Exemplo n.º 1
0
    def __init__(self,
                 assertion,
                 credential_path='~/.aws',
                 profile='default',
                 region='us-east-1'):
        cred_dir = expanduser(credential_path)
        cred_file = os.path.join(cred_dir, 'credentials')

        boto_logger = logging.getLogger('botocore')
        boto_logger.setLevel(logging.WARNING)

        if not os.path.exists(cred_dir):
            log.info('Creating missing AWS Credentials dir {dir}'.format(
                dir=cred_dir))
            os.makedirs(cred_dir)

        self.sts = boto3.client('sts')

        self.profile = profile
        self.region = region

        self.assertion = SamlAssertion(assertion)
        self.writer = Credentials(cred_file)

        # Populated by self.assume_role()
        self.aws_access_key_id = None
        self.aws_secret_access_key = None
        self.aws_session_token = None
        self.expiration = None
        self.session_token = None
        self.role = None
Exemplo n.º 2
0
    def test_principle_can_be_first(self):
        assertion = saml_assertion(["{},{}".format(idp_arn, dev_arn)])

        assert SamlAssertion(assertion).roles() == [{
            "role": dev_arn,
            "principle": idp_arn
        }]
Exemplo n.º 3
0
    def test_white_space_is_removed(self):
        assertion = saml_assertion([" {},{} ".format(idp_arn, dev_arn)])

        assert SamlAssertion(assertion).roles() == [{
            "role": dev_arn,
            "principle": idp_arn
        }]
Exemplo n.º 4
0
    def test_roles_are_extracted(self):
        assertion = saml_assertion(["{},{}".format(dev_arn, idp_arn)])

        assert SamlAssertion(assertion).roles() == [{
            "role": dev_arn,
            "principle": idp_arn
        }]
Exemplo n.º 5
0
    def test_white_space_is_removed(self):
        assertion = saml_assertion([' {},{} '.format(idp_arn, dev_arn)])

        assert SamlAssertion(assertion).roles() == [{
            'role': dev_arn,
            'principle': idp_arn
        }]
Exemplo n.º 6
0
    def test_principle_can_be_first(self):
        assertion = saml_assertion(['{},{}'.format(idp_arn, dev_arn)])

        assert SamlAssertion(assertion).roles() == [{
            'role': dev_arn,
            'principle': idp_arn
        }]
Exemplo n.º 7
0
    def test_roles_are_extracted(self):
        assertion = saml_assertion(['{},{}'.format(dev_arn, idp_arn)])

        assert SamlAssertion(assertion).roles() == [{
            'role': dev_arn,
            'principle': idp_arn
        }]
Exemplo n.º 8
0
    def test_multiple_roles_are_returned(self):
        assertion = saml_assertion([
            '{},{}'.format(dev_arn, idp_arn), '{},{}'.format(qa_arn, idp2_arn)
        ])

        assert SamlAssertion(assertion).roles() == [{
            'role': dev_arn,
            'principle': idp_arn
        }, {
            'role': qa_arn,
            'principle': idp2_arn
        }]
Exemplo n.º 9
0
    def test_multiple_roles_are_returned(self):
        assertion = saml_assertion([
            "{},{}".format(dev_arn, idp_arn), "{},{}".format(qa_arn, idp2_arn)
        ])

        assert SamlAssertion(assertion).roles() == [
            {
                "role": dev_arn,
                "principle": idp_arn
            },
            {
                "role": qa_arn,
                "principle": idp2_arn
            },
        ]
Exemplo n.º 10
0
 def test_assertion_is_encoded(self):
     test_str = str.encode("test encoding")
     assert SamlAssertion(test_str).encode() == "dGVzdCBlbmNvZGluZw=="