Open notpratheek opened 3 years ago
coveralls
commented
3 years ago Coverage decreased (-0.3%) to 47.277% when pulling 4be928655ee54b56e55b3c96878892568b3a1a60 on notpratheek:role-principal-arn-switch-fix into d473d67b0772700942f5bb0db3522af0a1005453 on cevoaustralia:master.
coveralls
commented
3 years ago Coverage decreased (-0.3%) to 47.277% when pulling 4be928655ee54b56e55b3c96878892568b3a1a60 on notpratheek:role-principal-arn-switch-fix into d473d67b0772700942f5bb0db3522af0a1005453 on cevoaustralia:master.
notpratheek
commented
3 years ago Hi @stevemac007,
First off, thanks for this amazing project!
I too faced the issue mentioned in https://github.com/cevoaustralia/aws-google-auth/issues/163, and tried the suggestion provided by @manzke.
Since that worked for me, I thought I'd add a PR to fix this issue.
Thanks.
Test results:
running test
Searching for mock
Best match: mock 4.0.2
Processing mock-4.0.2-py3.6.egg
Using /home/p/sandbox/aws-google-auth/.eggs/mock-4.0.2-py3.6.egg
Searching for nose
Best match: nose 1.3.7
Processing nose-1.3.7-py3.6.egg
Using /home/p/sandbox/aws-google-auth/.eggs/nose-1.3.7-py3.6.egg
running egg_info
writing aws_google_auth.egg-info/PKG-INFO
writing dependency_links to aws_google_auth.egg-info/dependency_links.txt
writing entry points to aws_google_auth.egg-info/entry_points.txt
writing requirements to aws_google_auth.egg-info/requires.txt
writing top-level names to aws_google_auth.egg-info/top_level.txt
reading manifest file 'aws_google_auth.egg-info/SOURCES.txt'
writing manifest file 'aws_google_auth.egg-info/SOURCES.txt'
running build_ext
/home/p/sandbox/aws-google-auth/lib64/python3.6/site-packages/keyrings/alt/Gnome.py:28: DeprecationWarning: GnomeKeyring.get_default_keyring_sync is deprecated
result = GnomeKeyring.get_default_keyring_sync()[0]
/usr/lib/python3.6/site-packages/pytz/__init__.py:499: ResourceWarning: unclosed file <_io.TextIOWrapper name='/usr/share/zoneinfo/zone.tab' mode='r' encoding='UTF-8'>
for l in open(os.path.join(_tzinfo_dir, 'zone.tab'))
/usr/lib64/python3.6/importlib/_bootstrap.py:219: ImportWarning: can't resolve package from __spec__ or __package__, falling back on __name__ and __path__
return f(*args, **kwds)
test_invalid_saml_bad_input (aws_google_auth.tests.test_amazon.TestAmazon) ... ok
test_invalid_saml_expired_before_valid (aws_google_auth.tests.test_amazon.TestAmazon) ... ok
test_invalid_saml_too_late (aws_google_auth.tests.test_amazon.TestAmazon) ... ok
test_invalid_saml_too_soon (aws_google_auth.tests.test_amazon.TestAmazon) ... ok
test_role_extraction (aws_google_auth.tests.test_amazon.TestAmazon) ... ok
test_role_extraction_too_many_commas (aws_google_auth.tests.test_amazon.TestAmazon) ... ok
test_sts_client (aws_google_auth.tests.test_amazon.TestAmazon) ... ok
test_sts_client_with_invalid_profile (aws_google_auth.tests.test_amazon.TestAmazon) ... ok
test_valid_saml (aws_google_auth.tests.test_amazon.TestAmazon) ... ok
test_ask_and_supply_role (aws_google_auth.tests.test_args_parser.TestPythonFailOnVersion) ... usage: aws-google-auth [-h] [-u USERNAME] [-I IDP_ID] [-S SP_ID] [-R REGION]
[-d DURATION | --auto-duration] [-p PROFILE]
[-A ACCOUNT] [-D] [-q] [--bg-response BG_RESPONSE]
[--saml-assertion SAML_ASSERTION] [--no-cache]
[--print-creds] [--resolve-aliases]
[--save-failure-html] [-a | -r ROLE_ARN] [-k]
[-l {debug,info,warn}] [-V]
