mirror of
https://github.com/ansible-collections/community.general.git
synced 2026-02-04 07:51:50 +00:00
GitHub app access token lookup: allow to use PyJWT + cryptography instead of jwt (#10664)
* Fix issue #10299 * Fix issue #10299 * Fix blank lines * Fix blank lines * Add compatibility changes for jwt * Bump to a higher magic number * Update change log fragment * Update changelogs/fragments/10299-github_app_access_token-lookup.yml Co-authored-by: Felix Fontein <felix@fontein.de> * Update changelogs/fragments/10299-github_app_access_token-lookup.yml Co-authored-by: Felix Fontein <felix@fontein.de> * Update changelogs/fragments/10299-github_app_access_token-lookup.yml Co-authored-by: Felix Fontein <felix@fontein.de> * Update plugins/lookup/github_app_access_token.py Co-authored-by: Felix Fontein <felix@fontein.de> * Update plugins/lookup/github_app_access_token.py Co-authored-by: Felix Fontein <felix@fontein.de> * Update requirement document * Remove a whitespace --------- Co-authored-by: Bruno Lavoie <bruno.lavoie@dti.ulaval.ca> Co-authored-by: Felix Fontein <felix@fontein.de>
This commit is contained in:
weisheng-p
GitHub
parent
e43735659a
commit
65bc47068e
4 changed files with 138 additions and 31 deletions
|
|
@ -6,19 +6,29 @@
|
|||
from __future__ import (absolute_import, division, print_function)
|
||||
__metaclass__ = type
|
||||
import json
|
||||
import types
|
||||
import sys
|
||||
|
||||
from ansible_collections.community.internal_test_tools.tests.unit.compat import unittest
|
||||
from ansible_collections.community.internal_test_tools.tests.unit.compat.mock import (
|
||||
patch,
|
||||
MagicMock,
|
||||
mock_open
|
||||
mock_open,
|
||||
)
|
||||
from ansible.plugins.loader import lookup_loader
|
||||
|
||||
ENCODE_RESULT = 'Foobar'
|
||||
PRIVATE_KEY = 'private_key'
|
||||
|
||||
|
||||
class MockJWT(MagicMock):
|
||||
def encode(self, payload, key, alg):
|
||||
return 'Foobar'
|
||||
return ENCODE_RESULT
|
||||
|
||||
|
||||
class serialization(MagicMock):
|
||||
def load_pem_private_key(self, key_bytes, password):
|
||||
return PRIVATE_KEY
|
||||
|
||||
|
||||
class MockResponse(MagicMock):
|
||||
|
|
@ -31,14 +41,17 @@ class MockResponse(MagicMock):
|
|||
|
||||
|
||||
class TestLookupModule(unittest.TestCase):
|
||||
def test_get_token_with_file_with_pyjwt(self):
|
||||
pyjwt = types.ModuleType("jwt")
|
||||
pyjwt.encode = MagicMock(return_value=ENCODE_RESULT)
|
||||
with patch.dict(sys.modules, {'jwt': pyjwt}), \
|
||||
patch.multiple("ansible_collections.community.general.plugins.lookup.github_app_access_token",
|
||||
open=mock_open(read_data="foo_bar"),
|
||||
open_url=MagicMock(return_value=MockResponse()),
|
||||
HAS_JWT=True,
|
||||
HAS_CRYPTOGRAPHY=True,
|
||||
serialization=serialization()):
|
||||
|
||||
def test_get_token_with_file(self):
|
||||
with patch.multiple("ansible_collections.community.general.plugins.lookup.github_app_access_token",
|
||||
open=mock_open(read_data="foo_bar"),
|
||||
open_url=MagicMock(return_value=MockResponse()),
|
||||
jwk_from_pem=MagicMock(return_value='private_key'),
|
||||
jwt_instance=MockJWT(),
|
||||
HAS_JWT=True):
|
||||
lookup = lookup_loader.get('community.general.github_app_access_token')
|
||||
self.assertListEqual(
|
||||
[MockResponse.response_token],
|
||||
|
|
@ -51,12 +64,61 @@ class TestLookupModule(unittest.TestCase):
|
|||
)
|
||||
)
|
||||
|
||||
def test_get_token_with_fact(self):
|
||||
with patch.multiple("ansible_collections.community.general.plugins.lookup.github_app_access_token",
|
||||
open_url=MagicMock(return_value=MockResponse()),
|
||||
jwk_from_pem=MagicMock(return_value='private_key'),
|
||||
jwt_instance=MockJWT(),
|
||||
HAS_JWT=True):
|
||||
def test_get_token_with_fact_with_pyjwt(self):
|
||||
pyjwt = types.ModuleType("jwt")
|
||||
pyjwt.encode = MagicMock(return_value=ENCODE_RESULT)
|
||||
with patch.dict(sys.modules, {'jwt': pyjwt}), \
|
||||
patch.multiple("ansible_collections.community.general.plugins.lookup.github_app_access_token",
|
||||
open=mock_open(read_data="foo_bar"),
|
||||
open_url=MagicMock(return_value=MockResponse()),
|
||||
HAS_JWT=True,
|
||||
HAS_CRYPTOGRAPHY=True,
|
||||
serialization=serialization()):
|
||||
|
||||
lookup = lookup_loader.get('community.general.github_app_access_token')
|
||||
self.assertListEqual(
|
||||
[MockResponse.response_token],
|
||||
lookup.run(
|
||||
[],
|
||||
app_id="app_id",
|
||||
installation_id="installation_id",
|
||||
private_key="foo_bar",
|
||||
token_expiry=600
|
||||
)
|
||||
)
|
||||
|
||||
def test_get_token_with_python_jwt(self):
|
||||
python_jwt = types.ModuleType("jwt")
|
||||
python_jwt.JWT = MagicMock()
|
||||
python_jwt.jwk_from_pem = MagicMock(return_value='private_key')
|
||||
python_jwt.jwt_instance = MockJWT()
|
||||
with patch.dict(sys.modules, {'jwt': python_jwt}), \
|
||||
patch.multiple("ansible_collections.community.general.plugins.lookup.github_app_access_token",
|
||||
open=mock_open(read_data="foo_bar"),
|
||||
open_url=MagicMock(return_value=MockResponse()),
|
||||
HAS_JWT=True):
|
||||
lookup = lookup_loader.get('community.general.github_app_access_token')
|
||||
self.assertListEqual(
|
||||
[MockResponse.response_token],
|
||||
lookup.run(
|
||||
[],
|
||||
key_path="key",
|
||||
app_id="app_id",
|
||||
installation_id="installation_id",
|
||||
token_expiry=600
|
||||
)
|
||||
)
|
||||
|
||||
def test_get_token_with_fact_with_python_jwt(self):
|
||||
python_jwt = types.ModuleType("jwt")
|
||||
python_jwt.JWT = MagicMock()
|
||||
python_jwt.jwk_from_pem = MagicMock(return_value='private_key')
|
||||
python_jwt.jwt_instance = MockJWT()
|
||||
with patch.dict(sys.modules, {'jwt': python_jwt}), \
|
||||
patch.multiple("ansible_collections.community.general.plugins.lookup.github_app_access_token",
|
||||
open=mock_open(read_data="foo_bar"),
|
||||
open_url=MagicMock(return_value=MockResponse()),
|
||||
HAS_JWT=True):
|
||||
lookup = lookup_loader.get('community.general.github_app_access_token')
|
||||
self.assertListEqual(
|
||||
[MockResponse.response_token],
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue