Lines Matching +full:auth +full:- +full:tests
7 # http://www.apache.org/licenses/LICENSE-2.0
23 from google.auth import _helpers
24 from google.auth import aws
25 from google.auth import environment_vars
26 from google.auth import exceptions
27 from google.auth import transport
34 SERVICE_ACCOUNT_EMAIL = "service-1234@service-name.iam.gserviceaccount.com"
36 "https://us-east1-iamcredentials.googleapis.com/v1/projects/-"
42 SUBJECT_TOKEN_TYPE = "urn:ietf:params:aws:token-type:aws4_request"
44 REGION_URL = "http://169.254.169.254/latest/meta-data/placement/availability-zone"
45 SECURITY_CREDS_URL = "http://169.254.169.254/latest/meta-data/iam/security-credentials"
47 "https://sts.{region}.amazonaws.com?Action=GetCallerIdentity&Version=2011-06-15"
49 # Sample AWS security credentials to be used with tests that require a session token.
59 # GET request (AWS botocore tests).
60 …oto/botocore/blob/879f8440a4e9ace5d3cf145ce8b3d5e5ffb892ef/tests/unit/auth/aws4_testsuite/get-vani…
61 …oto/botocore/blob/879f8440a4e9ace5d3cf145ce8b3d5e5ffb892ef/tests/unit/auth/aws4_testsuite/get-vani…
63 "us-east-1",
64 "2011-09-09T23:36:00Z",
78 …"Authorization": "AWS4-HMAC-SHA256 Credential=AKIDEXAMPLE/20110909/us-east-1/host/aws4_request, Si…
84 # GET request with relative path (AWS botocore tests).
85 …otocore/blob/879f8440a4e9ace5d3cf145ce8b3d5e5ffb892ef/tests/unit/auth/aws4_testsuite/get-relative-…
86 …otocore/blob/879f8440a4e9ace5d3cf145ce8b3d5e5ffb892ef/tests/unit/auth/aws4_testsuite/get-relative-…
88 "us-east-1",
89 "2011-09-09T23:36:00Z",
103 …"Authorization": "AWS4-HMAC-SHA256 Credential=AKIDEXAMPLE/20110909/us-east-1/host/aws4_request, Si…
109 # GET request with /./ path (AWS botocore tests).
110 …otocore/blob/879f8440a4e9ace5d3cf145ce8b3d5e5ffb892ef/tests/unit/auth/aws4_testsuite/get-slash-dot…
111 …otocore/blob/879f8440a4e9ace5d3cf145ce8b3d5e5ffb892ef/tests/unit/auth/aws4_testsuite/get-slash-dot…
113 "us-east-1",
114 "2011-09-09T23:36:00Z",
128 …"Authorization": "AWS4-HMAC-SHA256 Credential=AKIDEXAMPLE/20110909/us-east-1/host/aws4_request, Si…
134 # GET request with pointless dot path (AWS botocore tests).
135 …core/blob/879f8440a4e9ace5d3cf145ce8b3d5e5ffb892ef/tests/unit/auth/aws4_testsuite/get-slash-pointl…
136 …core/blob/879f8440a4e9ace5d3cf145ce8b3d5e5ffb892ef/tests/unit/auth/aws4_testsuite/get-slash-pointl…
138 "us-east-1",
139 "2011-09-09T23:36:00Z",
153 …"Authorization": "AWS4-HMAC-SHA256 Credential=AKIDEXAMPLE/20110909/us-east-1/host/aws4_request, Si…
159 # GET request with utf8 path (AWS botocore tests).
160 …oto/botocore/blob/879f8440a4e9ace5d3cf145ce8b3d5e5ffb892ef/tests/unit/auth/aws4_testsuite/get-utf8…
161 …oto/botocore/blob/879f8440a4e9ace5d3cf145ce8b3d5e5ffb892ef/tests/unit/auth/aws4_testsuite/get-utf8…
163 "us-east-1",
164 "2011-09-09T23:36:00Z",
178 …"Authorization": "AWS4-HMAC-SHA256 Credential=AKIDEXAMPLE/20110909/us-east-1/host/aws4_request, Si…
184 # GET request with duplicate query key (AWS botocore tests).
