def test_get_row_token(self, get_raw_token_mcok): cmd = mock.MagicMock() cmd.cli_ctx = TestCli() # arrange get_raw_token_mcok.return_value = ([ 'bearer', 'token123', { 'expiresOn': '2100-01-01' } ], 'sub123', 'tenant123') # action result = get_access_token(cmd) # assert get_raw_token_mcok.assert_called_with( mock.ANY, 'https://management.core.windows.net/', None) expected_result = { 'tokenType': 'bearer', 'accessToken': 'token123', 'expiresOn': '2100-01-01', 'subscription': 'sub123', 'tenant': 'tenant123' } self.assertEqual(result, expected_result) # assert it takes customized resource, subscription get_access_token(cmd, subscription='foosub', resource='foores') get_raw_token_mcok.assert_called_with(mock.ANY, 'foores', 'foosub')
def test_get_raw_token(self, get_raw_token_mock): cmd = mock.MagicMock() cmd.cli_ctx = DummyCli() # arrange get_raw_token_mock.return_value = (['bearer', 'token123', {'expiresOn': '2100-01-01'}], 'sub123', 'tenant123') # action result = get_access_token(cmd) # assert get_raw_token_mock.assert_called_with(mock.ANY, 'https://management.core.windows.net/', None, None) expected_result = { 'tokenType': 'bearer', 'accessToken': 'token123', 'expiresOn': '2100-01-01', 'subscription': 'sub123', 'tenant': 'tenant123' } self.assertEqual(result, expected_result) # assert it takes customized resource, subscription resource = 'https://graph.microsoft.com/' subscription_id = '00000001-0000-0000-0000-000000000000' get_raw_token_mock.return_value = (['bearer', 'token123', {'expiresOn': '2100-01-01'}], subscription_id, 'tenant123') result = get_access_token(cmd, subscription=subscription_id, resource=resource) get_raw_token_mock.assert_called_with(mock.ANY, resource, subscription_id, None) expected_result = { 'tokenType': 'bearer', 'accessToken': 'token123', 'expiresOn': '2100-01-01', 'subscription': subscription_id, 'tenant': 'tenant123' } self.assertEqual(result, expected_result) # test get token with tenant tenant_id = '00000000-0000-0000-0000-000000000000' get_raw_token_mock.return_value = (['bearer', 'token123', {'expiresOn': '2100-01-01'}], None, tenant_id) result = get_access_token(cmd, tenant=tenant_id) get_raw_token_mock.assert_called_with(mock.ANY, 'https://management.core.windows.net/', None, tenant_id) expected_result = { 'tokenType': 'bearer', 'accessToken': 'token123', 'expiresOn': '2100-01-01', # subscription shouldn't be present 'tenant': tenant_id } self.assertEqual(result, expected_result)
def test_get_row_token(self, get_raw_token_mcok): # arrange get_raw_token_mcok.return_value = (['bearer', 'token123', {'expiresOn': '2100-01-01'}], 'sub123', 'tenant123') # action result = get_access_token() # assert get_raw_token_mcok.assert_called_with(mock.ANY, 'https://management.core.windows.net/', None) expected_result = { 'tokenType': 'bearer', 'accessToken': 'token123', 'expiresOn': '2100-01-01', 'subscription': 'sub123', 'tenant': 'tenant123' } self.assertEqual(result, expected_result) # assert it takes customized resource, subscription get_access_token(subscription='foosub', resource='foores') get_raw_token_mcok.assert_called_with(mock.ANY, 'foores', 'foosub')
def do_GET(self): url = urlparse(self.path) if url.path != "/MSI/token": print(f"{url.path} does not match /MSI/token") self.send_response(404) return identity_header = self.headers.get("secret") if identity_header != self.secret: print("Identity header missing or invalid") self.send_response(400) return query = parse_qs(url.query) resource = query.get("resource")[0] if not resource: print("No resource specified") self.send_response(400) return api_version = query.get("api-version")[0] if api_version != "2017-09-01": print("api-version missing or invalid") self.send_response(400) return cli_token = get_access_token(self.cmd, resource=resource) jwt = cli_token["accessToken"] payload = json.loads(b64decode(jwt.split(".")[1] + "===")) token = { "access_token": cli_token["accessToken"], "client_id": "", "expires_on": time.strftime("%m/%d/%Y %H:%M:%S +00:00", time.localtime(payload["exp"])), "not_before": str(payload["nbf"]), "resource": resource, "token_type": "Bearer", } self.send_response(200) self.send_header("Content-type", "application/json") self.end_headers() self.wfile.write(json.dumps(token).encode("utf-8"))
def test_get_raw_token_managed_identity(self, get_raw_token_mock): cmd = mock.MagicMock() cmd.cli_ctx = DummyCli() # test get token with Managed Identity tenant_id = '00000000-0000-0000-0000-000000000000' get_raw_token_mock.return_value = (['bearer', 'token123', {'expires_on': '1593497681'}], None, tenant_id) import datetime # Force POSIX timestamp to be converted to datetime in UTC during testing. with mock.patch('azure.cli.command_modules.profile.custom._fromtimestamp', datetime.datetime.utcfromtimestamp): result = get_access_token(cmd) get_raw_token_mock.assert_called_with(mock.ANY, 'https://management.core.windows.net/', None, None) expected_result = { 'tokenType': 'bearer', 'accessToken': 'token123', 'expiresOn': '2020-06-30 06:14:41.000000', 'tenant': tenant_id } self.assertEqual(result, expected_result)
def _create_api(cmd): authtoken = get_access_token(cmd) graphtoken = get_access_token(cmd, resource='https://graph.windows.net/') sqltoken = get_access_token(cmd, resource='https://database.windows.net') mysqltoken = get_access_token(cmd, resource_type='oss-rdbms') return CupertinoApi(authtoken, graphtoken, sqltoken, mysqltoken)
def test_get_raw_token(self, get_raw_token_mock): cmd = mock.MagicMock() cmd.cli_ctx = DummyCli() get_raw_token_mock.return_value = ([ 'bearer', 'token123', { 'expiresOn': '2100-01-01' } ], 'sub123', 'tenant123') result = get_access_token(cmd) # assert get_raw_token_mock.assert_called_with(mock.ANY, None, None, None, None) expected_result = { 'tokenType': 'bearer', 'accessToken': 'token123', 'expiresOn': '2100-01-01', 'subscription': 'sub123', 'tenant': 'tenant123' } self.assertEqual(result, expected_result) # assert it takes customized resource, subscription resource = 'https://graph.microsoft.com/' subscription_id = '00000001-0000-0000-0000-000000000000' get_raw_token_mock.return_value = ([ 'bearer', 'token123', { 'expiresOn': '2100-01-01' } ], subscription_id, 'tenant123') result = get_access_token(cmd, subscription=subscription_id, resource=resource) get_raw_token_mock.assert_called_with(mock.ANY, resource, None, subscription_id, None) # assert it takes customized scopes get_access_token(cmd, scopes='https://graph.microsoft.com/.default') get_raw_token_mock.assert_called_with( mock.ANY, None, scopes='https://graph.microsoft.com/.default', subscription=None, tenant=None) # test get token with tenant tenant_id = '00000000-0000-0000-0000-000000000000' get_raw_token_mock.return_value = ([ 'bearer', 'token123', { 'expiresOn': '2100-01-01' } ], None, tenant_id) result = get_access_token(cmd, tenant=tenant_id) expected_result = { 'tokenType': 'bearer', 'accessToken': 'token123', 'expiresOn': '2100-01-01', 'tenant': tenant_id } self.assertEqual(result, expected_result) get_raw_token_mock.assert_called_with(mock.ANY, None, None, None, tenant_id)