Class: Fog::AWS::STS::Mock

Inherits:
Object
  • Object
show all
Defined in:
lib/fog/aws/sts.rb,
lib/fog/aws/requests/sts/assume_role.rb,
lib/fog/aws/requests/sts/get_federation_token.rb,
lib/fog/aws/requests/sts/assume_role_with_web_identity.rb

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(options = {}) ⇒ Mock

Returns a new instance of Mock.



37
38
39
40
# File 'lib/fog/aws/sts.rb', line 37

def initialize(options={})
  @use_iam_profile = options[:use_iam_profile]
  setup_credentials(options)
end

Class Method Details

.dataObject



20
21
22
23
24
25
26
27
# File 'lib/fog/aws/sts.rb', line 20

def self.data
  @data ||= Hash.new do |hash, key|
    hash[key] = {
      :owner_id => Fog::AWS::Mock.owner_id,
      :server_certificates => {}
    }
  end
end

.resetObject



29
30
31
# File 'lib/fog/aws/sts.rb', line 29

def self.reset
  @data = nil
end

.server_certificate_idObject



33
34
35
# File 'lib/fog/aws/sts.rb', line 33

def self.server_certificate_id
  Fog::Mock.random_hex(16)
end

Instance Method Details

#assume_role(role_session_name, role_arn, external_id = nil, policy = nil, duration = 3600) ⇒ Object



44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
# File 'lib/fog/aws/requests/sts/assume_role.rb', line 44

def assume_role(role_session_name, role_arn, external_id=nil, policy=nil, duration=3600)
   = /[0-9]{12}/.match(role_arn)
  request_id = Fog::AWS::Mock.request_id

  Excon::Response.new.tap do |response|
    response.status = 200

    response.body = {
      'Arn'             => "arn:aws:sts::#{}:assumed-role/#{role_session_name}/#{role_session_name}",
      'AssumedRoleId'   => "#{Fog::Mock.random_base64(21)}:#{role_session_name}",
      'AccessKeyId'     => Fog::Mock.random_base64(20),
      'SecretAccessKey' => Fog::Mock.random_base64(40),
      'SessionToken'    => Fog::Mock.random_base64(580),
      'Expiration'      => (Time.now + duration).utc.iso8601,
      'RequestId'       => request_id,
    }

    response.headers = {
      'x-amzn-RequestId' => request_id,
    }
  end
end

#assume_role_with_web_identity(role_arn, web_identity_token, role_session_name, options = {}) ⇒ Object



21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
# File 'lib/fog/aws/requests/sts/assume_role_with_web_identity.rb', line 21

def assume_role_with_web_identity(role_arn, web_identity_token, role_session_name, options={})
  role = options[:iam].data[:roles].values.detect { |r| r[:arn] == role_arn }

  Excon::Response.new.tap do |response|
    response.body = {
      'AssumedRoleUser' => {
        'Arn'           => role[:arn],
        'AssumedRoleId' => role[:role_id]
      },
      'Audience'    => 'fog',
      'Credentials' => {
        'AccessKeyId'     => Fog::AWS::Mock.key_id(20),
        'Expiration'      => options[:expiration] || Time.now + 3600,
        'SecretAccessKey' => Fog::AWS::Mock.key_id(40),
        'SessionToken'    => Fog::Mock.random_hex(8)
      },
      'Provider'                    => 'fog',
      'SubjectFromWebIdentityToken' => Fog::Mock.random_hex(8)
    }
    response.status = 200
  end
end

#dataObject



42
43
44
# File 'lib/fog/aws/sts.rb', line 42

def data
  self.class.data[@aws_access_key_id]
end

#get_federation_token(name, policy, duration = 43200) ⇒ Object



44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
# File 'lib/fog/aws/requests/sts/get_federation_token.rb', line 44

def get_federation_token(name, policy, duration=43200)
  Excon::Response.new.tap do |response|
    response.status = 200
    response.body = {
    'SessionToken'     => Fog::Mock.random_base64(580),
    'SecretAccessKey'  => Fog::Mock.random_base64(40),
    'Expiration'       => (DateTime.now + duration).strftime('%FT%TZ'),
    'AccessKeyId'      => Fog::AWS::Mock.key_id(20),
    'Arn'              => "arn:aws:sts::#{Fog::AWS::Mock.owner_id}:federated-user/#{name}",
    'FederatedUserId'  => "#{Fog::AWS::Mock.owner_id}:#{name}",
    'PackedPolicySize' => Fog::Mock.random_numbers(2),
    'RequestId'        => Fog::AWS::Mock.request_id
    }
  end
end

#reset_dataObject



46
47
48
# File 'lib/fog/aws/sts.rb', line 46

def reset_data
  self.class.data.delete(@aws_access_key_id)
end

#setup_credentials(options) ⇒ Object



50
51
52
# File 'lib/fog/aws/sts.rb', line 50

def setup_credentials(options)
  @aws_access_key_id = options[:aws_access_key_id]
end