def test_auth_ref_load_with_overridden_arguments(self):
new_auth_url = 'https://newkeystone.com/v3'
self.stub_auth(json=client_fixtures.project_scoped_token())
self.stub_auth(json=client_fixtures.project_scoped_token(),
base_url=new_auth_url)
c = client.Client(user_id='c4da488862bd435c9e6c0275a0d0e49a',
password='******',
project_id='225da22d3ce34b15877ea70b2a575f58',
auth_url=self.TEST_URL)
cache = json.dumps(c.auth_ref)
new_client = client.Client(auth_ref=json.loads(cache),
auth_url=new_auth_url)
self.assertIsNotNone(new_client.auth_ref)
self.assertFalse(new_client.auth_ref.domain_scoped)
self.assertTrue(new_client.auth_ref.project_scoped)
self.assertEqual(new_client.auth_url, new_auth_url)
self.assertEqual(new_client.username, 'exampleuser')
self.assertIsNone(new_client.password)
self.assertEqual(new_client.management_url, 'http://admin:35357/v3')
def test_auth_ref_load_with_overridden_arguments(self):
new_auth_url = 'https://newkeystone.com/v3'
self.stub_auth(json=client_fixtures.project_scoped_token())
self.stub_auth(json=client_fixtures.project_scoped_token(),
base_url=new_auth_url)
c = client.Client(user_id='c4da488862bd435c9e6c0275a0d0e49a',
password='******',
project_id='225da22d3ce34b15877ea70b2a575f58',
auth_url=self.TEST_URL)
cache = json.dumps(c.auth_ref)
new_client = client.Client(auth_ref=json.loads(cache),
auth_url=new_auth_url)
self.assertIsNotNone(new_client.auth_ref)
self.assertFalse(new_client.auth_ref.domain_scoped)
self.assertTrue(new_client.auth_ref.project_scoped)
self.assertEqual(new_client.auth_url, new_auth_url)
self.assertEqual(new_client.username, 'exampleuser')
self.assertIsNone(new_client.password)
self.assertEqual(new_client.management_url,
'http://admin:35357/v3')
def test_project_scoped_init(self):
self.stub_auth(json=client_fixtures.project_scoped_token()),
c = client.Client(user_id='c4da488862bd435c9e6c0275a0d0e49a',
password='******',
user_domain_name='exampledomain',
project_name='exampleproject',
auth_url=self.TEST_URL)
self.assertIsNotNone(c.auth_ref)
self.assertFalse(c.auth_ref.domain_scoped)
self.assertTrue(c.auth_ref.project_scoped)
self.assertEqual(c.auth_user_id, 'c4da488862bd435c9e6c0275a0d0e49a')
self.assertEqual(c.auth_tenant_id, '225da22d3ce34b15877ea70b2a575f58')
def test_project_scoped_init(self):
self.stub_auth(json=client_fixtures.project_scoped_token()),
c = client.Client(user_id='c4da488862bd435c9e6c0275a0d0e49a',
password='******',
user_domain_name='exampledomain',
project_name='exampleproject',
auth_url=self.TEST_URL)
self.assertIsNotNone(c.auth_ref)
self.assertFalse(c.auth_ref.domain_scoped)
self.assertTrue(c.auth_ref.project_scoped)
self.assertEqual(c.auth_user_id,
'c4da488862bd435c9e6c0275a0d0e49a')
self.assertEqual(c.auth_tenant_id,
'225da22d3ce34b15877ea70b2a575f58')
def test_oauth_authenticate_success(self):
