MCPcopy
hub / github.com/minio/minio-go / TestStsCn

Function TestStsCn

pkg/credentials/iam_aws_test.go:371–410  ·  view source on GitHub ↗
(t *testing.T)

Source from the content-addressed store, hash-verified

369}
370
371func TestStsCn(t *testing.T) {
372 server := initStsTestServer("2014-12-16T01:51:37Z")
373 defer server.Close()
374 p := &IAM{
375 Endpoint: server.URL,
376 }
377
378 f, err := os.CreateTemp(t.TempDir(), "minio-go")
379 if err != nil {
380 t.Errorf("Unexpected failure %s", err)
381 }
382 defer os.Remove(f.Name())
383 f.Write([]byte("token"))
384 f.Close()
385
386 t.Setenv("AWS_REGION", "cn-northwest-1")
387 t.Setenv("AWS_WEB_IDENTITY_TOKEN_FILE", f.Name())
388 t.Setenv("AWS_ROLE_ARN", "arn:aws:sts::123456789012:assumed-role/FederatedWebIdentityRole/app1")
389 creds, err := p.RetrieveWithCredContext(defaultCredContext)
390 os.Unsetenv("AWS_WEB_IDENTITY_TOKEN_FILE")
391 os.Unsetenv("AWS_ROLE_ARN")
392 if err != nil {
393 t.Errorf("Unexpected failure %s", err)
394 }
395 if creds.AccessKeyID != "accessKey" {
396 t.Errorf("Expected \"accessKey\", got %s", creds.AccessKeyID)
397 }
398
399 if creds.SecretAccessKey != "secret" {
400 t.Errorf("Expected \"secret\", got %s", creds.SecretAccessKey)
401 }
402
403 if creds.SessionToken != "token" {
404 t.Errorf("Expected \"token\", got %s", creds.SessionToken)
405 }
406
407 if !p.IsExpired() {
408 t.Error("Expected creds to be expired.")
409 }
410}
411
412func TestIMDSv1Blocked(t *testing.T) {
413 server := initIMDSv2Server("2014-12-16T01:51:37Z", false)

Callers

nothing calls this directly

Calls 6

initStsTestServerFunction · 0.85
IsExpiredMethod · 0.65
CloseMethod · 0.45
RemoveMethod · 0.45
ErrorMethod · 0.45

Tested by

no test coverage detected