185 …/blob/879f8440a4e9ace5d3cf145ce8b3d5e5ffb892ef/tests/unit/auth/aws4_testsuite/get-vanilla-query-or…
186 …/blob/879f8440a4e9ace5d3cf145ce8b3d5e5ffb892ef/tests/unit/auth/aws4_testsuite/get-vanilla-query-or…
188 "us-east-1",
189 "2011-09-09T23:36:00Z",
203 …"Authorization": "AWS4-HMAC-SHA256 Credential=AKIDEXAMPLE/20110909/us-east-1/host/aws4_request, Si…
209 # GET request with duplicate out of order query key (AWS botocore tests).
210 …re/blob/879f8440a4e9ace5d3cf145ce8b3d5e5ffb892ef/tests/unit/auth/aws4_testsuite/get-vanilla-query-…
211 …re/blob/879f8440a4e9ace5d3cf145ce8b3d5e5ffb892ef/tests/unit/auth/aws4_testsuite/get-vanilla-query-…
213 "us-east-1",
214 "2011-09-09T23:36:00Z",
228 …"Authorization": "AWS4-HMAC-SHA256 Credential=AKIDEXAMPLE/20110909/us-east-1/host/aws4_request, Si…
234 # GET request with utf8 query (AWS botocore tests).
235 …tocore/blob/879f8440a4e9ace5d3cf145ce8b3d5e5ffb892ef/tests/unit/auth/aws4_testsuite/get-vanilla-ut…
236 …tocore/blob/879f8440a4e9ace5d3cf145ce8b3d5e5ffb892ef/tests/unit/auth/aws4_testsuite/get-vanilla-ut…
238 "us-east-1",
239 "2011-09-09T23:36:00Z",
257 …"Authorization": "AWS4-HMAC-SHA256 Credential=AKIDEXAMPLE/20110909/us-east-1/host/aws4_request, Si…
263 # POST request with sorted headers (AWS botocore tests).
264 …tocore/blob/879f8440a4e9ace5d3cf145ce8b3d5e5ffb892ef/tests/unit/auth/aws4_testsuite/post-header-ke…
265 …tocore/blob/879f8440a4e9ace5d3cf145ce8b3d5e5ffb892ef/tests/unit/auth/aws4_testsuite/post-header-ke…
267 "us-east-1",
268 "2011-09-09T23:36:00Z",
282 …"Authorization": "AWS4-HMAC-SHA256 Credential=AKIDEXAMPLE/20110909/us-east-1/host/aws4_request, Si…
290 …ocore/blob/879f8440a4e9ace5d3cf145ce8b3d5e5ffb892ef/tests/unit/auth/aws4_testsuite/post-header-val…
291 …ocore/blob/879f8440a4e9ace5d3cf145ce8b3d5e5ffb892ef/tests/unit/auth/aws4_testsuite/post-header-val…
293 "us-east-1",
294 "2011-09-09T23:36:00Z",
308 …"Authorization": "AWS4-HMAC-SHA256 Credential=AKIDEXAMPLE/20110909/us-east-1/host/aws4_request, Si…
315 # POST request with header and no body (AWS botocore tests).
316 …ocore/blob/879f8440a4e9ace5d3cf145ce8b3d5e5ffb892ef/tests/unit/auth/aws4_testsuite/get-header-valu…
317 …ocore/blob/879f8440a4e9ace5d3cf145ce8b3d5e5ffb892ef/tests/unit/auth/aws4_testsuite/get-header-valu…
319 "us-east-1",
320 "2011-09-09T23:36:00Z",
334 …"Authorization": "AWS4-HMAC-SHA256 Credential=AKIDEXAMPLE/20110909/us-east-1/host/aws4_request, Si…
341 # POST request with body and no header (AWS botocore tests).
342 …tocore/blob/879f8440a4e9ace5d3cf145ce8b3d5e5ffb892ef/tests/unit/auth/aws4_testsuite/post-x-www-for…
343 …tocore/blob/879f8440a4e9ace5d3cf145ce8b3d5e5ffb892ef/tests/unit/auth/aws4_testsuite/post-x-www-for…
345 "us-east-1",
346 "2011-09-09T23:36:00Z",
355 "Content-Type": "application/x-www-form-urlencoded",
364 …"Authorization": "AWS4-HMAC-SHA256 Credential=AKIDEXAMPLE/20110909/us-east-1/host/aws4_request, Si…
366 "Content-Type": "application/x-www-form-urlencoded",
372 # POST request with querystring (AWS botocore tests).
