def test_init_with_keytab_env(config): KrbCommand.kdestroy(config) os.environ['KRB5_KTNAME'] = config.keytab config.keytab = None KrbTicket.init(DEFAULT_PRINCIPAL) del os.environ['KRB5_KTNAME'] assert not os.environ.get('KRB5_KTNAME')
def test_skip_subsequent_updater_start_with_multiprocessing( config_str, caplog): KrbCommand.kdestroy(eval(config_str)) KrbTicket.init_by_config(eval(config_str)) # Subsequent updater.start should be skipped. executor = ProcessPoolExecutor(max_workers=5) for future in [ executor.submit(_updater_run, eval(config_str)) for i in range(10) ]: future.result()
def test_init_without_keytab_env(config): KrbCommand.kdestroy(config) assert not os.environ.get('KRB5_KTNAME') retry_options = { 'wait_exponential_multiplier': 100, 'wait_exponential_max': 1000, 'stop_max_attempt_number': 1 } config.keytab = None try: KrbTicket.init(DEFAULT_PRINCIPAL, retry_options=retry_options) pytest.fail() except subprocess.CalledProcessError: pass
def test_object_uniqueness(config): KrbCommand.kdestroy(config) ticket0 = KrbTicket.init_by_config(config) ticket1 = KrbTicket.init_by_config(config) ticket2 = KrbTicket.get_by_config(config) config.ccache_name = '/tmp/krb5cc_{}'.format('dummy') ticket3 = KrbTicket.init_by_config(config) assert ticket0 == ticket1 assert ticket0 == ticket2 assert ticket0 != ticket3 KrbCommand.kdestroy(config)
def test_init_with_config(config): KrbCommand.kdestroy(config) ticket1 = KrbTicket.init_by_config(config) ticket2 = KrbTicket.init( DEFAULT_PRINCIPAL, DEFAULT_KEYTAB, renewal_threshold=timedelta(seconds=DEFAULT_TICKET_RENEWAL_THRESHOLD_SEC), ticket_lifetime=DEFAULT_TICKET_LIFETIME, ticket_renewable_lifetime=DEFAULT_TICKET_RENEWABLE_LIFETIME, retry_options={ 'wait_exponential_multiplier': 100, 'wait_exponential_max': 1000, 'stop_max_attempt_number': 3}) assert_ticket(ticket1, ticket2)
def test_renewal(config): """ This test assumes: - 1 sec renewal threshold - 4 sec ticket lifetime - 8 sed renewal ticket lifetime """ KrbCommand.kdestroy(config) ticket = KrbTicket.init_by_config(config) starting = ticket.starting expires = ticket.expires renew_expires = ticket.renew_expires updater = ticket.updater(interval=0.5) updater.start() # expect ticket renewal time.sleep(DEFAULT_TICKET_LIFETIME_SEC + DEFAULT_TICKET_RENEWAL_THRESHOLD_SEC) assert ticket.starting > starting assert ticket.expires > expires assert ticket.renew_expires == renew_expires starting = ticket.starting expires = ticket.expires # expect ticket re-initialize time.sleep(DEFAULT_TICKET_RENEWABLE_LIFETIME_SEC - DEFAULT_TICKET_LIFETIME_SEC + DEFAULT_TICKET_RENEWAL_THRESHOLD_SEC) assert ticket.starting > starting assert ticket.expires > expires assert ticket.renew_expires > renew_expires updater.stop()
def test_updater_start(config): KrbCommand.kdestroy(config) ticket = KrbTicket.init_by_config(config) ticket.updater_start(interval=1) assert ticket.updater().is_alive() ticket.updater().stop() time.sleep(2) assert not ticket.updater().is_alive()
def test_updater(config): KrbCommand.kdestroy(config) ticket = KrbTicket.init_by_config(config) updater = ticket.updater(interval=1) updater.start() assert updater.is_alive() updater.stop() time.sleep(2) assert not updater.is_alive()
def test_ticket(config): KrbCommand.kdestroy(config) ticket = KrbTicket.init_by_config(config) assert_config(ticket.config, config) assert ticket.file assert ticket.principal == '*****@*****.**' assert ticket.starting assert ticket.expires assert ticket.service_principal assert ticket.renew_expires
def _create_connection(self): if None is self.connection: logger.debug('creating connection') if None is not self.keytab_path: self.ticket = KrbTicket.init(self.username, self.keytab_path) self.ticket.updater_start() connection = hdfs.connect() assert connection is not None self.connection = connection
def run(): t_ticket = KrbTicket.get_by_config(eval(config_str)) t_updater = t_ticket.updater(interval=0.5) assert updater == t_updater assert t_updater.is_alive() t_updater.start() assert ticket == t_ticket assert_ticket(ticket, t_ticket) time.sleep(3)
