github.com/vmware/govmomi@v0.37.2/govc/test/session.bats (about) 1 #!/usr/bin/env bats 2 3 load test_helper 4 5 @test "session.ls" { 6 vcsim_env 7 8 run govc session.ls 9 assert_success 10 11 run govc session.ls -json 12 assert_success 13 14 # Test User-Agent 15 govc session.ls | grep "$(govc version | tr ' ' /)" 16 17 run govc session.ls -S 18 assert_success 19 20 run govc session.ls -u "$(govc env GOVC_USERNAME)@$(govc env GOVC_URL)" -S 21 assert_failure # no password 22 } 23 24 @test "session.rm" { 25 vcsim_env 26 27 dir=$($mktemp --tmpdir -d govc-test-XXXXX 2>/dev/null || $mktemp -d -t govc-test-XXXXX) 28 export GOVMOMI_HOME="$dir" 29 export GOVC_PERSIST_SESSION=true 30 31 run govc session.rm enoent 32 assert_failure # NotFound 33 34 # Can't remove the current session 35 id=$(govc session.ls -json | jq -r .currentSession.key) 36 run govc session.rm "$id" 37 assert_failure 38 39 thumbprint=$(govc about.cert -thumbprint) 40 id=$(govc session.ls -json -k=false -tls-known-hosts <(echo "$thumbprint") | jq -r .currentSession.key) 41 42 rm -rf "$dir" 43 44 run govc session.rm "$id" 45 assert_success 46 } 47 48 @test "session.persist" { 49 vcsim_env 50 51 dir=$($mktemp --tmpdir -d govc-test-XXXXX 2>/dev/null || $mktemp -d -t govc-test-XXXXX) 52 export GOVMOMI_HOME="$dir" 53 export GOVC_PERSIST_SESSION=true 54 55 run govc role.ls 56 assert_success 57 58 run govc session.ls -r 59 assert_success 60 grep -v REST <<<"$output" # should not have a cached REST session 61 62 run govc tags.ls 63 assert_success # created a REST session 64 65 run govc session.ls -r 66 assert_success 67 grep REST <<<"$output" # now we should have a cached REST session 68 69 host=$(govc env GOVC_URL) 70 user=$(govc env GOVC_USERNAME) 71 run govc role.ls -u "$host" # url w/o user:pass 72 assert_failure # NotAuthenticated 73 74 run govc role.ls -u "$user@$host" # url w/o pass 75 assert_success # authenticated via persisted session 76 77 rm -rf "$dir" 78 } 79 80 @test "session.login" { 81 vcsim_env 82 83 # Remove username/password 84 host=$(govc env GOVC_URL) 85 86 # Validate auth is not required for service content 87 run govc about -u "$host" 88 assert_success 89 90 # Auth is required here 91 run govc ls -u "$host" 92 assert_failure 93 94 cookie=$(govc session.login -l) 95 ticket=$(govc session.login -cookie "$cookie" -clone) 96 97 run govc session.login -u "$host" -ticket "$ticket" 98 assert_success 99 100 cookie=$(govc session.login -r -l) 101 run govc session.login -r -u "$host" -cookie "$cookie" 102 assert_success 103 104 user=$(govc env GOVC_USERNAME) 105 dir=$($mktemp --tmpdir -d govc-test-XXXXX 2>/dev/null || $mktemp -d -t govc-test-XXXXX) 106 export GOVMOMI_HOME="$dir" 107 export GOVC_PERSIST_SESSION=true 108 109 run govc session.login 110 assert_success 111 112 run govc role.ls -u "$user@$host" # url w/o pass 113 assert_success # authenticated via persisted SOAP session 114 115 run govc tags.ls -u "$user@$host" # url w/o pass 116 assert_failure # no persisted REST session yet 117 118 run govc session.login -r 119 assert_success 120 121 run govc tags.ls -u "$user@$host" # url w/o pass 122 assert_success # authenticated via persisted REST session 123 124 run govc session.logout -r 125 assert_success 126 127 run govc role.ls -u "$user@$host" 128 assert_failure # logged out of persisted session 129 130 run govc tags.ls -u "$user@$host" 131 assert_failure # logged out of persisted