373 …otocore/blob/879f8440a4e9ace5d3cf145ce8b3d5e5ffb892ef/tests/unit/auth/aws4_testsuite/post-vanilla-…
374 …otocore/blob/879f8440a4e9ace5d3cf145ce8b3d5e5ffb892ef/tests/unit/auth/aws4_testsuite/post-vanilla-…
376 "us-east-1",
377 "2011-09-09T23:36:00Z",
391 …"Authorization": "AWS4-HMAC-SHA256 Credential=AKIDEXAMPLE/20110909/us-east-1/host/aws4_request, Si…
399 "us-east-2",
400 "2020-08-11T06:55:22Z",
408 "url": "https://ec2.us-east-2.amazonaws.com?Action=DescribeRegions&Version=2013-10-15",
411 "url": "https://ec2.us-east-2.amazonaws.com?Action=DescribeRegions&Version=2013-10-15",
414 "Authorization": "AWS4-HMAC-SHA256 Credential="
416 …+ "/20200811/us-east-2/ec2/aws4_request, SignedHeaders=host;x-amz-date;x-amz-security-token, Signa…
417 "host": "ec2.us-east-2.amazonaws.com",
418 "x-amz-date": "20200811T065522Z",
419 "x-amz-security-token": TOKEN,
425 "us-east-2",
426 "2020-08-11T06:55:22Z",
434 … "url": "https://sts.us-east-2.amazonaws.com?Action=GetCallerIdentity&Version=2011-06-15",
437 … "url": "https://sts.us-east-2.amazonaws.com?Action=GetCallerIdentity&Version=2011-06-15",
440 "Authorization": "AWS4-HMAC-SHA256 Credential="
442 …+ "/20200811/us-east-2/sts/aws4_request, SignedHeaders=host;x-amz-date;x-amz-security-token, Signa…
443 "host": "sts.us-east-2.amazonaws.com",
444 "x-amz-date": "20200811T065522Z",
445 "x-amz-security-token": TOKEN,
449 # POST request with computed x-amz-date and no data.
451 "us-east-2",
452 "2020-08-11T06:55:22Z",
456 … "url": "https://sts.us-east-2.amazonaws.com?Action=GetCallerIdentity&Version=2011-06-15",
459 … "url": "https://sts.us-east-2.amazonaws.com?Action=GetCallerIdentity&Version=2011-06-15",
462 "Authorization": "AWS4-HMAC-SHA256 Credential="
464 …+ "/20200811/us-east-2/sts/aws4_request, SignedHeaders=host;x-amz-date, Signature=d095ba304919cd0d…
465 "host": "sts.us-east-2.amazonaws.com",
466 "x-amz-date": "20200811T065522Z",
472 "us-east-2",
473 "2020-08-11T06:55:22Z",
481 "url": "https://dynamodb.us-east-2.amazonaws.com/",
483 "Content-Type": "application/x-amz-json-1.0",
484 "x-amz-target": "DynamoDB_20120810.CreateTable",
489 "url": "https://dynamodb.us-east-2.amazonaws.com/",
492 "Authorization": "AWS4-HMAC-SHA256 Credential="
494 …+ "/20200811/us-east-2/dynamodb/aws4_request, SignedHeaders=content-type;host;x-amz-date;x-amz-sec…
495 "host": "dynamodb.us-east-2.amazonaws.com",
496 "x-amz-date": "20200811T065522Z",
497 "Content-Type": "application/x-amz-json-1.0",
498 "x-amz-target": "DynamoDB_20120810.CreateTable",
499 "x-amz-security-token": TOKEN,
511 @mock.patch("google.auth._helpers.utcnow")
515 utcnow.return_value = datetime.datetime.strptime(time, "%Y-%m-%dT%H:%M:%SZ")
528 request_signer = aws.RequestSigner("us-east-2")
543 request_signer = aws.RequestSigner("us-east-2")
558 request_signer = aws.RequestSigner("us-east-2")
574 AWS_REGION = "us-east-2"
575 AWS_ROLE = "gcp-aws-role"
581 AWS_SIGNATURE_TIME = "2020-08-11T06:55:22Z"
590 "issued_token_type": "urn:ietf:params:oauth:token-type:access_token",
600 region_name="us-east-2",
601 url="https://sts.us-east-2.amazonaws.com?Action=GetCallerIdentity&Version=2011-06-15",
621 "key": "x-amz-date",
622 "value": signed_request.get("headers").get("x-amz-date"),
630 "key": "x-amz-security-token",
631 "value": signed_request.get("headers").get("x-amz-security-token"),
634 # Append x-goog-cloud-target-resource header.