aws-google-auth: error: argument -r/--role-arn: not allowed with argument -a/--ask-role
ok
test_invalid_duration (aws_google_auth.tests.test_args_parser.TestPythonFailOnVersion)
Should fail parsing a non-int value for `-d`. ... usage: aws-google-auth [-h] [-u USERNAME] [-I IDP_ID] [-S SP_ID] [-R REGION]
[-d DURATION | --auto-duration] [-p PROFILE]
[-A ACCOUNT] [-D] [-q] [--bg-response BG_RESPONSE]
[--saml-assertion SAML_ASSERTION] [--no-cache]
[--print-creds] [--resolve-aliases]
[--save-failure-html] [-a | -r ROLE_ARN] [-k]
[-l {debug,info,warn}] [-V]
aws-google-auth: error: argument -d/--duration: invalid int value: 'abce'
ok
test_no_arguments (aws_google_auth.tests.test_args_parser.TestPythonFailOnVersion)
This test case exists to validate the default settings of the args parser. ... ok
test_nocache (aws_google_auth.tests.test_args_parser.TestPythonFailOnVersion) ... ok
test_resolvealiases (aws_google_auth.tests.test_args_parser.TestPythonFailOnVersion) ... ok
test_username (aws_google_auth.tests.test_args_parser.TestPythonFailOnVersion) ... ok
test_configuration_backwards_compatibility (aws_google_auth.tests.test_backwards_compatibility.TestConfigurationPersistence) ... ok
test_cli_param_supplied (aws_google_auth.tests.test_config_parser.TestAccountProcessing) ... ok
test_with_environment (aws_google_auth.tests.test_config_parser.TestAccountProcessing) ... ok
test_cli_param_supplied (aws_google_auth.tests.test_config_parser.TestAskRoleProcessing) ... ok
test_default (aws_google_auth.tests.test_config_parser.TestAskRoleProcessing) ... ok
test_cli_param_supplied (aws_google_auth.tests.test_config_parser.TestBgResponseProcessing) ... ok
test_default (aws_google_auth.tests.test_config_parser.TestBgResponseProcessing) ... ok
test_cli_param_supplied (aws_google_auth.tests.test_config_parser.TestDurationProcessing) ... ok
test_default (aws_google_auth.tests.test_config_parser.TestDurationProcessing) ... ok
test_invalid_cli_param_supplied (aws_google_auth.tests.test_config_parser.TestDurationProcessing) ... usage: aws-google-auth [-h] [-u USERNAME] [-I IDP_ID] [-S SP_ID] [-R REGION]
[-d DURATION | --auto-duration] [-p PROFILE]
[-A ACCOUNT] [-D] [-q] [--bg-response BG_RESPONSE]
[--saml-assertion SAML_ASSERTION] [--no-cache]
[--print-creds] [--resolve-aliases]
[--save-failure-html] [-a | -r ROLE_ARN] [-k]
[-l {debug,info,warn}] [-V]
aws-google-auth: error: argument -d/--duration: invalid int value: 'blart'
ok
test_with_environment (aws_google_auth.tests.test_config_parser.TestDurationProcessing) ... ok
test_cli_param_supplied (aws_google_auth.tests.test_config_parser.TestIDPProcessing) ... ok
test_default (aws_google_auth.tests.test_config_parser.TestIDPProcessing) ... ok
test_with_environment (aws_google_auth.tests.test_config_parser.TestIDPProcessing) ... ok
test_cli_param_supplied (aws_google_auth.tests.test_config_parser.TestProfileProcessing) ... ok
test_default (aws_google_auth.tests.test_config_parser.TestProfileProcessing) ... ok
test_with_environment (aws_google_auth.tests.test_config_parser.TestProfileProcessing) ... ok
test_cli_param_supplied (aws_google_auth.tests.test_config_parser.TestRegionProcessing) ... ok
test_with_environment (aws_google_auth.tests.test_config_parser.TestRegionProcessing) ... ok
test_cli_param_supplied (aws_google_auth.tests.test_config_parser.TestResolveAliasesProcessing) ... ok
test_default (aws_google_auth.tests.test_config_parser.TestResolveAliasesProcessing) ... ok
