ibm_cloud_sdk_core 0.3.3 → 1.0.0.rc1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/ibm_cloud_sdk_core/authenticators/authenticator.rb +22 -0
- data/lib/ibm_cloud_sdk_core/authenticators/basic_authenticator.rb +35 -0
- data/lib/ibm_cloud_sdk_core/authenticators/bearer_token_authenticator.rb +31 -0
- data/lib/ibm_cloud_sdk_core/authenticators/config_based_authenticator_factory.rb +36 -0
- data/lib/ibm_cloud_sdk_core/authenticators/cp4d_authenticator.rb +49 -0
- data/lib/ibm_cloud_sdk_core/authenticators/iam_authenticator.rb +60 -0
- data/lib/ibm_cloud_sdk_core/authenticators/no_auth_authenticator.rb +21 -0
- data/lib/ibm_cloud_sdk_core/base_service.rb +13 -169
- data/lib/ibm_cloud_sdk_core/{icp4d_token_manager.rb → token_managers/cp4d_token_manager.rb} +7 -6
- data/lib/ibm_cloud_sdk_core/token_managers/iam_token_manager.rb +60 -0
- data/lib/ibm_cloud_sdk_core/{jwt_token_manager.rb → token_managers/jwt_token_manager.rb} +5 -8
- data/lib/ibm_cloud_sdk_core/utils.rb +78 -0
- data/lib/ibm_cloud_sdk_core/version.rb +1 -1
- data/test/unit/test_base_service.rb +63 -241
- data/test/unit/test_iam_token_manager.rb +26 -62
- data/test/unit/test_icp4d_token_manager.rb +4 -6
- data/test/unit/test_jwt_token_manager.rb +3 -16
- metadata +16 -8
- data/lib/ibm_cloud_sdk_core/iam_token_manager.rb +0 -66
|
@@ -0,0 +1,78 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
DEFAULT_CREDENTIALS_FILE_NAME = "ibm-credentials.env"
|
|
4
|
+
|
|
5
|
+
def get_service_properties(service_name)
|
|
6
|
+
# - 1) Credential file
|
|
7
|
+
config = load_from_credential_file(service_name)
|
|
8
|
+
# - 2) Environment variables
|
|
9
|
+
config = load_from_environment_variables(service_name) if config.nil? || config.empty?
|
|
10
|
+
# - 3) VCAP_SERVICES env variable
|
|
11
|
+
config = load_from_vcap_services(service_name) if config.nil? || config.empty?
|
|
12
|
+
config
|
|
13
|
+
end
|
|
14
|
+
|
|
15
|
+
def check_bad_first_or_last_char(str)
|
|
16
|
+
return str.start_with?("{", "\"") || str.end_with?("}", "\"") unless str.nil?
|
|
17
|
+
end
|
|
18
|
+
|
|
19
|
+
# Initiates the credentials based on the credential file
|
|
20
|
+
def load_from_credential_file(service_name, separator = "=")
|
|
21
|
+
credential_file_path = ENV["IBM_CREDENTIALS_FILE"]
|
|
22
|
+
|
|
23
|
+
# Home directory
|
|
24
|
+
if credential_file_path.nil?
|
|
25
|
+
file_path = ENV["HOME"] + "/" + DEFAULT_CREDENTIALS_FILE_NAME
|
|
26
|
+
credential_file_path = file_path if File.exist?(file_path)
|
|
27
|
+
end
|
|
28
|
+
|
|
29
|
+
# Top-level directory of the project
|
|
30
|
+
if credential_file_path.nil?
|
|
31
|
+
file_path = File.join(File.dirname(__FILE__), "/../../" + DEFAULT_CREDENTIALS_FILE_NAME)
|
|
32
|
+
credential_file_path = file_path if File.exist?(file_path)
|
|
33
|
+
end
|
|
34
|
+
|
|
35
|
+
return if credential_file_path.nil?
|
|
36
|
+
|
|
37
|
+
file_contents = File.open(credential_file_path, "r")
|
|
38
|
+
config = {}
|
|
39
|
+
file_contents.each_line do |line|
|
|
40
|
+
key_val = line.strip.split(separator)
|
|
41
|
+
unless line.start_with?("#") && key.length == 2
|
|
42
|
+
key = parse_key(key_val[0].downcase, service_name) unless key_val[0].nil?
|
|
43
|
+
config.store(key.to_sym, key_val[1]) unless key.nil?
|
|
44
|
+
end
|
|
45
|
+
end
|
|
46
|
+
config
|
|
47
|
+
end
|
|
48
|
+
|
|
49
|
+
def load_from_environment_variables(service_name)
|
|
50
|
+
config = {}
|
|
51
|
+
ENV.each do |key, val|
|
|
52
|
+
parsed_key = parse_key(key.downcase, service_name) unless key.nil?
|
|
53
|
+
config.store(parsed_key.to_sym, val) unless parsed_key.nil?
