The Perl Toolchain Summit 2025 Needs You: You can help 🙏 Learn more

BIGFOOT / Amazon-Credentials-1.1.24 / t / 06-security.t 

            

              
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95

              
use strict;
use warnings;
use lib qw{ . lib};
use Test::More tests => 4;
use Test::Output;
use Data::Dumper;
use JSON::PP;
use UnitTestSetup qw(:all);
BEGIN {
  {
    no strict 'refs';  ## no critic
    *{'HTTP::Request::new'}     = sub { bless {}, 'HTTP::Request'; };
    *{'HTTP::Request::request'} = sub { HTTP::Response->new; };
    *{'HTTP::Response::new'}        = sub { bless {}, 'HTTP::Response'; };
    *{'HTTP::Response::is_success'} = sub { 1; };
    *{'LWP::UserAgent::new'}     = sub { bless {}, 'LWP::UserAgent'; };
    *{'LWP::UserAgent::request'} = sub { HTTP::Response->new; };
  }
  ## no critic
  use Module::Loaded;
  mark_as_loaded(HTTP::Request);
  mark_as_loaded(HTTP::Response);
  mark_as_loaded(LWP::UserAgent);
  use_ok('Amazon::Credentials');
}
init_test;
my $stderr_from;
subtest 'insecure => undef' => sub {
  $stderr_from = stderr_from(
    sub {
      Amazon::Credentials->new( profile => 'foo', debug => 1 );
    }
  );
  ok( $stderr_from =~ /blocked/xsm, 'configuration file dump blocked' )
    or diag($stderr_from);
};
########################################################################
subtest 'insecure => 1' => sub {
########################################################################
  $stderr_from = stderr_from(
    sub {
      Amazon::Credentials->new(
        profile  => 'foo',
        debug    => 1,
        insecure => 1
      );
    }
  );
  ok( $stderr_from !~ /foo-aws-access-key-id/xsm, 'credentials blocked' )
    or diag($stderr_from);
  ok(
    $stderr_from =~ /aws_access_key_id/xsm,
    'configuration contents NOT blocked'
  ) or diag($stderr_from);
};
########################################################################
subtest 'insecure => 2' => sub {
########################################################################
  $stderr_from = stderr_from(
    sub {
      Amazon::Credentials->new(
        { profile  => 'foo',
          debug    => 1,
          insecure => 2,
        }
      );
    }
  );
  ok( $stderr_from =~ /foo\-aws\-access\-key\-id/xsm,
    'credentials NOT blocked' )
    or diag($stderr_from);
};
1;