github.com/blend/go-sdk@v1.20240719.1/vault/aws_auth_test.go

github.com/blend/go-sdk@v1.20240719.1/vault/aws_auth_test.go (about)

     1  /*
     2  
     3  Copyright (c) 2024 - Present. Blend Labs, Inc. All rights reserved
     4  Use of this source code is governed by a MIT license that can be found in the LICENSE file.
     5  
     6  */
     7  
     8  package vault
     9  
    10  import (
    11  	"context"
    12  	"testing"
    13  
    14  	"github.com/aws/aws-sdk-go/aws/credentials"
    15  
    16  	"github.com/blend/go-sdk/assert"
    17  )
    18  
    19  func TestAWSAuth_AWSIAMLogin(t *testing.T) {
    20  	it := assert.New(t)
    21  
    22  	client, err := New()
    23  	it.Nil(err)
    24  
    25  	sampleVaultResponse := `
    26  		{
    27  			"auth": {
    28  				"renewable": true,
    29  				"lease_duration": 1800000,
    30  				"metadata": {
    31  					"role_tag_max_ttl": "0",
    32  					"instance_id": "i-de0f1344",
    33  					"ami_id": "ami-fce36983",
    34  					"role": "dev-role",
    35  					"auth_type": "ec2"
    36  				},
    37  				"policies": ["default", "dev"],
    38  				"accessor": "some-guid",
    39  				"client_token": "my-test-token"
    40  			}
    41  		}`
    42  
    43  	mockHTTPClient := NewMockHTTPClient().WithString("POST", mustURLf("%s/v1/auth/aws/login", client.Remote.String()), sampleVaultResponse)
    44  	client.Client = mockHTTPClient
    45  	authOpts := OptAWSAuthCredentialProvider(
    46  		func(roleARN string) (*credentials.Credentials, error) {
    47  			return credentials.NewStaticCredentials("id", "key", "session-token"), nil
    48  		})
    49  	client.AWSAuth, err = NewAWSAuth(authOpts)
    50  	it.Nil(err)
    51  
    52  	token, err := client.AWSAuth.AWSIAMLogin(context.TODO(), client.Client, *client.Remote, "roleName", "roleARN", "service", "us-east-1")
    53  	it.Nil(err)
    54  	it.Equal(token, "my-test-token")
    55  
    56  }