def test_get_aws_credentials_errors(self):
"""Test to get AWS Role ARN exceptions."""
auth_type = AUTH_TYPES.get(Provider.PROVIDER_AWS)
client = SourcesHTTPClient(auth_header=Config.SOURCES_FAKE_HEADER,
source_id=self.source_id)
with requests_mock.mock() as m:
json_data = [None, []]
for test in json_data:
with self.subTest(test=test):
m.get(
f"{MOCK_URL}/api/v1.0/{ENDPOINT_AUTHENTICATIONS}?"
f"filter[source_id]={self.source_id}&filter[authtype]={auth_type}",
status_code=200,
json={"data": test},
)
with self.assertRaises(SourcesHTTPClientError):
client._get_aws_credentials(COST_MGMT_APP_TYPE_ID)
resource_id = 2
m.get(
f"{MOCK_URL}/api/v1.0/{ENDPOINT_AUTHENTICATIONS}?source_id={self.source_id}&authtype={auth_type}",
status_code=200,
json={"data": [{
"id": resource_id
}]},
)
m.get(
(f"{MOCK_URL}/internal/v1.0/{ENDPOINT_AUTHENTICATIONS}/"
f"{resource_id}?expose_encrypted_attribute[]=password"),
status_code=200,
json={"authtype": "arn"},
)
with self.assertRaises(SourcesHTTPClientError):
client._get_aws_credentials(COST_MGMT_APP_TYPE_ID)
def test_get_aws_credentials_username(self):
"""Test to get AWS Role ARN from authentication service from username."""
client = SourcesHTTPClient(auth_header=Config.SOURCES_FAKE_HEADER, source_id=self.source_id)
with requests_mock.mock() as m:
resource_id = 2
m.get(
f"{MOCK_URL}/api/v1.0/{ENDPOINT_AUTHENTICATIONS}?source_id={self.source_id}",
status_code=200,
json={"data": [{"id": resource_id, "username": self.authentication}]},
)
creds = client._get_aws_credentials()
self.assertEqual(creds.get("role_arn"), self.authentication)
def test_get_aws_credentials_username(self):
"""Test to get AWS Role ARN from authentication service from username."""
auth_type = AUTH_TYPES.get(Provider.PROVIDER_AWS)
client = SourcesHTTPClient(auth_header=Config.SOURCES_FAKE_HEADER,
source_id=self.source_id)
with requests_mock.mock() as m:
resource_id = 2
m.get(
f"{MOCK_URL}/api/v1.0/{ENDPOINT_AUTHENTICATIONS}?filter[source_id]={self.source_id}&filter[authtype]={auth_type}", # noqa: E501
status_code=200,
json={
"data": [{
"id": resource_id,
"username": self.authentication
}]
},
)
creds = client._get_aws_credentials(COST_MGMT_APP_TYPE_ID)
self.assertEqual(creds.get("role_arn"), self.authentication)
def test_get_aws_credentials_internal_endpoint(self):
"""Test to get AWS Role ARN from authentication service from internal endpoint."""
auth_type = AUTH_TYPES.get(Provider.PROVIDER_AWS)
client = SourcesHTTPClient(auth_header=Config.SOURCES_FAKE_HEADER,
source_id=self.source_id)
resource_id = 2
responses = [
{
"url":
(f"{MOCK_URL}/api/v1.0/{ENDPOINT_AUTHENTICATIONS}?"
f"filter[source_id]={self.source_id}&filter[authtype]={auth_type}"
),
"status":
200,
"json": {
"data": [{
"id": resource_id
}]
},
},
{
"url":
(f"{MOCK_URL}/internal/v1.0/{ENDPOINT_AUTHENTICATIONS}/"
f"{resource_id}?expose_encrypted_attribute[]=password"),
"status":
200,
"json": {
"authtype": "arn",
"password": self.authentication
},
},
]
with requests_mock.mock() as m:
for resp in responses:
m.get(resp.get("url"),
status_code=resp.get("status"),
json=resp.get("json"))
response = client._get_aws_credentials(COST_MGMT_APP_TYPE_ID)
self.assertEqual(response.get("role_arn"), self.authentication)
