def test_validate_client_b64decode_error(self): url = 'myurl' tenant_id = '172839405' token = 'AaBbCcDdEeFf' redis_client = fakeredis_connection() bttl = 5 # The data that will get cached access_info = fake_catalog(tenant_id, token) # We have data with mock.patch('eom.auth._get_access_info') as MockGetAccessInfo: with mock.patch('eom.auth._is_token_blacklisted') as MockBlacklist: with mock.patch('base64.b64decode') as MockB64Decode: MockB64Decode.side_effect = Exception( 'mock b64decode error') env_result = {} MockBlacklist.return_value = False MockGetAccessInfo.return_value = access_info result = auth._validate_client(redis_client, url, tenant_id, token, env_result, bttl, self.default_max_cache_life) self.assertFalse(result)
def test_validate_client_b64decode_error(self): url = 'myurl' tenant_id = '172839405' token = 'AaBbCcDdEeFf' redis_client = fakeredis_connection() bttl = 5 # The data that will get cached access_info = fake_catalog(tenant_id, token) # We have data with mock.patch( 'eom.auth._get_access_info') as MockGetAccessInfo: with mock.patch( 'eom.auth._is_token_blacklisted') as MockBlacklist: with mock.patch( 'base64.b64decode') as MockB64Decode: MockB64Decode.side_effect = Exception( 'mock b64decode error') env_result = {} MockBlacklist.return_value = False MockGetAccessInfo.return_value = access_info result = auth._validate_client(redis_client, url, tenant_id, token, env_result, bttl, self.default_max_cache_life) self.assertFalse(result)
def test_validate_client_token_blacklisted(self): url = 'myurl' tenant_id = '504938271' token = '1nd14r0m303ch0n0v3mb3r3ch0' redis_client = fakeredis_connection() bttl = 5 # We have data with mock.patch('eom.auth._is_token_blacklisted') as MockBlacklist: env_result = {} MockBlacklist.return_value = True result = auth._validate_client(redis_client, url, tenant_id, token, env_result, bttl, self.default_max_cache_life) self.assertFalse(result)
def test_validate_client_invalid_data(self): url = 'myurl' tenant_id = '172839405' token = 'AaBbCcDdEeFf' redis_client = fakeredis_connection() bttl = 5 # No data is returned with mock.patch('eom.auth._get_access_info') as MockGetAccessInfo: env_no_data = {} MockGetAccessInfo.return_value = None result = auth._validate_client(redis_client, url, tenant_id, token, env_no_data, bttl, self.default_max_cache_life) self.assertFalse(result)
def test_validate_client_exception(self): url = 'myurl' tenant_id = '172839405' token = 'AaBbCcDdEeFf' redis_client = fakeredis_connection() bttl = 5 # Throw an exception - anything, just needs to throw with mock.patch('eom.auth._get_access_info') as MockGetAccessInfo: env_exception_thrown = {} MockGetAccessInfo.side_effect = Exception( 'mock - just blowing it up') result = auth._validate_client(redis_client, url, tenant_id, token, env_exception_thrown, bttl, self.default_max_cache_life) self.assertFalse(result)
def test_validate_client_token_blacklisted(self): url = 'myurl' tenant_id = '504938271' token = '1nd14r0m303ch0n0v3mb3r3ch0' redis_client = fakeredis_connection() bttl = 5 # We have data with mock.patch( 'eom.auth._is_token_blacklisted') as MockBlacklist: env_result = {} MockBlacklist.return_value = True result = auth._validate_client(redis_client, url, tenant_id, token, env_result, bttl, self.default_max_cache_life) self.assertFalse(result)
