def test_login(self):
NEW_TENANT_ID = '6'
NEW_TENANT_NAME = 'FAKENAME'
TOKEN_ID = 1
form_data = {
'method': 'Login',
'password': self.PASSWORD,
'username': self.TEST_USER
}
self.mox.StubOutWithMock(api, 'token_create')
class FakeToken(object):
id = TOKEN_ID,
user = {
"id": "1",
"roles": [{
"id": "1",
"name": "fake"
}],
"name": "user"
}
serviceCatalog = {}
tenant = None
aToken = api.Token(FakeToken())
bToken = aToken
api.token_create(IsA(http.HttpRequest), "", self.TEST_USER,
self.PASSWORD).AndReturn(aToken)
aTenant = self.mox.CreateMock(api.Token)
aTenant.id = NEW_TENANT_ID
aTenant.name = NEW_TENANT_NAME
bToken.tenant = {'id': aTenant.id, 'name': aTenant.name}
self.mox.StubOutWithMock(api, 'tenant_list_for_token')
api.tenant_list_for_token(IsA(http.HttpRequest), aToken.id).\
AndReturn([aTenant])
self.mox.StubOutWithMock(api, 'token_create_scoped')
api.token_create_scoped(IsA(http.HttpRequest), aTenant.id,
aToken.id).AndReturn(bToken)
self.mox.ReplayAll()
res = self.client.post(reverse('steer:auth_login'), form_data)
self.assertRedirectsNoFollow(res, DASH_INDEX_URL)
def test_login_invalid_credentials(self):
form_data = {'method': 'Login',
'password': self.PASSWORD,
'username': self.TEST_USER}
self.mox.StubOutWithMock(api, 'token_create')
unauthorized = api_exceptions.Unauthorized('unauth', message='unauth')
api.token_create(IsA(http.HttpRequest), "", self.TEST_USER,
self.PASSWORD).AndRaise(unauthorized)
self.mox.ReplayAll()
res = self.client.post(reverse('steer:auth_login'), form_data)
self.assertTemplateUsed(res, 'splash.html')
def test_switch_tenants(self):
NEW_TENANT_ID = '6'
NEW_TENANT_NAME = 'FAKENAME'
TOKEN_ID = 1
self.setActiveUser(self.TEST_USER_ID, self.TEST_TOKEN, self.TEST_USER,
self.TEST_TENANT, False, self.TEST_SERVICE_CATALOG)
form_data = {
'method': 'LoginWithTenant',
'password': self.PASSWORD,
'tenant': NEW_TENANT_ID,
'username': self.TEST_USER
}
self.mox.StubOutWithMock(api, 'token_create')
aTenant = self.mox.CreateMock(api.Token)
aTenant.id = NEW_TENANT_ID
aTenant.name = NEW_TENANT_NAME
aToken = self.mox.CreateMock(api.Token)
aToken.id = TOKEN_ID
aToken.user = {
'id': self.TEST_USER_ID,
'name': self.TEST_USER,
'roles': [{
'name': 'fake'
}]
}
aToken.serviceCatalog = {}
aToken.tenant = {'id': aTenant.id, 'name': aTenant.name}
api.token_create(IsA(http.HttpRequest), NEW_TENANT_ID, self.TEST_USER,
self.PASSWORD).AndReturn(aToken)
self.mox.StubOutWithMock(api, 'tenant_list_for_token')
api.tenant_list_for_token(IsA(http.HttpRequest), aToken.id).\
AndReturn([aTenant])
self.mox.ReplayAll()
res = self.client.post(
reverse('steer:auth_switch', args=[NEW_TENANT_ID]), form_data)
self.assertRedirectsNoFollow(res, DASH_INDEX_URL)
self.assertEqual(self.client.session['tenant'], NEW_TENANT_NAME)
def test_login_invalid_credentials(self):
form_data = {
'method': 'Login',
'password': self.PASSWORD,
'username': self.TEST_USER
}
self.mox.StubOutWithMock(api, 'token_create')
unauthorized = api_exceptions.Unauthorized('unauth', message='unauth')
api.token_create(IsA(http.HttpRequest), "", self.TEST_USER,
self.PASSWORD).AndRaise(unauthorized)
self.mox.ReplayAll()
res = self.client.post(reverse('steer:auth_login'), form_data)
self.assertTemplateUsed(res, 'splash.html')
def test_login_no_tenants(self):
NEW_TENANT_ID = '6'
NEW_TENANT_NAME = 'FAKENAME'
TOKEN_ID = 1
form_data = {
'method': 'Login',
'password': self.PASSWORD,
'username': self.TEST_USER
}
self.mox.StubOutWithMock(api, 'token_create')
class FakeToken(object):
id = TOKEN_ID,
user = {'roles': [{'name': 'fake'}]},
serviceCatalog = {}
aToken = api.Token(FakeToken())
api.token_create(IsA(http.HttpRequest), "", self.TEST_USER,
self.PASSWORD).AndReturn(aToken)
aTenant = self.mox.CreateMock(api.Token)
aTenant.id = NEW_TENANT_ID
aTenant.name = NEW_TENANT_NAME
self.mox.StubOutWithMock(api, 'tenant_list_for_token')
api.tenant_list_for_token(IsA(http.HttpRequest), aToken.id).\
