def test___init___creds_uri_none(self): creds = fake_credentials.FakeKeystoneV2Credentials() msg = ("Invalid Credentials\nDetails: ServiceClients requires a " "non-empty") with testtools.ExpectedException(exceptions.InvalidCredentials, value_re=msg): clients.ServiceClients(creds, None)
def test___init___creds_v2_uri(self): # Verify that no API request is made, since no mock # is required to run the test successfully creds = fake_credentials.FakeKeystoneV2Credentials() uri = 'fake_uri' _manager = clients.ServiceClients(creds, identity_uri=uri) self.assertIsInstance(_manager.auth_provider, auth.KeystoneV2AuthProvider)
def test___init___creds_uri_params_unknown_services(self): creds = fake_credentials.FakeKeystoneV2Credentials() fake_params = {'fake_param1': 'fake_value1'} params = { 'unknown_service1': fake_params, 'unknown_service2': fake_params } uri = 'fake_uri' msg = "(?=.*{0})(?=.*{1})".format(*list(params.keys())) with testtools.ExpectedException(exceptions.UnknownServiceClient, value_re=msg): clients.ServiceClients(creds, identity_uri=uri, client_parameters=params)
def test___init___creds_uri_params(self): creds = fake_credentials.FakeKeystoneV2Credentials() expeted_params = { 'fake_param1': 'fake_value1', 'fake_param2': 'fake_value2' } params = {'fake_service1': expeted_params} uri = 'fake_uri' _manager = clients.ServiceClients(creds, identity_uri=uri, client_parameters=params) self.assertIn('fake_service1', _manager.parameters) for _key in expeted_params: self.assertIn(_key, _manager.parameters['fake_service1'].keys()) self.assertEqual(expeted_params[_key], _manager.parameters['fake_service1'].get(_key))
def _get_manager(self, init_region='fake_region'): # Get a manager to invoke _setup_parameters on creds = fake_credentials.FakeKeystoneV2Credentials() return clients.ServiceClients(creds, identity_uri='fake_uri', region=init_region)
def test___init___invalid_creds_uri(self): creds = fake_credentials.FakeKeystoneV2Credentials() delattr(creds, 'username') uri = 'fake_uri' with testtools.ExpectedException(exceptions.InvalidCredentials): clients.ServiceClients(creds, identity_uri=uri)
class TestKeystoneV2AuthProvider(BaseAuthTestsSetUp): _endpoints = fake_identity.IDENTITY_V2_RESPONSE['access']['serviceCatalog'] _auth_provider_class = auth.KeystoneV2AuthProvider credentials = fake_credentials.FakeKeystoneV2Credentials() def setUp(self): super(TestKeystoneV2AuthProvider, self).setUp() self.stubs.Set(v2_client.TokenClient, 'raw_request', fake_identity._fake_v2_response) self.target_url = 'test_api' def _get_fake_identity(self): return fake_identity.IDENTITY_V2_RESPONSE['access'] def _get_fake_alt_identity(self): return fake_identity.ALT_IDENTITY_V2_RESPONSE['access'] def _get_result_url_from_endpoint(self, ep, endpoint_type='publicURL', replacement=None): if replacement: return ep[endpoint_type].replace('v2', replacement) return ep[endpoint_type] def _get_token_from_fake_identity(self): return fake_identity.TOKEN def _get_from_fake_identity(self, attr): access = fake_identity.IDENTITY_V2_RESPONSE['access'] if attr == 'user_id': return access['user']['id'] elif attr == 'tenant_id': return access['token']['tenant']['id'] def _test_request_helper(self, filters, expected): url, headers, body = self.auth_provider.auth_request('GET', self.target_url, filters=filters) self.assertEqual(expected['url'], url) self.assertEqual(expected['token'], headers['X-Auth-Token']) self.assertEqual(expected['body'], body) def _auth_data_with_expiry(self, date_as_string): token, access = self.auth_provider.auth_data access['token']['expires'] = date_as_string return token, access def test_request(self): filters = { 'service': 'compute', 'endpoint_type': 'publicURL', 'region': 