def test_version_data_override_version_url(self): # if the request url is versioned already, just return it. self.requests_mock.get( V3_URL, status_code=200, json={ 'version': fixture.V3Discovery('http://override/identity/v3') }) disc = discover.Discover(self.session, V3_URL) version_data = disc.version_data() for v in version_data: self.assertEqual(v['version'], (3, 0)) self.assertEqual(v['status'], discover.Status.CURRENT) self.assertEqual(v['raw_status'], 'stable') self.assertEqual(v['url'], V3_URL) # if the request url is not versioned, just add version info to it.( # do not changed the url's netloc or path) self.requests_mock.get( BASE_URL, status_code=200, json={ 'version': fixture.V3Discovery('http://override/identity/v3') }) disc = discover.Discover(self.session, BASE_URL) version_data = disc.version_data() for v in version_data: self.assertEqual(v['version'], (3, 0)) self.assertEqual(v['status'], discover.Status.CURRENT) self.assertEqual(v['raw_status'], 'stable') self.assertEqual(v['url'], V3_URL)
def register_keystone_discovery_fixture(self, mreq): v3_url = "http://no.where/v3" v3_version = fixture.V3Discovery(v3_url) mreq.register_uri('GET', v3_url, json=_create_ver_list([v3_version]), status_code=200)
def register_keystone_auth_fixture(self, request_mocker): self.register_keystone_v2_token_fixture(request_mocker) self.register_keystone_v3_token_fixture(request_mocker) request_mocker.get(V2_URL, json=ks_fixture.V2Discovery(V2_URL)) request_mocker.get(V3_URL, json=ks_fixture.V3Discovery(V3_URL)) request_mocker.get(BASE_URL, json=ks_fixture.DiscoveryList(BASE_URL))
def new_client(self): t = fixture.V3Token(user_id=self.user_id) t.set_project_scope() s = t.add_service('identity') s.add_standard_endpoints(public=self.TEST_URL, admin=self.TEST_URL) d = fixture.V3Discovery(self.TEST_URL) headers = {'X-Subject-Token': uuid.uuid4().hex} self.requests.register_uri('POST', self.TEST_URL + '/auth/tokens', headers=headers, json=t) self.requests.register_uri('GET', self.TEST_URL, json={'version': d}) with self.deprecations.expect_deprecations_here(): a = ksc_identity.V3Password(username=uuid.uuid4().hex, password=uuid.uuid4().hex, user_domain_id=uuid.uuid4().hex, auth_url=self.TEST_URL) s = ksc_session.Session(auth=a) return v3_client.Client(session=s)
def _mock_k2k_flow_urls(self, redirect_code=302): # List versions available for auth self.requests_mock.get( self.TEST_URL, json={'version': fixture.V3Discovery(self.TEST_URL)}, headers={'Content-Type': 'application/json'}) # The IdP should return a ECP wrapped assertion when requested self.requests_mock.register_uri( 'POST', self.REQUEST_ECP_URL, content=six.b(k2k_fixtures.ECP_ENVELOPE), headers={'Content-Type': 'application/vnd.paos+xml'}, status_code=200) # The SP should respond with a redirect (302 or 303) self.requests_mock.register_uri( 'POST', self.SP_URL, content=six.b(k2k_fixtures.TOKEN_BASED_ECP), headers={'Content-Type': 'application/vnd.paos+xml'}, status_code=redirect_code) # Should not follow the redirect URL, but use the auth_url attribute self.requests_mock.register_uri( 'GET', self.SP_AUTH_URL, json=k2k_fixtures.UNSCOPED_TOKEN, headers={'X-Subject-Token': k2k_fixtures.UNSCOPED_TOKEN_HEADER})
