catalin/moto
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Add iam.create_open_id_connect_provider

Browse source
This commit is contained in:
gruebel 2019-10-18 17:29:15 +02:00
commit bd627b65f7
5 changed files with 260 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

130
tests/test_iam/test_iam.py
View file

@ -1565,3 +1565,133 @@ def test_create_role_with_permissions_boundary():
# Ensure the PermissionsBoundary is included in role listing as well
conn.list_roles().get('Roles')[0].get('PermissionsBoundary').should.equal(expected)
@mock_iam
def test_create_open_id_connect_provider():
client = boto3.client('iam', region_name='us-east-1')
response = client.create_open_id_connect_provider(
Url='https://example.com',
ThumbprintList=[] # even it is required to provide at least one thumbprint, AWS accepts an empty list
)
response['OpenIDConnectProviderArn'].should.equal(
'arn:aws:iam::123456789012:oidc-provider/example.com'
)
response = client.create_open_id_connect_provider(
Url='http://example.org',
ThumbprintList=[
'b' * 40
],
ClientIDList=[
'b'
]
)
response['OpenIDConnectProviderArn'].should.equal(
'arn:aws:iam::123456789012:oidc-provider/example.org'
)
response = client.create_open_id_connect_provider(
Url='http://example.org/oidc',
ThumbprintList=[]
)
response['OpenIDConnectProviderArn'].should.equal(
'arn:aws:iam::123456789012:oidc-provider/example.org/oidc'
)
response = client.create_open_id_connect_provider(
Url='http://example.org/oidc-query?test=true',
ThumbprintList=[]
)
response['OpenIDConnectProviderArn'].should.equal(
'arn:aws:iam::123456789012:oidc-provider/example.org/oidc-query'
)
@mock_iam
def test_create_open_id_connect_provider_errors():
client = boto3.client('iam', region_name='us-east-1')
response = client.create_open_id_connect_provider(
Url='https://example.com',
ThumbprintList=[]
)
open_id_arn = response['OpenIDConnectProviderArn']
client.create_open_id_connect_provider.when.called_with(
Url='https://example.com',
ThumbprintList=[]
).should.throw(
ClientError,
'Unknown'
)
client.create_open_id_connect_provider.when.called_with(
Url='example.org',
ThumbprintList=[]
).should.throw(
ClientError,
'Invalid Open ID Connect Provider URL'
)
client.create_open_id_connect_provider.when.called_with(
Url='example',
ThumbprintList=[]
).should.throw(
ClientError,
'Invalid Open ID Connect Provider URL'
)
client.create_open_id_connect_provider.when.called_with(
Url='http://example.org',
ThumbprintList=[
'a' * 40,
'b' * 40,
'c' * 40,
'd' * 40,
'e' * 40,
'f' * 40,
]
).should.throw(
ClientError,
'Thumbprint list must contain fewer than 5 entries.'
)
too_many_client_ids = ['{}'.format(i) for i in range(101)]
client.create_open_id_connect_provider.when.called_with(
Url='http://example.org',
ThumbprintList=[],
ClientIDList=too_many_client_ids
).should.throw(
ClientError,
'Cannot exceed quota for ClientIdsPerOpenIdConnectProvider: 100'
)
too_long_url = 'b' * 256
too_long_thumbprint = 'b' * 41
too_long_client_id = 'b' * 256
client.create_open_id_connect_provider.when.called_with(
Url=too_long_url,
ThumbprintList=[
too_long_thumbprint
],
ClientIDList=[
too_long_client_id
]
).should.throw(
ClientError,
'3 validation errors detected: '
'Value "{0}" at "clientIDList" failed to satisfy constraint: '
'Member must satisfy constraint: '
'[Member must have length less than or equal to 255, '
'Member must have length greater than or equal to 1]; '
'Value "{1}" at "thumbprintList" failed to satisfy constraint: '
'Member must satisfy constraint: '
'[Member must have length less than or equal to 40, '
'Member must have length greater than or equal to 40]; '
'Value "{2}" at "url" failed to satisfy constraint: '
'Member must have length less than or equal to 255'.format([too_long_client_id], [too_long_thumbprint], too_long_url)
)