ibm-cloud-sdk-core 3.16.0__py3-none-any.whl → 3.20.6__py3-none-any.whl

test/test_vpc_instance_authenticator.py

@@ -1,66 +0,0 @@
-# pylint: disable=missing-docstring
-import pytest
-
-from ibm_cloud_sdk_core.authenticators import VPCInstanceAuthenticator, Authenticator
-
-
-TEST_IAM_PROFILE_CRN = 'crn:iam-profile:123'
-TEST_IAM_PROFILE_ID = 'iam-id-123'
-
-
-def test_constructor():
-    authenticator =VPCInstanceAuthenticator(iam_profile_id=TEST_IAM_PROFILE_ID, url='someurl.com')
-    assert authenticator is not None
-    assert authenticator.authentication_type() == Authenticator.AUTHTYPE_VPC
-    assert authenticator.token_manager.iam_profile_crn is None
-    assert authenticator.token_manager.iam_profile_id == TEST_IAM_PROFILE_ID
-    assert authenticator.token_manager.url == 'someurl.com'
-
-
-def test_setters():
-    authenticator =VPCInstanceAuthenticator(iam_profile_id=TEST_IAM_PROFILE_ID, url='someurl.com')
-    assert authenticator is not None
-    assert authenticator.authentication_type() == Authenticator.AUTHTYPE_VPC
-    assert authenticator.token_manager.iam_profile_crn is None
-    assert authenticator.token_manager.iam_profile_id == TEST_IAM_PROFILE_ID
-    assert authenticator.token_manager.url == 'someurl.com'
-
-    # Set the IAM profile CRN to trigger a validation which will fail,
-    # because at most one of iam_profile_crn or iam_profile_id may be specified.
-    with pytest.raises(ValueError) as err:
-        authenticator.set_iam_profile_crn(TEST_IAM_PROFILE_CRN)
-    assert str(
-        err.value) == 'At most one of "iam_profile_id" or "iam_profile_crn" may be specified.'
-
-    authenticator.set_iam_profile_id(None)
-    assert authenticator.token_manager.iam_profile_id is None
-
-    authenticator.set_iam_profile_crn(TEST_IAM_PROFILE_CRN)
-    assert authenticator.token_manager.iam_profile_crn == TEST_IAM_PROFILE_CRN
-
-
-def test_constructor_validate_failed():
-    with pytest.raises(ValueError) as err:
-        VPCInstanceAuthenticator(
-		iam_profile_crn=TEST_IAM_PROFILE_CRN,
-		iam_profile_id=TEST_IAM_PROFILE_ID,
-	)
-    assert str(
-        err.value) == 'At most one of "iam_profile_id" or "iam_profile_crn" may be specified.'
-
-
-def test_authenticate():
-    def mock_get_token():
-        return 'mock_token'
-
-    authenticator = VPCInstanceAuthenticator(iam_profile_crn=TEST_IAM_PROFILE_CRN)
-    authenticator.token_manager.get_token = mock_get_token
-
-    # Simulate an SDK API request that needs to be authenticated.
-    request = {'headers': {}}
-
-    # Trigger the "get token" processing to obtain the access token and add to the "SDK request".