AndReturn([])
self.mox.StubOutWithMock(messages, 'error')
messages.error(IsA(http.HttpRequest),
IsA(unicode),
extra_tags=IsA(str))
self.mox.ReplayAll()
res = self.client.post(reverse('steer:auth_login'), form_data)
self.assertTemplateUsed(res, 'splash.html')
def test_login(self):
NEW_TENANT_ID = '6'
NEW_TENANT_NAME = 'FAKENAME'
TOKEN_ID = 1
form_data = {'method': 'Login',
'password': self.PASSWORD,
'username': self.TEST_USER}
self.mox.StubOutWithMock(api, 'token_create')
class FakeToken(object):
id = TOKEN_ID,
user = {"id": "1",
"roles": [{"id": "1", "name": "fake"}], "name": "user"}
serviceCatalog = {}
tenant = None
aToken = api.Token(FakeToken())
bToken = aToken
api.token_create(IsA(http.HttpRequest), "", self.TEST_USER,
self.PASSWORD).AndReturn(aToken)
aTenant = self.mox.CreateMock(api.Token)
aTenant.id = NEW_TENANT_ID
aTenant.name = NEW_TENANT_NAME
bToken.tenant = {'id': aTenant.id, 'name': aTenant.name}
self.mox.StubOutWithMock(api, 'tenant_list_for_token')
api.tenant_list_for_token(IsA(http.HttpRequest), aToken.id).\
AndReturn([aTenant])
self.mox.StubOutWithMock(api, 'token_create_scoped')
api.token_create_scoped(IsA(http.HttpRequest), aTenant.id,
aToken.id).AndReturn(bToken)
self.mox.ReplayAll()
res = self.client.post(reverse('steer:auth_login'), form_data)
self.assertRedirectsNoFollow(res, DASH_INDEX_URL)
def test_switch_tenants(self):
NEW_TENANT_ID = '6'
NEW_TENANT_NAME = 'FAKENAME'
TOKEN_ID = 1
self.setActiveUser(self.TEST_USER_ID, self.TEST_TOKEN, self.TEST_USER,
self.TEST_TENANT, False, self.TEST_SERVICE_CATALOG)
form_data = {'method': 'LoginWithTenant',
'password': self.PASSWORD,
'tenant': NEW_TENANT_ID,
'username': self.TEST_USER}
self.mox.StubOutWithMock(api, 'token_create')
aTenant = self.mox.CreateMock(api.Token)
aTenant.id = NEW_TENANT_ID
aTenant.name = NEW_TENANT_NAME
aToken = self.mox.CreateMock(api.Token)
aToken.id = TOKEN_ID
aToken.user = {'id': self.TEST_USER_ID,
'name': self.TEST_USER, 'roles': [{'name': 'fake'}]}
aToken.serviceCatalog = {}
aToken.tenant = {'id': aTenant.id, 'name': aTenant.name}
api.token_create(IsA(http.HttpRequest), NEW_TENANT_ID, self.TEST_USER,
self.PASSWORD).AndReturn(aToken)
self.mox.StubOutWithMock(api, 'tenant_list_for_token')
api.tenant_list_for_token(IsA(http.HttpRequest), aToken.id).\
AndReturn([aTenant])
self.mox.ReplayAll()
res = self.client.post(reverse('steer:auth_switch',
args=[NEW_TENANT_ID]), form_data)
self.assertRedirectsNoFollow(res, DASH_INDEX_URL)
self.assertEqual(self.client.session['tenant'], NEW_TENANT_NAME)
def test_login_no_tenants(self):
NEW_TENANT_ID = '6'
NEW_TENANT_NAME = 'FAKENAME'
TOKEN_ID = 1
form_data = {'method': 'Login',
'password': self.PASSWORD,
'username': self.TEST_USER}
self.mox.StubOutWithMock(api, 'token_create')
class FakeToken(object):
id = TOKEN_ID,
user = {'roles': [{'name': 'fake'}]},
serviceCatalog = {}
aToken = api.Token(FakeToken())
api.token_create(IsA(http.HttpRequest), "", self.TEST_USER,
self.PASSWORD).AndReturn(aToken)
aTenant = self.mox.CreateMock(api.Token)
aTenant.id = NEW_TENANT_ID
aTenant.name = NEW_TENANT_NAME
self.mox.StubOutWithMock(api, 'tenant_list_for_token')
api.tenant_list_for_token(IsA(http.HttpRequest), aToken.id).\
AndReturn([])
self.mox.StubOutWithMock(messages, 'error')
messages.error(IsA(http.HttpRequest),
IsA(unicode),
extra_tags=IsA(str))
self.mox.ReplayAll()
res = self.client.post(reverse('steer:auth_login'), form_data)
self.assertTemplateUsed(res, 'splash.html')
def handle(self, request, data):
try:
if data.get('tenant', None):
token = api.token_create(request, data.get('tenant'),
data['username'], data['password'])
tenants = api.tenant_list_for_token(request, token.id)
tenant = None
for t in tenants:
if t.id == data.get('tenant'):
tenant = t
_set_session_data(request, token)
user = users.get_user_from_request(request)
return shortcuts.redirect(base.Steer.get_user_home(user))