session 132 133 rm -rf "$dir" 134 } 135 136 @test "session.loginbytoken" { 137 vcsim_env 138 139 user=$(govc env GOVC_USERNAME) 140 dir=$($mktemp --tmpdir -d govc-test-XXXXX 2>/dev/null || $mktemp -d -t govc-test-XXXXX) 141 export GOVMOMI_HOME="$dir" 142 export GOVC_PERSIST_SESSION=true 143 144 # Remove username/password 145 host=$(govc env GOVC_URL) 146 # Token template, vcsim just checks Assertion.Subject.NameID 147 token="<Assertion><Subject><NameID>%s</NameID></Subject></Assertion>" 148 149 # shellcheck disable=2059 150 run govc session.login -l -token "$(printf $token "")" 151 assert_failure # empty NameID is a InvalidLogin fault 152 153 # shellcheck disable=2059 154 run govc session.login -l -token "$(printf $token root@localos)" 155 assert_success # non-empty NameID is enough to login 156 157 run govc role.ls -u "$user@$host" # url w/o pass 158 assert_success # authenticated via persisted SOAP session 159 160 run govc tags.ls -u "$user@$host" # url w/o pass 161 assert_failure # no persisted REST session yet 162 163 run govc session.login -r -token "$(printf $token root@localos)" 164 assert_success 165 166 run govc tags.ls -u "$user@$host" # url w/o pass 167 assert_success # authenticated via persisted REST session 168 169 id=$(new_id) 170 run govc extension.setcert -cert-pem ++ "$id" # generate a cert for testing 171 assert_success 172 173 # Test with STS simulator issued token 174 token="$(govc session.login -issue)" 175 run govc session.login -cert "$id.crt" -key "$id.key" -l -token "$token" 176 assert_success 177 178 run govc session.login -cert "$id.crt" -key "$id.key" -l -renew 179 assert_failure # missing -token 180 181 run govc session.login -cert "$id.crt" -key "$id.key" -l -renew -lifetime 24h -token "$token" 182 assert_success 183 184 # remove generated cert and key 185 rm "$id".{crt,key} 186 rm -rf "$dir" 187 } 188 189 @test "session.loginextension" { 190 vcsim_env -tunnel 0 191 192 run govc session.login -extension com.vmware.vsan.health 193 assert_failure # no certificate 194 195 id=$(new_id) 196 run govc extension.setcert -cert-pem ++ "$id" # generate a cert for testing 197 assert_success 198 199 # vcsim will login if any certificate is provided 200 run govc session.login -extension com.vmware.vsan.health -cert "$id.crt" -key "$id.key" 201 assert_success 202 203 # remove generated cert and key 204 rm "$id".{crt,key} 205 } 206 207 @test "session.curl" { 208 vcsim_env 209 210 run govc session.login /sdk/vimServiceVersions.xml 211 assert_success 212 213 run govc session.login /enoent 214 assert_failure 215 216 run govc session.login -r /rest/com/vmware/cis/session 217 assert_success 218 219 run govc session.login -r /enoent 220 assert_failure 221 222 cluster=$(govc find -i / -type c -name DC0_C0 | cut -d: -f2) 223 224 run govc session.login -r -X POST "/rest/vcenter/cluster/modules" <<EOF 225 {"spec": {"cluster": "$cluster"}} 226 EOF 227 assert_success 228 module=$(jq -r .value <<<"$output") 229 230 members="/rest/vcenter/cluster/modules/vm/$module/members" 231 vms=$(govc find -i /DC0/host/DC0_C0 -type m | cut -d: -f2 | jq --raw-input --slurp 'split("\n") | map(select(. != ""))') 232 233 run govc session.login -r -X POST "$members?action=invalid" <<EOF 234 {"vms": $vms} 235 EOF 236 assert_failure # action=invalid 237 238 run govc session.login -r -X POST "$members?action=add" <<EOF 239 {"vms": $vms} 240 EOF 241 assert_success 242 }