class TestTokenValidation(AuthMiddlewareTest):
@mock.patch.object(
Token, 'get',
mock.Mock(return_value=TokenDB(id=OBJ_ID, user=USER, token=TOKEN, expiry=FUTURE)))
def test_token_validation(self):
response = self.app.get('/actions', headers={'X-Auth-Token': TOKEN}, expect_errors=False)
self.assertEqual(response.status_int, 200)
@mock.patch.object(
Token, 'get',
mock.Mock(return_value=TokenDB(id=OBJ_ID, user=USER, token=TOKEN, expiry=PAST)))
def test_token_expired(self):
response = self.app.get('/actions', headers={'X-Auth-Token': TOKEN}, expect_errors=True)
self.assertEqual(response.status_int, 401)
@mock.patch.object(
Token, 'get', mock.MagicMock(side_effect=TokenNotFoundError()))
def test_token_not_found(self):
response = self.app.get('/actions', headers={'X-Auth-Token': TOKEN}, expect_errors=True)
self.assertEqual(response.status_int, 401)
def test_token_not_provided(self):
response = self.app.get('/actions', expect_errors=True)
self.assertEqual(response.status_int, 401)
def create_token(username, ttl=None, metadata=None):
"""
:param username: Username of the user to create the token for. If the account for this user
doesn't exist yet it will be created.
:type username: ``str``
:param ttl: Token TTL (in seconds).
:type ttl: ``int``
:param metadata: Optional metadata to associate with the token.
:type metadata: ``dict``
"""
if not ttl or ttl > cfg.CONF.auth.token_ttl:
ttl = cfg.CONF.auth.token_ttl
if username:
try:
User.get_by_name(username)
except:
user = UserDB(name=username)
User.add_or_update(user)
LOG.audit('Registered new user "%s".' % username)
token = uuid.uuid4().hex
expiry = datetime.datetime.utcnow() + datetime.timedelta(seconds=ttl)
expiry = isotime.add_utc_tz(expiry)
token = TokenDB(user=username, token=token, expiry=expiry, metadata=metadata)
Token.add_or_update(token)
LOG.audit('Access granted to %s with the token set to expire at "%s".' %
('user "%s"' % username if username else "an anonymous user",
isotime.format(expiry, offset=False)))
return token
def create_token(username, ttl=None):
if not ttl or ttl > cfg.CONF.auth.token_ttl:
ttl = cfg.CONF.auth.token_ttl
if username:
try:
User.get_by_name(username)
except:
user = UserDB(name=username)
User.add_or_update(user)
LOG.audit('Registered new user "%s".' % username)
LOG.audit('Access granted to user "%s".' % username)
token = uuid.uuid4().hex
expiry = datetime.datetime.utcnow() + datetime.timedelta(seconds=ttl)
expiry = isotime.add_utc_tz(expiry)
token = TokenDB(user=username, token=token, expiry=expiry)
Token.add_or_update(token)
LOG.audit('Access granted to %s with the token set to expire at "%s".' %
('user "%s"' % username if username else "an anonymous user",
isotime.format(expiry, offset=False)))
return token
def _get_actionexecution_id(resp):
return resp.json['id']
def _do_get_one(self, actionexecution_id, *args, **kwargs):
return self.app.get('/v1/actionexecutions/%s' % actionexecution_id,
*args, **kwargs)
def _do_post(self, liveaction, *args, **kwargs):
return self.app.post_json('/v1/actionexecutions', liveaction, *args,
**kwargs)
NOW = isotime.add_utc_tz(datetime.datetime.utcnow())
EXPIRY = NOW + datetime.timedelta(seconds=300)
SYS_TOKEN = TokenDB(id=bson.ObjectId(),
user='******',
token=uuid.uuid4().hex,
expiry=EXPIRY)
USR_TOKEN = TokenDB(id=bson.ObjectId(),
user='******',
token=uuid.uuid4().hex,
expiry=EXPIRY)
def mock_get_token(*args, **kwargs):
if args[0] == SYS_TOKEN.token:
return SYS_TOKEN
return USR_TOKEN
@mock.patch.object(PoolPublisher, 'publish', mock.MagicMock())
class TestActionExecutionControllerAuthEnabled(AuthMiddlewareTest):