def auth(request, data, region, show_error=False): try: region = data.get('region', '') tenant_id = data.get('tenant', '') token = api.token_create_with_region(request, tenant_id, data['username'], data['password'], region) set_region_info(request, token, region) return auth_with_token(request, data, token.id, tenant_id, region, show_error) except api_exceptions.Unauthorized as e: msg = 'Error authenticating: %s for region %s' % (e.message, region) LOG.exception(msg) if show_error: messages.error(request, msg) except api_exceptions.ApiException as e: if show_error: messages.error( request, 'Error authenticating with keystone: %s' % e.message) LOG.exception('Error authenticating with keystone: %s for region %s' % (e.message, region))
def auth(request, data, region, show_error=False): try: region = data.get('region', '') tenant_id = data.get('tenant', '') token = api.token_create_with_region(request, tenant_id, data['username'], data['password'], region) set_region_info(request, token, region) return auth_with_token(request, data, token.id, tenant_id, region, show_error) except api_exceptions.Unauthorized as e: msg = 'Error authenticating: %s for region %s' % (e.message, region) LOG.exception(msg) if show_error: messages.error(request, msg) except api_exceptions.ApiException as e: if show_error: messages.error(request, 'Error authenticating with keystone: %s' % e.message) LOG.exception('Error authenticating with keystone: %s for region %s' % (e.message, region))
def test_login_invalid_credentials(self): form_data = {'method': 'Login', 'password': self.PASSWORD, 'username': self.TEST_USER} self.mox.StubOutWithMock(api, 'token_create_with_region') unauthorized = api_exceptions.Unauthorized('unauth', message='unauth') api.token_create_with_region(IsA(http.HttpRequest), "", self.TEST_USER, self.PASSWORD).AndRaise(unauthorized) self.mox.ReplayAll() res = self.client.post(reverse('auth_login'), form_data) self.assertTemplateUsed(res, 'splash.html') self.mox.VerifyAll() self.mox.UnsetStubs()
def test_switch_tenants(self): NEW_TENANT_ID = '6' NEW_TENANT_NAME = 'FAKENAME' TOKEN_ID = 1 self.setActiveUser(self.TEST_TOKEN, self.TEST_USER, self.TEST_TENANT, False, self.TEST_SERVICE_CATALOG) form_data = {'method': 'LoginWithTenant', 'password': self.PASSWORD, 'tenant': NEW_TENANT_ID, 'username': self.TEST_USER} self.mox.StubOutWithMock(api, 'token_create_with_region') #self.mox.StubOutWithMock(api, 'token_create') aTenant = self.mox.CreateMock(api.Token) aTenant.id = NEW_TENANT_ID aTenant.name = NEW_TENANT_NAME aToken = self.mox.CreateMock(api.Token) aToken.id = TOKEN_ID aToken.user = { 'roles': [{'name': 'fake'}]} aToken.serviceCatalog = {} api.token_create_with_region(IsA(http.HttpRequest), NEW_TENANT_ID, self.TEST_USER, self.PASSWORD).AndReturn(aToken) self.mox.StubOutWithMock(api, 'tenant_list_for_token') api.tenant_list_for_token(IsA(http.HttpRequest), aToken.id).\ AndReturn([aTenant]) self.mox.ReplayAll() res = self.client.post(reverse('auth_switch', args=[NEW_TENANT_ID]), form_data) self.assertRedirectsNoFollow(res, reverse('dash_containers', args=[NEW_TENANT_ID])) self.assertEqual(self.client.session['tenant'], NEW_TENANT_NAME) self.mox.VerifyAll() self.mox.UnsetStubs()
def test_login(self): NEW_TENANT_ID = '6' NEW_TENANT_NAME = 'FAKENAME' TOKEN_ID = 1 form_data = {'method': 'Login', 'password': self.PASSWORD, 'username': self.TEST_USER} self.mox.StubOutWithMock(api, 'token_create_with_region') aToken = self.mox.CreateMock(api.Token) aToken.id = TOKEN_ID aToken.user = { 'roles': [{'name': 'fake'}]} aToken.serviceCatalog = {} api.token_create_with_region(IsA(http.HttpRequest), "", self.TEST_USER, self.PASSWORD).AndReturn(aToken) aTenant = self.mox.CreateMock(api.Token) aTenant.id = NEW_TENANT_ID aTenant.name = NEW_TENANT_NAME self.mox.StubOutWithMock(api, 'tenant_list_for_token') api.tenant_list_for_token(IsA(http.HttpRequest), aToken.id).\ AndReturn([aTenant]) self.mox.StubOutWithMock(api, 'token_create_scoped_with_token_and_region') api.token_create_scoped_with_token_and_region(IsA(http.HttpRequest), aTenant.id, aToken.id).AndReturn(aToken) self.mox.ReplayAll() res = self.client.post(reverse('auth_login'), form_data) self.assertRedirectsNoFollow(res, reverse('dash_containers', args=[NEW_TENANT_ID])) self.mox.VerifyAll() self.mox.UnsetStubs()