'FakeRegion' } url = self._get_result_url_from_endpoint( self._endpoints[0]['endpoints'][1]) + '/' + self.target_url expected = { 'body': None, 'url': url, 'token': self._get_token_from_fake_identity(), } self._test_request_helper(filters, expected) def test_request_with_alt_auth_cleans_alt(self): """Test alternate auth data for headers Assert that when the alt data is provided for headers, after an auth_request the data alt_data is cleaned-up. """ self.auth_provider.set_alt_auth_data( 'headers', (fake_identity.ALT_TOKEN, self._get_fake_alt_identity())) filters = { 'service': 'compute', 'endpoint_type': 'publicURL', 'region': 'fakeRegion' } self.auth_provider.auth_request('GET', self.target_url, filters=filters) # Assert alt auth data is clear after it self.assertIsNone(self.auth_provider.alt_part) self.assertIsNone(self.auth_provider.alt_auth_data) def _test_request_with_identical_alt_auth(self, part): """Test alternate but identical auth data for headers Assert that when the alt data is provided, but it's actually identical, an exception is raised. """ self.auth_provider.set_alt_auth_data( part, (fake_identity.TOKEN, self._get_fake_identity())) filters = { 'service': 'compute', 'endpoint_type': 'publicURL', 'region': 'fakeRegion' } self.assertRaises(exceptions.BadAltAuth, self.auth_provider.auth_request, 'GET', self.target_url, filters=filters) def test_request_with_identical_alt_auth_headers(self): self._test_request_with_identical_alt_auth('headers') def test_request_with_identical_alt_auth_url(self): self._test_request_with_identical_alt_auth('url') def test_request_with_identical_alt_auth_body(self): self._test_request_with_identical_alt_auth('body') def test_request_with_alt_part_without_alt_data(self): """Test empty alternate auth data Assert that when alt_part is defined, the corresponding original request element is kept the same. """ filters = { 'service': 'compute', 'endpoint_type': 'publicURL', 'region': 'fakeRegion' } self.auth_provider.set_alt_auth_data('headers', None) url, headers, body = self.auth_provider.auth_request('GET', self.target_url, filters=filters) # The original headers where empty self.assertNotEqual(url, self.target_url) self.assertIsNone(headers) self.assertEqual(body, None) def _test_request_with_alt_part_without_alt_data_no_change(self, body): """Test empty alternate auth data with no effect Assert that when alt_part is defined, no auth_data is provided, and the corresponding original request element was not going to be changed anyways, and exception is raised """ filters = { 'service': 'compute', 'endpoint_type': 'publicURL', 'region': 'fakeRegion' } self.auth_provider.set_alt_auth_data('body', None) self.assertRaises(exceptions.BadAltAuth, self.auth_provider.auth_request, 'GET', self.target_url, filters=filters) def test_request_with_alt_part_without_alt_data_no_change_headers(self): self._test_request_with_alt_part_without_alt_data_no_change('headers') def test_request_with_alt_part_without_alt_data_no_change_url(self): self._test_request_with_alt_part_without_alt_data_no_change('url') def test_request_with_alt_part_without_alt_data_no_change_body(self): self._test_request_with_alt_part_without_alt_data_no_change('body') def test_request_with_bad_service(self): filters = { 'service': 'BAD_SERVICE', 'endpoint_type': 'publicURL', 'region': 'fakeRegion' } self.assertRaises(exceptions.EndpointNotFound, self.auth_provider.auth_request, 'GET', self.target_url, filters=filters) def test_request_without_service(self): filters = { 'service': None, 'endpoint_type': 'publicURL', 'region': 'fakeRegion' } self.assertRaises(exceptions.EndpointNotFound, self.auth_provider.auth_request, 'GET', self.target_url, filters=filters) def