def test_setup_sso_should_not_fail_when_sso_config_cannot_be_loaded_due_to_404_error( self, open_mock, is_server_runing_mock, get_silent_mock, get_ambari_properties_mock, get_YN_input_mock, get_cluster_name_mock, urlopen_mock, perform_changes_via_rest_api_mock): out = StringIO.StringIO() sys.stdout = out certificate_data = '-----BEGIN CERTIFICATE-----\n' \ 'MIIE3DCCA8SgAwIBAgIJAKfbOMmFyOlNMA0GCSqGSIb3DQEBBQUAMIGkMQswCQYD\n' \ '................................................................\n' \ 'dXRpbmcxFzAVBgNVBAMTDmNsb3VkYnJlYWstcmdsMSUwIwYJKoZIhvcNAQkBFhZy\n' \ '-----END CERTIFICATE-----' mock_file = MagicFile(certificate_data) open_mock.side_effect = [mock_file] is_server_runing_mock.return_value = (True, 0) get_silent_mock.return_value = False get_ambari_properties_mock.return_value = Properties() get_cluster_name_mock.return_value = 'cluster1' get_YN_input_mock.__return_value = True urlopen_mock.side_effect = HTTPError(MagicMock(status=404), 404, 'not found', None, None) sso_enabled = 'true' sso_provider_url = 'http://testHost:8080' sso_public_cert_file = '/test/file/path' sso_jwt_cookie_name = 'test_cookie' sso_jwt_audience_list = 'test, audience, list' options = self._create_empty_options_mock() options.sso_enabled = sso_enabled options.sso_enabled_ambari = sso_enabled options.sso_manage_services = 'true' options.sso_provider_url = sso_provider_url options.sso_public_cert_file = sso_public_cert_file options.sso_jwt_cookie_name = sso_jwt_cookie_name options.sso_jwt_audience_list = sso_jwt_audience_list setup_sso(options) self.assertTrue(perform_changes_via_rest_api_mock.called) requestCall = perform_changes_via_rest_api_mock.call_args_list[0] args, kwargs = requestCall requestData = args[5] self.assertTrue(isinstance(requestData, dict)) ssoProperties = requestData['Configuration']['properties'] self.assertEqual(ssoProperties[AMBARI_SSO_AUTH_ENABLED], sso_enabled) self.assertEqual(ssoProperties[SSO_PROVIDER_URL], sso_provider_url) self.assertEqual(ssoProperties[SSO_CERTIFICATE], certificate_data) self.assertEqual(ssoProperties[JWT_COOKIE_NAME], sso_jwt_cookie_name) self.assertEqual(ssoProperties[JWT_AUDIENCES], sso_jwt_audience_list) self.assertEqual(ssoProperties[SSO_MANAGE_SERVICES], "true") self.assertEqual(ssoProperties[SSO_ENABLED_SERVICES], "*")
def test_all_cli_options_are_collected_when_enabling_sso( self, open_mock, get_json_via_rest_api_mock, is_server_runing_mock, get_silent_mock, get_ambari_properties_mock, perform_changes_via_rest_api_mock): out = StringIO.StringIO() sys.stdout = out certificate_data = '-----BEGIN CERTIFICATE-----\n' \ 'MIIE3DCCA8SgAwIBAgIJAKfbOMmFyOlNMA0GCSqGSIb3DQEBBQUAMIGkMQswCQYD\n' \ '................................................................\n' \ 'dXRpbmcxFzAVBgNVBAMTDmNsb3VkYnJlYWstcmdsMSUwIwYJKoZIhvcNAQkBFhZy\n' \ '-----END CERTIFICATE-----' mock_file = MagicFile(certificate_data) open_mock.side_effect = [mock_file] get_json_via_rest_api_mock.return_value = (200, {}) is_server_runing_mock.return_value = (True, 0) get_silent_mock.return_value = False properties = Properties() get_ambari_properties_mock.return_value = properties sso_enabled = 'true' sso_enabled_services = 'Ambari, SERVICE1, SERVICE2' sso_provider_url = 'https://c7402.ambari.apache.org:8443/gateway/knoxsso/api/v1/websso' sso_public_cert_file = '/test/file/path' sso_jwt_cookie_name = 'test_cookie' sso_jwt_audience_list = 'test, audience, list' options = self._create_empty_options_mock() options.sso_enabled = sso_enabled options.sso_enabled_ambari = 'true' options.sso_manage_services = 'true' options.sso_provider_url = sso_provider_url options.sso_public_cert_file = sso_public_cert_file options.sso_jwt_cookie_name = sso_jwt_cookie_name options.sso_jwt_audience_list = sso_jwt_audience_list options.sso_enabled_services = sso_enabled_services setup_sso(options) self.assertTrue(perform_changes_via_rest_api_mock.called) requestCall = perform_changes_via_rest_api_mock.call_args_list[0] args, kwargs = requestCall requestData = args[5] self.assertTrue(isinstance(requestData, dict)) ssoProperties = requestData['Configuration']['properties'] self.assertEqual(ssoProperties[AMBARI_SSO_AUTH_ENABLED], sso_enabled) self.assertEqual(ssoProperties[SSO_PROVIDER_URL], sso_provider_url) self.assertEqual(ssoProperties[SSO_CERTIFICATE], certificate_data) self.assertEqual(ssoProperties[JWT_COOKIE_NAME], sso_jwt_cookie_name) self.assertEqual(ssoProperties[JWT_AUDIENCES], sso_jwt_audience_list) sys.stdout = sys.__stdout__ pass
def test_sso_is_enabled_for_all_services_via_user_input( self, is_root_mock, is_server_runing_mock, get_silent_mock, get_ambari_properties_mock, update_properties_mock, get_YN_input_mock, perform_changes_via_rest_api_mock): out = StringIO.StringIO() sys.stdout = out is_root_mock.return_value = True is_server_runing_mock.return_value = (True, 0) get_silent_mock.return_value = False get_ambari_properties_mock.return_value = Properties() def yn_input_side_effect(*args, **kwargs): if 'all services' in args[0]: return True else: raise Exception( "ShouldNotBeInvoked" ) # only the 'Use SSO for all services' question should be asked for now get_YN_input_mock.side_effect = yn_input_side_effect options = self._create_empty_options_mock() options.sso_enabled = 'true' options.sso_provider_url = 'http://testHost:8080' options.sso_public_cert_file = '/test/file/path' options.sso_jwt_cookie_name = 'test_cookie' options.sso_jwt_audience_list = 'test, audience, list' setup_sso(options) requestCall = perform_changes_via_rest_api_mock.call_args_list[0] args, kwargs = requestCall requestData = args[5] self.assertTrue(isinstance(requestData, dict)) ssoProperties = requestData['Configuration']['properties'] properties_updated_in_ambari_db = sorted(ssoProperties.iteritems(), key=operator.itemgetter(0)) properties_should_be_updated_in_ambari_db = sorted( { "ambari.sso.enabled_services": "*", "ambari.sso.manage_services": "true" }.iteritems(), key=operator.itemgetter(0)) self.assertEqual(properties_should_be_updated_in_ambari_db, properties_updated_in_ambari_db) sys.stdout = sys.__stdout__ pass
def test_only_sso_enabled_cli_option_is_collected_when_disabling_sso( self, open_mock, get_json_via_rest_api_mock, is_server_runing_mock, get_silent_mock, get_ambari_properties_mock, perform_changes_via_rest_api_mock): out = StringIO.StringIO() sys.stdout = out certificate_data = '-----BEGIN CERTIFICATE-----\n' \ 'MIIE3DCCA8SgAwIBAgIJAKfbOMmFyOlNMA0GCSqGSIb3DQEBBQUAMIGkMQswCQYD\n' \ '................................................................\n' \ 'dXRpbmcxFzAVBgNVBAMTDmNsb3VkYnJlYWstcmdsMSUwIwYJKoZIhvcNAQkBFhZy\n' \ '-----END CERTIFICATE-----' mock_file = MagicFile(certificate_data) open_mock.side_effect = [mock_file] get_json_via_rest_api_mock.return_value = (200, {}) is_server_runing_mock.return_value = (True, 0) get_silent_mock.return_value = False properties = Properties() get_ambari_properties_mock.return_value = properties sso_enabled = 'false' sso_provider_url = 'http://testHost:8080' sso_public_cert_file = '/test/file/path' sso_jwt_cookie_name = 'test_cookie' sso_jwt_audience_list = 'test, audience, list' options = self._create_empty_options_mock() options.sso_enabled = sso_enabled options.sso_provider_url = sso_provider_url options.sso_public_cert_file = sso_public_cert_file options.sso_jwt_cookie_name = sso_jwt_cookie_name options.sso_jwt_audience_list = sso_jwt_audience_list setup_sso(options) self.assertTrue(perform_changes_via_rest_api_mock.called) requestCall = perform_changes_via_rest_api_mock.call_args_list[0] args, kwargs = requestCall requestData = args[5] self.assertTrue(isinstance(requestData, dict)) ssoProperties = requestData['Configuration']['properties'] self.assertEqual(ssoProperties[SSO_MANAGE_SERVICES], "false") self.assertEqual(ssoProperties[AMBARI_JWT_AUTH_ENBABLED], "false") sys.stdout = sys.__stdout__ pass
def test_non_root_user_should_not_be_able_to_setup_sso(self, is_root_mock): out = StringIO.StringIO() sys.stdout = out is_root_mock.return_value = False options = self._create_empty_options_mock() try: setup_sso(options) self.fail("Should fail with non-fatal exception") except FatalException as e: self.assertTrue("ambari-server setup-sso should be run with root-level privileges" in e.reason) pass sys.stdout = sys.__stdout__ pass
def test_sso_setup_should_fail_if_server_is_not_running( self, is_server_runing_mock): out = StringIO.StringIO() sys.stdout = out is_server_runing_mock.return_value = (False, 0) options = self._create_empty_options_mock() try: setup_sso(options) self.fail("Should fail with non-fatal exception") except FatalException as e: self.assertTrue("Ambari Server is not running" in e.reason) pass sys.stdout = sys.__stdout__ pass
def test_all_cli_options_are_collected_when_enabling_sso( self, is_root_mock, is_server_runing_mock, get_silent_mock, get_ambari_properties_mock, update_properties_mock, perform_changes_via_rest_api_mock): out = StringIO.StringIO() sys.stdout = out is_root_mock.return_value = True is_server_runing_mock.return_value = (True, 0) get_silent_mock.return_value = False properties = Properties() get_ambari_properties_mock.return_value = properties sso_enabled = 'true' sso_enabled_services = 'Ambari, SERVICE1, SERVICE2' sso_provider_url = 'https://c7402.ambari.apache.org:8443/gateway/knoxsso/api/v1/websso' sso_public_cert_file = '/test/file/path' sso_jwt_cookie_name = 'test_cookie' sso_jwt_audience_list = 'test, audience, list' options = self._create_empty_options_mock() options.sso_enabled = sso_enabled options.sso_provider_url = sso_provider_url options.sso_public_cert_file = sso_public_cert_file options.sso_jwt_cookie_name = sso_jwt_cookie_name options.sso_jwt_audience_list = sso_jwt_audience_list options.sso_enabled_services = sso_enabled_services setup_sso(options) self.assertTrue(update_properties_mock.called) self.assertEqual(properties.get_property(JWT_AUTH_ENBABLED), sso_enabled) self.assertEqual(properties.get_property(JWT_AUTH_PROVIDER_URL), sso_provider_url) self.assertEqual(properties.get_property(JWT_PUBLIC_KEY), sso_public_cert_file) self.assertEqual(properties.get_property(JWT_COOKIE_NAME), sso_jwt_cookie_name) self.assertEqual(properties.get_property(JWT_AUDIENCES), sso_jwt_audience_list) self.assertTrue(perform_changes_via_rest_api_mock.called) sys.stdout = sys.__stdout__ pass
def test_silent_mode_is_not_allowed(self, is_root_mock, get_silent_mock): out = StringIO.StringIO() sys.stdout = out is_root_mock.return_value = True get_silent_mock.return_value = True options = self._create_empty_options_mock() try: setup_sso(options) self.fail("Should fail with fatal exception") except NonFatalException as e: self.assertTrue( "setup-sso is not enabled in silent mode." in e.reason) pass sys.stdout = sys.__stdout__ pass
