453
474
return nil, errors.NotSupportedf("reading file %q", f)
477
func (s *credentialsSuite) TestFinalizeCredentialMandatoryFieldMissing(c *gc.C) {
478
cred := cloud.NewCredential(
479
cloud.UserPassAuthType,
481
"password": "secret",
485
schema := cloud.CredentialSchema{
487
"username", cloud.CredentialAttr{Optional: false},
489
"password", cloud.CredentialAttr{Hidden: true},
491
"domain", cloud.CredentialAttr{},
494
_, err := cloud.FinalizeCredential(cred, map[cloud.AuthType]cloud.CredentialSchema{
495
cloud.UserPassAuthType: schema,
497
c.Assert(err, gc.ErrorMatches, "username: expected string, got nothing")
500
func (s *credentialsSuite) TestFinalizeCredentialMandatoryFieldFromFile(c *gc.C) {
501
cred := cloud.NewCredential(
502
cloud.UserPassAuthType,
507
schema := cloud.CredentialSchema{
510
cloud.CredentialAttr{
511
Description: "key credential",
513
FileAttr: "key-file",
517
readFile := func(s string) ([]byte, error) {
518
c.Assert(s, gc.Equals, "path")
519
return []byte("file-value"), nil
521
newCred, err := cloud.FinalizeCredential(cred, map[cloud.AuthType]cloud.CredentialSchema{
522
cloud.UserPassAuthType: schema,
524
c.Assert(err, jc.ErrorIsNil)
525
c.Assert(newCred.Attributes(), jc.DeepEquals, map[string]string{
530
func (s *credentialsSuite) TestFinalizeCredentialExtraField(c *gc.C) {
531
cred := cloud.NewCredential(
532
cloud.UserPassAuthType,
535
"password": "secret",
537
"access-key": "access-key",
540
schema := cloud.CredentialSchema{
542
"username", cloud.CredentialAttr{Optional: false},
544
"password", cloud.CredentialAttr{Hidden: true},
546
"domain", cloud.CredentialAttr{},
549
_, err := cloud.FinalizeCredential(cred, map[cloud.AuthType]cloud.CredentialSchema{
550
cloud.UserPassAuthType: schema,
552
c.Assert(err, gc.ErrorMatches, regexp.QuoteMeta(`unknown key "access-key" (value "access-key")`))
555
func (s *credentialsSuite) TestFinalizeCredentialInvalidChoice(c *gc.C) {
556
cred := cloud.NewCredential(
557
cloud.UserPassAuthType,
560
"password": "secret",
564
schema := cloud.CredentialSchema{
566
"username", cloud.CredentialAttr{Optional: false},
568
"password", cloud.CredentialAttr{Hidden: true},
570
"algorithm", cloud.CredentialAttr{Options: []interface{}{"bar", "foobar"}},
573
_, err := cloud.FinalizeCredential(cred, map[cloud.AuthType]cloud.CredentialSchema{
574
cloud.UserPassAuthType: schema,
576
c.Assert(err, gc.ErrorMatches, regexp.QuoteMeta(`algorithm: expected one of [bar foobar], got "foo"`))
579
func (s *credentialsSuite) TestFinalizeCredentialFilePath(c *gc.C) {
581
filename := filepath.Join(dir, "filename")
582
err := ioutil.WriteFile(filename, []byte{}, 0600)
583
c.Assert(err, jc.ErrorIsNil)
585
cred := cloud.NewCredential(
586
cloud.JSONFileAuthType,
591
schema := cloud.CredentialSchema{
593
"file", cloud.CredentialAttr{FilePath: true},
596
newCred, err := cloud.FinalizeCredential(cred, map[cloud.AuthType]cloud.CredentialSchema{
597
cloud.JSONFileAuthType: schema,
599
c.Assert(err, jc.ErrorIsNil)
600
c.Assert(newCred.Attributes(), jc.DeepEquals, map[string]string{
605
func (s *credentialsSuite) TestFinalizeCredentialInvalidFilePath(c *gc.C) {
606
cred := cloud.NewCredential(
607
cloud.JSONFileAuthType,
609
"file": filepath.Join(c.MkDir(), "somefile"),
612
schema := cloud.CredentialSchema{
614
"file", cloud.CredentialAttr{FilePath: true},
617
_, err := cloud.FinalizeCredential(cred, map[cloud.AuthType]cloud.CredentialSchema{
618
cloud.JSONFileAuthType: schema,
620
c.Assert(err, gc.ErrorMatches, "invalid file path: .*")
623
func (s *credentialsSuite) TestFinalizeCredentialRelativeFilePath(c *gc.C) {
624
cred := cloud.NewCredential(
625
cloud.JSONFileAuthType,
630
schema := cloud.CredentialSchema{
632
"file", cloud.CredentialAttr{FilePath: true},
635
_, err := cloud.FinalizeCredential(cred, map[cloud.AuthType]cloud.CredentialSchema{
636
cloud.JSONFileAuthType: schema,
638
c.Assert(err, gc.ErrorMatches, "file path must be an absolute path: file")
456
641
func (s *credentialsSuite) TestRemoveSecrets(c *gc.C) {
457
642
cred := cloud.NewCredential(
458
643
cloud.UserPassAuthType,