github.com/vmware/govmomi@v0.43.0/govc/test/session.bats (about)

     1  #!/usr/bin/env bats
     2  
     3  load test_helper
     4  
     5  @test "session.ls" {
     6    vcsim_env
     7  
     8    run govc session.ls
     9    assert_success
    10  
    11    run govc session.ls -json
    12    assert_success
    13  
    14    # Test User-Agent
    15    govc session.ls | grep "$(govc version | tr ' ' /)"
    16  
    17    run govc session.ls -S
    18    assert_success
    19  
    20    run govc session.ls -u "$(govc env GOVC_USERNAME)@$(govc env GOVC_URL)" -S
    21    assert_failure # no password
    22  }
    23  
    24  @test "session.rm" {
    25    vcsim_env
    26  
    27    dir=$($mktemp --tmpdir -d govc-test-XXXXX 2>/dev/null || $mktemp -d -t govc-test-XXXXX)
    28    export GOVMOMI_HOME="$dir"
    29    export GOVC_PERSIST_SESSION=true
    30  
    31    run govc session.rm enoent
    32    assert_failure # NotFound
    33  
    34    # Can't remove the current session
    35    id=$(govc session.ls -json | jq -r .currentSession.key)
    36    run govc session.rm "$id"
    37    assert_failure
    38  
    39    thumbprint=$(govc about.cert -thumbprint)
    40    id=$(govc session.ls -json -k=false -tls-known-hosts <(echo "$thumbprint") | jq -r .currentSession.key)
    41  
    42    rm -rf "$dir"
    43  
    44    run govc session.rm "$id"
    45    assert_success
    46  }
    47  
    48  @test "session.persist" {
    49    vcsim_env
    50  
    51    dir=$($mktemp --tmpdir -d govc-test-XXXXX 2>/dev/null || $mktemp -d -t govc-test-XXXXX)
    52    export GOVMOMI_HOME="$dir"
    53    export GOVC_PERSIST_SESSION=true
    54  
    55    run govc role.ls
    56    assert_success
    57  
    58    run govc session.ls -r
    59    assert_success
    60    grep -v REST <<<"$output" # should not have a cached REST session
    61  
    62    run govc tags.ls
    63    assert_success # created a REST session
    64  
    65    run govc session.ls -r
    66    assert_success
    67    grep REST <<<"$output" # now we should have a cached REST session
    68  
    69    host=$(govc env GOVC_URL)
    70    user=$(govc env GOVC_USERNAME)
    71    run govc role.ls -u "$host" # url w/o user:pass
    72    assert_failure # NotAuthenticated
    73  
    74    run govc role.ls -u "$user@$host" # url w/o pass
    75    assert_success # authenticated via persisted session
    76  
    77    rm -rf "$dir"
    78  }
    79  
    80  @test "session.login" {
    81      vcsim_env
    82  
    83      # Remove username/password
    84      host=$(govc env GOVC_URL)
    85  
    86      # Validate auth is not required for service content
    87      run govc about -u "$host"
    88      assert_success
    89  
    90      # Auth is required here
    91      run govc ls -u "$host"
    92      assert_failure
    93  
    94      cookie=$(govc session.login -l)
    95      ticket=$(govc session.login -cookie "$cookie" -clone)
    96  
    97      run govc session.login -u "$host" -ticket "$ticket"
    98      assert_success
    99  
   100      cookie=$(govc session.login -r -l)
   101      run govc session.login -r -u "$host" -cookie "$cookie"
   102      assert_success
   103  
   104      user=$(govc env GOVC_USERNAME)
   105      dir=$($mktemp --tmpdir -d govc-test-XXXXX 2>/dev/null || $mktemp -d -t govc-test-XXXXX)
   106      export GOVMOMI_HOME="$dir"
   107      export GOVC_PERSIST_SESSION=true
   108  
   109      run govc session.login
   110      assert_success
   111  
   112      run govc role.ls -u "$user@$host" # url w/o pass
   113      assert_success # authenticated via persisted SOAP session
   114  
   115      run govc tags.ls -u "$user@$host" # url w/o pass
   116      assert_failure # no persisted REST session yet
   117  
   118      run govc session.login -r
   119      assert_success
   120  
   121      run govc tags.ls -u "$user@$host" # url w/o pass
   122      assert_success # authenticated via persisted REST session
   123  
   124      run govc session.logout -r
   125      assert_success
   126  
   127      run govc role.ls -u "$user@$host"
   128      assert_failure # logged out of persisted session
   129  
   130      run govc tags.ls -u "$user@$host"
   131      assert_failure # logged out of persisted session
   132  
   133      # ImpersonateUser
   134  
   135      run govc session.login -as vcsim
   136      assert_failure # user must have an existing session
   137  
   138      run govc session.login -u vcsim:pass@"$host"
   139      assert_success
   140  
   141      run govc session.login -as vcsim
   142      assert_success
   143  
   144      rm -rf "$dir"
   145  }
   146  
   147  @test "session.loginbytoken" {
   148    vcsim_env
   149  
   150    user=$(govc env GOVC_USERNAME)
   151    dir=$($mktemp --tmpdir -d govc-test-XXXXX 2>/dev/null || $mktemp -d -t govc-test-XXXXX)
   152    export GOVMOMI_HOME="$dir"
   153    export GOVC_PERSIST_SESSION=true
   154  
   155    # Remove username/password
   156    host=$(govc env GOVC_URL)
   157    # Token template, vcsim just checks Assertion.Subject.NameID
   158    token="<Assertion><Subject><NameID>%s</NameID></Subject></Assertion>"
   159  
   160    # shellcheck disable=2059
   161    run govc session.login -l -token "$(printf $token "")"
   162    assert_failure # empty NameID is a InvalidLogin fault
   163  
   164    # shellcheck disable=2059
   165    run govc session.login -l -token "$(printf $token root@localos)"
   166    assert_success # non-empty NameID is enough to login
   167  
   168    run govc role.ls -u "$user@$host" # url w/o pass
   169    assert_success # authenticated via persisted SOAP session
   170  
   171    run govc tags.ls -u "$user@$host" # url w/o pass
   172    assert_failure # no persisted REST session yet
   173  
   174    run govc session.login -r -token "$(printf $token root@localos)"
   175    assert_success
   176  
   177    run govc tags.ls -u "$user@$host" # url w/o pass
   178    assert_success # authenticated via persisted REST session
   179  
   180    id=$(new_id)
   181    run govc extension.setcert -cert-pem ++ "$id" # generate a cert for testing
   182    assert_success
   183  
   184    # Test with STS simulator issued token
   185    token="$(govc session.login -issue)"
   186    run govc session.login -cert "$id.crt" -key "$id.key" -l -token "$token"
   187    assert_success
   188  
   189    run govc session.login -cert "$id.crt" -key "$id.key" -l -renew
   190    assert_failure # missing -token
   191  
   192    run govc session.login -cert "$id.crt" -key "$id.key" -l -renew -lifetime 24h -token "$token"
   193    assert_success
   194  
   195    # remove generated cert and key
   196    rm "$id".{crt,key}
   197    rm -rf "$dir"
   198  }
   199  
   200  @test "session.loginextension" {
   201    vcsim_env -tunnel 0
   202  
   203    run govc session.login -extension com.vmware.vsan.health
   204    assert_failure # no certificate
   205  
   206    id=$(new_id)
   207    run govc extension.setcert -cert-pem ++ "$id" # generate a cert for testing
   208    assert_success
   209  
   210    # vcsim will login if any certificate is provided
   211    run govc session.login -extension com.vmware.vsan.health -cert "$id.crt" -key "$id.key"
   212    assert_success
   213  
   214    # remove generated cert and key
   215    rm "$id".{crt,key}
   216  }
   217  
   218  @test "session.curl" {
   219    vcsim_env
   220  
   221    run govc session.login /sdk/vimServiceVersions.xml
   222    assert_success
   223  
   224    run govc session.login /enoent
   225    assert_failure
   226  
   227    run govc session.login -r /rest/com/vmware/cis/session
   228    assert_success
   229  
   230    run govc session.login -r /enoent
   231    assert_failure
   232  
   233    cluster=$(govc find -i / -type c -name DC0_C0 | cut -d: -f2)
   234  
   235    run govc session.login -r -X POST "/rest/vcenter/cluster/modules" <<EOF
   236    {"spec": {"cluster": "$cluster"}}
   237  EOF
   238    assert_success
   239    module=$(jq -r .value <<<"$output")
   240  
   241    members="/rest/vcenter/cluster/modules/vm/$module/members"
   242    vms=$(govc find -i /DC0/host/DC0_C0 -type m | cut -d: -f2 | jq --raw-input --slurp 'split("\n") | map(select(. != ""))')
   243  
   244    run govc session.login -r -X POST "$members?action=invalid" <<EOF
   245    {"vms": $vms}
   246  EOF
   247    assert_failure # action=invalid
   248  
   249    run govc session.login -r -X POST "$members?action=add" <<EOF
   250    {"vms": $vms}
   251  EOF
   252    assert_success
   253  }