|
|
54
|
+
end
|
|
55
|
+
config
|
|
56
|
+
end
|
|
57
|
+
|
|
58
|
+
def parse_key(key, service_name)
|
|
59
|
+
key[service_name.length + 1, key.length] if key.include?(service_name)
|
|
60
|
+
end
|
|
61
|
+
|
|
62
|
+
def load_from_vcap_services(service_name)
|
|
63
|
+
vcap_services = ENV["VCAP_SERVICES"]
|
|
64
|
+
unless vcap_services.nil?
|
|
65
|
+
services = JSON.parse(vcap_services)
|
|
66
|
+
config = {}
|
|
67
|
+
credentials = services[service_name][0]["credentials"] if services.key?(service_name)
|
|
68
|
+
return config if credentials.nil?
|
|
69
|
+
|
|
70
|
+
credentials.each do |key, val|
|
|
71
|
+
config.store(key.to_sym, val)
|
|
72
|
+
end
|
|
73
|
+
config[:auth_type] = "basic" if !config[:username].nil? && !config[:password].nil?
|
|
74
|
+
config[:auth_type] = "iam" unless config[:apikey].nil?
|
|
75
|
+
return config
|
|
76
|
+
end
|
|
77
|
+
nil
|
|
78
|
+
end
|
|
@@ -3,6 +3,8 @@
|
|
|
3
3
|
require("json")
|
|
4
4
|
require("jwt")
|
|
5
5
|
require_relative("./../test_helper.rb")
|
|
6
|
+
require_relative("./../../lib/ibm_cloud_sdk_core/authenticators/basic_authenticator")
|
|
7
|
+
require_relative("./../../lib/ibm_cloud_sdk_core/authenticators/config_based_authenticator_factory")
|
|
6
8
|
require("webmock/minitest")
|
|
7
9
|
|
|
8
10
|
WebMock.disable_net_connect!(allow_localhost: true)
|
|
@@ -11,7 +13,7 @@ WebMock.disable_net_connect!(allow_localhost: true)
|
|
|
11
13
|
class BaseServiceTest < Minitest::Test
|
|
12
14
|
def test_wrong_username
|
|
13
15
|
assert_raises do
|
|
14
|
-
IBMCloudSdkCore::
|
|
16
|
+
IBMCloudSdkCore::BasicAuthenticator.new(
|
|
15
17
|
username: "\"username",
|
|
16
18
|
password: "password"
|
|
17
19
|
)
|
|
@@ -20,26 +22,30 @@ class BaseServiceTest < Minitest::Test
|
|
|
20
22
|
|
|
21
23
|
def test_wrong_apikey
|
|
22
24
|
assert_raises do
|
|
23
|
-
IBMCloudSdkCore::
|
|
24
|
-
|
|
25
|
+
IBMCloudSdkCore::IamAuthenticator.new(
|
|
26
|
+
apikey: "{apikey"
|
|
25
27
|
)
|
|
26
28
|
end
|
|
27
29
|
end
|
|
28
30
|
|
|
29
31
|
def test_wrong_url
|
|
30
32
|
assert_raises do
|
|
31
|
-
IBMCloudSdkCore::
|
|
32
|
-
|
|
33
|
+
IBMCloudSdkCore::IamAuthenticator.new(
|
|
34
|
+
apikey: "apikey",
|
|
33
35
|
url: "url}"
|
|
34
36
|
)
|
|
35
37
|
end
|
|
36
38
|
end
|
|
37
39
|
|
|
38
40
|
def test_correct_creds_and_headers
|
|
39
|
-
|
|
41
|
+
authenticator = IBMCloudSdkCore::BasicAuthenticator.new(
|
|
40
42
|
username: "username",
|
|
41
43
|
password: "password"
|
|
42
44
|
)
|
|
45
|
+
service = IBMCloudSdkCore::BaseService.new(
|
|
46
|
+
display_name: "Assistant",
|
|
47
|
+
authenticator: authenticator
|
|
48
|
+
)
|
|
43
49
|
service.add_default_headers(
|
|
44
50
|
headers: {
|
|
45
51
|
"X-Watson-Learning-Opt-Out" => "1",
|
|
@@ -50,20 +56,11 @@ class BaseServiceTest < Minitest::Test
|
|
|
50
56
|
refute_nil(service)
|
|
51
57
|
end
|
|
52
58
|
|
|
53
|
-
def test_iam_access_token
|
|
54
|
-
token = "new$token"
|
|
55
|
-
service = IBMCloudSdkCore::BaseService.new(
|
|
56
|
-
url: "https://we.the.best"
|
|
57
|
-
)
|
|
58
|
-
response = service.iam_access_token(iam_access_token: token)
|
|
59
|
-
assert_equal(response, token)
|
|
60
|
-
end
|
|
61
|
-
|
|
62
59
|
def test_set_credentials_from_path_in_env
|
|
63
60
|
file_path = File.join(File.dirname(__FILE__), "../../resources/ibm-credentials.env")
|
|
64
61
|
