity(self, get_raw_token_mock):
        cmd = mock.MagicMock()
        cmd.cli_ctx = DummyCli()

        # test get token with Managed Identity
        tenant_id = '00000000-0000-0000-0000-000000000000'
        get_raw_token_mock.return_value = (['bearer', 'token123', {'expires_on': '1593497681'}], None, tenant_id)

        import datetime
        # Force POSIX timestamp to be converted to datetime in UTC during testing.
        with mock.patch('azure.cli.command_modules.profile.custom._fromtimestamp', datetime.datetime.utcfromtimestamp):
            result = get_access_token(cmd)

        get_raw_token_mock.assert_called_with(mock.ANY, 'https://management.core.windows.net/', None, None)
        expected_result = {
            'tokenType': 'bearer',
            'accessToken': 'token123',
            'expiresOn': '2020-06-30 06:14:41.000000',
            'tenant': tenant_id
        }
        self.assertEqual(result, expected_result)
예제 #6
0
def _create_api(cmd):
    authtoken = get_access_token(cmd)
    graphtoken = get_access_token(cmd, resource='https://graph.windows.net/')
    sqltoken = get_access_token(cmd, resource='https://database.windows.net')
    mysqltoken = get_access_token(cmd, resource_type='oss-rdbms')
    return CupertinoApi(authtoken, graphtoken, sqltoken, mysqltoken)
예제 #7
0
    def test_get_raw_token(self, get_raw_token_mock):
        cmd = mock.MagicMock()
        cmd.cli_ctx = DummyCli()

        get_raw_token_mock.return_value = ([
            'bearer', 'token123', {
                'expiresOn': '2100-01-01'
            }
        ], 'sub123', 'tenant123')

        result = get_access_token(cmd)

        # assert
        get_raw_token_mock.assert_called_with(mock.ANY, None, None, None, None)
        expected_result = {
            'tokenType': 'bearer',
            'accessToken': 'token123',
            'expiresOn': '2100-01-01',
            'subscription': 'sub123',
            'tenant': 'tenant123'
        }
        self.assertEqual(result, expected_result)

        # assert it takes customized resource, subscription
        resource = 'https://graph.microsoft.com/'
        subscription_id = '00000001-0000-0000-0000-000000000000'
        get_raw_token_mock.return_value = ([
            'bearer', 'token123', {
                'expiresOn': '2100-01-01'
            }
        ], subscription_id, 'tenant123')
        result = get_access_token(cmd,
                                  subscription=subscription_id,
                                  resource=resource)
        get_raw_token_mock.assert_called_with(mock.ANY, resource, None,
                                              subscription_id, None)

        # assert it takes customized scopes
        get_access_token(cmd, scopes='https://graph.microsoft.com/.default')
        get_raw_token_mock.assert_called_with(
            mock.ANY,
            None,
            scopes='https://graph.microsoft.com/.default',
            subscription=None,
            tenant=None)

        # test get token with tenant
        tenant_id = '00000000-0000-0000-0000-000000000000'
        get_raw_token_mock.return_value = ([
            'bearer', 'token123', {
                'expiresOn': '2100-01-01'
            }
        ], None, tenant_id)
        result = get_access_token(cmd, tenant=tenant_id)
        expected_result = {
            'tokenType': 'bearer',
            'accessToken': 'token123',
            'expiresOn': '2100-01-01',
            'tenant': tenant_id
        }
        self.assertEqual(result, expected_result)
        get_raw_token_mock.assert_called_with(mock.ANY, None, None, None,
                                              tenant_id)