-    authenticator.authenticate(request)
-
-    # Verify that the "authenticate()" method added the Authorization header
-    assert request['headers']['Authorization'] == 'Bearer mock_token'

test/test_vpc_instance_token_manager.py

@@ -1,266 +0,0 @@
-# coding: utf-8
-
-# Copyright 2021 IBM All Rights Reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#      http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-# pylint: disable=missing-docstring
-import json
-import logging
-
-import pytest
-import responses
-
-from ibm_cloud_sdk_core import ApiException, VPCInstanceTokenManager
-
-
-#pylint: disable=line-too-long
-TEST_ACCESS_TOKEN = 'eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VybmFtZSI6ImhlbGxvIiwicm9sZSI6InVzZXIiLCJwZXJtaXNzaW9ucyI6WyJhZG1pbmlzdHJhdG9yIiwiZGVwbG95bWVudF9hZG1pbiJdLCJzdWIiOiJoZWxsbyIsImlzcyI6IkpvaG4iLCJhdWQiOiJEU1giLCJ1aWQiOiI5OTkiLCJpYXQiOjE1NjAyNzcwNTEsImV4cCI6MTU2MDI4MTgxOSwianRpIjoiMDRkMjBiMjUtZWUyZC00MDBmLTg2MjMtOGNkODA3MGI1NDY4In0.cIodB4I6CCcX8vfIImz7Cytux3GpWyObt9Gkur5g1QI'
-TEST_TOKEN = 'abc123'
-TEST_IAM_TOKEN = 'iam-abc123'
-TEST_IAM_PROFILE_CRN = 'crn:iam-profile:123'
-TEST_IAM_PROFILE_ID = 'iam-id-123'
-
-
-def test_constructor():
-    token_manager = VPCInstanceTokenManager(
-        iam_profile_crn=TEST_IAM_PROFILE_CRN,
-    )
-
-    assert token_manager.iam_profile_crn is TEST_IAM_PROFILE_CRN
-    assert token_manager.iam_profile_id is None
-    assert token_manager.access_token is None
-
-
-def test_setters():
-    token_manager = VPCInstanceTokenManager(
-        iam_profile_crn=TEST_IAM_PROFILE_CRN,
-    )
-
-    assert token_manager.iam_profile_crn is TEST_IAM_PROFILE_CRN
-    assert token_manager.iam_profile_id is None
-    assert token_manager.access_token is None
-
-    token_manager.set_iam_profile_crn(None)
-    assert token_manager.iam_profile_crn is None
-
-    token_manager.set_iam_profile_id(TEST_IAM_PROFILE_ID)
-    assert token_manager.iam_profile_id == TEST_IAM_PROFILE_ID
-
-
-@responses.activate
-def test_retrieve_instance_identity_token(caplog):
-    caplog.set_level(logging.DEBUG)
-
-    token_manager = VPCInstanceTokenManager(
-        iam_profile_crn=TEST_IAM_PROFILE_CRN,
-        url='http://someurl.com',
-    )
-
-    response = {
-        'access_token': TEST_TOKEN,
-    }
-
-    responses.add(responses.PUT, 'http://someurl.com/instance_identity/v1/token',
-                  body=json.dumps(response), status=200)
-
-    ii_token = token_manager.retrieve_instance_identity_token()
-    assert len(responses.calls) == 1
-    assert responses.calls[0].request.headers['Content-Type'] == 'application/json'
-    assert responses.calls[0].request.headers['Accept'] == 'application/json'
-    assert responses.calls[0].request.headers['Metadata-Flavor'] == 'ibm'
-    assert responses.calls[0].request.params['version'] == '2021-09-20'
-    assert responses.calls[0].request.body == '{"expires_in": 300}'
-    assert ii_token == TEST_TOKEN
-    # Check the logs.
-    #pylint: disable=line-too-long
-    assert caplog.record_tuples[0][2] == 'Invoking VPC \'create_access_token\' operation: http://someurl.com/instance_identity/v1/token'
-    assert caplog.record_tuples[1][2] == 'Returned from VPC \'create_access_token\' operation."'
-
-
-@responses.activate
-def test_retrieve_instance_identity_token_failed(caplog):
-    caplog.set_level(logging.DEBUG)
-
-    token_manager = VPCInstanceTokenManager(
-        iam_profile_crn=TEST_IAM_PROFILE_CRN,
-        url='http://someurl.com',
-    )
-
-    response = {
-        'errors': ['Ooops'],
-    }
-
-    responses.add(responses.PUT, 'http://someurl.com/instance_identity/v1/token',
-                  body=json.dumps(response), status=400)
-
-    with pytest.raises(ApiException):
-        token_manager.retrieve_instance_identity_token()
-
-    assert len(responses.calls) == 1
-    # Check the logs.
-    #pylint: disable=line-too-long
-    assert caplog.record_tuples[0][2] == 'Invoking VPC \'create_access_token\' operation: http://someurl.com/instance_identity/v1/token'
-
-
-@responses.activate
-def test_request_token_with_crn(caplog):
-    caplog.set_level(logging.DEBUG)
-
-    token_manager = VPCInstanceTokenManager(
-        iam_profile_crn=TEST_IAM_PROFILE_CRN,
-    )
-
-    # Mock the retrieve instance identity token method.
-    def mock_retrieve_instance_identity_token():
-        return TEST_TOKEN
-    token_manager.retrieve_instance_identity_token = mock_retrieve_instance_identity_token
-
-    response = {
-        'access_token': TEST_IAM_TOKEN,
-    }
-
-    responses.add(responses.POST, 'http://169.254.169.254/instance_identity/v1/iam_token',
-                  body=json.dumps(response), status=200)
-
-    response = token_manager.request_token()
-    assert len(responses.calls) == 1
-    assert responses.calls[0].request.headers['Content-Type'] == 'application/json'
-    assert responses.calls[0].request.headers['Accept'] == 'application/json'
-    assert responses.calls[0].request.headers['Authorization'] == 'Bearer ' + TEST_TOKEN
-    assert responses.calls[0].request.body == '{"trusted_profile": {"crn": "crn:iam-profile:123"}}'
-    assert responses.calls[0].request.params['version'] == '2021-09-20'
-    # Check the logs.
-    #pylint: disable=line-too-long
-    assert caplog.record_tuples[0][2] == 'Invoking VPC \'create_iam_token\' operation: http://169.254.169.254/instance_identity/v1/iam_token'
-    assert caplog.record_tuples[1][2] == 'Returned from VPC \'create_iam_token\' operation."'
-
-
-@responses.activate
-def test_request_token_with_id(caplog):
-    caplog.set_level(logging.DEBUG)
-
-    token_manager = VPCInstanceTokenManager(
-        iam_profile_id=TEST_IAM_PROFILE_ID,
-    )
-
-    # Mock the retrieve instance identity token method.
-    def mock_retrieve_instance_identity_token():
-        return TEST_TOKEN
-    token_manager.retrieve_instance_identity_token = mock_retrieve_instance_identity_token
-
-    response = {
-        'access_token': TEST_IAM_TOKEN,
-    }
-
-    responses.add(responses.POST, 'http://169.254.169.254/instance_identity/v1/iam_token',
-                  body=json.dumps(response), status=200)
-
-    response = token_manager.request_token()
-    assert len(responses.calls) == 1
-    assert responses.calls[0].request.headers['Content-Type'] == 'application/json'
-    assert responses.calls[0].request.headers['Accept'] == 'application/json'
-    assert responses.calls[0].request.headers['Authorization'] == 'Bearer ' + TEST_TOKEN
-    assert responses.calls[0].request.body == '{"trusted_profile": {"id": "iam-id-123"}}'
-    assert responses.calls[0].request.params['version'] == '2021-09-20'
-    # Check the logs.
-    #pylint: disable=line-too-long
-    assert caplog.record_tuples[0][2] == 'Invoking VPC \'create_iam_token\' operation: http://169.254.169.254/instance_identity/v1/iam_token'
-    assert caplog.record_tuples[1][2] == 'Returned from VPC \'create_iam_token\' operation."'
-
-
-@responses.activate
-def test_request_token(caplog):
-    caplog.set_level(logging.DEBUG)
-
-    token_manager = VPCInstanceTokenManager()
-
-    # Mock the retrieve instance identity token method.
-    def mock_retrieve_instance_identity_token():
-        return TEST_TOKEN
-    token_manager.retrieve_instance_identity_token = mock_retrieve_instance_identity_token
-
-    response = {
-        'access_token': TEST_IAM_TOKEN,
-    }
-
-    responses.add(responses.POST, 'http://169.254.169.254/instance_identity/v1/iam_token',
-                  body=json.dumps(response), status=200)
-
-    response = token_manager.request_token()
-    assert len(responses.calls) == 1
-    assert responses.calls[0].request.headers['Content-Type'] == 'application/json'
-    assert responses.calls[0].request.headers['Accept'] == 'application/json'
-    assert responses.calls[0].request.headers['Authorization'] == 'Bearer ' + TEST_TOKEN
-    assert responses.calls[0].request.body is None
-    assert responses.calls[0].request.params['version'] == '2021-09-20'
-    # Check the logs.