ENV["IBM_CREDENTIALS_FILE"] = file_path
|
|
65
62
|
service = IBMCloudSdkCore::BaseService.new(display_name: "Visual Recognition")
|
|
66
|
-
assert_equal(service.url, "https://gateway.ronaldo.com")
|
|
63
|
+
assert_equal(service.instance_variable_get(:@url), "https://gateway.ronaldo.com")
|
|
67
64
|
refute_nil(service)
|
|
68
65
|
ENV.delete("IBM_CREDENTIALS_FILE")
|
|
69
66
|
end
|
|
@@ -72,16 +69,27 @@ class BaseServiceTest < Minitest::Test
|
|
|
72
69
|
file_path = File.join(File.dirname(__FILE__), "../../resources/ibm-credentials.env")
|
|
73
70
|
ENV["IBM_CREDENTIALS_FILE"] = file_path
|
|
74
71
|
service = IBMCloudSdkCore::BaseService.new(display_name: "Natural Language Understanding")
|
|
75
|
-
assert_equal(service.url, "https://gateway.messi.com")
|
|
76
|
-
|
|
72
|
+
assert_equal(service.instance_variable_get(:@url), "https://gateway.messi.com")
|
|
73
|
+
refute_nil(service)
|
|
74
|
+
ENV.delete("IBM_CREDENTIALS_FILE")
|
|
75
|
+
end
|
|
76
|
+
|
|
77
|
+
def test_set_credentials_from_path_in_env_bearer_token
|
|
78
|
+
file_path = File.join(File.dirname(__FILE__), "../../resources/ibm-credentials.env")
|
|
79
|
+
ENV["IBM_CREDENTIALS_FILE"] = file_path
|
|
80
|
+
authenticator = IBMCloudSdkCore::ConfigBasedAuthenticatorFactory.new.get_authenticator(service_name: "leo_messi")
|
|
81
|
+
service = IBMCloudSdkCore::BaseService.new(display_name: "Leo Messi", url: "some.url", authenticator: authenticator)
|
|
82
|
+
assert_equal(authenticator.authentication_type, "bearerToken")
|
|
77
83
|
refute_nil(service)
|
|
78
84
|
ENV.delete("IBM_CREDENTIALS_FILE")
|
|
79
85
|
end
|
|
80
86
|
|
|
81
87
|
def test_vcap_services
|
|
82
88
|
ENV["VCAP_SERVICES"] = JSON.parse(File.read(Dir.getwd + "/resources/vcap-testing.json")).to_json
|
|
83
|
-
|
|
84
|
-
|
|
89
|
+
authenticator = IBMCloudSdkCore::ConfigBasedAuthenticatorFactory.new.get_authenticator(service_name: "salah")
|
|
90
|
+
service = IBMCloudSdkCore::BaseService.new(display_name: "salah", authenticator: authenticator)
|
|
91
|
+
assert_equal(authenticator.username, "mo")
|
|
92
|
+
assert_equal(service.display_name, "salah")
|
|
85
93
|
end
|
|
86
94
|
|
|
87
95
|
def test_dummy_request
|
|
@@ -92,14 +100,16 @@ class BaseServiceTest < Minitest::Test
|
|
|
92
100
|
"Host" => "we.the.best"
|
|
93
101
|
}
|
|
94
102
|
).to_return(status: 200, body: "", headers: {})
|
|
95
|
-
|
|
103
|
+
authenticator = IBMCloudSdkCore::ConfigBasedAuthenticatorFactory.new.get_authenticator(service_name: "Salah")
|
|
104
|
+
service = IBMCloudSdkCore::BaseService.new(display_name: "Salah", authenticator: authenticator, url: "https://we.the.best")
|
|
96
105
|
service_response = service.request(method: "GET", url: "/music", headers: {})
|
|
97
106
|
assert_equal("", service_response.result)
|
|
98
107
|
end
|
|
99
108
|
|
|
100
109
|
def test_dummy_request_form_data
|
|
101
110
|
service = IBMCloudSdkCore::BaseService.new(
|
|
102
|
-
|
|
111
|
+
display_name: "Assistant",
|
|
112
|
+
apikey: "apikey",
|
|
103
113
|
iam_access_token: "token",
|
|
104
114
|
url: "https://gateway.watsonplatform.net/"
|
|
105
115
|
)
|
|
@@ -133,7 +143,8 @@ class BaseServiceTest < Minitest::Test
|
|
|
133
143
|
"Host" => "we.the.best"
|
|
134
144
|
}
|
|
135
145
|
).to_return(status: 500, body: response.to_json, headers: {})
|
|
136
|
-
|
|
146
|
+