def setUp(self): super(V3IdentityPlugin, self).setUp() self.TEST_DISCOVERY_RESPONSE = { 'versions': {'values': [fixture.V3Discovery(self.TEST_URL)]}} self.TEST_RESPONSE_DICT = { "token": { "methods": [ "token", "password" ], "expires_at": "2020-01-01T00:00:10.000123Z", "project": { "domain": { "id": self.TEST_DOMAIN_ID, "name": self.TEST_DOMAIN_NAME }, "id": self.TEST_TENANT_ID, "name": self.TEST_TENANT_NAME }, "user": { "domain": { "id": self.TEST_DOMAIN_ID, "name": self.TEST_DOMAIN_NAME }, "id": self.TEST_USER, "name": self.TEST_USER }, "issued_at": "2013-05-29T16:55:21.468960Z", "catalog": self.TEST_SERVICE_CATALOG, "service_providers": self.TEST_SERVICE_PROVIDERS }, } self.TEST_PROJECTS_RESPONSE = { "projects": [ { "domain_id": "1789d1", "enabled": "True", "id": "263fd9", "links": { "self": "https://identity:5000/v3/projects/263fd9" }, "name": "Dev Group A" }, { "domain_id": "1789d1", "enabled": "True", "id": "e56ad3", "links": { "self": "https://identity:5000/v3/projects/e56ad3" }, "name": "Dev Group B" } ], "links": { "self": "https://identity:5000/v3/projects", } }
def _mock_k2k_flow_urls(self): # We need to check the auth versions available self.requests_mock.get( self.TEST_URL, json={'version': auth_fixture.V3Discovery(self.TEST_URL)}, headers={'Content-Type': 'application/json'}) # The identity provider receives a request for an ECP wrapped # assertion. This assertion contains the user authentication info # and will be presented to the service provider self.requests_mock.register_uri( 'POST', self.REQUEST_ECP_URL, content=six.b(k2k_fixtures.ECP_ENVELOPE), headers={'Content-Type': 'application/vnd.paos+xml'}, status_code=200) # The service provider is presented with the ECP wrapped assertion # generated by the identity provider and should return a redirect # (302 or 303) upon successful authentication self.requests_mock.register_uri( 'POST', self.SP_URL, content=six.b(k2k_fixtures.TOKEN_BASED_ECP), headers={'Content-Type': 'application/vnd.paos+xml'}, status_code=302) # Should not follow the redirect URL, but use the auth_url attribute self.requests_mock.register_uri( 'GET', self.SP_AUTH_URL, json=k2k_fixtures.UNSCOPED_TOKEN, headers={'X-Subject-Token': k2k_fixtures.UNSCOPED_TOKEN_HEADER})
def setUp(self): super(ShellTest, self).setUp() global _old_env _old_env, os.environ = os.environ, self.auth_env self.requests = self.useFixture(rm_fixture.Fixture()) json_list = ks_fixture.DiscoveryList(DEFAULT_UNVERSIONED_AUTH_URL) self.requests.get(DEFAULT_UNVERSIONED_AUTH_URL, json=json_list, status_code=300) json_v2 = {'version': ks_fixture.V2Discovery(DEFAULT_V2_AUTH_URL)} self.requests.get(DEFAULT_V2_AUTH_URL, json=json_v2) json_v3 = {'version': ks_fixture.V3Discovery(DEFAULT_V3_AUTH_URL)} self.requests.get(DEFAULT_V3_AUTH_URL, json=json_v3) self.v2_auth = self.requests.post(DEFAULT_V2_AUTH_URL + '/tokens', json=V2_TOKEN) headers = {'X-Subject-Token': TOKEN_ID} self.v3_auth = self.requests.post(DEFAULT_V3_AUTH_URL + '/auth/tokens', headers=headers, json=V3_TOKEN) global shell, _shell, assert_called, assert_called_anytime _shell = openstack_shell.OpenStackImagesShell() shell = lambda cmd: _shell.main(cmd.split())
def setUp(self): super(AuthProjectsTest, self).setUp() self.v3token = fixture.V3Token() self.stub_auth(json=self.v3token) self.stub_url('GET', [], json={'version': fixture.V3Discovery(self.TEST_URL)})
def test_version_data_unknown(self): discovery_fixture = fixture.V3Discovery(V3_URL) discovery_fixture.status = 'hungry' discovery_doc = _create_single_version(discovery_fixture) self.requests_mock.get(V3_URL, status_code=200, json=discovery_doc) disc = discover.Discover(self.session, V3_URL) clean_data = disc.version_data(allow_unknown=True) self.assertEqual(discover.Status.UNKNOWN, clean_data[0]['status'])
def test_fail_getting_ecp_assertion(self): self.requests_mock.get( self.TEST_URL, json={'version': fixture.V3Discovery(self.TEST_URL)}, headers={'Content-Type': 'application/json'}) self.requests_mock.register_uri('POST', self.REQUEST_ECP_URL, status_code=401) self.assertRaises(exceptions.AuthorizationFailure, self.k2kplugin._get_ecp_assertion, self.session)