def test_invalid_sso_enabled_cli_option_should_result_in_error(self, is_root_mock, is_server_runing_mock, get_silent_mock): out = StringIO.StringIO() sys.stdout = out is_root_mock.return_value = True is_server_runing_mock.return_value = (True, 0) get_silent_mock.return_value = False options = self._create_empty_options_mock() options.sso_enabled = 'not_true_or_false' try: setup_sso(options) self.fail("Should fail with fatal exception") except FatalException as e: self.assertTrue("--sso-enabled should be to either 'true' or 'false'" in e.reason) pass sys.stdout = sys.__stdout__ pass
def test_only_sso_enabled_cli_option_is_collected_when_disabling_sso( self, is_root_mock, is_server_runing_mock, get_silent_mock, get_ambari_properties_mock, update_properties_mock, urlopen_mock): out = StringIO.StringIO() sys.stdout = out is_root_mock.return_value = True is_server_runing_mock.return_value = (True, 0) get_silent_mock.return_value = False properties = Properties() get_ambari_properties_mock.return_value = properties sso_enabled = 'false' sso_provider_url = 'http://testHost:8080' sso_public_cert_file = '/test/file/path' sso_jwt_cookie_name = 'test_cookie' sso_jwt_audience_list = 'test, audience, list' options = self._create_empty_options_mock() options.sso_enabled = sso_enabled options.sso_provider_url = sso_provider_url options.sso_public_cert_file = sso_public_cert_file options.sso_jwt_cookie_name = sso_jwt_cookie_name options.sso_jwt_audience_list = sso_jwt_audience_list response = MagicMock() response.getcode.return_value = 200 urlopen_mock.return_value = response setup_sso(options) self.assertTrue(update_properties_mock.called) self.assertEqual(properties.get_property(JWT_AUTH_ENBABLED), sso_enabled) self.assertTrue( JWT_AUTH_PROVIDER_URL not in properties.propertyNames()) self.assertTrue(JWT_PUBLIC_KEY not in properties.propertyNames()) self.assertTrue(JWT_COOKIE_NAME not in properties.propertyNames()) self.assertTrue(JWT_AUDIENCES not in properties.propertyNames()) sys.stdout = sys.__stdout__ pass
def test_invalid_sso_provider_url_cli_option_when_enabling_sso_should_result_in_error( self, is_root_mock, get_silent_mock): out = StringIO.StringIO() sys.stdout = out is_root_mock.return_value = True get_silent_mock.return_value = False options = self._create_empty_options_mock() options.sso_enabled = 'true' options.sso_provider_url = '!invalidHost:invalidPort' try: setup_sso(options) self.fail("Should fail with fatal exception") except FatalException as e: self.assertTrue("Invalid --sso-provider-url" in e.reason) pass sys.stdout = sys.__stdout__ pass
def test_missing_sso_public_cert_file_cli_option_when_enabling_sso_should_result_in_error(self, is_root_mock, is_server_runing_mock, get_silent_mock): out = StringIO.StringIO() sys.stdout = out is_root_mock.return_value = True is_server_runing_mock.return_value = (True, 0) get_silent_mock.return_value = False options = self._create_empty_options_mock() options.sso_enabled = 'true' options.sso_public_cert_file = '' try: setup_sso(options) self.fail("Should fail with fatal exception") except FatalException as e: self.assertTrue("Missing option: --sso-public-cert-file" in e.reason) pass sys.stdout = sys.__stdout__ pass