authenticator = IBMCloudSdkCore::ConfigBasedAuthenticatorFactory.new.get_authenticator(service_name: "Salah")
|
|
147
|
+
service = IBMCloudSdkCore::BaseService.new(display_name: "Salah", authenticator: authenticator, url: "https://we.the.best")
|
|
137
148
|
assert_raises do
|
|
138
149
|
service.request(method: "GET", url: "/music", headers: {})
|
|
139
150
|
end
|
|
@@ -151,237 +162,48 @@ class BaseServiceTest < Minitest::Test
|
|
|
151
162
|
stub_request(:get, "https://we.the.best/music")
|
|
152
163
|
.with(
|
|
153
164
|
headers: {
|
|
154
|
-
"Authorization" => "Basic YXBpa2V5OmljcC14eXo=",
|
|
155
165
|
"Host" => "we.the.best"
|
|
156
166
|
}
|
|
157
167
|
).to_return(status: 200, body: response.to_json, headers: headers)
|
|
158
|
-
|
|
159
|
-
url: "https://we.the.best",
|
|
168
|
+
authenticator = IBMCloudSdkCore::BasicAuthenticator.new(
|
|
160
169
|
username: "apikey",
|
|
161
170
|
password: "icp-xyz"
|
|
162
171
|
)
|
|
163
|
-
service_response = service.request(method: "GET", url: "/music", headers: {})
|
|
164
|
-
assert_equal(response, service_response.result)
|
|
165
|
-
end
|
|
166
|
-
|
|
167
|
-
def test_dummy_request_icp_iam_apikey
|
|
168
|
-
response = {
|
|
169
|
-
"text" => "I want financial advice today.",
|
|
170
|
-
"created" => "2016-07-11T16:39:01.774Z",
|
|
171
|
-
"updated" => "2015-12-07T18:53:59.153Z"
|
|
172
|
-
}
|
|
173
|
-
headers = {
|
|
174
|
-
"Content-Type" => "application/json"
|
|
175
|
-
}
|
|
176
|
-
stub_request(:get, "https://we.the.best/music")
|
|
177
|
-
.with(
|
|
178
|
-
headers: {
|
|
179
|
-
"Authorization" => "Basic YXBpa2V5OmljcC14eXo=",
|
|
180
|
-
"Host" => "we.the.best"
|
|
181
|
-
}
|
|
182
|
-
).to_return(status: 200, body: response.to_json, headers: headers)
|
|
183
|
-
service = IBMCloudSdkCore::BaseService.new(
|
|
184
|
-
url: "https://we.the.best",
|
|
185
|
-
iam_apikey: "icp-xyz"
|
|
186
|
-
)
|
|
187
|
-
service_response = service.request(method: "GET", url: "/music", headers: {})
|
|
188
|
-
assert_equal(response, service_response.result)
|
|
189
|
-
end
|
|
190
|
-
|
|
191
|
-
def test_dummy_request_icp_iam_apikey_cred_file
|
|
192
|
-
response = {
|
|
193
|
-
"text" => "I want financial advice today.",
|
|
194
|
-
"created" => "2016-07-11T16:39:01.774Z",
|
|
195
|
-
"updated" => "2015-12-07T18:53:59.153Z"
|
|
196
|
-
}
|
|
197
|
-
headers = {
|
|
198
|
-
"Content-Type" => "application/json"
|
|
199
|
-
}
|
|
200
|
-
stub_request(:get, "https://we.the.best/music")
|
|
201
|
-
.with(
|
|
202
|
-
headers: {
|
|
203
|
-
"Authorization" => "Basic YXBpa2V5OmljcC14eXo=",
|
|
204
|
-
"Host" => "we.the.best"
|
|
205
|
-
}
|
|
206
|
-
).to_return(status: 200, body: response.to_json, headers: headers)
|
|
207
|
-
file_path = File.join(File.dirname(__FILE__), "../../resources/ibm-credentials.env")
|
|
208
|
-
ENV["IBM_CREDENTIALS_FILE"] = file_path
|
|
209
|
-
service = IBMCloudSdkCore::BaseService.new(
|
|
210
|
-
url: "https://we.the.best",
|
|
211
|
-
display_name: "messi"
|
|
212
|
-
)
|
|
213
|
-
service_response = service.request(method: "GET", url: "/music", headers: {})
|
|
214
|
-
assert_equal(response, service_response.result)
|
|
215
|
-
end
|
|
216
|
-
|
|
217
|
-
def test_dummy_request_username_apikey
|
|
218
|
-
response = {
|
|
219
|
-
"text" => "I want financial advice today.",
|
|
220
|
-
"created" => "2016-07-11T16:39:01.774Z",
|
|
221
|
-
