class TestTokenValidation(AuthMiddlewareTest): @mock.patch.object( Token, 'get', mock.Mock(return_value=TokenDB(id=OBJ_ID, user=USER, token=TOKEN, expiry=FUTURE))) def test_token_validation(self): response = self.app.get('/actions', headers={'X-Auth-Token': TOKEN}, expect_errors=False) self.assertEqual(response.status_int, 200) @mock.patch.object( Token, 'get', mock.Mock(return_value=TokenDB(id=OBJ_ID, user=USER, token=TOKEN, expiry=PAST))) def test_token_expired(self): response = self.app.get('/actions', headers={'X-Auth-Token': TOKEN}, expect_errors=True) self.assertEqual(response.status_int, 401) @mock.patch.object( Token, 'get', mock.MagicMock(side_effect=TokenNotFoundError())) def test_token_not_found(self): response = self.app.get('/actions', headers={'X-Auth-Token': TOKEN}, expect_errors=True) self.assertEqual(response.status_int, 401) def test_token_not_provided(self): response = self.app.get('/actions', expect_errors=True) self.assertEqual(response.status_int, 401)
def create_token(username, ttl=None, metadata=None): """ :param username: Username of the user to create the token for. If the account for this user doesn't exist yet it will be created. :type username: ``str`` :param ttl: Token TTL (in seconds). :type ttl: ``int`` :param metadata: Optional metadata to associate with the token. :type metadata: ``dict`` """ if not ttl or ttl > cfg.CONF.auth.token_ttl: ttl = cfg.CONF.auth.token_ttl if username: try: User.get_by_name(username) except: user = UserDB(name=username) User.add_or_update(user) LOG.audit('Registered new user "%s".' % username) token = uuid.uuid4().hex expiry = datetime.datetime.utcnow() + datetime.timedelta(seconds=ttl) expiry = isotime.add_utc_tz(expiry) token = TokenDB(user=username, token=token, expiry=expiry, metadata=metadata) Token.add_or_update(token) LOG.audit('Access granted to %s with the token set to expire at "%s".' % ('user "%s"' % username if username else "an anonymous user", isotime.format(expiry, offset=False))) return token
def create_token(username, ttl=None): if not ttl or ttl > cfg.CONF.auth.token_ttl: ttl = cfg.CONF.auth.token_ttl if username: try: User.get_by_name(username) except: user = UserDB(name=username) User.add_or_update(user) LOG.audit('Registered new user "%s".' % username) LOG.audit('Access granted to user "%s".' % username) token = uuid.uuid4().hex expiry = datetime.datetime.utcnow() + datetime.timedelta(seconds=ttl) expiry = isotime.add_utc_tz(expiry) token = TokenDB(user=username, token=token, expiry=expiry) Token.add_or_update(token) LOG.audit('Access granted to %s with the token set to expire at "%s".' % ('user "%s"' % username if username else "an anonymous user", isotime.format(expiry, offset=False))) return token
def _get_actionexecution_id(resp): return resp.json['id'] def _do_get_one(self, actionexecution_id, *args, **kwargs): return self.app.get('/v1/actionexecutions/%s' % actionexecution_id, *args, **kwargs) def _do_post(self, liveaction, *args, **kwargs): return self.app.post_json('/v1/actionexecutions', liveaction, *args, **kwargs) NOW = isotime.add_utc_tz(datetime.datetime.utcnow()) EXPIRY = NOW + datetime.timedelta(seconds=300) SYS_TOKEN = TokenDB(id=bson.ObjectId(), user='******', token=uuid.uuid4().hex, expiry=EXPIRY) USR_TOKEN = TokenDB(id=bson.ObjectId(), user='******', token=uuid.uuid4().hex, expiry=EXPIRY) def mock_get_token(*args, **kwargs): if args[0] == SYS_TOKEN.token: return SYS_TOKEN return USR_TOKEN @mock.patch.object(PoolPublisher, 'publish', mock.MagicMock()) class TestActionExecutionControllerAuthEnabled(AuthMiddlewareTest):
def get(cls, value): for model_object in TokenDB.objects(token=value): return model_object raise TokenNotFoundError()