def test_all_cli_options_are_collected_when_enabling_sso( self, is_root_mock, get_silent_mock, get_ambari_properties_mock, update_properties_mock): out = StringIO.StringIO() sys.stdout = out is_root_mock.return_value = True get_silent_mock.return_value = False properties = Properties() get_ambari_properties_mock.return_value = properties sso_enabled = 'true' sso_provider_url = 'http://testHost:8080' sso_public_cert_file = '/test/file/path' sso_jwt_cookie_name = 'test_cookie' sso_jwt_audience_list = 'test, audience, list' options = self._create_empty_options_mock() options.sso_enabled = sso_enabled options.sso_provider_url = sso_provider_url options.sso_public_cert_file = sso_public_cert_file options.sso_jwt_cookie_name = sso_jwt_cookie_name options.sso_jwt_audience_list = sso_jwt_audience_list setup_sso(options) self.assertTrue(update_properties_mock.called) self.assertEqual(properties.get_property(JWT_AUTH_ENBABLED), sso_enabled) self.assertEqual(properties.get_property(JWT_AUTH_PROVIDER_URL), sso_provider_url) self.assertEqual(properties.get_property(JWT_PUBLIC_KEY), sso_public_cert_file) self.assertEqual(properties.get_property(JWT_COOKIE_NAME), sso_jwt_cookie_name) self.assertEqual(properties.get_property(JWT_AUDIENCES), sso_jwt_audience_list) sys.stdout = sys.__stdout__ pass
def test_setup_sso_should_not_fail_when_sso_config_cannot_be_loaded_due_to_404_error(self, is_root_mock, is_server_runing_mock, get_silent_mock, get_ambari_properties_mock, update_properties_mock, get_YN_input_mock, get_cluster_name_mock, perform_changes_via_rest_api_mock, urlopen_mock): out = StringIO.StringIO() sys.stdout = out is_root_mock.return_value = True is_server_runing_mock.return_value = (True, 0) get_silent_mock.return_value = False get_ambari_properties_mock.return_value = Properties() get_cluster_name_mock.return_value = 'cluster1' get_YN_input_mock.__return_value = True urlopen_mock.side_effect = HTTPError(MagicMock(status=404), 404, 'not found', None, None) options = self._create_empty_options_mock() options.sso_provider_url = 'http://testHost:8080' options.sso_public_cert_file = '/test/file/path' options.sso_jwt_cookie_name = 'test_cookie' options.sso_jwt_audience_list = 'test, audience, list' setup_sso(options) self.assertTrue(update_properties_mock.called) pass
def test_invalid_sso_provider_url_cli_option_when_enabling_sso_should_result_in_error( self, is_root_mock, is_server_runing_mock, get_silent_mock): out = StringIO.StringIO() sys.stdout = out is_root_mock.return_value = True is_server_runing_mock.return_value = (True, 0) get_silent_mock.return_value = False options = self._create_empty_options_mock() options.sso_enabled = 'true' options.sso_provider_url = '!invalidHost:invalidPort' try: setup_sso(options) self.fail("Should fail with fatal exception") except FatalException as e: self.assertTrue("Invalid --sso-provider-url" in e.reason) pass options.sso_provider_url = 'The SSO provider URL is https://c7402.ambari.apache.org:8443/gateway/knoxsso/api/v1/websso' try: setup_sso(options) self.fail("Should fail with fatal exception") except FatalException as e: self.assertTrue("Invalid --sso-provider-url" in e.reason) pass options.sso_provider_url = 'https://c7402.ambari.apache.org:8443/gateway/knoxsso/api/v1/websso is the SSO provider URL' try: setup_sso(options) self.fail("Should fail with fatal exception") except FatalException as e: self.assertTrue("Invalid --sso-provider-url" in e.reason) pass sys.stdout = sys.__stdout__ pass