def test_validate_client_invalid_data(self): url = 'myurl' tenant_id = '172839405' token = 'AaBbCcDdEeFf' redis_client = fakeredis_connection() bttl = 5 # No data is returned with mock.patch( 'eom.auth._get_access_info') as MockGetAccessInfo: env_no_data = {} MockGetAccessInfo.return_value = None result = auth._validate_client(redis_client, url, tenant_id, token, env_no_data, bttl, self.default_max_cache_life) self.assertFalse(result)
def test_validate_client_exception(self): url = 'myurl' tenant_id = '172839405' token = 'AaBbCcDdEeFf' redis_client = fakeredis_connection() bttl = 5 # Throw an exception - anything, just needs to throw with mock.patch( 'eom.auth._get_access_info') as MockGetAccessInfo: env_exception_thrown = {} MockGetAccessInfo.side_effect = Exception( 'mock - just blowing it up') result = auth._validate_client(redis_client, url, tenant_id, token, env_exception_thrown, bttl, self.default_max_cache_life) self.assertFalse(result)
def test_validate_client_valid_data(self): url = 'myurl' tenant_id = '172839405' token = 'AaBbCcDdEeFf' redis_client = fakeredis_connection() bttl = 5 # The data that will get cached access_info = fake_catalog(tenant_id, token) # Encode a version of the data for verification tests later data = access_info.service_catalog.catalog json_data = json.dumps(data) u_json_data = json_data if six.PY2: if isinstance(u_json_data, bytes): u_json_data = json_data.decode('utf-8') access_data_utf8 = u_json_data.encode(encoding='utf-8', errors='strict') access_data_b64 = base64.b64encode(access_data_utf8) # We have data with mock.patch( 'eom.auth._get_access_info') as MockGetAccessInfo: with mock.patch( 'eom.auth._is_token_blacklisted') as MockBlacklist: env_result = {} MockBlacklist.return_value = False MockGetAccessInfo.return_value = access_info result = auth._validate_client(redis_client, url, tenant_id, token, env_result, bttl, self.default_max_cache_life) self.assertTrue(result) self.assertEqual(env_result['HTTP_X_IDENTITY_STATUS'], 'Confirmed') self.assertEqual(env_result['HTTP_X_USER_ID'], MockGetAccessInfo.return_value.user_id) self.assertEqual(env_result['HTTP_X_USER_NAME'], MockGetAccessInfo.return_value.username) self.assertEqual(env_result['HTTP_X_USER_DOMAIN_ID'], MockGetAccessInfo.return_value.user_domain_id) self.assertEqual(env_result['HTTP_X_USER_DOMAIN_NAME'], MockGetAccessInfo.return_value. user_domain_name) role_names = MockGetAccessInfo.return_value.role_names self.assertEqual(env_result['HTTP_X_ROLES'], ','.join(role for role in role_names)) self.assertEqual(env_result['HTTP_X_SERVICE_CATALOG'], access_data_b64) env_service_catalog_utf8 = base64.b64decode( env_result['HTTP_X_SERVICE_CATALOG']) self.assertEqual(env_service_catalog_utf8, access_data_utf8) env_service_catalog = json.loads(env_service_catalog_utf8) self.assertEqual(env_service_catalog, data) self.assertTrue(MockGetAccessInfo.return_value.project_scoped) self.assertEqual(env_result['HTTP_X_PROJECT_ID'], tenant_id) self.assertEqual(env_result['HTTP_X_PROJECT_ID'], MockGetAccessInfo.return_value.project_id) self.assertEqual(env_result['HTTP_X_PROJECT_NAME'], MockGetAccessInfo.return_value.project_name) if MockGetAccessInfo.return_value.domain_scoped: self.assertEqual(env_result['HTTP_X_DOMAIN_ID'], MockGetAccessInfo.return_value.domain_id) self.assertEqual(env_result['HTTP_X_DOMAIN_NAME'], MockGetAccessInfo.return_value. domain_name) else: self.assertTrue('HTTP_X_DOMAIN_ID' not in env_result.keys()) self.assertTrue('HTTP_X_DOMAIN_NAME' not in env_result.keys()) if MockGetAccessInfo.return_value.project_scoped and ( MockGetAccessInfo.return_value.domain_scoped): self.assertEqual(env_result['HTTP_X_PROJECT_DOMAIN_ID'], MockGetAccessInfo.return_value. project_domain_id) self.assertEqual(env_result['HTTP_X_PROJECT_DOMAIN_NAME'], MockGetAccessInfo.return_value. project_domain_name) else: self.assertTrue('HTTP_X_PROJECT_DOMAIN_ID' not in env_result.keys()) self.assertTrue('HTTP_X_PROJECT_DOMAIN_NAME' not in env_result.keys())
