Patch os.environ in Identity mock tests (Azure#7452)

YijunXieMS · Oct 9, 2019 · c702234 · c702234
1 parent c57ec07
commit c702234
Show file tree

Hide file tree

Showing 2 changed files with 51 additions and 30 deletions.
diff --git a/sdk/identity/azure-identity/tests/test_identity.py b/sdk/identity/azure-identity/tests/test_identity.py
@@ -94,7 +94,7 @@ def test_client_secret_credential():
     assert token.token == access_token
 
 
-def test_client_secret_environment_credential(monkeypatch):
+def test_client_secret_environment_credential():
     client_id = "fake-client-id"
     secret = "fake-client-secret"
     tenant_id = "fake-tenant-id"
@@ -114,11 +114,13 @@ def test_client_secret_environment_credential(monkeypatch):
         ],
     )
 
-    monkeypatch.setenv(EnvironmentVariables.AZURE_CLIENT_ID, client_id)
-    monkeypatch.setenv(EnvironmentVariables.AZURE_CLIENT_SECRET, secret)
-    monkeypatch.setenv(EnvironmentVariables.AZURE_TENANT_ID, tenant_id)
-
-    token = EnvironmentCredential(transport=transport).get_token("scope")
+    environment = {
+        EnvironmentVariables.AZURE_CLIENT_ID: client_id,
+        EnvironmentVariables.AZURE_CLIENT_SECRET: secret,
+        EnvironmentVariables.AZURE_TENANT_ID: tenant_id,
+    }
+    with patch("os.environ", environment):
+        token = EnvironmentCredential(transport=transport).get_token("scope")
 
     # not validating expires_on because doing so requires monkeypatching time, and this is tested elsewhere
     assert token.token == access_token
@@ -341,7 +343,9 @@ def test_device_code_credential_timeout():
     assert "timed out" in ex.value.message.lower()
 
 
-@patch("azure.identity._credentials.browser.webbrowser.open", lambda _: None)  # prevent the credential opening a browser
+@patch(
+    "azure.identity._credentials.browser.webbrowser.open", lambda _: None
+)  # prevent the credential opening a browser
 def test_interactive_credential():
     oauth_state = "state"
     expected_token = "access-token"
@@ -380,7 +384,9 @@ def test_interactive_credential():
     assert token.token == expected_token
 
 
-@patch("azure.identity._credentials.browser.webbrowser.open", lambda _: None)  # prevent the credential opening a browser
+@patch(
+    "azure.identity._credentials.browser.webbrowser.open", lambda _: None
+)  # prevent the credential opening a browser
 def test_interactive_credential_timeout():
     # mock transport handles MSAL's tenant discovery
     transport = Mock(
@@ -441,7 +447,7 @@ def test_username_password_credential():
     assert token.token == expected_token
 
 
-def test_username_password_environment_credential(monkeypatch):
+def test_username_password_environment_credential():
     client_id = "fake-client-id"
     username = "[email protected]"
     password = "password"
@@ -467,18 +473,25 @@ def test_username_password_environment_credential(monkeypatch):
         ],
     )
 
-    monkeypatch.setenv(EnvironmentVariables.AZURE_CLIENT_ID, client_id)
-    monkeypatch.setenv(EnvironmentVariables.AZURE_USERNAME, username)
-    monkeypatch.setenv(EnvironmentVariables.AZURE_PASSWORD, password)
-
-    token = EnvironmentCredential(transport=create_transport()).get_token("scope")
+    environment = {
+        EnvironmentVariables.AZURE_CLIENT_ID: client_id,
+        EnvironmentVariables.AZURE_USERNAME: username,
+        EnvironmentVariables.AZURE_PASSWORD: password,
+    }
+    with patch("os.environ", environment):
+        token = EnvironmentCredential(transport=create_transport()).get_token("scope")
 
     # not validating expires_on because doing so requires monkeypatching time, and this is tested elsewhere
     assert token.token == expected_token
 
