-
Notifications
You must be signed in to change notification settings - Fork 34
/
credentials_test.go
69 lines (56 loc) · 2.25 KB
/
credentials_test.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
package main
import (
"testing"
"time"
"github.com/stretchr/testify/assert"
)
func setEnv(t *testing.T, valid bool) *Account {
t.Setenv("AWS_ACCESS_KEY_ID", "1234")
t.Setenv("AWS_SECRET_ACCESS_KEY", "accesskey")
t.Setenv("AWS_SESSION_TOKEN", "accesstoken")
t.Setenv("AWSKEY_ACCOUNT", "1234")
if valid {
expire := time.Now().Add(1 * time.Hour).Format(time.RFC3339)
t.Setenv("AWSKEY_EXPIRATION", expire)
} else {
expire := time.Now().Add(-2 * time.Hour).Format(time.RFC3339)
t.Setenv("AWSKEY_EXPIRATION", expire)
}
return &Account{
ID: "1234",
Name: "account",
Alias: "account",
}
}
func TestGetValidEnvCreds(t *testing.T) {
account := setEnv(t, true)
creds := LoadAWSCredentialsFromEnvironment()
assert.True(t, creds.ValidUntil(account, 0), "credentials should be valid")
}
func TestGetInvalidEnvCreds(t *testing.T) {
account := setEnv(t, false)
// test incorrect time first
t.Log("testing expired timestamp for key")
creds := LoadAWSCredentialsFromEnvironment()
assert.False(t, creds.ValidUntil(account, 0), "credentials should be invalid due to timestamp")
account = setEnv(t, true)
account.ID = ""
creds = LoadAWSCredentialsFromEnvironment()
assert.False(t, creds.ValidUntil(account, 0), "credentials should be invalid due to non-matching id")
account = setEnv(t, true)
t.Setenv("AWSKEY_EXPIRATION", "definitely not a timestamp")
creds = LoadAWSCredentialsFromEnvironment()
assert.False(t, creds.ValidUntil(account, 0), "credentials should be invalid due to non-parsable timestamp")
}
func TestTimeWindowEnvCreds(t *testing.T) {
account := setEnv(t, true)
t.Log("testing minutes window still within 1hr period for test creds")
creds := LoadAWSCredentialsFromEnvironment()
assert.True(t, creds.ValidUntil(account, 0), "credentials should be valid")
assert.True(t, creds.ValidUntil(account, 5), "credentials should be valid")
assert.True(t, creds.ValidUntil(account, 30), "credentials should be valid")
assert.True(t, creds.ValidUntil(account, 58), "credentials should be valid")
t.Log("testing minutes window is outside 1hr period for test creds")
assert.False(t, creds.ValidUntil(account, 60*time.Minute), "credentials should be valid")
assert.False(t, creds.ValidUntil(account, 61*time.Minute), "credentials should be valid")
}