consumer_key = uuid.uuid4().hex
consumer_secret = uuid.uuid4().hex
access_key = uuid.uuid4().hex
access_secret = uuid.uuid4().hex
# Just use an existing project scoped token and change
# the methods to oauth1, and add an OS-OAUTH1 section.
oauth_token = client_fixtures.project_scoped_token()
oauth_token['methods'] = ["oauth1"]
oauth_token['OS-OAUTH1'] = {
"consumer_id": consumer_key,
"access_token_id": access_key
}
self.stub_auth(json=oauth_token)
a = auth.OAuth(self.TEST_URL,
consumer_key=consumer_key,
consumer_secret=consumer_secret,
access_key=access_key,
access_secret=access_secret)
s = session.Session(auth=a)
t = s.get_token()
self.assertEqual(self.TEST_TOKEN, t)
OAUTH_REQUEST_BODY = {
"auth": {
"identity": {
"methods": ["oauth1"],
"oauth1": {}
}
}
}
self.assertRequestBodyIs(json=OAUTH_REQUEST_BODY)
# Assert that the headers have the same oauthlib data
req_headers = self.requests.last_request.headers
oauth_client = oauth1.Client(consumer_key,
client_secret=consumer_secret,
resource_owner_key=access_key,
resource_owner_secret=access_secret,
signature_method=oauth1.SIGNATURE_HMAC)
self._validate_oauth_headers(req_headers['Authorization'],
oauth_client)
def test_oauth_authenticate_success(self):
consumer_key = uuid.uuid4().hex
consumer_secret = uuid.uuid4().hex
access_key = uuid.uuid4().hex
access_secret = uuid.uuid4().hex
# Just use an existing project scoped token and change
# the methods to oauth1, and add an OS-OAUTH1 section.
oauth_token = client_fixtures.project_scoped_token()
oauth_token['methods'] = ["oauth1"]
oauth_token['OS-OAUTH1'] = {"consumer_id": consumer_key,
"access_token_id": access_key}
self.stub_auth(json=oauth_token)
a = auth.OAuth(self.TEST_URL, consumer_key=consumer_key,
consumer_secret=consumer_secret,
access_key=access_key,
access_secret=access_secret)
s = session.Session(auth=a)
t = s.get_token()
self.assertEqual(t, self.TEST_TOKEN)
OAUTH_REQUEST_BODY = {
"auth": {
"identity": {
"methods": ["oauth1"],
"oauth1": {}
}
}
}
self.assertRequestBodyIs(json=OAUTH_REQUEST_BODY)
# Assert that the headers have the same oauthlib data
req_headers = httpretty.last_request().headers
oauth_client = oauth1.Client(consumer_key,
client_secret=consumer_secret,
resource_owner_key=access_key,
resource_owner_secret=access_secret,
signature_method=oauth1.SIGNATURE_HMAC)
self._validate_oauth_headers(req_headers['Authorization'],
oauth_client)
def test_service_catalog_without_name(self):
pr_auth_ref = access.AccessInfo.factory(
resp=None,
body=client_fixtures.project_scoped_token())
pr_sc = pr_auth_ref.service_catalog
# this will work because there are no service names on that token
url_ref = 'http://public.com:8774/v2/225da22d3ce34b15877ea70b2a575f58'
url = pr_sc.url_for(service_type='compute', service_name='NotExist',
endpoint_type='public')
self.assertEqual(url_ref, url)
ab_auth_ref = access.AccessInfo.factory(resp=None,
body=self.AUTH_RESPONSE_BODY)
ab_sc = ab_auth_ref.service_catalog
# this won't work because there is a name and it's not this one
self.assertRaises(exceptions.EndpointNotFound, ab_sc.url_for,
service_type='compute', service_name='NotExist',
endpoint_type='public')
def setUp(self):
super(ScopeFederationTokenTests, self).setUp()
self.PROJECT_SCOPED_TOKEN_JSON = client_fixtures.project_scoped_token()
self.PROJECT_SCOPED_TOKEN_JSON['methods'] = ['saml2']
# for better readability
self.TEST_TENANT_ID = self.PROJECT_SCOPED_TOKEN_JSON.project_id
self.TEST_TENANT_NAME = self.PROJECT_SCOPED_TOKEN_JSON.project_name
self.DOMAIN_SCOPED_TOKEN_JSON = client_fixtures.domain_scoped_token()
self.DOMAIN_SCOPED_TOKEN_JSON['methods'] = ['saml2']
# for better readability
self.TEST_DOMAIN_ID = self.DOMAIN_SCOPED_TOKEN_JSON.domain_id
self.TEST_DOMAIN_NAME = self.DOMAIN_SCOPED_TOKEN_JSON.domain_name
self.saml2_scope_plugin = saml2.Saml2ScopedToken(