def test_login_no_tenants(self): NEW_TENANT_ID = '6' NEW_TENANT_NAME = 'FAKENAME' TOKEN_ID = 1 form_data = {'method': 'Login', 'password': self.PASSWORD, 'username': self.TEST_USER} self.mox.StubOutWithMock(api, 'token_create_with_region') aToken = self.mox.CreateMock(api.Token) aToken.id = TOKEN_ID aToken.user = { 'roles': [{'name': 'fake'}]} aToken.serviceCatalog = {} api.token_create_with_region(IsA(http.HttpRequest), "", self.TEST_USER, self.PASSWORD).AndReturn(aToken) aTenant = self.mox.CreateMock(api.Tenant) aTenant.id = NEW_TENANT_ID aTenant.name = NEW_TENANT_NAME self.mox.StubOutWithMock(api, 'tenant_list_for_token') api.tenant_list_for_token(IsA(http.HttpRequest), aToken.id).\ AndReturn([]) self.mox.StubOutWithMock(messages, 'error') messages.error(IsA(http.HttpRequest), IsA(unicode)) self.mox.ReplayAll() res = self.client.post(reverse('auth_login'), form_data) self.assertTemplateUsed(res, 'splash.html') self.mox.VerifyAll() self.mox.UnsetStubs()
def handle(self, request, data): def is_admin(token): for role in token.user['roles']: if role['name'].lower() == 'admin': return True return False try: if data.get('region'): request.session['region'] = data.get('region') if data.get('tenant'): token = api.token_create_with_region(request, data.get('tenant'), data['username'], data['password']) tenants = api.tenant_list_for_token(request, token.id) tenant = None for t in tenants: if t.id == data.get('tenant'): tenant = t else: # We are logging in without tenant token = api.token_create_with_region(request, '', data['username'], data['password']) # Unscoped token request.session['unscoped_token'] = token.id def get_first_tenant_for_user(): tenants = api.tenant_list_for_token(request, token.id) return tenants[0] if len(tenants) else None # Get the tenant list, and log in using first tenant # FIXME (anthony): add tenant chooser here? tenant = get_first_tenant_for_user() # Abort if there are no valid tenants for this user if not tenant: messages.error(request, 'No tenants present for user: %s' % data['username']) return # Create a token token = api.token_create_scoped_with_token_and_region(request, data.get('tenant', tenant.id), token.id) request.session['admin'] = is_admin(token) request.session['serviceCatalog'] = token.serviceCatalog LOG.info('Login form for user "%s". Service Catalog data:\n%s' % (data['username'], token.serviceCatalog)) request.session['tenant'] = tenant.name request.session['tenant_id'] = tenant.id request.session['token'] = token.id request.session['user'] = data['username'] return shortcuts.redirect('dash_containers', tenant.id) except api_exceptions.Unauthorized as e: msg = 'Error authenticating: %s' % e.message LOG.exception(msg) messages.error(request, msg) except api_exceptions.ApiException as e: messages.error(request, 'Error authenticating with keystone: %s' % e.message)
def handle(self, request, data): def is_admin(token): for role in token.user['roles']: if role['name'].lower() == 'admin': return True return False try: if data.get('region'): request.session['region'] = data.get('region') if data.get('tenant'): token = api.token_create_with_region(request, data.get('tenant'), data['username'], data['password']) tenants = api.tenant_list_for_token(request, token.id) tenant = None for t in tenants: if t.id == data.get('tenant'): tenant = t else: # We are logging in without tenant token = api.token_create_with_region(request, '', data['username'], data['password']) # Unscoped token request.session['unscoped_token'] = token.id def get_first_tenant_for_user(): tenants = api.tenant_list_for_token(request, token.id) return tenants[0] if len(tenants) else None # Get the tenant list, and log in using first tenant # FIXME (anthony): add tenant chooser here? tenant = get_first_tenant_for_user() # Abort if there are no valid tenants for this user if not tenant: messages.error( request, 'No tenants present for user: %s' % data['username']) return # Create a token token = api.token_create_scoped_with_token_and_region( request, data.get('tenant', tenant.id), token.id) request.session['admin'] = is_admin(token) request.session['serviceCatalog'] = token.serviceCatalog LOG.info('Login form for user "%s". Service Catalog data:\n%s' % (data['username'], token.serviceCatalog)) request.session['tenant'] = tenant.name request.session['tenant_id'] = tenant.id request.session['token'] = token.id request.session['user'] = data['username'] return shortcuts.redirect('dash_containers', tenant.id) except api_exceptions.Unauthorized as e: msg = 'Error authenticating: %s' % e.message LOG.exception(msg) messages.error(request, msg) except api_exceptions.ApiException as e: messages.error( request, 'Error authenticating with keystone: %s' % e.message)