     # now with a tenant id
-    monkeypatch.setenv(EnvironmentVariables.AZURE_TENANT_ID, "tenant_id")
-
-    token = EnvironmentCredential(transport=create_transport()).get_token("scope")
+    environment = {
+        EnvironmentVariables.AZURE_CLIENT_ID: client_id,
+        EnvironmentVariables.AZURE_USERNAME: username,
+        EnvironmentVariables.AZURE_PASSWORD: password,
+        EnvironmentVariables.AZURE_TENANT_ID: "tenant_id",
+    }
+    with patch("os.environ", environment):
+        token = EnvironmentCredential(transport=create_transport()).get_token("scope")
 
     assert token.token == expected_token
diff --git a/sdk/identity/azure-identity/tests/test_identity_async.py b/sdk/identity/azure-identity/tests/test_identity_async.py
@@ -91,7 +91,7 @@ async def test_client_secret_credential():
 
 
 @pytest.mark.asyncio
-async def test_client_secret_environment_credential(monkeypatch):
+async def test_client_secret_environment_credential():
     client_id = "fake-client-id"
     secret = "fake-client-secret"
     tenant_id = "fake-tenant-id"
@@ -111,11 +111,13 @@ async def test_client_secret_environment_credential(monkeypatch):
         ],
     )
 
-    monkeypatch.setenv(EnvironmentVariables.AZURE_CLIENT_ID, client_id)
-    monkeypatch.setenv(EnvironmentVariables.AZURE_CLIENT_SECRET, secret)
-    monkeypatch.setenv(EnvironmentVariables.AZURE_TENANT_ID, tenant_id)
-
-    token = await EnvironmentCredential(transport=transport).get_token("scope")
+    environment = {
+        EnvironmentVariables.AZURE_CLIENT_ID: client_id,
+        EnvironmentVariables.AZURE_CLIENT_SECRET: secret,
+        EnvironmentVariables.AZURE_TENANT_ID: tenant_id,
+    }
+    with patch("os.environ", environment):
+        token = await EnvironmentCredential(transport=transport).get_token("scope")
 
     # not validating expires_on because doing so requires monkeypatching time, and this is tested elsewhere
     assert token.token == access_token
@@ -240,11 +242,9 @@ async def test_imds_credential_retries():
 
 
 @pytest.mark.asyncio
-async def test_managed_identity_app_service(monkeypatch):
+async def test_managed_identity_app_service():
     # in App Service, MSI_SECRET and MSI_ENDPOINT are set
     msi_secret = "secret"
-    monkeypatch.setenv(EnvironmentVariables.MSI_SECRET, msi_secret)
-    monkeypatch.setenv(EnvironmentVariables.MSI_ENDPOINT, "https://foo.bar")
 
     success_message = "test passed"
 
@@ -255,16 +255,21 @@ async def validate_request(req, *args, **kwargs):
         exception.message = success_message
         raise exception
 
+    environment = {
+        EnvironmentVariables.MSI_SECRET: msi_secret,
+        EnvironmentVariables.MSI_ENDPOINT: "https://foo.bar",
+    }
     with pytest.raises(Exception) as ex:
-        await ManagedIdentityCredential(transport=Mock(send=validate_request)).get_token("https://scope")
+        with patch("os.environ", environment):
+            await ManagedIdentityCredential(transport=Mock(send=validate_request)).get_token("https://scope")
+
     assert ex.value.message is success_message
 
 
 @pytest.mark.asyncio
-async def test_managed_identity_cloud_shell(monkeypatch):
+async def test_managed_identity_cloud_shell():
     # in Cloud Shell, only MSI_ENDPOINT is set
     msi_endpoint = "https://localhost:50432"
-    monkeypatch.setenv(EnvironmentVariables.MSI_ENDPOINT, msi_endpoint)
 
     success_message = "test passed"
 
@@ -275,8 +280,11 @@ async def validate_request(req, *args, **kwargs):
         exception.message = success_message
         raise exception
 
+    environment = {EnvironmentVariables.MSI_ENDPOINT: msi_endpoint}
     with pytest.raises(Exception) as ex:
-        await ManagedIdentityCredential(transport=Mock(send=validate_request)).get_token("https://scope")
+        with patch("os.environ", environment):
+            await ManagedIdentityCredential(transport=Mock(send=validate_request)).get_token("https://scope")
+
     assert ex.value.message is success_message