self.TEST_URL, saml2_fixtures.UNSCOPED_TOKEN_HEADER,
project_id=self.TEST_TENANT_ID)
def setUp(self):
super(ScopeFederationTokenTests, self).setUp()
self.PROJECT_SCOPED_TOKEN_JSON = client_fixtures.project_scoped_token()
self.PROJECT_SCOPED_TOKEN_JSON['methods'] = ['saml2']
# for better readability
self.TEST_TENANT_ID = self.PROJECT_SCOPED_TOKEN_JSON.project_id
self.TEST_TENANT_NAME = self.PROJECT_SCOPED_TOKEN_JSON.project_name
self.DOMAIN_SCOPED_TOKEN_JSON = client_fixtures.domain_scoped_token()
self.DOMAIN_SCOPED_TOKEN_JSON['methods'] = ['saml2']
# for better readability
self.TEST_DOMAIN_ID = self.DOMAIN_SCOPED_TOKEN_JSON.domain_id
self.TEST_DOMAIN_NAME = self.DOMAIN_SCOPED_TOKEN_JSON.domain_name
self.saml2_scope_plugin = saml2.Saml2ScopedToken(
self.TEST_URL,
saml2_fixtures.UNSCOPED_TOKEN_HEADER,
project_id=self.TEST_TENANT_ID)
def test_service_catalog_without_name(self):
pr_auth_ref = access.AccessInfo.factory(
resp=None, body=client_fixtures.project_scoped_token())
pr_sc = pr_auth_ref.service_catalog
# this will work because there are no service names on that token
url_ref = 'http://public.com:8774/v2/225da22d3ce34b15877ea70b2a575f58'
url = pr_sc.url_for(service_type='compute',
service_name='NotExist',
endpoint_type='public')
self.assertEqual(url_ref, url)
ab_auth_ref = access.AccessInfo.factory(resp=None,
body=self.AUTH_RESPONSE_BODY)
ab_sc = ab_auth_ref.service_catalog
# this won't work because there is a name and it's not this one
self.assertRaises(exceptions.EndpointNotFound,
ab_sc.url_for,
service_type='compute',
service_name='NotExist',
endpoint_type='public')
def test_management_url_is_updated_with_project(self):
self._management_url_is_updated(client_fixtures.project_scoped_token(),
project_name='exampleproject')
def test_management_url_is_updated_with_project(self):
self._management_url_is_updated(client_fixtures.project_scoped_token(),
project_name='exampleproject')
import datetime
import uuid
from keystoneclient import access
from keystoneclient import fixture
from keystoneclient.openstack.common import timeutils
from keystoneclient.tests.v3 import client_fixtures
from keystoneclient.tests.v3 import utils
TOKEN_RESPONSE = utils.TestResponse({
"headers": client_fixtures.AUTH_RESPONSE_HEADERS
})
UNSCOPED_TOKEN = client_fixtures.unscoped_token()
DOMAIN_SCOPED_TOKEN = client_fixtures.domain_scoped_token()
PROJECT_SCOPED_TOKEN = client_fixtures.project_scoped_token()
class AccessInfoTest(utils.TestCase):
def test_building_unscoped_accessinfo(self):
auth_ref = access.AccessInfo.factory(resp=TOKEN_RESPONSE,
body=UNSCOPED_TOKEN)
self.assertTrue(auth_ref)
self.assertIn('methods', auth_ref)
self.assertNotIn('catalog', auth_ref)
self.assertEqual(auth_ref.auth_token,
'3e2813b7ba0b4006840c3825860b86ed')
self.assertEqual(auth_ref.username, 'exampleuser')
self.assertEqual(auth_ref.user_id, 'c4da488862bd435c9e6c0275a0d0e49a')
# under the License.
import datetime
import uuid
from keystoneclient import access
from keystoneclient import fixture
from keystoneclient.openstack.common import timeutils
from keystoneclient.tests.v3 import client_fixtures
from keystoneclient.tests.v3 import utils
TOKEN_RESPONSE = utils.TestResponse(
{"headers": client_fixtures.AUTH_RESPONSE_HEADERS})
UNSCOPED_TOKEN = client_fixtures.unscoped_token()
DOMAIN_SCOPED_TOKEN = client_fixtures.domain_scoped_token()
PROJECT_SCOPED_TOKEN = client_fixtures.project_scoped_token()
class AccessInfoTest(utils.TestCase):
def test_building_unscoped_accessinfo(self):
auth_ref = access.AccessInfo.factory(resp=TOKEN_RESPONSE,
body=UNSCOPED_TOKEN)
self.assertTrue(auth_ref)
self.assertIn('methods', auth_ref)
self.assertNotIn('catalog', auth_ref)
self.assertEqual(auth_ref.auth_token,
'3e2813b7ba0b4006840c3825860b86ed')
self.assertEqual(auth_ref.username, 'exampleuser')
self.assertEqual(auth_ref.user_id, 'c4da488862bd435c9e6c0275a0d0e49a')