def test_multiprocessing_renewal(config_str, caplog): KrbCommand.kdestroy(eval(config_str)) ticket = KrbTicket.init_by_config(eval(config_str)) def run(): """ This test assumes: - 1 sec renewal threshold - 4 sec ticket lifetime - 8 sed renewal ticket lifetime """ starting = ticket.starting expires = ticket.expires renew_expires = ticket.renew_expires updater = ticket.updater(interval=0.5) updater.start() # expect ticket renewal time.sleep(DEFAULT_TICKET_LIFETIME_SEC + DEFAULT_TICKET_RENEWAL_THRESHOLD_SEC) if 'SingleProcessKrbTicketUpdater' in config_str: # needs manual reload since SingleProcessTicketUpdater is stopped ticket.reload() assert ticket.starting > starting assert ticket.expires > expires assert ticket.renew_expires == renew_expires starting = ticket.starting expires = ticket.expires # expect ticket re-initialize time.sleep(DEFAULT_TICKET_RENEWABLE_LIFETIME_SEC - DEFAULT_TICKET_LIFETIME_SEC + DEFAULT_TICKET_RENEWAL_THRESHOLD_SEC) if 'SingleProcessKrbTicketUpdater' in config_str: # needs manual reload since SingleProcessTicketUpdater is stopped ticket.reload() assert ticket.starting > starting assert ticket.expires > expires assert ticket.renew_expires > renew_expires updater.stop() processes = [Process(target=run) for i in range(10)] for p in processes: p.start() for p in processes: p.join() assert not p.exitcode
def test_parse_klist_output(config): output = """ Ticket cache: FILE:/tmp/krb5cc_1000 Default principal: [email protected] Valid starting Expires Service principal 11/22/19 00:23:10 11/22/19 00:23:12 krbtgt/[email protected] renew until 12/20/19 00:23:10 """.strip() ticket = KrbTicket.parse_from_klist(config, output) assert ticket.principal == '*****@*****.**' assert ticket.service_principal == 'krbtgt/[email protected]' assert ticket.starting == datetime(2019, 11, 22, 0, 23, 10) assert ticket.expires == datetime(2019, 11, 22, 0, 23, 12) assert ticket.renew_expires == datetime(2019, 12, 20, 0, 23, 10)
def _create_connection(self): if None is self.connection: logger.debug('creating connection') # Updater automatically let kinit take ``KRB5_KTNAME`` # variable. If /etc/krb5.keytab doesn't exist, krbticket # tries to update the ticket with ``kinit -R`` as much as # possible. self.ticket = KrbTicket.get_or_init(self.username) self.ticket.updater_start() connection = hdfs.connect() assert connection is not None self.connection = connection # set nameservice _file_in_root = self.connection.ls("/")[0] self.nameservice = _file_in_root[:_file_in_root.rfind("/")]
def test_single_thread_updater_in_multithreading(config_str, caplog): KrbCommand.kdestroy(eval(config_str)) ticket = KrbTicket.init_by_config(eval(config_str)) updater = ticket.updater(interval=0.5) updater.start() def run(): t_ticket = KrbTicket.get_by_config(eval(config_str)) t_updater = t_ticket.updater(interval=0.5) assert updater == t_updater assert t_updater.is_alive() t_updater.start() assert ticket == t_ticket assert_ticket(ticket, t_ticket) time.sleep(3) executor = ThreadPoolExecutor(max_workers=10) for future in [executor.submit(run) for i in range(10)]: future.result()
def teardown_function(function): KrbTicket._destroy()
def test_init(config): KrbCommand.kdestroy(config) KrbTicket.init(DEFAULT_PRINCIPAL, DEFAULT_KEYTAB)
def _updater_run(config): ticket = KrbTicket.init_by_config(config) updater = ticket.updater(interval=0.5) updater.start() updater.start()
def test_expires(config): ticket = KrbTicket( config, starting=datetime(2019, 11, 10, 0, 0, 0), expires=datetime(2019, 11, 21, 0, 0, 0), renew_expires=datetime(2019, 11, 24, 0, 0, 0), ) assert ticket.is_expired() == False assert ticket.is_renewalable() == True ticket = KrbTicket( config, starting=datetime(2019, 11, 10, 0, 0, 0), expires=datetime(2019, 11, 21, 0, 0, 0), renew_expires=None, ) assert ticket.is_expired() == False assert ticket.is_renewalable() == False ticket = KrbTicket( config, starting=datetime(2019, 11, 10, 0, 0, 0), expires=datetime(2019, 11, 19, 0, 0, 0), renew_expires=datetime(2019, 11, 24, 0, 0, 0), ) assert ticket.is_expired() == True assert ticket.is_renewalable() == True ticket = KrbTicket( config, starting=datetime(2019, 11, 10, 0, 0, 0), expires=datetime(2019, 11, 15, 0, 0, 0), renew_expires=datetime(2019, 11, 19, 0, 0, 0), ) assert ticket.is_expired() == True assert ticket.is_renewalable() == False
def test_get_or_init(config): KrbCommand.kdestroy(config) ticket0 = KrbTicket.get_or_init(DEFAULT_PRINCIPAL, DEFAULT_KEYTAB) ticket1 = KrbTicket.get_or_init(DEFAULT_PRINCIPAL, DEFAULT_KEYTAB) assert_ticket(ticket0, ticket1)