def test_validate_client_valid_data(self): url = 'myurl' tenant_id = '172839405' token = 'AaBbCcDdEeFf' redis_client = fakeredis_connection() bttl = 5 # The data that will get cached access_info = fake_catalog(tenant_id, token) # Encode a version of the data for verification tests later data = access_info.service_catalog.catalog json_data = json.dumps(data) u_json_data = json_data if six.PY2: if isinstance(u_json_data, bytes): u_json_data = json_data.decode('utf-8') access_data_utf8 = u_json_data.encode(encoding='utf-8', errors='strict') access_data_b64 = base64.b64encode(access_data_utf8) # We have data with mock.patch('eom.auth._get_access_info') as MockGetAccessInfo: with mock.patch('eom.auth._is_token_blacklisted') as MockBlacklist: env_result = {} MockBlacklist.return_value = False MockGetAccessInfo.return_value = access_info result = auth._validate_client(redis_client, url, tenant_id, token, env_result, bttl, self.default_max_cache_life) self.assertTrue(result) self.assertEqual(env_result['HTTP_X_IDENTITY_STATUS'], 'Confirmed') self.assertEqual(env_result['HTTP_X_USER_ID'], MockGetAccessInfo.return_value.user_id) self.assertEqual(env_result['HTTP_X_USER_NAME'], MockGetAccessInfo.return_value.username) self.assertEqual(env_result['HTTP_X_USER_DOMAIN_ID'], MockGetAccessInfo.return_value.user_domain_id) self.assertEqual( env_result['HTTP_X_USER_DOMAIN_NAME'], MockGetAccessInfo.return_value.user_domain_name) role_names = MockGetAccessInfo.return_value.role_names self.assertEqual(env_result['HTTP_X_ROLES'], ','.join(role for role in role_names)) self.assertEqual(env_result['HTTP_X_SERVICE_CATALOG'], access_data_b64) env_service_catalog_utf8 = base64.b64decode( env_result['HTTP_X_SERVICE_CATALOG']) self.assertEqual(env_service_catalog_utf8, access_data_utf8) env_service_catalog = json.loads(env_service_catalog_utf8) self.assertEqual(env_service_catalog, data) self.assertTrue(MockGetAccessInfo.return_value.project_scoped) self.assertEqual(env_result['HTTP_X_PROJECT_ID'], tenant_id) self.assertEqual(env_result['HTTP_X_PROJECT_ID'], MockGetAccessInfo.return_value.project_id) self.assertEqual(env_result['HTTP_X_PROJECT_NAME'], MockGetAccessInfo.return_value.project_name) if MockGetAccessInfo.return_value.domain_scoped: self.assertEqual(env_result['HTTP_X_DOMAIN_ID'], MockGetAccessInfo.return_value.domain_id) self.assertEqual( env_result['HTTP_X_DOMAIN_NAME'], MockGetAccessInfo.return_value.domain_name) else: self.assertTrue( 'HTTP_X_DOMAIN_ID' not in env_result.keys()) self.assertTrue( 'HTTP_X_DOMAIN_NAME' not in env_result.keys()) if MockGetAccessInfo.return_value.project_scoped and ( MockGetAccessInfo.return_value.domain_scoped): self.assertEqual( env_result['HTTP_X_PROJECT_DOMAIN_ID'], MockGetAccessInfo.return_value.project_domain_id) self.assertEqual( env_result['HTTP_X_PROJECT_DOMAIN_NAME'], MockGetAccessInfo.return_value.project_domain_name) else: self.assertTrue( 'HTTP_X_PROJECT_DOMAIN_ID' not in env_result.keys()) self.assertTrue( 'HTTP_X_PROJECT_DOMAIN_NAME' not in env_result.keys())