def test_get_ecp_assertion_wrong_headers(self): self.requests_mock.get( self.TEST_URL, json={'version': fixture.V3Discovery(self.TEST_URL)}, headers={'Content-Type': 'application/json'}) self.requests_mock.register_uri( 'POST', self.REQUEST_ECP_URL, headers={'Content-Type': uuid.uuid4().hex}, content=six.b(''), status_code=200) self.assertRaises(exceptions.InvalidResponse, self.k2kplugin._get_ecp_assertion, self.session)
"token": { "expires": "2020-01-01T00:00:10.000123Z", "id": 'fakeToken', "tenant": { "id": '1' }, }, "user": { "id": 'test' }, "serviceCatalog": TEST_SERVICE_CATALOG, }, }) V3_URL = "%sv3" % BASE_URL V3_VERSION = fixture.V3Discovery(V3_URL) V3_MEDIA_TYPES = V3_VERSION.media_types V3_VERSION.updated_str = UPDATED V3_AUTH_RESPONSE = json.dumps({ "token": { "methods": ["token", "password"], "expires_at": "2020-01-01T00:00:10.000123Z", "project": { "domain": { "id": '1', "name": 'test-domain' }, "id": '1', "name": 'test-project' },
class ShellTestKeystoneV3(ShellTest): version_id = u'v3' links = [{u'href': u'http://no.where/v3', u'rel': u'self'}] v3_version = fixture.V3Discovery(V3_URL) v3_version.updated_str = UPDATED test_service_catalog = [{ "endpoints": [{ "url": "http://no.where/v1.0/", "region": "RegionOne", "interface": "public" }, { "url": "http://no.where/v1.0", "region": "RegionOne", "interface": "internal" }, { "url": "http://no.where/v1.0", "region": "RegionOne", "interface": "admin" }], "type": "database", "name": "trove" }] service_catalog2 = [{ "endpoints": [{ "url": "http://no.where/vXYZ", "region": "RegionOne", "interface": "public" }], "type": "database", "name": "trove" }] v3_auth_response = json.dumps({ "token": { "methods": [ "token", "password" ], "expires_at": "2020-01-01T00:00:10.000123Z", "project": { "domain": { "id": uuid.uuid4().hex, "name": uuid.uuid4().hex }, "id": uuid.uuid4().hex, "name": uuid.uuid4().hex }, "user": { "domain": { "id": uuid.uuid4().hex, "name": uuid.uuid4().hex }, "id": uuid.uuid4().hex, "name": uuid.uuid4().hex }, "issued_at": "2013-05-29T16:55:21.468960Z", "catalog": test_service_catalog }, }) def make_env(self, exclude=None, fake_env=FAKE_V3_ENV): if 'OS_AUTH_URL' in fake_env: fake_env.update({'OS_AUTH_URL': 'http://no.where/v3'}) env = dict((k, v) for k, v in fake_env.items() if k != exclude) self.useFixture(fixtures.MonkeyPatch('os.environ', env)) def register_keystone_discovery_fixture(self, mreq): v3_url = "http://no.where/v3" v3_version = fixture.V3Discovery(v3_url) mreq.register_uri('GET', v3_url, json=_create_ver_list([v3_version]), status_code=200) def test_no_project_id(self): required = ( u'You must provide a ' u'project_id or project_name (with ' u'project_domain_name or project_domain_id) via ' u' --os-project-id (env[OS_PROJECT_ID])' u' --os-project-name (env[OS_PROJECT_NAME]),' u' --os-project-domain-id ' u'(env[OS_PROJECT_DOMAIN_ID])' u' --os-project-domain-name ' u'(env[OS_PROJECT_DOMAIN_NAME])' ) self.make_env(exclude='OS_PROJECT_ID') try: self.shell('list') except exceptions.CommandError as message: self.assertEqual(required, message.args[0]) else: self.fail('CommandError not raised') @mock.patch('keystoneauth1.discover.get_version_data', return_value=[{u'status': u'stable', u'id': version_id, u'links': links}]) @mock.patch('troveclient.v1.datastores.DatastoreVersions.list') @requests_mock.Mocker() def test_datastore_version_list(self, mock_discover, mock_list, mock_requests): expected = '\n'.join([ '+----+------+', '| ID | Name |', '+----+------+', '+----+------+', '' ]) self.make_env() self.register_keystone_discovery_fixture(mock_requests) mock_requests.register_uri('POST', "http://no.where/v3/auth/tokens", headers={'X-Subject-Token': 