test_cli_param_supplied (aws_google_auth.tests.test_config_parser.TestRoleProcessing) ... ok
test_default (aws_google_auth.tests.test_config_parser.TestRoleProcessing) ... ok
test_with_environment (aws_google_auth.tests.test_config_parser.TestRoleProcessing) ... ok
test_cli_param_supplied (aws_google_auth.tests.test_config_parser.TestSPProcessing) ... ok
test_default (aws_google_auth.tests.test_config_parser.TestSPProcessing) ... ok
test_with_environment (aws_google_auth.tests.test_config_parser.TestSPProcessing) ... ok
test_cli_param_supplied (aws_google_auth.tests.test_config_parser.TestU2FDisabledProcessing) ... ok
test_default (aws_google_auth.tests.test_config_parser.TestU2FDisabledProcessing) ... ok
test_cli_param_supplied (aws_google_auth.tests.test_config_parser.TestUsernameProcessing) ... ok
test_default (aws_google_auth.tests.test_config_parser.TestUsernameProcessing) ... ok
test_with_environment (aws_google_auth.tests.test_config_parser.TestUsernameProcessing) ... ok
test_ask_role_invalid_values (aws_google_auth.tests.test_configuration.TestConfigurationMethods) ... ok
test_ask_role_optional (aws_google_auth.tests.test_configuration.TestConfigurationMethods) ... ok
test_ask_role_valid_values (aws_google_auth.tests.test_configuration.TestConfigurationMethods) ... ok
test_config_profile (aws_google_auth.tests.test_configuration.TestConfigurationMethods) ... ok
test_duration_defaults_to_max_duration (aws_google_auth.tests.test_configuration.TestConfigurationMethods) ... ok
test_duration_invalid_values (aws_google_auth.tests.test_configuration.TestConfigurationMethods) ... ok
test_duration_valid_values (aws_google_auth.tests.test_configuration.TestConfigurationMethods) ... ok
test_idp_id_invalid_values (aws_google_auth.tests.test_configuration.TestConfigurationMethods) ... ok
test_idp_id_valid_values (aws_google_auth.tests.test_configuration.TestConfigurationMethods) ... ok
test_password_invalid_values (aws_google_auth.tests.test_configuration.TestConfigurationMethods) ... ok
test_password_valid_values (aws_google_auth.tests.test_configuration.TestConfigurationMethods) ... ok
test_profile_defaults (aws_google_auth.tests.test_configuration.TestConfigurationMethods) ... ok
test_profile_defaults_to_sts (aws_google_auth.tests.test_configuration.TestConfigurationMethods) ... ok
test_profile_invalid_values (aws_google_auth.tests.test_configuration.TestConfigurationMethods) ... ok
test_profile_valid_values (aws_google_auth.tests.test_configuration.TestConfigurationMethods) ... ok
test_region_defaults_to_none (aws_google_auth.tests.test_configuration.TestConfigurationMethods) ... ok
test_region_invalid_values (aws_google_auth.tests.test_configuration.TestConfigurationMethods) ... ok
test_region_valid_values (aws_google_auth.tests.test_configuration.TestConfigurationMethods) ... ok
test_role_arn_invalid_values (aws_google_auth.tests.test_configuration.TestConfigurationMethods) ... ok
test_role_arn_is_optional (aws_google_auth.tests.test_configuration.TestConfigurationMethods) ... ok
test_role_arn_valid_values (aws_google_auth.tests.test_configuration.TestConfigurationMethods) ... ok
test_sp_id_invalid_values (aws_google_auth.tests.test_configuration.TestConfigurationMethods) ... ok
test_sp_id_valid_values (aws_google_auth.tests.test_configuration.TestConfigurationMethods) ... ok