def test_sso_enabled_services_are_collected_via_user_input( self, is_root_mock, is_server_runing_mock, get_silent_mock, get_ambari_properties_mock, update_properties_mock, get_YN_input_mock, get_cluster_name_mock, perform_changes_via_rest_api_mock, urlopen_mock): out = StringIO.StringIO() sys.stdout = out is_root_mock.return_value = True is_server_runing_mock.return_value = (True, 0) get_silent_mock.return_value = False get_ambari_properties_mock.return_value = Properties() get_cluster_name_mock.return_value = 'cluster1' def yn_input_side_effect(*args, **kwargs): if 'all services' in args[0]: return False else: return True get_YN_input_mock.side_effect = yn_input_side_effect eligible_services = \ """ { "href": "http://c7401:8080/api/v1/clusters/cluster1/services?ServiceInfo/sso_integration_supported=true", "items": [ { "href": "http://c7401:8080/api/v1/clusters/cluster1/services/HDFS", "ServiceInfo": { "cluster_name": "cluster1", "service_name": "HDFS" } }, { "href": "http://c7401:8080/api/v1/clusters/cluster1/services/ZOOKEPER", "ServiceInfo": { "cluster_name": "cluster1", "service_name": "ZOOKEPER" } } ] } """ response = MagicMock() response.getcode.return_value = 200 response.read.return_value = eligible_services urlopen_mock.return_value = response options = self._create_empty_options_mock() options.sso_enabled = 'true' options.sso_provider_url = 'http://testHost:8080' options.sso_public_cert_file = '/test/file/path' options.sso_jwt_cookie_name = 'test_cookie' options.sso_jwt_audience_list = 'test, audience, list' setup_sso(options) requestCall = perform_changes_via_rest_api_mock.call_args_list[0] args, kwargs = requestCall requestData = args[5] self.assertTrue(isinstance(requestData, dict)) ssoProperties = requestData['Configuration']['properties'] properties_updated_in_ambari_db = sorted(ssoProperties.iteritems(), key=operator.itemgetter(0)) properties_should_be_updated_in_ambari_db = sorted( { "ambari.sso.enabled_services": "Ambari, HDFS, ZOOKEPER", "ambari.sso.manage_services": "true" }.iteritems(), key=operator.itemgetter(0)) self.assertEqual(properties_should_be_updated_in_ambari_db, properties_updated_in_ambari_db) sys.stdout = sys.__stdout__ pass
def test_sso_enabled_services_are_collected_via_user_input( self, open_mock, get_json_via_rest_api_mock, is_server_runing_mock, get_silent_mock, get_ambari_properties_mock, get_YN_input_mock, get_cluster_name_mock, perform_changes_via_rest_api_mock): out = StringIO.StringIO() sys.stdout = out certificate_data = '-----BEGIN CERTIFICATE-----\n' \ 'MIIE3DCCA8SgAwIBAgIJAKfbOMmFyOlNMA0GCSqGSIb3DQEBBQUAMIGkMQswCQYD\n' \ '................................................................\n' \ 'dXRpbmcxFzAVBgNVBAMTDmNsb3VkYnJlYWstcmdsMSUwIwYJKoZIhvcNAQkBFhZy\n' \ '-----END CERTIFICATE-----' mock_file = MagicFile(certificate_data) open_mock.side_effect = [mock_file] eligible_services = \ """ { "href": "http://c7401:8080/api/v1/clusters/cluster1/services?ServiceInfo/sso_integration_supported=true", "items": [ { "href": "http://c7401:8080/api/v1/clusters/cluster1/services/HDFS", "ServiceInfo": { "cluster_name": "cluster1", "service_name": "HDFS" } }, { "href": "http://c7401:8080/api/v1/clusters/cluster1/services/ZOOKEPER", "ServiceInfo": { "cluster_name": "cluster1", "service_name": "ZOOKEPER" } } ] } """ eligible_services_json = { "href": "http://c7401:8080/api/v1/clusters/cluster1/services?ServiceInfo/sso_integration_supported=true", "items": [{ "href": "http://c7401:8080/api/v1/clusters/cluster1/services/HDFS", "ServiceInfo": { "cluster_name": "cluster1", "service_name": "HDFS" } }, { "href": "http://c7401:8080/api/v1/clusters/cluster1/services/ZOOKEPER", "ServiceInfo": { "cluster_name": "cluster1", "service_name": "ZOOKEPER" } }] } get_json_via_rest_api_mock.return_value = (200, {}) get_json_via_rest_api_mock.return_value = (200, eligible_services_json) is_server_runing_mock.return_value = (True, 0) get_silent_mock.return_value = False get_ambari_properties_mock.return_value = Properties() get_cluster_name_mock.return_value = 'cluster1' def yn_input_side_effect(*args, **kwargs): if 'all services' in args[0]: return False else: return True get_YN_input_mock.side_effect = yn_input_side_effect response = MagicMock() response.getcode.return_value = 200 response.read.return_value = eligible_services options = self._create_empty_options_mock() options.sso_enabled = 'true' options.sso_provider_url = 'http://testHost:8080' options.sso_public_cert_file = '/test/file/path' options.sso_jwt_cookie_name = 'test_cookie' options.sso_jwt_audience_list = 'test, audience, list' setup_sso(options) self.assertTrue(perform_changes_via_rest_api_mock.called) requestCall = perform_changes_via_rest_api_mock.call_args_list[0] args, kwargs = requestCall requestData = args[5] self.assertTrue(isinstance(requestData, dict)) ssoProperties = requestData['Configuration']['properties'] self.assertEqual(ssoProperties[SSO_MANAGE_SERVICES], "true") self.assertEqual(ssoProperties[SSO_ENABLED_SERVICES], "AMBARI,HDFS,ZOOKEPER") sys.stdout = sys.__stdout__ pass
def test_sso_is_enabled_for_all_services_via_user_input( self, open_mock, get_json_via_rest_api_mock, is_server_runing_mock, get_silent_mock, get_ambari_properties_mock, get_YN_input_mock, perform_changes_via_rest_api_mock): out = StringIO.StringIO() sys.stdout = out certificate_data = '-----BEGIN CERTIFICATE-----\n' \ 'MIIE3DCCA8SgAwIBAgIJAKfbOMmFyOlNMA0GCSqGSIb3DQEBBQUAMIGkMQswCQYD\n' \ '................................................................\n' \ 'dXRpbmcxFzAVBgNVBAMTDmNsb3VkYnJlYWstcmdsMSUwIwYJKoZIhvcNAQkBFhZy\n' \ '-----END CERTIFICATE-----' mock_file = MagicFile(certificate_data) open_mock.side_effect = [mock_file] get_json_via_rest_api_mock.return_value = (200, {}) is_server_runing_mock.return_value = (True, 0) get_silent_mock.return_value = False get_ambari_properties_mock.return_value = Properties() def yn_input_side_effect(*args, **kwargs): if 'all services' in args[0]: return True else: raise Exception( "ShouldNotBeInvoked" ) # only the 'Use SSO for all services' question should be asked for now get_YN_input_mock.side_effect = yn_input_side_effect sso_enabled = 'true' sso_provider_url = 'http://testHost:8080' sso_public_cert_file = '/test/file/path' sso_jwt_cookie_name = 'test_cookie' sso_jwt_audience_list = 'test, audience, list' options = self._create_empty_options_mock() options.sso_enabled = sso_enabled options.sso_provider_url = sso_provider_url options.sso_public_cert_file = sso_public_cert_file options.sso_jwt_cookie_name = sso_jwt_cookie_name options.sso_jwt_audience_list = sso_jwt_audience_list setup_sso(options) self.assertTrue(perform_changes_via_rest_api_mock.called) requestCall = perform_changes_via_rest_api_mock.call_args_list[0] args, kwargs = requestCall requestData = args[5] self.assertTrue(isinstance(requestData, dict)) ssoProperties = requestData['Configuration']['properties'] self.assertEqual(ssoProperties[AMBARI_JWT_AUTH_ENBABLED], sso_enabled) self.assertEqual(ssoProperties[SSO_PROVIDER_URL], sso_provider_url) self.assertEqual(ssoProperties[SSO_CERTIFICATE], certificate_data) self.assertEqual(ssoProperties[JWT_COOKIE_NAME], sso_jwt_cookie_name) self.assertEqual(ssoProperties[JWT_AUDIENCES], sso_jwt_audience_list) self.assertEqual(ssoProperties[SSO_MANAGE_SERVICES], "true") self.assertEqual(ssoProperties[SSO_ENABLED_SERVICES], "*") sys.stdout = sys.__stdout__ pass