mirror of
https://github.com/ansible-collections/community.general.git
synced 2025-10-03 06:53:21 -07:00
[PR #10664/65bc4706 backport][stable-11] GitHub app access token lookup: allow to use PyJWT + cryptography instead of jwt (#10720)
GitHub app access token lookup: allow to use PyJWT + cryptography instead of jwt (#10664)
* Fix issue #10299
* Fix issue #10299
* Fix blank lines
* Fix blank lines
* Add compatibility changes for jwt
* Bump to a higher magic number
* Update change log fragment
* Update changelogs/fragments/10299-github_app_access_token-lookup.yml
* Update changelogs/fragments/10299-github_app_access_token-lookup.yml
* Update changelogs/fragments/10299-github_app_access_token-lookup.yml
* Update plugins/lookup/github_app_access_token.py
* Update plugins/lookup/github_app_access_token.py
* Update requirement document
* Remove a whitespace
---------
(cherry picked from commit 65bc47068e)
Co-authored-by: weisheng-p <weisheng-p@users.noreply.github.com>
Co-authored-by: Bruno Lavoie <bruno.lavoie@dti.ulaval.ca>
Co-authored-by: Felix Fontein <felix@fontein.de>
This commit is contained in:
patchback[bot]
GitHub
parent
148c133248
commit
fafe6ef87b
4 changed files with 138 additions and 31 deletions
|
|
@ -6,19 +6,29 @@
|
|||
from __future__ import (absolute_import, division, print_function)
|
||||
__metaclass__ = type
|
||||
import json
|
||||
import types
|
||||
import sys
|
||||
|
||||
from ansible_collections.community.internal_test_tools.tests.unit.compat import unittest
|
||||
from ansible_collections.community.internal_test_tools.tests.unit.compat.mock import (
|
||||
patch,
|
||||
MagicMock,
|
||||
mock_open
|
||||
mock_open,
|
||||
)
|
||||
from ansible.plugins.loader import lookup_loader
|
||||
|
||||
ENCODE_RESULT = 'Foobar'
|
||||
PRIVATE_KEY = 'private_key'
|
||||
|
||||
|
||||
class MockJWT(MagicMock):
|
||||
def encode(self, payload, key, alg):
|
||||
return 'Foobar'
|
||||
return ENCODE_RESULT
|
||||
|
||||
|
||||
class serialization(MagicMock):
|
||||
def load_pem_private_key(self, key_bytes, password):
|
||||
return PRIVATE_KEY
|
||||
|
||||
|
||||
class MockResponse(MagicMock):
|
||||
|
|
@ -31,14 +41,17 @@ class MockResponse(MagicMock):
|
|||
|
||||
|
||||
class TestLookupModule(unittest.TestCase):
|
||||
def test_get_token_with_file_with_pyjwt(self):
|
||||
pyjwt = types.ModuleType("jwt")
|
||||
pyjwt.encode = MagicMock(return_value=ENCODE_RESULT)
|
||||
with patch.dict(sys.modules, {'jwt': pyjwt}), \
|
||||
patch.multiple("ansible_collections.community.general.plugins.lookup.github_app_access_token",
|
||||
open=mock_open(read_data="foo_bar"),
|
||||
open_url=MagicMock(return_value=MockResponse()),
|
||||
HAS_JWT=True,
|
||||
HAS_CRYPTOGRAPHY=True,
|
||||
serialization=serialization()):
|
||||
|
||||
def test_get_token_with_file(self):
|
||||
with patch.multiple("ansible_collections.community.general.plugins.lookup.github_app_access_token",
|
||||
open=mock_open(read_data="foo_bar"),
|
||||
open_url=MagicMock(return_value=MockResponse()),
|
||||
jwk_from_pem=MagicMock(return_value='private_key'),
|
||||
jwt_instance=MockJWT(),
|
||||
HAS_JWT=True):
|
||||
lookup = lookup_loader.get('community.general.github_app_access_token')
|
||||
self.assertListEqual(
|
||||
[MockResponse.response_token],
|
||||
|
|
@ -51,12 +64,61 @@ class TestLookupModule(unittest.TestCase):
|
|||
)
|
||||
)
|
||||
|
||||
def test_get_token_with_fact(self):
|
||||
with patch.multiple("ansible_collections.community.general.plugins.lookup.github_app_access_token",
|
||||
open_url=MagicMock(return_value=MockResponse()),
|
||||
jwk_from_pem=MagicMock(return_value='private_key'),
|
||||
jwt_instance=MockJWT(),
|
||||
HAS_JWT=True):
|
||||
def test_get_token_with_fact_with_pyjwt(self):
|
||||
pyjwt = types.ModuleType("jwt")
|
||||
pyjwt.encode = MagicMock(return_value=ENCODE_RESULT)
|
||||
with patch.dict(sys.modules, {'jwt': pyjwt}), \
|
||||
patch.multiple("ansible_collections.community.general.plugins.lookup.github_app_access_token",
|
||||
open=mock_open(read_data="foo_bar"),
|
||||
open_url=MagicMock(return_value=MockResponse()),
|
||||
HAS_JWT=True,
|
||||
HAS_CRYPTOGRAPHY=True,
|
||||
serialization=serialization()):
|
||||
|
||||
lookup = lookup_loader.get('community.general.github_app_access_token')
|
||||
self.assertListEqual(
|
||||
[MockResponse.response_token],
|
||||
lookup.run(
|
||||
[],
|
||||
app_id="app_id",
|
||||
installation_id="installation_id",
|
||||
private_key="foo_bar",
|
||||
token_expiry=600
|
||||
)
|
||||
)
|
||||
|
||||
def test_get_token_with_python_jwt(self):
|
||||
python_jwt = types.ModuleType("jwt")
|
||||
python_jwt.JWT = MagicMock()
|
||||
python_jwt.jwk_from_pem = MagicMock(return_value='private_key')
|
||||
python_jwt.jwt_instance = MockJWT()
|
||||
with patch.dict(sys.modules, {'jwt': python_jwt}), \
|
||||
patch.multiple("ansible_collections.community.general.plugins.lookup.github_app_access_token",
|
||||
open=mock_open(read_data="foo_bar"),
|
||||
open_url=MagicMock(return_value=MockResponse()),
|
||||
HAS_JWT=True):
|
||||
lookup = lookup_loader.get('community.general.github_app_access_token')
|
||||
self.assertListEqual(
|
||||
[MockResponse.response_token],
|
||||
lookup.run(
|
||||
[],
|
||||
key_path="key",
|
||||
app_id="app_id",
|
||||
installation_id="installation_id",
|
||||
token_expiry=600
|
||||
)
|
||||
)
|
||||
|
||||
def test_get_token_with_fact_with_python_jwt(self):
|
||||
python_jwt = types.ModuleType("jwt")
|
||||
python_jwt.JWT = MagicMock()
|
||||
python_jwt.jwk_from_pem = MagicMock(return_value='private_key')
|
||||
python_jwt.jwt_instance = MockJWT()
|
||||
with patch.dict(sys.modules, {'jwt': python_jwt}), \
|
||||
patch.multiple("ansible_collections.community.general.plugins.lookup.github_app_access_token",
|
||||
open=mock_open(read_data="foo_bar"),
|
||||
open_url=MagicMock(return_value=MockResponse()),
|
||||
HAS_JWT=True):
|
||||
lookup = lookup_loader.get('community.general.github_app_access_token')
|
||||
self.assertListEqual(
|
||||
[MockResponse.response_token],
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue