def setUp(self): super(TestBastion, self).setUp() app = util.app wrapped_app = util.wrap_403(app) self.bastion = bastion.wrap(app, wrapped_app) self.unrestricted_route = "/v1/health" self.normal_route = "/v1"
def setUp(self): super(TestBastion, self).setUp() self.app = util.app self.wrapped_app = util.wrap_403(self.app) self.bastion = bastion.wrap(self.app, self.wrapped_app) self.unrestricted_route = '/v1/health' self.normal_route = '/v1'
def test_multiple_gate_headers_allow_access(self, route): # override gate headers option bastion._CONF.set_override('gate_headers', ['HTTP_X_FORWARDED_FOR', 'HTTP_USER_AGENT'], bastion.OPT_GROUP_NAME, enforce_type=True) # re-wrap the app after modifying config opt self.bastion = bastion.wrap(self.app, self.wrapped_app) env = self.create_env(route) env['HTTP_X_FORWARDED_FOR'] = 'taco' self._expect(env, 204)
def test_multiple_gate_headers_allow_access(self, route): # override gate headers option bastion._CONF.set_override( 'gate_headers', ['HTTP_X_FORWARDED_FOR', 'HTTP_USER_AGENT'], bastion.OPT_GROUP_NAME, enforce_type=True ) # re-wrap the app after modifying config opt self.bastion = bastion.wrap(self.app, self.wrapped_app) env = self.create_env(route) env['HTTP_X_FORWARDED_FOR'] = 'taco' self._expect(env, 204)
def test_empty_gate_headers_deny_access(self, route): """bastion should allow all traffic for this endpoint. Based on the configuration for this test case.""" # override gate headers option bastion._CONF.set_override('gate_headers', [], bastion.OPT_GROUP_NAME, enforce_type=True) # re-wrap the app after modifying config opt self.bastion = bastion.wrap(self.app, self.wrapped_app) env = self.create_env(route) env['HTTP_X_FORWARDED_FOR'] = 'taco' self._expect(env, 403)
def test_empty_gate_headers_deny_access(self, route): """bastion should allow all traffic for this endpoint. Based on the configuration for this test case.""" # override gate headers option bastion._CONF.set_override( 'gate_headers', [], bastion.OPT_GROUP_NAME, enforce_type=True ) # re-wrap the app after modifying config opt self.bastion = bastion.wrap(self.app, self.wrapped_app) env = self.create_env(route) env['HTTP_X_FORWARDED_FOR'] = 'taco' self._expect(env, 403)
from eom import auth from eom import bastion from eom import rbac from deuce.transport.wsgi.app import app as deuce_app from oslo.config import cfg conf = cfg.CONF conf(project='eom', args=[]) # Get the separated Redis Server for Auth auth_redis_client = auth.get_auth_redis_client() rbac_app = rbac.wrap(deuce_app) auth_app = auth.wrap(rbac_app, auth_redis_client) app = bastion.wrap(deuce_app, auth_app)