def test_can_remove_providers(self): self.provider1.load.return_value = credentials.Credentials( 'a', 'b', 'c') self.provider2.load.return_value = credentials.Credentials( 'd', 'e', 'f') resolver = credentials.CredentialResolver( providers=[self.provider1, self.provider2]) resolver.remove('provider1') creds = resolver.load_credentials() self.assertIsNotNone(creds) self.assertEqual(creds.access_key, 'd') self.assertEqual(creds.secret_key, 'e') self.assertEqual(creds.token, 'f') self.assertTrue(not self.provider1.load.called) self.provider2.load.assert_called_with()
def test_inject_additional_providers_after_existing(self): self.provider1.load.return_value = None self.provider2.load.return_value = self.fake_creds resolver = credentials.CredentialResolver( providers=[self.provider1, self.provider2]) # Now, if we were to call resolver.load() now, provider2 would # win because it's returning a non None response. # However we can inject a new provider before provider2 to # override this process. # Providers can be added by the METHOD name of each provider. new_provider = mock.Mock() new_provider.METHOD = 'new_provider' new_provider.load.return_value = credentials.Credentials('d', 'e', 'f') resolver.insert_after('provider1', new_provider) creds = resolver.load_credentials() self.assertIsNotNone(creds) self.assertEqual(creds.access_key, 'd') self.assertEqual(creds.secret_key, 'e') self.assertEqual(creds.token, 'f') # Provider 1 should have been called, but provider2 should # *not* have been called because new_provider already returned # a non-None response. self.provider1.load.assert_called_with() self.assertTrue(not self.provider2.called)
def _get_client_args(self, service_model, region_name, is_secure, endpoint_url, verify, aws_access_key_id, aws_secret_access_key, aws_session_token): # A client needs: # # * serializer # * endpoint # * response parser protocol = service_model.metadata['protocol'] serializer = botocore.serialize.create_serializer( protocol, include_validation=True) creds = None if aws_secret_access_key is not None: creds = credentials.Credentials(access_key=aws_access_key_id, secret_key=aws_secret_access_key, token=aws_session_token) endpoint = self._endpoint_creator.create_endpoint( service_model, region_name, is_secure=is_secure, endpoint_url=endpoint_url, verify=verify, credentials=creds) response_parser = botocore.parsers.create_parser(protocol) return { 'serializer': serializer, 'endpoint': endpoint, 'response_parser': response_parser, 'event_emitter': self._event_emitter, }
def setUp(self): super(CredentialResolverTest, self).setUp() self.provider1 = mock.Mock() self.provider1.METHOD = 'provider1' self.provider2 = mock.Mock() self.provider2.METHOD = 'provider2' self.fake_creds = credentials.Credentials('a', 'b', 'c')
def get_prepared_request(self, op, param, force_hmacv1=False): request = [] if force_hmacv1: self.endpoint.auth = auth.HmacV1Auth( credentials.Credentials('foo', 'bar')) self.endpoint._send_request = lambda prepared_request, operation: \ request.append(prepared_request) self.endpoint.make_request(op.model, param) return request[0]
def get_prepared_request(self, op, param, force_hmacv1=False): request = [] if force_hmacv1: self.endpoint.auth = auth.HmacV1Auth( credentials.Credentials('foo', 'bar')) def prepare_request(request, **kwargs): fix_s3_host(request, self.signature_version, self.endpoint.region_name) return request self.endpoint.prepare_request = prepare_request return self.endpoint.create_request(param, op)
def test_inject_provider_before_existing(self): new_provider = mock.Mock() new_provider.METHOD = 'override' new_provider.load.return_value = credentials.Credentials('x', 'y', 'z') resolver = credentials.CredentialResolver( providers=[self.provider1, self.provider2]) resolver.insert_before(self.provider1.METHOD, new_provider) creds = resolver.load_credentials() self.assertEqual(creds.access_key, 'x') self.assertEqual(creds.secret_key, 'y') self.assertEqual(creds.token, 'z')
def __init__(self, configuration): super(AmazonElasticsearchService, self).__init__(configuration) region = configuration['region'] cred = None if configuration.get('use_aws_iam_profile', False): cred = credentials.get_credentials(session.Session()) else: cred = credentials.Credentials( access_key=configuration.get('access_key', ''), secret_key=configuration.get('secret_key', '')) self.auth = AWSV4Sign(cred, region, 'es')
def __init__(self, configuration): super(AmazonElasticsearchService, self).__init__(configuration) region = configuration["region"] cred = None if configuration.get("use_aws_iam_profile", False): cred = credentials.get_credentials(session.Session()) else: cred = credentials.Credentials( access_key=configuration.get("access_key", ""), secret_key=configuration.get("secret_key", ""), ) self.auth = AWSV4Sign(cred, region, "es")
def _ensure_credential_is_normalized_as_unicode(self, access, secret): c = credentials.Credentials(access, secret) self.assertTrue(isinstance(c.access_key, type(u'u'))) self.assertTrue(isinstance(c.secret_key, type(u'u')))
def credentials(): access_key = temporary_access_key_id() secret_key = secret_access_key() token = session_token() return creds.Credentials(access_key, secret_key, token)