"updated" => "2015-12-07T18:53:59.153Z"
|
|
222
|
-
}
|
|
223
|
-
access_token_layout = {
|
|
224
|
-
"username" => "dummy",
|
|
225
|
-
"role" => "Admin",
|
|
226
|
-
"permissions" => %w[administrator manage_catalog],
|
|
227
|
-
"sub" => "admin",
|
|
228
|
-
"iss" => "sss",
|
|
229
|
-
"aud" => "sss",
|
|
230
|
-
"uid" => "sss",
|
|
231
|
-
"iat" => 3600,
|
|
232
|
-
"exp" => Time.now.to_i
|
|
233
|
-
}
|
|
234
|
-
|
|
235
|
-
access_token = JWT.encode(access_token_layout, "secret", "HS256", "kid": "230498151c214b788dd97f22b85410a5")
|
|
236
|
-
token_response = {
|
|
237
|
-
"access_token" => access_token,
|
|
238
|
-
"token_type" => "Bearer",
|
|
239
|
-
"expires_in" => 3600,
|
|
240
|
-
"expiration" => 1_524_167_011,
|
|
241
|
-
"refresh_token" => "jy4gl91BQ"
|
|
242
|
-
}
|
|
243
|
-
|
|
244
|
-
headers = {
|
|
245
|
-
"Content-Type" => "application/json"
|
|
246
|
-
}
|
|
247
|
-
stub_request(:post, "https://iam.cloud.ibm.com/identity/token")
|
|
248
|
-
.with(
|
|
249
|
-
body: {
|
|
250
|
-
"apikey" => "xyz",
|
|
251
|
-
"grant_type" => "urn:ibm:params:oauth:grant-type:apikey",
|
|
252
|
-
"response_type" => "cloud_iam"
|
|
253
|
-
},
|
|
254
|
-
headers: {
|
|
255
|
-
"Accept" => "application/json",
|
|
256
|
-
"Authorization" => "Basic Yng6Yng=",
|
|
257
|
-
"Connection" => "close",
|
|
258
|
-
"Content-Type" => "application/x-www-form-urlencoded",
|
|
259
|
-
"Host" => "iam.cloud.ibm.com",
|
|
260
|
-
"User-Agent" => "http.rb/4.1.1"
|
|
261
|
-
}
|
|
262
|
-
).to_return(status: 200, body: token_response.to_json, headers: {})
|
|
263
|
-
stub_request(:get, "https://we.the.best/music")
|
|
264
|
-
.with(
|
|
265
|
-
headers: {
|
|
266
|
-
"Authorization" => "Bearer " + access_token,
|
|
267
|
-
"Host" => "we.the.best"
|
|
268
|
-
}
|
|
269
|
-
).to_return(status: 200, body: response.to_json, headers: headers)
|
|
270
172
|
service = IBMCloudSdkCore::BaseService.new(
|
|
271
|
-
|
|
272
|
-
|
|
273
|
-
|
|
173
|
+
display_name: "Assistant",
|
|
174
|
+
authenticator: authenticator,
|
|
175
|
+
url: "https://we.the.best"
|
|
274
176
|
)
|
|
275
177
|
service_response = service.request(method: "GET", url: "/music", headers: {})
|
|
276
178
|
assert_equal(response, service_response.result)
|
|
277
179
|
end
|
|
278
180
|
|
|
279
|
-
def
|
|
280
|
-
|
|
181
|
+
def test_for_cp4d_authenticator
|
|
182
|
+
authenticator = IBMCloudSdkCore::CloudPakForDataAuthenticator.new(
|
|
281
183
|
username: "hello",
|
|
282
184
|
password: "world",
|
|
283
|
-
|
|
284
|
-
authentication_type: "icp4d"
|
|
285
|
-
)
|
|
286
|
-
refute_nil(service.token_manager)
|
|
287
|
-
end
|
|
288
|
-
|
|
289
|
-
def test_dummy_request_username_apikey_cred_file
|
|
290
|
-
response = {
|
|
291
|
-
"text" => "I want financial advice today.",
|
|
292
|
-
"created" => "2016-07-11T16:39:01.774Z",
|
|
293
|
-
"updated" => "2015-12-07T18:53:59.153Z"
|
|
294
|
-
}
|
|
295
|
-
|
|
296
|
-
access_token_layout = {
|
|
297
|
-
"username" => "dummy",
|
|
298
|
-
"role" => "Admin",
|
|
299
|
-
"permissions" => %w[administrator manage_catalog],
|
|
300
|
-
"sub" => "admin",
|
|
301
|
-
"iss" => "sss",
|
|
302
|
-
"aud" => "sss",
|
|
303
|
-
"uid" => "sss",
|
|
304
|
-
"iat" => 3600,
|
|
305
|
-
"exp" => Time.now.to_i
|
|
306
|
-
}
|
|
307
|
-
|
|
308
|
-
access_token = JWT.encode(access_token_layout, "secret", "HS256", "kid": "230498151c214b788dd97f22b85410a5")