'fakeToken'}, text=self.v3_auth_response) stdout, stderr = self.shell('datastore-version-list XXX') self.assertEqual(expected, (stdout + stderr)) @mock.patch('keystoneauth1.discover.get_version_data', return_value=[{u'status': u'stable', u'id': version_id, u'links': links}]) @mock.patch('troveclient.v1.datastores.Datastores.list') @requests_mock.Mocker() def test_get_datastore_list(self, mock_discover, mock_list, mock_requests): expected = '\n'.join([ '+----+------+', '| ID | Name |', '+----+------+', '+----+------+', '' ]) self.make_env() self.register_keystone_discovery_fixture(mock_requests) mock_requests.register_uri('POST', "http://no.where/v3/auth/tokens", headers={'X-Subject-Token': 'fakeToken'}, text=self.v3_auth_response) stdout, stderr = self.shell('datastore-list') self.assertEqual(expected, (stdout + stderr)) @mock.patch('keystoneauth1.discover.get_version_data', return_value=[{u'status': u'stable', u'id': version_id, u'links': links}]) @requests_mock.Mocker() def test_invalid_client_version(self, mock_discover, mock_requests): response = json.loads(self.v3_auth_response) response['token']['catalog'] = self.service_catalog2 self.make_env() self.register_keystone_discovery_fixture(mock_requests) mock_requests.register_uri('POST', "http://no.where/v3/auth/tokens", headers={'X-Subject-Token': 'fakeToken'}, text=json.dumps(response)) try: self.shell('datastore-list') except exceptions.UnsupportedVersion: pass else: self.fail('UnsupportedVersion not raised')
def setUp(self): super(V3IdentityPlugin, self).setUp() self.TEST_DISCOVERY_RESPONSE = { 'versions': { 'values': [fixture.V3Discovery(self.TEST_URL)] } } nextyear = 1 + time.gmtime().tm_year self.TEST_RESPONSE_DICT = { "token": { "methods": ["token", "password"], "expires_at": "%i-02-01T00:00:10.000123Z" % nextyear, "project": { "domain": { "id": self.TEST_DOMAIN_ID, "name": self.TEST_DOMAIN_NAME }, "id": self.TEST_TENANT_ID, "name": self.TEST_TENANT_NAME }, "user": { "domain": { "id": self.TEST_DOMAIN_ID, "name": self.TEST_DOMAIN_NAME }, "id": self.TEST_USER, "name": self.TEST_USER }, "issued_at": "2013-05-29T16:55:21.468960Z", "catalog": self.TEST_SERVICE_CATALOG, "service_providers": self.TEST_SERVICE_PROVIDERS }, } self.TEST_PROJECTS_RESPONSE = { "projects": [{ "domain_id": "1789d1", "enabled": "True", "id": "263fd9", "links": { "self": "https://identity:5000/v3/projects/263fd9" }, "name": "Dev Group A" }, { "domain_id": "1789d1", "enabled": "True", "id": "e56ad3", "links": { "self": "https://identity:5000/v3/projects/e56ad3" }, "name": "Dev Group B" }], "links": { "self": "https://identity:5000/v3/projects", } } self.TEST_APP_CRED_TOKEN_RESPONSE = { "token": { "methods": ["application_credential"], "expires_at": "%i-02-01T00:00:10.000123Z" % nextyear, "project": { "domain": { "id": self.TEST_DOMAIN_ID, "name": self.TEST_DOMAIN_NAME }, "id": self.TEST_TENANT_ID, "name": self.TEST_TENANT_NAME }, "user": { "domain": { "id": self.TEST_DOMAIN_ID, "name": self.TEST_DOMAIN_NAME }, "id": self.TEST_USER, "name": self.TEST_USER }, "issued_at": "2013-05-29T16:55:21.468960Z", "catalog": self.TEST_SERVICE_CATALOG, "service_providers": self.TEST_SERVICE_PROVIDERS, "application_credential_restricted": True }, } self.TEST_RECEIPT_RESPONSE = { "receipt": { "methods": ["password"], "expires_at": "%i-02-01T00:00:10.000123Z" % nextyear, "user": { "domain": { "id": self.TEST_DOMAIN_ID, "name": self.TEST_DOMAIN_NAME, }, "id": self.TEST_USER, "name": self.TEST_USER, }, "issued_at": "2013-05-29T16:55:21.468960Z", }, "required_auth_methods": [["password", "totp"]], }