def test_credentials_are_generated_from_user(self, mock_sts): mock_conn = MagicMock() mock_conn.assume_role.return_value = Struct({ 'credentials': Struct({ 'expiration': 'SAML_TOKEN_EXPIRATION', 'access_key': 'SAML_ACCESS_KEY', 'secret_key': 'SAML_SECRET_KEY', 'session_token': 'SAML_TOKEN' }) }) mock_sts.connect_to_region.return_value = mock_conn arn = 'arn:role/developer' session_name = 'dev-session' cli.main([ 'test.py', 'user', arn, session_name, '--profile', 'test-profile', '--region', 'un-south-1' ]) six.assertCountEqual(self, read_config_file(self.TEST_FILE), [ '[test-profile]', 'output = json', 'region = un-south-1', 'aws_access_key_id = SAML_ACCESS_KEY', 'aws_secret_access_key = SAML_SECRET_KEY', 'aws_security_token = SAML_TOKEN', 'aws_session_token = SAML_TOKEN', '' ])
def test_credentials_are_generated_from_user(self, mock_sts): mock_conn = MagicMock() mock_conn.assume_role.return_value = Struct({'credentials': Struct({'expiration': 'SAML_TOKEN_EXPIRATION', 'access_key': 'SAML_ACCESS_KEY', 'secret_key': 'SAML_SECRET_KEY', 'session_token': 'SAML_TOKEN'})}) mock_sts.connect_to_region.return_value = mock_conn arn = 'arn:role/developer' session_name = 'dev-session' cli.main(['test.py', 'user', arn, session_name, '--profile', 'test-profile', '--region', 'un-south-1']) self.assertItemsEqual(read_config_file(self.TEST_FILE), ['[test-profile]', 'output = json', 'region = un-south-1', 'aws_access_key_id = SAML_ACCESS_KEY', 'aws_secret_access_key = SAML_SECRET_KEY', 'aws_security_token = SAML_TOKEN', 'aws_session_token = SAML_TOKEN', ''])
def test_existing_profiles_are_preserved(self): write_config_file(self.TEST_FILE, '[test]', 'output = none', 'region = us-west-2', 'aws_access_key_id = TEST_KEY', 'aws_secret_access_key = TEST_ACCESS', 'aws_security_token = TEST_TOKEN', 'aws_session_token = TEST_TOKEN') AwsCredentialsFile(self.TEST_FILE).add_profile( 'dev', 'un-west-5', Struct({'access_key': 'ACCESS_KEY', 'secret_key': 'SECRET_KEY', 'security_token': 'SESSION_TOKEN', 'session_token': 'SESSION_TOKEN', 'expiration': 'TEST_EXPIRATION'})) six.assertCountEqual(self, read_config_file(self.TEST_FILE), ['[test]', 'region = us-west-2', 'aws_access_key_id = TEST_KEY', 'aws_secret_access_key = TEST_ACCESS', 'output = none', 'aws_security_token = TEST_TOKEN', 'aws_session_token = TEST_TOKEN', '', '[dev]', 'output = json', 'region = un-west-5', 'aws_access_key_id = ACCESS_KEY', 'aws_secret_access_key = SECRET_KEY', 'aws_security_token = SESSION_TOKEN', 'aws_session_token = SESSION_TOKEN', ''])
def test_credentials_are_generated_from_saml(self, mock_sts): mock_conn = MagicMock() mock_conn.assume_role_with_saml.return_value = Struct({ 'credentials': Struct({ 'expiration': 'SAML_TOKEN_EXPIRATION', 'access_key': 'SAML_ACCESS_KEY', 'secret_key': 'SAML_SECRET_KEY', 'session_token': 'SAML_TOKEN' }) }) mock_sts.connect_to_region.return_value = mock_conn sys.stdin = StringIO( saml_assertion([ 'arn:aws:iam::1111:role/DevRole,arn:aws:iam::1111:saml-provider/IDP' ])) cli.main([ 'test.py', 'saml', '--profile', 'test-profile', '--region', 'un-south-1' ]) six.assertCountEqual(self, read_config_file(self.TEST_FILE), [ '[test-profile]', 'output = json', 'region = un-south-1', 'aws_access_key_id = SAML_ACCESS_KEY', 'aws_secret_access_key = SAML_SECRET_KEY', 'aws_security_token = SAML_TOKEN', 'aws_session_token = SAML_TOKEN', '' ])
def test_existing_profiles_are_preserved(self): write_config_file(self.TEST_FILE, '[test]', 'output = none', 'region = us-west-2', 'aws_access_key_id = TEST_KEY', 'aws_secret_access_key = TEST_ACCESS', 'aws_security_token = TEST_TOKEN', 'aws_session_token = TEST_TOKEN') AwsCredentialsFile(self.TEST_FILE).add_profile( 'dev', 'un-west-5', Struct({ 'access_key': 'ACCESS_KEY', 'secret_key': 'SECRET_KEY', 'security_token': 'SESSION_TOKEN', 'session_token': 'SESSION_TOKEN', 'expiration': 'TEST_EXPIRATION' })) six.assertCountEqual(self, read_config_file(self.TEST_FILE), [ '[test]', 'region = us-west-2', 'aws_access_key_id = TEST_KEY', 'aws_secret_access_key = TEST_ACCESS', 'output = none', 'aws_security_token = TEST_TOKEN', 'aws_session_token = TEST_TOKEN', '', '[dev]', 'output = json', 'region = un-west-5', 'aws_access_key_id = ACCESS_KEY', 'aws_secret_access_key = SECRET_KEY', 'aws_security_token = SESSION_TOKEN', 'aws_session_token = SESSION_TOKEN', '' ])