elif data.get('username', None):
try:
token = api.token_create(request, '', data['username'],
data['password'])
except keystone_exceptions.Unauthorized:
LOG.exception("Failed login attempt for %s." %
data['username'])
messages.error(request,
_('Bad user name or password.'),
extra_tags="login")
return
# Unscoped token
request.session['unscoped_token'] = token.id
request.user.username = data['username']
# Get the tenant list, and log in using first tenant
# FIXME (anthony): add tenant chooser here?
tenants = api.tenant_list_for_token(request, token.id)
# Abort if there are no valid tenants for this user
if not tenants:
messages.error(request,
_('No tenants present for user: %(user)s') %
{"user": data['username']},
extra_tags="login")
return
# Create a token.
# NOTE(gabriel): Keystone can return tenants that you're
# authorized to administer but not to log into as a user, so in
# the case of an Unauthorized error we should iterate through
# the tenants until one succeeds or we've failed them all.
while tenants:
tenant = tenants.pop()
try:
token = api.token_create_scoped(
request, tenant.id, token.id)
break
except api_exceptions.Unauthorized as e:
token = None
if token is None:
raise exceptions.NotAuthorized(
_("You are not authorized for any available tenants."))
_set_session_data(request, token)
user = users.get_user_from_request(request)
return shortcuts.redirect(base.Steer.get_user_home(user))
except api_exceptions.Unauthorized as e:
msg = _('Error authenticating: %s') % e.message
LOG.exception(msg)
messages.error(request, msg, extra_tags="login")
except api_exceptions.ApiException as e:
messages.error(request,
_('Error authenticating with keystone: %s') %
e.message,
extra_tags="login")
def handle(self, request, data):
try:
if data.get('tenant', None):
token = api.token_create(request,
data.get('tenant'),
data['username'],
data['password'])
tenants = api.tenant_list_for_token(request, token.id)
tenant = None
for t in tenants:
if t.id == data.get('tenant'):
tenant = t
_set_session_data(request, token)
user = users.get_user_from_request(request)
return shortcuts.redirect(base.Steer.get_user_home(user))
elif data.get('username', None):
try:
token = api.token_create(request,
'',
data['username'],
data['password'])
except keystone_exceptions.Unauthorized:
LOG.exception("Failed login attempt for %s."
% data['username'])
messages.error(request, _('Bad user name or password.'),
extra_tags="login")
return
# Unscoped token
request.session['unscoped_token'] = token.id
request.user.username = data['username']
# Get the tenant list, and log in using first tenant
# FIXME (anthony): add tenant chooser here?
tenants = api.tenant_list_for_token(request, token.id)
# Abort if there are no valid tenants for this user
if not tenants:
messages.error(request,
_('No tenants present for user: %(user)s') %
{"user": data['username']},
extra_tags="login")
return
# Create a token.
# NOTE(gabriel): Keystone can return tenants that you're
# authorized to administer but not to log into as a user, so in
# the case of an Unauthorized error we should iterate through
# the tenants until one succeeds or we've failed them all.
while tenants:
tenant = tenants.pop()
try:
token = api.token_create_scoped(request,
tenant.id,
token.id)
break
except api_exceptions.Unauthorized as e:
token = None
if token is None:
raise exceptions.NotAuthorized(
_("You are not authorized for any available tenants."))
_set_session_data(request, token)
user = users.get_user_from_request(request)
return shortcuts.redirect(base.Steer.get_user_home(user))
except api_exceptions.Unauthorized as e:
msg = _('Error authenticating: %s') % e.message
LOG.exception(msg)
messages.error(request, msg, extra_tags="login")
except api_exceptions.ApiException as e:
messages.error(request,
_('Error authenticating with keystone: %s') %
e.message, extra_tags="login")