def test_with_multiple_mechanisms(self): self.stub_auth(json=self.TEST_RESPONSE_DICT) p = v3.PasswordMethod(username=self.TEST_USER, password=self.TEST_PASS) t = v3.TokenMethod(token='foo') a = v3.Auth(self.TEST_URL, [p, t], trust_id='trust') s = session.Session(auth=a) self.assertEqual({'X-Auth-Token': self.TEST_TOKEN}, s.get_auth_headers()) req = { 'auth': { 'identity': { 'methods': ['password', 'token'], 'password': { 'user': { 'name': self.TEST_USER, 'password': self.TEST_PASS } }, 'token': { 'id': 'foo' } }, 'scope': { 'OS-TRUST:trust': { 'id': 'trust' } } } } self.assertRequestBodyIs(json=req) self.assertEqual(s.auth.auth_ref.auth_token, self.TEST_TOKEN)
def get_raw_token_from_identity_service(self, auth_url, user_id=None, username=None, user_domain_id=None, user_domain_name=None, password=None, domain_id=None, domain_name=None, project_id=None, project_name=None, project_domain_id=None, project_domain_name=None, token=None, trust_id=None, **kwargs): """Authenticate against the v3 Identity API. If password and token methods are both provided then both methods will be used in the request. :returns: access.AccessInfo if authentication was successful. :rtype: :class:`keystoneclient.access.AccessInfoV3` :raises keystoneclient.exceptions.AuthorizationFailure: if unable to authenticate or validate the existing authorization token. :raises keystoneclient.exceptions.Unauthorized: if authentication fails due to invalid token. """ try: if auth_url is None: raise ValueError(_("Cannot authenticate without an auth_url")) auth_methods = [] if token: auth_methods.append(v3_auth.TokenMethod(token=token)) if password: m = v3_auth.PasswordMethod(user_id=user_id, username=username, user_domain_id=user_domain_id, user_domain_name=user_domain_name, password=password) auth_methods.append(m) if not auth_methods: msg = _('A user and password or token is required.') raise exceptions.AuthorizationFailure(msg) plugin = v3_auth.Auth(auth_url, auth_methods, trust_id=trust_id, domain_id=domain_id, domain_name=domain_name, project_id=project_id, project_name=project_name, project_domain_id=project_domain_id, project_domain_name=project_domain_name) return plugin.get_auth_ref(self.session) except (exceptions.AuthorizationFailure, exceptions.Unauthorized): _logger.debug('Authorization failed.') raise except exceptions.EndpointNotFound: msg = _('There was no suitable authentication url for this' ' request') raise exceptions.AuthorizationFailure(msg) except Exception as e: raise exceptions.AuthorizationFailure( _('Authorization failed: %s') % e)