def test_kerberos_authentication(self):
with patch('desktop.lib.idbroker.conf.get_conf') as conf:
with patch('desktop.lib.idbroker.client.is_kerberos_enabled'
) as is_kerberos_enabled:
with patch(
'desktop.lib.idbroker.client.resource.Resource.invoke'
) as invoke:
with patch(
'desktop.lib.idbroker.client.http_client.HttpClient.set_kerberos_auth'
) as set_kerberos_auth:
is_kerberos_enabled.return_value = True
conf.return_value = {
'fs.s3a.ext.cab.address': 'address',
'fs.s3a.ext.cab.dt.path': 'dt_path',
'fs.s3a.ext.cab.path': 'path',
'hadoop.security.authentication': 'kerberos',
}
invoke.return_value = {'Credentials': 'Credentials'}
client = IDBroker.from_core_site('s3a', 'test')
cab = client.get_cab()
assert_equal(invoke.call_count,
2) # get_cab calls twice
assert_equal(cab.get('Credentials'), 'Credentials')
assert_equal(set_kerberos_auth.call_count, 1)
def get_credential_provider(identifier, user, version=None):
client_conf = conf.AZURE_ACCOUNTS[
identifier] if identifier in conf.AZURE_ACCOUNTS else None
return CredentialProviderIDBroker(IDBroker.from_core_site(
'azure', user)) if conf_idbroker.is_idbroker_enabled(
'azure') else CredentialProviderAD(
ActiveDirectory.from_config(client_conf, version=version))
def get_credential_provider(identifier, user, version=None):
from desktop.conf import RAZ
if RAZ.IS_ENABLED.get():
return RazCredentialProvider(username=user)
else:
client_conf = conf.AZURE_ACCOUNTS[
identifier] if identifier in conf.AZURE_ACCOUNTS else None
return CredentialProviderIDBroker(IDBroker.from_core_site('azure', user)) if conf_idbroker.is_idbroker_enabled('azure') \
else CredentialProviderAD(ActiveDirectory.from_config(client_conf, version=version))
def config_validator():
res = []
from desktop.lib.idbroker.client import IDBroker # Circular dependency
if is_idbroker_enabled():
try:
for fs in SUPPORTED_FS:
client = IDBroker.from_core_site(fs)
token = client.get_auth_token()
if not token:
raise ValueError('Failed to obtain IDBroker Token')
except Exception as e:
LOG.exception('Failed to obtain IDBroker Token')
res.append(('idbroker', _t('Failed to obtain IDBroker Token, check your IDBroker configuration.')))
return res
def test_username_authentication(self):
with patch('desktop.lib.idbroker.conf.get_conf') as conf:
with patch('desktop.lib.idbroker.client.resource.Resource.invoke') as invoke:
with patch('desktop.lib.idbroker.client.http_client.HttpClient.set_basic_auth') as set_basic_auth:
conf.return_value = {
'fs.s3a.ext.cab.address': 'address',
'fs.s3a.ext.cab.dt.path': 'dt_path',
'fs.s3a.ext.cab.path': 'path',
'fs.s3a.ext.cab.username': '******',
'fs.s3a.ext.cab.password': '******'
}
invoke.return_value = {
'Credentials': 'Credentials'
}
client = IDBroker.from_core_site('s3a', 'test')
cab = client.get_cab()
assert_equal(invoke.call_count, 2) # get_cab calls twice
assert_equal(cab.get('Credentials'), 'Credentials')
assert_equal(set_basic_auth.call_count, 1)
def get_credential_provider(identifier, user):
client_conf = aws_conf.AWS_ACCOUNTS[
identifier] if identifier in aws_conf.AWS_ACCOUNTS else None
return CredentialProviderIDBroker(IDBroker.from_core_site(
's3a', user)) if conf_idbroker.is_idbroker_enabled(
's3a') else CredentialProviderConf(client_conf)
def get_credential_provider(config=None, user=_DEFAULT_USER):
return CredentialProviderIDBroker(IDBroker.from_core_site(
'gs', user)) if conf_idbroker.is_idbroker_enabled(
'gs') else CredentialProviderConf(config)
def get_credential_provider(config, user):
return CredentialProviderIDBroker(IDBroker.from_core_site('gs', user)) if conf_idbroker.is_idbroker_enabled('gs') else \
CredentialProviderConf(config)