|
|
309
|
-
token_response = {
|
|
310
|
-
"access_token" => access_token,
|
|
311
|
-
"token_type" => "Bearer",
|
|
312
|
-
"expires_in" => 3600,
|
|
313
|
-
"expiration" => 1_524_167_011,
|
|
314
|
-
"refresh_token" => "jy4gl91BQ"
|
|
315
|
-
}
|
|
316
|
-
|
|
317
|
-
headers = {
|
|
318
|
-
"Content-Type" => "application/json"
|
|
319
|
-
}
|
|
320
|
-
stub_request(:post, "https://iam.cloud.ibm.com/identity/token")
|
|
321
|
-
.with(
|
|
322
|
-
body: {
|
|
323
|
-
"apikey" => "xyz",
|
|
324
|
-
"grant_type" => "urn:ibm:params:oauth:grant-type:apikey",
|
|
325
|
-
"response_type" => "cloud_iam"
|
|
326
|
-
},
|
|
327
|
-
headers: {
|
|
328
|
-
"Accept" => "application/json",
|
|
329
|
-
"Authorization" => "Basic Yng6Yng=",
|
|
330
|
-
"Connection" => "close",
|
|
331
|
-
"Content-Type" => "application/x-www-form-urlencoded",
|
|
332
|
-
"Host" => "iam.cloud.ibm.com",
|
|
333
|
-
"User-Agent" => "http.rb/4.1.1"
|
|
334
|
-
}
|
|
335
|
-
).to_return(status: 200, body: token_response.to_json, headers: {})
|
|
336
|
-
stub_request(:get, "https://we.the.best/music")
|
|
337
|
-
.with(
|
|
338
|
-
headers: {
|
|
339
|
-
"Authorization" => "Bearer " + access_token,
|
|
340
|
-
"Host" => "we.the.best"
|
|
341
|
-
}
|
|
342
|
-
).to_return(status: 200, body: response.to_json, headers: headers)
|
|
343
|
-
file_path = File.join(File.dirname(__FILE__), "../../resources/ibm-credentials.env")
|
|
344
|
-
ENV["IBM_CREDENTIALS_FILE"] = file_path
|
|
345
|
-
service = IBMCloudSdkCore::BaseService.new(
|
|
346
|
-
display_name: "ronaldo",
|
|
347
|
-
url: "https://we.the.best"
|
|
348
|
-
)
|
|
349
|
-
service_response = service.request(method: "GET", url: "/music", headers: {})
|
|
350
|
-
assert_equal(response, service_response.result)
|
|
351
|
-
end
|
|
352
|
-
|
|
353
|
-
def test_icp4d_access_token
|
|
354
|
-
service = IBMCloudSdkCore::BaseService.new(
|
|
355
|
-
authentication_type: "icp4d",
|
|
356
|
-
icp4d_url: "https://the.sixth.one",
|
|
357
|
-
icp4d_access_token: "token"
|
|
185
|
+
url: "hello.world"
|
|
358
186
|
)
|
|
359
|
-
|
|
360
|
-
|
|
361
|
-
|
|
362
|
-
|
|
363
|
-
|
|
364
|
-
|
|
365
|
-
|
|
366
|
-
|
|
367
|
-
|
|
368
|
-
|
|
369
|
-
|
|
370
|
-
|
|
371
|
-
|
|
372
|
-
|
|
373
|
-
|
|
374
|
-
|
|
375
|
-
|
|
376
|
-
|
|
377
|
-
|
|
378
|
-
|
|
379
|
-
|
|
380
|
-
|
|
381
|
-
token_manager = service.instance_variable_get(:@token_manager)
|
|
382
|
-
service.configure_http_client(disable_ssl_verification: true)
|
|
383
|
-
assert_equal(token_manager.instance_variable_get(:@disable_ssl_verification), true)
|
|
384
|
-
service_response = token_manager.send :request, method: "GET", url: "http://the.com/music", headers: {}
|
|
385
|
-
assert_equal({}, service_response)
|
|
386
|
-
end
|
|
187
|
+
refute_nil(authenticator)
|
|
188
|
+
end
|
|
189
|
+
|
|
190
|
+
# def test_CP4D_disable_ssl
|
|
191
|
+
# authenticator = IBMCloudSdkCore::CloudPakForDataAuthenticator.new(
|
|
192
|
+
# username: "username",
|
|
193
|
+
# password: "password"
|
|
194
|
+
# )
|
|
195
|
+
# IBMCloudSdkCore::BaseService.new(
|
|
196
|
+
# display_name: "Assistant",
|
|
197
|
+
# url: "http://the.com",
|
|
198
|
+
# authenticator: authenticator
|
|
199
|
+
# )
|
|
200
|
+
# stub_request(:get, "http://the.com/music")
|
|
201
|
+
# .with(
|
|
202
|
+
# headers: {
|
|
203
|
+
# "Authorization" => "Basic Og==",
|
