def test_valid_auth(self, identity): client = MagicMock() env = helpers.create_environ(headers={'X-AUTH-TOKEN': 'AUTHTOK', 'X-AUTH-PROJECT-ID': 'public'}) req = jumpgate.api.Request(env, sl_client=client) req.method = 'GET' req.path = '/v2/servers' resp = MagicMock() token = { 'username': '******', 'auth_type': 'api_key', 'user_id': '1234567', 'tenant_id': '123456', 'expires': 1234567891.123456, 'api_key': '123456789123456789123456789123456789123456789123456789' } def mock_validate(tok, tenant_id=None): self.assertEqual('AUTHTOK', tok) self.assertEqual('public', tenant_id) class MockIdDriver(object): def token_from_id(self, tok): return token identity.validate_token_id = mock_validate identity.token_id_driver.return_value = MockIdDriver() validate_token(req, resp, {'X-AUTH-PROJECT-ID': 'public'}) self.assertEqual(req.env.get('auth'), token) self.assertEqual('1234567', req.user_id)
def test_upstream_xauth(self): req = MagicMock() req.headers = {} req.method = 'GET' req.path = '/v2/servers' req.env = {'REMOTE_USER': '******'} resp = MagicMock() validate_token(req, resp, {}) self.assertIsNone(req.env.get('auth'))
def test_upstream_admin(self): req = MagicMock() req.headers = {} req.method = 'GET' req.path = '/v2/servers' req.env = {'is_admin': True} resp = MagicMock() validate_token(req, resp, {}) self.assertIsNone(req.env.get('auth'))
def test_invalid_auth(self): req = MagicMock() req.headers = {'X-AUTH-TOKEN': 'IAMBAD'} req.method = 'GET' req.path = '/v2/servers' req.env = {} resp = MagicMock() with self.assertRaises(InvalidTokenError): validate_token(req, resp, {}) self.assertIsNone(req.env.get('auth'))
def test_upstream_preauth(self): req = MagicMock() auth = {'user': '******'} req.headers = {} req.method = 'GET' req.path = '/v2/servers' req.env = {'auth': auth} resp = MagicMock() validate_token(req, resp, {}) self.assertEquals(req.env.get('auth'), auth)
def test_unprotected(self): for api in ['GET:/v2', 'GET:/v2/', 'GET:/v3.0', 'GET:/v3.0/', 'GET:/v10.22', 'POST:/v2/tokens', 'POST:/v2.1/tokens', 'GET:/v2/tokens/a8Vs7bS', 'GET:/v2.0/tokens/a8Vs7bS']: req = MagicMock() req.headers = {'X-AUTH-TOKEN': None} req.method = api.split(':')[0] req.path = api.split(':')[1] req.env = {} resp = MagicMock() validate_token(req, resp, {}) self.assertIsNone(req.env.get('auth'))
def test_unprotected(self): for api in [ 'GET:/v2', 'GET:/v2/', 'GET:/v3.0', 'GET:/v3.0/', 'GET:/v10.22', 'POST:/v2/tokens', 'POST:/v2.1/tokens', 'GET:/v2/tokens/a8Vs7bS', 'GET:/v2.0/tokens/a8Vs7bS' ]: req = MagicMock() req.headers = {'X-AUTH-TOKEN': None} req.method = api.split(':')[0] req.path = api.split(':')[1] req.env = {} resp = MagicMock() validate_token(req, resp, {}) self.assertIsNone(req.env.get('auth'))
def test_unprotected(self): for api in ['GET:/v2', 'GET:/v2/', 'GET:/v3.0', 'GET:/v3.0/', 'GET:/v10.22', 'POST:/v2.0/tokens', 'POST:/v2.1/tokens', 'GET:/v2/tokens/a8Vs7bS', 'GET:/v2.0/tokens/a8Vs7bS', 'POST:/v3/auth/tokens', # Test listing compute API versions with and without a # trailing slash on the endpoint URL. 'GET:/compute/', 'GET:/compute']: req = MagicMock() req.headers = {'X-AUTH-TOKEN': None} req.method = api.split(':')[0] req.path = api.split(':')[1] req.env = {} resp = MagicMock() validate_token(req, resp, {}) self.assertIsNone(req.env.get('auth'))
def test_valid_auth(self, identity): req = MagicMock() req.headers = {'X-AUTH-TOKEN': 'AUTHTOK'} req.method = 'GET' req.path = '/v2/servers' req.env = {'tenant_id': 'public'} resp = MagicMock() def mock_validate(tok, tenant_id=None): self.assertEqual('AUTHTOK', tok) self.assertEqual('public', tenant_id) class MockIdDriver(object): def token_from_id(self, tok): return 'MYTOKEN' identity.validate_token_id = mock_validate identity.token_id_driver.return_value = MockIdDriver() validate_token(req, resp, {}) self.assertEqual(req.env.get('auth'), 'MYTOKEN')