def test_clear(self):
"""LocalFileDriver - Clear Credentials"""
descriptor = 'descriptor'
credentials = Credentials('aaaa', True,
REGION) # pretend it's encrypted
self._fs_driver.save_credentials(descriptor, credentials)
LocalFileDriver.clear()
assert_false(self._fs_driver.has_credentials(descriptor))
def test_save_and_load_credentials_persists_statically(self):
"""LocalFileDriver - Save and Load Credentials"""
raw_credentials = 'aaaa'
descriptor = 'descriptor'
encrypted_raw_credentials = encrypt_with_kms(raw_credentials, REGION,
KMS_ALIAS)
credentials = Credentials(encrypted_raw_credentials, True, REGION)
assert_true(self._fs_driver.save_credentials(descriptor, credentials))
driver2 = LocalFileDriver(
REGION, 'service') # Create a separate, identical driver
loaded_credentials = driver2.load_credentials(descriptor)
assert_is_not_none(loaded_credentials)
assert_true(loaded_credentials.is_encrypted())
assert_equal(loaded_credentials.get_data_kms_decrypted(),
raw_credentials.encode())
def setup(self):
LocalFileDriver.clear()
self._fs_driver = LocalFileDriver(REGION, 'service')
def teardown():
LocalFileDriver.clear()
class TestLocalFileDriver:
def setup(self):
LocalFileDriver.clear()
self._fs_driver = LocalFileDriver(REGION, 'service')
@staticmethod
def teardown():
LocalFileDriver.clear()
def test_save_and_has_credentials(self):
"""LocalFileDriver - Save and Has Credentials"""
assert_false(self._fs_driver.has_credentials('descriptor'))
credentials = Credentials('aaaa', True) # pretend it's encrypted
self._fs_driver.save_credentials('descriptor', credentials)
assert_true(self._fs_driver.has_credentials('descriptor'))
@mock_kms
def test_save_and_load_credentials(self):
"""LocalFileDriver - Save and Load Credentials"""
raw_credentials = 'aaaa'
descriptor = 'descriptor'
encrypted_raw_credentials = encrypt_with_kms(raw_credentials, REGION,
KMS_ALIAS)
credentials = Credentials(encrypted_raw_credentials, True, REGION)
assert_true(self._fs_driver.save_credentials(descriptor, credentials))
loaded_credentials = self._fs_driver.load_credentials(descriptor)
assert_is_not_none(loaded_credentials)
assert_true(loaded_credentials.is_encrypted())
assert_equal(loaded_credentials.get_data_kms_decrypted(),
raw_credentials.encode())
@mock_kms
def test_save_and_load_credentials_persists_statically(self):
"""LocalFileDriver - Save and Load Credentials"""
raw_credentials = 'aaaa'
descriptor = 'descriptor'
encrypted_raw_credentials = encrypt_with_kms(raw_credentials, REGION,
KMS_ALIAS)
credentials = Credentials(encrypted_raw_credentials, True, REGION)
assert_true(self._fs_driver.save_credentials(descriptor, credentials))
driver2 = LocalFileDriver(
REGION, 'service') # Create a separate, identical driver
loaded_credentials = driver2.load_credentials(descriptor)
assert_is_not_none(loaded_credentials)
assert_true(loaded_credentials.is_encrypted())
assert_equal(loaded_credentials.get_data_kms_decrypted(),
raw_credentials.encode())
def test_save_errors_on_unencrypted(self):
"""LocalFileDriver - Save Errors on Unencrypted Credentials"""
raw_credentials_dict = {
'python': 'is very difficult',
'someone': 'save meeeee',
}
descriptor = 'descriptor5'
raw_credentials = json.dumps(raw_credentials_dict)
credentials = Credentials(raw_credentials, False, REGION)
assert_false(self._fs_driver.save_credentials(descriptor, credentials))
assert_false(self._fs_driver.has_credentials(descriptor))
def test_clear(self):
"""LocalFileDriver - Clear Credentials"""
descriptor = 'descriptor'
credentials = Credentials('aaaa', True,
REGION) # pretend it's encrypted
self._fs_driver.save_credentials(descriptor, credentials)
LocalFileDriver.clear()
assert_false(self._fs_driver.has_credentials(descriptor))
def test_get_load_credentials_temp_dir():
"""LocalFileDriver - Get Load Credentials Temp Dir"""
temp_dir = LocalFileDriver.get_local_credentials_temp_dir()
assert_equal(temp_dir.split('/')[-1], 'streamalert_secrets')
def teardown(self):
self.kms_mocker.stop()
LocalFileDriver.clear()
def setup(self):
self.kms_mocker = mock_kms()
self.kms_mocker.start()
setup_mock_kms(REGION, KMS_ALIAS)
LocalFileDriver.clear()
self._fs_driver = LocalFileDriver(REGION, 'service')
def remove_temp_secrets():
"""Remove the local secrets directory that may be left from previous runs"""
LocalFileDriver.clear()