|
204
|
+
# "Host" => "the.com"
|
|
205
|
+
# }
|
|
206
|
+
# ).to_return(status: 200, body: {}.to_json, headers: {})
|
|
207
|
+
# assert_equal(authenticator.instance_variable_get(:@access_token), "token")
|
|
208
|
+
# end
|
|
387
209
|
end
|
|
@@ -18,12 +18,14 @@ class IAMTokenManagerTest < Minitest::Test
|
|
|
18
18
|
|
|
19
19
|
# Use default iam_url, client id/secret
|
|
20
20
|
token_manager = IBMCloudSdkCore::IAMTokenManager.new(
|
|
21
|
-
|
|
22
|
-
|
|
21
|
+
apikey: "apikey",
|
|
22
|
+
url: "https://iam.cloud.ibm.com/identity/token",
|
|
23
|
+
client_id: "bx",
|
|
24
|
+
client_secret: "bx"
|
|
23
25
|
)
|
|
24
26
|
stub_request(:post, "https://iam.cloud.ibm.com/identity/token")
|
|
25
27
|
.with(
|
|
26
|
-
body: { "apikey" => "
|
|
28
|
+
body: { "apikey" => "apikey", "grant_type" => "urn:ibm:params:oauth:grant-type:apikey", "response_type" => "cloud_iam" },
|
|
27
29
|
headers: {
|
|
28
30
|
"Accept" => "application/json",
|
|
29
31
|
"Authorization" => "Basic Yng6Yng=",
|
|
@@ -38,9 +40,8 @@ class IAMTokenManagerTest < Minitest::Test
|
|
|
38
40
|
def test_request_token_fails
|
|
39
41
|
iam_url = "https://iam.cloud.ibm.com/identity/token"
|
|
40
42
|
token_manager = IBMCloudSdkCore::IAMTokenManager.new(
|
|
41
|
-
|
|
42
|
-
|
|
43
|
-
iam_url: iam_url
|
|
43
|
+
apikey: "apikey",
|
|
44
|
+
url: iam_url
|
|
44
45
|
)
|
|
45
46
|
response = {
|
|
46
47
|
"code" => "500",
|
|
@@ -48,10 +49,10 @@ class IAMTokenManagerTest < Minitest::Test
|
|
|
48
49
|
}
|
|
49
50
|
stub_request(:post, "https://iam.cloud.ibm.com/identity/token")
|
|
50
51
|
.with(
|
|
51
|
-
body: { "apikey" => "
|
|
52
|
+
body: { "apikey" => "apikey", "grant_type" => "urn:ibm:params:oauth:grant-type:apikey", "response_type" => "cloud_iam" },
|
|
52
53
|
headers: {
|
|
53
54
|
"Accept" => "application/json",
|
|
54
|
-
"Authorization" => "Basic
|
|
55
|
+
"Authorization" => "Basic Og==",
|
|
55
56
|
"Content-Type" => "application/x-www-form-urlencoded",
|
|
56
57
|
"Host" => "iam.cloud.ibm.com"
|
|
57
58
|
}
|
|
@@ -63,8 +64,10 @@ class IAMTokenManagerTest < Minitest::Test
|
|
|
63
64
|
|
|
64
65
|
def test_request_token_fails_catch_exception
|
|
65
66
|
token_manager = IBMCloudSdkCore::IAMTokenManager.new(
|
|
66
|
-
|
|
67
|
-
|
|
67
|
+
apikey: "apikey",
|
|
68
|
+
url: "https://iam.cloud.ibm.com/identity/token",
|
|
69
|
+
client_id: "bx",
|
|
70
|
+
client_secret: "bx"
|
|
68
71
|
)
|
|
69
72
|
response = {
|
|
70
73
|
"code" => "500",
|
|
@@ -72,7 +75,7 @@ class IAMTokenManagerTest < Minitest::Test
|
|
|
72
75
|
}
|
|
73
76
|
stub_request(:post, "https://iam.cloud.ibm.com/identity/token")
|
|
74
77
|
.with(
|
|
75
|
-
body: { "apikey" => "
|
|
78
|
+
body: { "apikey" => "apikey", "grant_type" => "urn:ibm:params:oauth:grant-type:apikey", "response_type" => "cloud_iam" },
|
|
76
79
|
headers: {
|
|
77
80
|
"Accept" => "application/json",
|
|
78
81
|
"Authorization" => "Basic Yng6Yng=",
|
|
@@ -89,9 +92,10 @@ class IAMTokenManagerTest < Minitest::Test
|
|
|
89
92
|
|
|
90
93
|
def test_is_token_expired
|
|
91
94
|
token_manager = IBMCloudSdkCore::IAMTokenManager.new(
|
|
92
|
-
|
|
93
|
-
|
|
94
|
-
|
|
95
|
+
apikey: "apikey",
|
|
96
|
+
url: "https://url.com",
|
|
97
|
+
client_id: "bx",
|
|
98
|
+
client_secret: "bx"
|
|
95
99
|
)
|
|
96
100
|
|
|
97
101
|
assert(token_manager.send(:token_expired?))
