add test for krb5
This commit is contained in:
parent
12a83ce4c0
commit
2273ffa241
|
@ -0,0 +1,43 @@
|
|||
import os
|
||||
import subprocess
|
||||
from subprocess import DEVNULL
|
||||
import tempfile
|
||||
|
||||
import ldap3
|
||||
|
||||
from ceo_common.krb5.utils import get_fwd_tgt, store_fwd_tgt_creds
|
||||
|
||||
|
||||
def test_fwd_tgt(cfg):
|
||||
realm = cfg.get('ldap_sasl_realm')
|
||||
ldap_server = cfg.get('ldap_server_url')
|
||||
old_krb5ccname = os.environ['KRB5CCNAME']
|
||||
f1 = tempfile.NamedTemporaryFile()
|
||||
d2 = tempfile.TemporaryDirectory()
|
||||
|
||||
try:
|
||||
subprocess.run(
|
||||
['kinit', '-c', 'FILE:' + f1.name, 'regular1'],
|
||||
text=True, input='krb5', check=True, stdout=DEVNULL)
|
||||
subprocess.run(
|
||||
['kinit', '-c', 'DIR:' + d2.name, 'ctdalek'],
|
||||
text=True, input='krb5', check=True, stdout=DEVNULL)
|
||||
os.environ['KRB5CCNAME'] = 'FILE:' + f1.name
|
||||
b = get_fwd_tgt('phosphoric-acid')
|
||||
os.environ['KRB5CCNAME'] = 'DIR:' + d2.name
|
||||
# make sure that we can import the creds from regular1 into the
|
||||
# cache collection
|
||||
with store_fwd_tgt_creds(b) as name:
|
||||
assert name == 'regular1@' + realm
|
||||
|
||||
kwargs = {
|
||||
'server': ldap_server, 'auto_bind': True,
|
||||
'authentication': ldap3.SASL, 'sasl_mechanism': ldap3.KERBEROS,
|
||||
}
|
||||
conn = ldap3.Connection(**kwargs, user='regular1')
|
||||
assert conn.extend.standard.who_am_i().startswith('dn:uid=regular1,')
|
||||
conn.unbind()
|
||||
finally:
|
||||
os.environ['KRB5CCNAME'] = old_krb5ccname
|
||||
f1.close()
|
||||
d2.cleanup()
|
Loading…
Reference in New Issue