-    #pylint: disable=line-too-long
-    assert caplog.record_tuples[0][2] == 'Invoking VPC \'create_iam_token\' operation: http://169.254.169.254/instance_identity/v1/iam_token'
-    assert caplog.record_tuples[1][2] == 'Returned from VPC \'create_iam_token\' operation."'
-
-
-@responses.activate
-def test_request_token_failed(caplog):
-    caplog.set_level(logging.DEBUG)
-
-    token_manager = VPCInstanceTokenManager(
-        iam_profile_id=TEST_IAM_PROFILE_ID,
-    )
-
-    # Mock the retrieve instance identity token method.
-    def mock_retrieve_instance_identity_token():
-        return TEST_TOKEN
-    token_manager.retrieve_instance_identity_token = mock_retrieve_instance_identity_token
-
-    response = {
-        'errors': ['Ooops'],
-    }
-
-    responses.add(responses.POST, 'http://169.254.169.254/instance_identity/v1/iam_token',
-                  body=json.dumps(response), status=400)
-
-    with pytest.raises(ApiException):
-        token_manager.request_token()
-    assert len(responses.calls) == 1
-    # Check the logs.
-    #pylint: disable=line-too-long
-    assert caplog.record_tuples[0][2] == 'Invoking VPC \'create_iam_token\' operation: http://169.254.169.254/instance_identity/v1/iam_token'
-
-
-@responses.activate
-def test_access_token():
-    token_manager = VPCInstanceTokenManager(
-        iam_profile_id=TEST_IAM_PROFILE_ID,
-    )
-
-    response_ii = {
-        'access_token': TEST_TOKEN,
-    }
-    response_iam = {
-        'access_token': TEST_ACCESS_TOKEN,
-    }
-
-    responses.add(responses.PUT, 'http://169.254.169.254/instance_identity/v1/token',
-                  body=json.dumps(response_ii), status=200)
-    responses.add(responses.POST, 'http://169.254.169.254/instance_identity/v1/iam_token',
-                  body=json.dumps(response_iam), status=200)
-
-    assert token_manager.access_token is None
-    assert token_manager.expire_time == 0
-    assert token_manager.refresh_time == 0
-
-    token_manager.get_token()
-    assert token_manager.access_token == TEST_ACCESS_TOKEN
-    assert token_manager.expire_time > 0
-    assert token_manager.refresh_time > 0

test_integration/test_cp4d_authenticator_integration.py

@@ -1,45 +0,0 @@
-# pylint: disable=missing-docstring
-import os
-
-from ibm_cloud_sdk_core import get_authenticator_from_environment
-
-# Note: Only the unit tests are run by default.
-#
-# In order to test with a live CP4D server, rename "ibm-credentials-cp4dtest.env.example" to
-# "ibm-credentials-cp4dtest.env" in the resources folder and populate the fields.
-# Then run this command:
-# pytest test_integration
-
-IBM_CREDENTIALS_FILE = '../resources/ibm-credentials-cp4dtest.env'
-
-
-def test_cp4d_authenticator_password():
-    file_path = os.path.join(
-        os.path.dirname(__file__), IBM_CREDENTIALS_FILE)
-    os.environ['IBM_CREDENTIALS_FILE'] = file_path
-
-    authenticator = get_authenticator_from_environment('cp4d_password_test')
-    assert authenticator is not None
-    assert authenticator.token_manager.password is not None
-    assert authenticator.token_manager.apikey is None
-
-    request = {'headers': {}}
-    authenticator.authenticate(request)
-    assert request['headers']['Authorization'] is not None
-    assert 'Bearer' in request['headers']['Authorization']
-
-
-def test_cp4d_authenticator_apikey():
-    file_path = os.path.join(
-        os.path.dirname(__file__), IBM_CREDENTIALS_FILE)
-    os.environ['IBM_CREDENTIALS_FILE'] = file_path
-
-    authenticator = get_authenticator_from_environment('cp4d_apikey_test')
-    assert authenticator is not None
-    assert authenticator.token_manager.password is None
-    assert authenticator.token_manager.apikey is not None
-
-    request = {'headers': {}}
-    authenticator.authenticate(request)
-    assert request['headers']['Authorization'] is not None
-    assert 'Bearer' in request['headers']['Authorization']