def test_profile_is_added(self): AwsCredentialsFile(self.TEST_FILE).add_profile( 'dev', 'un-west-5', Struct({'access_key': 'ACCESS_KEY', 'secret_key': 'SECRET_KEY', 'session_token': 'SESSION_TOKEN', 'expiration': 'TEST_EXPIRATION'})) six.assertCountEqual(self, read_config_file(self.TEST_FILE), ['[dev]', 'output = json', 'region = un-west-5', 'aws_access_key_id = ACCESS_KEY', 'aws_secret_access_key = SECRET_KEY', 'aws_security_token = SESSION_TOKEN', 'aws_session_token = SESSION_TOKEN', ''])
def test_profile_is_added(self): AwsCredentialsFile(self.TEST_FILE).add_profile( 'dev', 'un-west-5', Struct({ 'access_key': 'ACCESS_KEY', 'secret_key': 'SECRET_KEY', 'session_token': 'SESSION_TOKEN', 'expiration': 'TEST_EXPIRATION' })) six.assertCountEqual(self, read_config_file(self.TEST_FILE), [ '[dev]', 'output = json', 'region = un-west-5', 'aws_access_key_id = ACCESS_KEY', 'aws_secret_access_key = SECRET_KEY', 'aws_security_token = SESSION_TOKEN', 'aws_session_token = SESSION_TOKEN', '' ])
def test_credentials_are_generated_from_token(self): token = Struct({'credentials': Struct({'access_key': 'SAML_ACCESS_KEY', 'secret_key': 'SAML_SECRET_KEY', 'session_token': 'SAML_TOKEN', 'expiration': 'TEST_EXPIRATION'})}) Actions.persist_credentials(self.TEST_FILE, 'test-profile', 'un-south-1', token, True) self.assertItemsEqual(read_config_file(self.TEST_FILE), ['[test-profile]', 'output = json', 'region = un-south-1', 'aws_access_key_id = SAML_ACCESS_KEY', 'aws_secret_access_key = SAML_SECRET_KEY', 'aws_security_token = SAML_TOKEN', 'aws_session_token = SAML_TOKEN', ''])
def test_credentials_are_generated_from_token(self): token = Struct({ 'credentials': Struct({ 'access_key': 'SAML_ACCESS_KEY', 'secret_key': 'SAML_SECRET_KEY', 'session_token': 'SAML_TOKEN', 'expiration': 'TEST_EXPIRATION' }) }) Actions.persist_credentials(self.TEST_FILE, 'test-profile', 'un-south-1', token, True) six.assertCountEqual(self, read_config_file(self.TEST_FILE), [ '[test-profile]', 'output = json', 'region = un-south-1', 'aws_access_key_id = SAML_ACCESS_KEY', 'aws_secret_access_key = SAML_SECRET_KEY', 'aws_security_token = SAML_TOKEN', 'aws_session_token = SAML_TOKEN', '' ])
def test_credentials_are_generated_from_saml(self, mock_sts): mock_conn = MagicMock() mock_conn.assume_role_with_saml.return_value = Struct({'credentials': Struct({'expiration': 'SAML_TOKEN_EXPIRATION', 'access_key': 'SAML_ACCESS_KEY', 'secret_key': 'SAML_SECRET_KEY', 'session_token': 'SAML_TOKEN'})}) mock_sts.connect_to_region.return_value = mock_conn sys.stdin = StringIO(saml_assertion(['arn:aws:iam::1111:role/DevRole,arn:aws:iam::1111:saml-provider/IDP'])) cli.main(['test.py', 'saml', '--profile', 'test-profile', '--region', 'un-south-1']) self.assertItemsEqual(read_config_file(self.TEST_FILE), ['[test-profile]', 'output = json', 'region = un-south-1', 'aws_access_key_id = SAML_ACCESS_KEY', 'aws_secret_access_key = SAML_SECRET_KEY', 'aws_security_token = SAML_TOKEN', 'aws_session_token = SAML_TOKEN', ''])
def test_profile_is_updated(self): write_config_file(self.TEST_FILE, '[dev]', 'output = none', 'region = us-west-2', 'aws_access_key_id = OLD', 'aws_secret_access_key = REDUNDANT', 'aws_session_token = EXPIRED') AwsCredentialsFile(self.TEST_FILE).add_profile( 'dev', 'un-west-5', Struct({'access_key': 'ACCESS_KEY', 'secret_key': 'SECRET_KEY', 'session_token': 'SESSION_TOKEN', 'expiration': 'TEST_EXPIRATION'}), True) self.assertItemsEqual(read_config_file(self.TEST_FILE), ['[dev]', 'region = un-west-5', 'aws_access_key_id = ACCESS_KEY', 'aws_secret_access_key = SECRET_KEY', 'output = json', 'aws_security_token = SESSION_TOKEN', 'aws_session_token = SESSION_TOKEN', ''])