636 {"key": "x-goog-cloud-target-resource", "value": AUDIENCE}
669 region_response.data = "{}b".format(region_name).encode("utf-8")
677 role_response.data = role_name.encode("utf-8")
689 ).encode("utf-8")
696 token_response.data = json.dumps(token_data).encode("utf-8")
705 impersonation_response.data = json.dumps(impersonation_data).encode("utf-8")
760 assert v.decode("utf-8") == request_data[k.decode("utf-8")]
774 body_json = json.loads(request_kwargs["body"].decode("utf-8"))
947 @mock.patch("google.auth._helpers.utcnow")
952 self.AWS_SIGNATURE_TIME, "%Y-%m-%dT%H:%M:%SZ"
985 {"Content-Type": "application/json"},
1008 {"Content-Type": "application/json"},
1011 @mock.patch("google.auth._helpers.utcnow")
1016 # returned by the security-credentials endpoint.
1020 self.AWS_SIGNATURE_TIME, "%Y-%m-%dT%H:%M:%SZ"
1038 @mock.patch("google.auth._helpers.utcnow")
1045 self.AWS_SIGNATURE_TIME, "%Y-%m-%dT%H:%M:%SZ"
1059 @mock.patch("google.auth._helpers.utcnow")
1068 self.AWS_SIGNATURE_TIME, "%Y-%m-%dT%H:%M:%SZ"
1082 @mock.patch("google.auth._helpers.utcnow")
1095 self.AWS_SIGNATURE_TIME, "%Y-%m-%dT%H:%M:%SZ"
1109 @mock.patch("google.auth._helpers.utcnow")
1117 self.AWS_SIGNATURE_TIME, "%Y-%m-%dT%H:%M:%SZ"
1127 @mock.patch("google.auth._helpers.utcnow")
1135 self.AWS_SIGNATURE_TIME, "%Y-%m-%dT%H:%M:%SZ"
1178 # Simulate the security-credentials url is missing. This is needed for
1210 @mock.patch("google.auth._helpers.utcnow")
1213 self.AWS_SIGNATURE_TIME, "%Y-%m-%dT%H:%M:%SZ"
1223 "Content-Type": "application/x-www-form-urlencoded",
1227 "grant_type": "urn:ietf:params:oauth:grant-type:token-exchange",
1229 "requested_token_type": "urn:ietf:params:oauth:token-type:access_token",
1266 @mock.patch("google.auth._helpers.utcnow")
1269 self.AWS_SIGNATURE_TIME, "%Y-%m-%dT%H:%M:%SZ"
1279 "Content-Type": "application/x-www-form-urlencoded",
1283 "grant_type": "urn:ietf:params:oauth:grant-type:token-exchange",
1285 "requested_token_type": "urn:ietf:params:oauth:token-type:access_token",
1322 @mock.patch("google.auth._helpers.utcnow")
1325 self.AWS_SIGNATURE_TIME, "%Y-%m-%dT%H:%M:%SZ"
1338 "Content-Type": "application/x-www-form-urlencoded",
1342 "grant_type": "urn:ietf:params:oauth:grant-type:token-exchange",
1344 "requested_token_type": "urn:ietf:params:oauth:token-type:access_token",
1345 "scope": "https://www.googleapis.com/auth/iam",
1355 "Content-Type": "application/json",
1357 "x-goog-user-project": QUOTA_PROJECT_ID,
1406 @mock.patch("google.auth._helpers.utcnow")
1409 self.AWS_SIGNATURE_TIME, "%Y-%m-%dT%H:%M:%SZ"
1422 "Content-Type": "application/x-www-form-urlencoded",
1426 "grant_type": "urn:ietf:params:oauth:grant-type:token-exchange",
1428 "requested_token_type": "urn:ietf:params:oauth:token-type:access_token",
1429 "scope": "https://www.googleapis.com/auth/iam",
1439 "Content-Type": "application/json",
1441 "x-goog-user-project": QUOTA_PROJECT_ID,