Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
def test_invalid_service_account_type():
with pytest.raises(RuntimeError) as e:
get_auth_token_requester(service_account_key=[]).get_token_request()
assert str(e.value).startswith("Invalid Service Account Key: expecting dictionary, actually got")
def test_both_params_error(token, service_account_key):
with pytest.raises(RuntimeError) as e:
get_auth_token_requester(token=token, service_account_key=service_account_key).get_token_request()
assert str(e.value) == "Conflicting API credentials properties 'token' and 'service-account-key' are set."
def test_oauth_token(token):
request_func = get_auth_token_requester(token=token).get_token_request
request = request_func()
assert token == request.yandex_passport_oauth_token
def test_service_account_key(service_account_key):
request_func = get_auth_token_requester(service_account_key=service_account_key).get_token_request
request = request_func()
now = int(time.time())
headers = jwt.get_unverified_header(request.jwt)
parsed = jwt.decode(request.jwt, secret=service_account_key["public_key"], algorithms=['PS256'], verify=False)
assert headers["typ"] == "JWT"
assert headers["alg"] == "PS256"
assert headers["kid"] == service_account_key["id"]
assert parsed["iss"] == service_account_key["service_account_id"]
assert parsed["aud"] == "https://iam.api.cloud.yandex.net/iam/v1/tokens"
assert now - 60 <= int(parsed["iat"]) <= now
def test_service_account_no_id(service_account_key, key, error_msg):
service_account_key.pop(key)
with pytest.raises(RuntimeError) as e:
get_auth_token_requester(service_account_key=service_account_key).get_token_request()
assert str(e.value) == error_msg
def __init__(self, **kwargs):
self._channel_creds = grpc.ssl_channel_credentials(
root_certificates=kwargs.get('root_certificates'),
private_key=kwargs.get('private_key'),
certificate_chain=kwargs.get('certificate_chain'),
)
self._endpoint = kwargs.get('endpoint', 'api.cloud.yandex.net')
self._token_requester = get_auth_token_requester(token=kwargs.get("token"),
service_account_key=kwargs.get("service_account_key"))
self._unauthenticated_channel = None
self._channels = None