Implemented returning random assumed role ID.

2019-08-21 10:45:36 +02:00 · 2019-08-21 10:45:36 +02:00 · d9cb1f2d35
commit d9cb1f2d35
parent 9edab5b423
4 changed files with 37 additions and 22 deletions
--- a/moto/sts/models.py
+++ b/moto/sts/models.py
@ -2,7 +2,7 @@ from __future__ import unicode_literals
 import datetime
 from moto.core import BaseBackend, BaseModel
 from moto.core.utils import iso_8601_datetime_with_milliseconds
-from moto.sts.utils import random_access_key_id, random_secret_access_key, random_session_token
+from moto.sts.utils import random_access_key_id, random_secret_access_key, random_session_token, random_assumed_role_id


 class Token(BaseModel):
@ -30,6 +30,7 @@ class AssumedRole(BaseModel):
        self.access_key_id = "ASIA" + random_access_key_id()
        self.secret_access_key = random_secret_access_key()
        self.session_token = random_session_token()
+        self.assumed_role_id = "AROA" + random_assumed_role_id()

    @property
    def expiration_ISO8601(self):
--- a/moto/sts/responses.py
+++ b/moto/sts/responses.py
@ -91,7 +91,7 @@ ASSUME_ROLE_RESPONSE = """<AssumeRoleResponse xmlns="https://sts.amazonaws.com/d
    </Credentials>
    <AssumedRoleUser>
      <Arn>{{ role.arn }}</Arn>
-      <AssumedRoleId>ARO123EXAMPLE123:{{ role.session_name }}</AssumedRoleId>
+      <AssumedRoleId>{{ role.assumed_role_id }}:{{ role.session_name }}</AssumedRoleId>
    </AssumedRoleUser>
    <PackedPolicySize>6</PackedPolicySize>
  </AssumeRoleResult>
--- a/moto/sts/utils.py
+++ b/moto/sts/utils.py
@ -6,15 +6,12 @@ import string
 import six

 ACCOUNT_SPECIFIC_ACCESS_KEY_PREFIX = "8NWMTLYQ"
+ACCOUNT_SPECIFIC_ASSUMED_ROLE_ID_PREFIX = "3X42LBCD"
 SESSION_TOKEN_PREFIX = "FQoGZXIvYXdzEBYaD"


 def random_access_key_id():
-    return ACCOUNT_SPECIFIC_ACCESS_KEY_PREFIX + ''.join(six.text_type(
-        random.choice(
-            string.ascii_uppercase + string.digits
-        )) for _ in range(8)
-    )
+    return ACCOUNT_SPECIFIC_ACCESS_KEY_PREFIX + _random_uppercase_or_digit_sequence(8)


 def random_secret_access_key():
@ -23,3 +20,16 @@ def random_secret_access_key():

 def random_session_token():
    return SESSION_TOKEN_PREFIX + base64.b64encode(os.urandom(266))[len(SESSION_TOKEN_PREFIX):].decode()
+
+
+def random_assumed_role_id():
+    return ACCOUNT_SPECIFIC_ASSUMED_ROLE_ID_PREFIX + _random_uppercase_or_digit_sequence(9)
+
+
+def _random_uppercase_or_digit_sequence(length):
+    return ''.join(
+        six.text_type(
+            random.choice(
+                string.ascii_uppercase + string.digits
+            )) for _ in range(length)
+    )