test_check_credentials_missing_attribute(self): for attr in ['username', 'password']: cred = copy.copy(self.credentials) del cred[attr] self.assertFalse(self.auth_provider.check_credentials(cred)) def test_fill_credentials(self): self.auth_provider.fill_credentials() creds = self.auth_provider.credentials for attr in ['user_id', 'tenant_id']: self.assertEqual(self._get_from_fake_identity(attr), getattr(creds, attr)) def _test_base_url_helper(self, expected_url, filters, auth_data=None): url = self.auth_provider.base_url(filters, auth_data) self.assertEqual(url, expected_url) def test_base_url(self): self.filters = { 'service': 'compute', 'endpoint_type': 'publicURL', 'region': 'FakeRegion' } expected = self._get_result_url_from_endpoint( self._endpoints[0]['endpoints'][1]) self._test_base_url_helper(expected, self.filters) def test_base_url_to_get_admin_endpoint(self): self.filters = { 'service': 'compute', 'endpoint_type': 'adminURL', 'region': 'FakeRegion' } expected = self._get_result_url_from_endpoint( self._endpoints[0]['endpoints'][1], endpoint_type='adminURL') self._test_base_url_helper(expected, self.filters) def test_base_url_unknown_region(self): """If the region is unknown, the first endpoint is returned.""" self.filters = { 'service': 'compute', 'endpoint_type': 'publicURL', 'region': 'AintNoBodyKnowThisRegion' } expected = self._get_result_url_from_endpoint( self._endpoints[0]['endpoints'][0]) self._test_base_url_helper(expected, self.filters) def test_base_url_with_non_existent_service(self): self.filters = { 'service': 'BAD_SERVICE', 'endpoint_type': 'publicURL', 'region': 'FakeRegion' } self.assertRaises(exceptions.EndpointNotFound, self._test_base_url_helper, None, self.filters) def test_base_url_without_service(self): self.filters = {'endpoint_type': 'publicURL', 'region': 'FakeRegion'} self.assertRaises(exceptions.EndpointNotFound, self._test_base_url_helper, None, self.filters) def test_base_url_with_api_version_filter(self): self.filters = { 'service': 'compute', 'endpoint_type': 'publicURL', 'region': 'FakeRegion', 'api_version': 'v12' } expected = self._get_result_url_from_endpoint( self._endpoints[0]['endpoints'][1], replacement='v12') self._test_base_url_helper(expected, self.filters) def test_base_url_with_skip_path_filter(self): self.filters = { 'service': 'compute', 'endpoint_type': 'publicURL', 'region': 'FakeRegion', 'skip_path': True } expected = 'http://fake_url/' self._test_base_url_helper(expected, self.filters) def test_base_url_with_unversioned_endpoint(self): auth_data = { 'serviceCatalog': [{ 'type': 'identity', 'endpoints': [{ 'region': 'FakeRegion', 'publicURL': 'http://fake_url' }] }] } filters = { 'service': 'identity', 'endpoint_type': 'publicURL', 'region': 'FakeRegion', 'api_version': 'v2.0' } expected = 'http://fake_url/v2.0' self._test_base_url_helper(expected, filters, ('token', auth_data)) def test_token_not_expired(self): expiry_data = datetime.datetime.utcnow() + datetime.timedelta(days=1) self._verify_expiry(expiry_data=expiry_data, should_be_expired=False) def test_token_expired(self): expiry_data = datetime.datetime.utcnow() - datetime.timedelta(hours=1) self._verify_expiry(expiry_data=expiry_data, should_be_expired=True) def test_token_not_expired_to_be_renewed(self): expiry_data = (datetime.datetime.utcnow() + self.auth_provider.token_expiry_threshold / 2) self._verify_expiry(expiry_data=expiry_data, should_be_expired=True) def _verify_expiry(self, expiry_data, should_be_expired): for expiry_format in self.auth_provider.EXPIRY_DATE_FORMATS: auth_data = self._auth_data_with_expiry( expiry_data.strftime(expiry_format)) self.assertEqual(self.auth_provider.is_expired(auth_data), should_be_expired)