def test_valid_auth(self, identity):
client = MagicMock()
env = helpers.create_environ(headers={'X-AUTH-TOKEN': 'AUTHTOK',
'X-AUTH-PROJECT-ID': 'public'})
req = jumpgate.api.Request(env, sl_client=client)
req.method = 'GET'
req.path = '/v2/servers'
resp = MagicMock()
token = {
'username': '******',
'auth_type': 'api_key',
'user_id': '1234567',
'tenant_id': '123456',
'expires': 1234567891.123456,
'api_key': '123456789123456789123456789123456789123456789123456789'
}
def mock_validate(tok, tenant_id=None):
self.assertEqual('AUTHTOK', tok)
self.assertEqual('public', tenant_id)
class MockIdDriver(object):
def token_from_id(self, tok):
return token
identity.validate_token_id = mock_validate
identity.token_id_driver.return_value = MockIdDriver()
validate_token(req, resp, {'X-AUTH-PROJECT-ID': 'public'})
self.assertEqual(req.env.get('auth'), token)
self.assertEqual('1234567', req.user_id)
def test_upstream_xauth(self):
req = MagicMock()
req.headers = {}
req.method = 'GET'
req.path = '/v2/servers'
req.env = {'REMOTE_USER': '******'}
resp = MagicMock()
validate_token(req, resp, {})
self.assertIsNone(req.env.get('auth'))
def test_upstream_admin(self):
req = MagicMock()
req.headers = {}
req.method = 'GET'
req.path = '/v2/servers'
req.env = {'is_admin': True}
resp = MagicMock()
validate_token(req, resp, {})
self.assertIsNone(req.env.get('auth'))
def test_upstream_xauth(self):
req = MagicMock()
req.headers = {}
req.method = 'GET'
req.path = '/v2/servers'
req.env = {'REMOTE_USER': '******'}
resp = MagicMock()
validate_token(req, resp, {})
self.assertIsNone(req.env.get('auth'))
def test_upstream_admin(self):
req = MagicMock()
req.headers = {}
req.method = 'GET'
req.path = '/v2/servers'
req.env = {'is_admin': True}
resp = MagicMock()
validate_token(req, resp, {})
self.assertIsNone(req.env.get('auth'))
def test_invalid_auth(self):
req = MagicMock()
req.headers = {'X-AUTH-TOKEN': 'IAMBAD'}
req.method = 'GET'
req.path = '/v2/servers'
req.env = {}
resp = MagicMock()
with self.assertRaises(InvalidTokenError):
validate_token(req, resp, {})
self.assertIsNone(req.env.get('auth'))
def test_upstream_preauth(self):
req = MagicMock()
auth = {'user': '******'}
req.headers = {}
req.method = 'GET'
req.path = '/v2/servers'
req.env = {'auth': auth}
resp = MagicMock()
validate_token(req, resp, {})
self.assertEquals(req.env.get('auth'), auth)
def test_invalid_auth(self):
req = MagicMock()
req.headers = {'X-AUTH-TOKEN': 'IAMBAD'}
req.method = 'GET'
req.path = '/v2/servers'
req.env = {}
resp = MagicMock()
with self.assertRaises(InvalidTokenError):
validate_token(req, resp, {})
self.assertIsNone(req.env.get('auth'))
def test_upstream_preauth(self):
req = MagicMock()
auth = {'user': '******'}
req.headers = {}
req.method = 'GET'
req.path = '/v2/servers'
req.env = {'auth': auth}
resp = MagicMock()
validate_token(req, resp, {})
self.assertEquals(req.env.get('auth'), auth)
def test_unprotected(self):
for api in ['GET:/v2', 'GET:/v2/', 'GET:/v3.0', 'GET:/v3.0/',
'GET:/v10.22', 'POST:/v2/tokens', 'POST:/v2.1/tokens',
'GET:/v2/tokens/a8Vs7bS', 'GET:/v2.0/tokens/a8Vs7bS']:
req = MagicMock()
req.headers = {'X-AUTH-TOKEN': None}
req.method = api.split(':')[0]
req.path = api.split(':')[1]
req.env = {}
resp = MagicMock()
validate_token(req, resp, {})
self.assertIsNone(req.env.get('auth'))
def test_unprotected(self):
for api in [
'GET:/v2', 'GET:/v2/', 'GET:/v3.0', 'GET:/v3.0/',
'GET:/v10.22', 'POST:/v2/tokens', 'POST:/v2.1/tokens',
'GET:/v2/tokens/a8Vs7bS', 'GET:/v2.0/tokens/a8Vs7bS'
]:
req = MagicMock()
req.headers = {'X-AUTH-TOKEN': None}
req.method = api.split(':')[0]
req.path = api.split(':')[1]
req.env = {}
resp = MagicMock()
validate_token(req, resp, {})
self.assertIsNone(req.env.get('auth'))
def test_unprotected(self):
for api in ['GET:/v2', 'GET:/v2/', 'GET:/v3.0', 'GET:/v3.0/',
'GET:/v10.22', 'POST:/v2.0/tokens', 'POST:/v2.1/tokens',
'GET:/v2/tokens/a8Vs7bS', 'GET:/v2.0/tokens/a8Vs7bS',
'POST:/v3/auth/tokens',
# Test listing compute API versions with and without a
# trailing slash on the endpoint URL.
'GET:/compute/',
'GET:/compute']:
req = MagicMock()
req.headers = {'X-AUTH-TOKEN': None}
req.method = api.split(':')[0]
req.path = api.split(':')[1]
req.env = {}
resp = MagicMock()
validate_token(req, resp, {})
self.assertIsNone(req.env.get('auth'))
def test_valid_auth(self, identity):
req = MagicMock()
req.headers = {'X-AUTH-TOKEN': 'AUTHTOK'}
req.method = 'GET'
req.path = '/v2/servers'
req.env = {'tenant_id': 'public'}
resp = MagicMock()
def mock_validate(tok, tenant_id=None):
self.assertEqual('AUTHTOK', tok)
self.assertEqual('public', tenant_id)
class MockIdDriver(object):
def token_from_id(self, tok):
return 'MYTOKEN'
identity.validate_token_id = mock_validate
identity.token_id_driver.return_value = MockIdDriver()
validate_token(req, resp, {})
self.assertEqual(req.env.get('auth'), 'MYTOKEN')
def test_valid_auth(self, identity):
req = MagicMock()
req.headers = {'X-AUTH-TOKEN': 'AUTHTOK'}
req.method = 'GET'
req.path = '/v2/servers'
req.env = {'tenant_id': 'public'}
resp = MagicMock()
def mock_validate(tok, tenant_id=None):
self.assertEqual('AUTHTOK', tok)
self.assertEqual('public', tenant_id)
class MockIdDriver(object):
def token_from_id(self, tok):
return 'MYTOKEN'
identity.validate_token_id = mock_validate
identity.token_id_driver.return_value = MockIdDriver()
validate_token(req, resp, {})
self.assertEqual(req.env.get('auth'), 'MYTOKEN')