|
|
@@ -106,13 +110,11 @@ class IAMTokenManagerTest < Minitest::Test
|
|
|
106
110
|
def test_get_token
|
|
107
111
|
iam_url = "https://iam.cloud.ibm.com/identity/token"
|
|
108
112
|
token_manager = IBMCloudSdkCore::IAMTokenManager.new(
|
|
109
|
-
|
|
110
|
-
|
|
113
|
+
apikey: "apikey",
|
|
114
|
+
url: iam_url,
|
|
115
|
+
client_id: "bx",
|
|
116
|
+
client_secret: "bx"
|
|
111
117
|
)
|
|
112
|
-
token_manager.user_access_token = "user_access_token"
|
|
113
|
-
|
|
114
|
-
token = token_manager.token
|
|
115
|
-
assert_equal(token_manager.user_access_token, token)
|
|
116
118
|
|
|
117
119
|
access_token_layout = {
|
|
118
120
|
"username" => "dummy",
|
|
@@ -138,7 +140,7 @@ class IAMTokenManagerTest < Minitest::Test
|
|
|
138
140
|
|
|
139
141
|
stub_request(:post, "https://iam.cloud.ibm.com/identity/token")
|
|
140
142
|
.with(
|
|
141
|
-
body: { "apikey" => "
|
|
143
|
+
body: { "apikey" => "apikey", "grant_type" => "urn:ibm:params:oauth:grant-type:apikey", "response_type" => "cloud_iam" },
|
|
142
144
|
headers: {
|
|
143
145
|
"Accept" => "application/json",
|
|
144
146
|
"Authorization" => "Basic Yng6Yng=",
|
|
@@ -147,13 +149,13 @@ class IAMTokenManagerTest < Minitest::Test
|
|
|
147
149
|
}
|
|
148
150
|
).to_return(status: 200, body: response.to_json, headers: {})
|
|
149
151
|
token = token_manager.token
|
|
150
|
-
assert_equal(
|
|
152
|
+
assert_equal(access_token, token)
|
|
151
153
|
end
|
|
152
154
|
|
|
153
155
|
def test_client_id_only
|
|
154
156
|
assert_raises do
|
|
155
157
|
IBMCloudSdkCore::IAMTokenManager.new(
|
|
156
|
-
|
|
158
|
+
apikey: "apikey",
|
|
157
159
|
iam_access_token: "iam_access_token",
|
|
158
160
|
iam_client_id: "client_id"
|
|
159
161
|
)
|
|
@@ -163,51 +165,13 @@ class IAMTokenManagerTest < Minitest::Test
|
|
|
163
165
|
def test_client_secret_only
|
|
164
166
|
assert_raises do
|
|
165
167
|
IBMCloudSdkCore::IAMTokenManager.new(
|
|
166
|
-
|
|
168
|
+
apikey: "apikey",
|
|
167
169
|
iam_access_token: "iam_access_token",
|
|
168
170
|
iam_client_secret: "client_secret"
|
|
169
171
|
)
|
|
170
172
|
end
|
|
171
173
|
end
|
|
172
174
|
|
|
173
|
-
def test_request_token_nondefault_client_id_secret
|
|
174
|
-
response = {
|
|
175
|
-
"access_token" => "oAeisG8yqPY7sFR_x66Z15",
|
|
176
|
-
"token_type" => "Bearer",
|
|
177
|
-
"expires_in" => 3600,
|
|
178
|
-
"expiration" => 1_524_167_011,
|
|
179
|
-
"refresh_token" => "jy4gl91BQ"
|
|
180
|
-
}
|
|
181
|
-
|
|
182
|
-
token_manager = IBMCloudSdkCore::IAMTokenManager.new(
|
|
183
|
-
iam_apikey: "iam_apikey",
|
|
184
|
-
iam_client_id: "foo",
|
|
185
|
-
iam_client_secret: "bar"
|
|
186
|
-
)
|
|
187
|
-
stub_request(:post, "https://iam.cloud.ibm.com/identity/token")
|
|
188
|
-
.with(basic_auth: %w[foo bar]).to_return(status: 200, body: response.to_json, headers: {})
|
|
189
|
-
token_response = token_manager.send(:request_token)
|
|
190
|
-
assert_equal(response, token_response)
|
|
191
|
-
end
|
|
192
|
-
|
|
193
|
-
def test_request_token_default_client_id_secret
|
|
194
|
-
response = {
|
|
195
|
-
"access_token" => "oAeisG8yqPY7sFR_x66Z15",
|
|
196
|
-
"token_type" => "Bearer",
|
|
197
|
-
"expires_in" => 3600,
|
|
198
|
-
"expiration" => 1_524_167_011,
|
|
199
|
-
"refresh_token" => "jy4gl91BQ"
|
|
200
|
-
}
|
|
201
|
-
|
|
202
|
-
token_manager = IBMCloudSdkCore::IAMTokenManager.new(
|
|
203
|
-
iam_apikey: "iam_apikey"
|
|
204
|
-
)
|
|
205
|
-
stub_request(:post, "https://iam.cloud.ibm.com/identity/token")
|
|
206
|
-
.with(basic_auth: %w[bx bx]).to_return(status: 200, body: response.to_json, headers: {})
|
|
207
|
-
token_response = token_manager.send(:request_token)
|
|
208
|
-
assert_equal(response, token_response)
|
|
209
|
-
end
|
|
210
|
-
|
|
211
175
|
def test_dont_leak_constants
|
|
212
176
|
assert_nil(defined? DEFAULT_IAM_URL)
|
|
213
177
|
assert_nil(defined? CONTENT_TYPE)
|