test_u2f_disabled_invalid_values (aws_google_auth.tests.test_configuration.TestConfigurationMethods) ... ok
test_u2f_disabled_is_optional (aws_google_auth.tests.test_configuration.TestConfigurationMethods) ... ok
test_u2f_disabled_valid_values (aws_google_auth.tests.test_configuration.TestConfigurationMethods) ... ok
test_unicode_password (aws_google_auth.tests.test_configuration.TestConfigurationMethods) ... ok
test_username_invalid_values (aws_google_auth.tests.test_configuration.TestConfigurationMethods) ... ok
test_username_valid_values (aws_google_auth.tests.test_configuration.TestConfigurationMethods) ... ok
test_can_read_all_values (aws_google_auth.tests.test_configuration_persistence.TestConfigurationPersistence) ... ok
test_creating_new_profile (aws_google_auth.tests.test_configuration_persistence.TestConfigurationPersistence) ... ok
test_password_not_written (aws_google_auth.tests.test_configuration_persistence.TestConfigurationPersistence) ... ok
test_extra_step (aws_google_auth.tests.test_google.TestGoogle) ... ok
test_find_keyhandles (aws_google_auth.tests.test_google.TestGoogle) ... ok
test_parse_saml_with_save (aws_google_auth.tests.test_google.TestGoogle) ... ok
test_parse_saml_without_login (aws_google_auth.tests.test_google.TestGoogle) ... ok
test_parse_saml_without_save (aws_google_auth.tests.test_google.TestGoogle) ... ok
test_main_method_chaining (aws_google_auth.tests.test_init.TestInit) ... ok
test_main_method_has_no_parameters (aws_google_auth.tests.test_init.TestInit)
This is the entrypoint for the cli tool, and should require no parameters ... ok
test_process_auth_dont_resolve_alias (aws_google_auth.tests.test_init.TestInit) ... ok
test_process_auth_print_creds (aws_google_auth.tests.test_init.TestInit) ... ok
test_process_auth_specified_role (aws_google_auth.tests.test_init.TestInit) ... ok
test_process_auth_standard (aws_google_auth.tests.test_init.TestInit) ... ok
test_process_auth_with_profile (aws_google_auth.tests.test_init.TestInit) ... ok
test_process_auth_with_saml_cache (aws_google_auth.tests.test_init.TestInit) ... ok
test_python26 (aws_google_auth.tests.test_python_version.TestPythonFailOnVersion) ... ok
test_python27 (aws_google_auth.tests.test_python_version.TestPythonFailOnVersion) ... ok
test_python30 (aws_google_auth.tests.test_python_version.TestPythonFailOnVersion) ... ok
test_coalesce_many_arguments (aws_google_auth.tests.test_util.TestUtilMethods) ... ok
test_coalesce_no_arguments (aws_google_auth.tests.test_util.TestUtilMethods) ... ok
test_coalesce_one_argument (aws_google_auth.tests.test_util.TestUtilMethods) ... ok
test_coalesce_two_arguments (aws_google_auth.tests.test_util.TestUtilMethods) ... ok
test_get_password_when_not_tty (aws_google_auth.tests.test_util.TestUtilMethods) ... ok
test_get_password_when_tty (aws_google_auth.tests.test_util.TestUtilMethods) ... ok
test_unicode_to_string_if_needed (aws_google_auth.tests.test_util.TestUtilMethods) ... ok
test_unicode_to_string_if_needed_python_2 (aws_google_auth.tests.test_util.TestUtilMethods) ... ok
test_unicode_to_string_if_needed_python_3 (aws_google_auth.tests.test_util.TestUtilMethods) ... ok
----------------------------------------------------------------------
Ran 104 tests in 5.976s
OK
(aws-google-auth) $
this commit fixes the possibility where role ARN and principal ARN might switch positions, leading to
Principal ARN is invaliderror being thrown