mock

package
v1.206.2 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Feb 14, 2026 License: Apache-2.0 Imports: 10 Imported by: 0

Documentation

Index

Constants

View Source
const (
	// MockRegion is the default AWS region for mock credentials.
	MockRegion = "us-east-1"

	// MockFilePermissions are the file permissions for credential files (owner read/write only).
	MockFilePermissions = 0o600
)
View Source
const (
	// MockExpirationYear is the fixed year used for deterministic testing timestamps.
	// Using a far-future year ensures tests don't become flaky due to expiration checks.
	MockExpirationYear = 2099
	// MockExpirationMonth is the fixed month used for deterministic testing timestamps.
	MockExpirationMonth = 12
	// MockExpirationDay is the fixed day used for deterministic testing timestamps.
	MockExpirationDay = 31
	// MockExpirationHour is the fixed hour used for deterministic testing timestamps.
	MockExpirationHour = 23
	// MockExpirationMinute is the fixed minute used for deterministic testing timestamps.
	MockExpirationMinute = 59
	// MockExpirationSecond is the fixed second used for deterministic testing timestamps.
	MockExpirationSecond = 59
)

Variables

View Source
var ErrNoStoredCredentials = errors.New("mock identity has no stored credentials")

ErrNoStoredCredentials indicates storage is supported but currently empty. This error is returned when LoadCredentials is called before authentication.

Functions

This section is empty.

Types

type Credentials

type Credentials struct {
	AccessKeyID     string
	SecretAccessKey string
	SessionToken    string
	Region          string
	Expiration      time.Time
}

Credentials represents mock AWS-like credentials for testing.

func (*Credentials) BuildWhoamiInfo

func (c *Credentials) BuildWhoamiInfo(info *types.WhoamiInfo)

BuildWhoamiInfo populates WhoamiInfo with mock credential information. Sensitive credentials are stored in info.Credentials (non-serializable). Only non-sensitive environment variables are placed in info.Environment.

func (*Credentials) GetExpiration

func (c *Credentials) GetExpiration() (*time.Time, error)

GetExpiration returns the expiration time of the credentials.

func (*Credentials) IsExpired

func (c *Credentials) IsExpired() bool

IsExpired checks if the credentials are expired.

func (*Credentials) Validate

func (c *Credentials) Validate(ctx context.Context) (*types.ValidationInfo, error)

Validate is a no-op for mock credentials (always valid). Returns validation info with mock principal and expiration.

type Identity

type Identity struct {
	// contains filtered or unexported fields
}

Identity is a mock authentication identity for testing purposes only. It simulates provider-agnostic credential storage behavior by persisting credentials to disk (like AWS writing to ~/.aws/credentials, or GitHub storing a token in a file). This allows credentials to persist across process invocations.

func NewIdentity

func NewIdentity(name string, config *schema.Identity) *Identity

NewIdentity creates a new mock identity.

func (*Identity) Authenticate

func (i *Identity) Authenticate(ctx context.Context, baseCreds types.ICredentials) (types.ICredentials, error)

Authenticate performs mock authentication.

func (*Identity) CredentialsExist

func (i *Identity) CredentialsExist() (bool, error)

CredentialsExist always returns true for mock identities (credentials are in-memory).

func (*Identity) Environment

func (i *Identity) Environment() (map[string]string, error)

Environment returns mock environment variables. For generic mock identities, we only return non-provider-specific variables. AWS-specific variables are handled by mock/aws provider.

func (*Identity) GetProviderName

func (i *Identity) GetProviderName() (string, error)

GetProviderName returns the provider name for this identity.

func (*Identity) Kind

func (i *Identity) Kind() string

Kind returns the identity kind.

func (*Identity) LoadCredentials

func (i *Identity) LoadCredentials(ctx context.Context) (types.ICredentials, error)

LoadCredentials simulates loading credentials from persistent storage. This method implements provider-agnostic credential loading behavior: - Returns ErrNoStoredCredentials if credentials haven't been stored yet (no authentication performed). - Returns credentials if they were previously stored via PostAuthenticate.

This mimics real provider behavior across different storage mechanisms: - AWS: Loading from XDG directories (~/.config/atmos/aws/{provider}/) after SSO login. - GitHub: Loading token from environment variable or file. - Azure: Loading from XDG directories after authentication. - Google Cloud: Loading from XDG directories after auth.

func (*Identity) Logout

func (i *Identity) Logout(ctx context.Context) error

Logout simulates removing credentials from persistent storage. This deletes the credentials file, requiring re-authentication.

func (*Identity) Paths added in v1.201.0

func (i *Identity) Paths() ([]types.Path, error)

Paths returns credential files/directories used by this identity.

func (*Identity) PostAuthenticate

func (i *Identity) PostAuthenticate(ctx context.Context, params *types.PostAuthenticateParams) error

PostAuthenticate simulates writing credentials to persistent storage. For mock identities, this writes credentials to a temporary file to persist them. This mimics real provider behavior where authentication results in credentials being written to disk (AWS ~/.aws/credentials), environment variables (GitHub token), or other storage.

func (*Identity) PrepareEnvironment

func (i *Identity) PrepareEnvironment(_ context.Context, environ map[string]string) (map[string]string, error)

PrepareEnvironment prepares environment variables for external processes. For mock identities, we set ATMOS_IDENTITY to verify that authentication is working correctly in integration tests.

func (*Identity) SetRealm added in v1.206.0

func (i *Identity) SetRealm(realm string)

SetRealm sets the credential isolation realm for this identity.

func (*Identity) Validate

func (i *Identity) Validate() error

Validate validates the identity configuration.

type Provider

type Provider struct {
	// contains filtered or unexported fields
}

Provider is a mock authentication provider for testing purposes only. It simulates authentication without requiring real cloud credentials.

func NewProvider

func NewProvider(name string, config *schema.Provider) *Provider

NewProvider creates a new mock provider.

func (*Provider) Authenticate

func (p *Provider) Authenticate(ctx context.Context) (types.ICredentials, error)

Authenticate returns mock credentials.

func (*Provider) Environment

func (p *Provider) Environment() (map[string]string, error)

Environment returns mock environment variables.

func (*Provider) GetFilesDisplayPath

func (p *Provider) GetFilesDisplayPath() string

GetFilesDisplayPath returns the mock display path.

func (*Provider) Kind

func (p *Provider) Kind() string

Kind returns the provider kind.

func (*Provider) Logout

func (p *Provider) Logout(ctx context.Context) error

Logout is a no-op for the mock provider.

func (*Provider) Name

func (p *Provider) Name() string

Name returns the provider name.

func (*Provider) Paths added in v1.201.0

func (p *Provider) Paths() ([]types.Path, error)

Paths returns credential files/directories used by this provider.

func (*Provider) PreAuthenticate

func (p *Provider) PreAuthenticate(manager types.AuthManager) error

PreAuthenticate is a no-op for the mock provider.

func (*Provider) PrepareEnvironment

func (p *Provider) PrepareEnvironment(_ context.Context, environ map[string]string) (map[string]string, error)

PrepareEnvironment prepares environment variables for external processes. For mock providers, we don't modify the environment since mock credentials are only for testing and don't interact with real cloud SDKs.

func (*Provider) SetRealm added in v1.206.0

func (p *Provider) SetRealm(realm string)

SetRealm sets the credential isolation realm for this provider.

func (*Provider) Validate

func (p *Provider) Validate() error

Validate validates the provider configuration.

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL