github.com/versent/saml2aws@v2.17.0+incompatible/aws_account_test.go

github.com/versent/saml2aws@v2.17.0+incompatible/aws_account_test.go (about)

     1  package saml2aws
     2  
     3  import (
     4  	"io/ioutil"
     5  	"testing"
     6  
     7  	"github.com/stretchr/testify/assert"
     8  )
     9  
    10  func TestExtractAWSAccounts(t *testing.T) {
    11  	data, err := ioutil.ReadFile("testdata/saml.html")
    12  	assert.Nil(t, err)
    13  
    14  	accounts, err := ExtractAWSAccounts(data)
    15  	assert.Nil(t, err)
    16  	assert.Len(t, accounts, 2)
    17  
    18  	account := accounts[0]
    19  	assert.Equal(t, account.Name, "Account: account-alias (000000000001)")
    20  
    21  	assert.Len(t, account.Roles, 2)
    22  	role := account.Roles[0]
    23  	assert.Equal(t, role.RoleARN, "arn:aws:iam::000000000001:role/Development")
    24  	assert.Equal(t, role.Name, "Development")
    25  	role = account.Roles[1]
    26  	assert.Equal(t, role.RoleARN, "arn:aws:iam::000000000001:role/Production")
    27  	assert.Equal(t, role.Name, "Production")
    28  
    29  	account = accounts[1]
    30  	assert.Equal(t, account.Name, "Account: 000000000002")
    31  
    32  	assert.Len(t, account.Roles, 1)
    33  	role = account.Roles[0]
    34  	assert.Equal(t, role.RoleARN, "arn:aws:iam::000000000002:role/Production")
    35  	assert.Equal(t, role.Name, "Production")
    36  }
    37  
    38  func TestAssignPrincipals(t *testing.T) {
    39  	awsRoles := []*AWSRole{
    40  		{
    41  			PrincipalARN: "arn:aws:iam::000000000001:saml-provider/test-idp",
    42  			RoleARN:      "arn:aws:iam::000000000001:role/Development",
    43  		},
    44  	}
    45  
    46  	awsAccounts := []*AWSAccount{
    47  		{
    48  			Roles: []*AWSRole{
    49  				{
    50  					RoleARN: "arn:aws:iam::000000000001:role/Development",
    51  				},
    52  			},
    53  		},
    54  	}
    55  
    56  	AssignPrincipals(awsRoles, awsAccounts)
    57  
    58  	assert.Equal(t, "arn:aws:iam::000000000001:saml-provider/test-idp", awsAccounts[0].Roles[0].PrincipalARN)
    59  }
    60  
    61  func TestLocateRole(t *testing.T) {
    62  	awsRoles := []*AWSRole{
    63  		{
    64  			PrincipalARN: "arn:aws:iam::000000000001:saml-provider/test-idp",
    65  			RoleARN:      "arn:aws:iam::000000000001:role/Development",
    66  		},
    67  		{
    68  			PrincipalARN: "arn:aws:iam::000000000002:saml-provider/test-idp",
    69  			RoleARN:      "arn:aws:iam::000000000002:role/Development",
    70  		},
    71  	}
    72  
    73  	role, err := LocateRole(awsRoles, "arn:aws:iam::000000000001:role/Development")
    74  
    75  	assert.Empty(t, err)
    76  
    77  	assert.Equal(t, "arn:aws:iam::000000000001:role/Development", role.RoleARN)
    78  }