def test_middleware_ext_context_except_unauthorized(self): middleware = ext_context.ExternalContextMiddleware(None) middleware.get_keystone_token = mock.MagicMock( side_effect=exceptions.Unauthorized('')) auth = 'Basic {}'.format(base64.encode_as_text(b'test:test')) request_headers = { 'Authorization': auth, } request = webob.Request.blank('/environments', headers=request_headers) self.assertRaises(webob.exc.HTTPUnauthorized, middleware.process_request, request)
def test_invalid_auth(self, get): """Test failure when wrong credentials are specified or service user doesn't exist. Replicate in devstack: start devstack with or without placement engine, specify random credentials in auth section from the [placement] block in nova.conf. """ get.side_effect = ks_exc.Unauthorized() res = self.cmd._check_placement() self.assertEqual(status.UpgradeCheckCode.FAILURE, res.code) self.assertIn('Placement service credentials do not work', res.details)
def test_request_with_bad_credentials(self, mock_password): mock_password.side_effect = keystone_exc.Unauthorized(401) req = webob.Request.blank('/tenant_id1/') req.headers['X_AUTH_USER'] = '******' req.headers['X_AUTH_KEY'] = 'badpassword' req.headers['X_AUTH_URL'] = self.config['auth_uri'] req.headers['X_USER_DOMAIN_ID'] = 'domain1' self.middleware(req.environ, self._start_fake_response) self.assertEqual(401, self.response_status) mock_password.assert_called_once_with(auth_url=self.config['auth_uri'], password='******', project_id='tenant_id1', user_domain_id='domain1', username='******')
def test_unauthorized(self, req): """Test Unauthorized handled correctly. An unauthorized configuration should permanently disable the client. And make future calls to it not happen. """ req.side_effect = ks_exc.Unauthorized() self.client._get_resource_provider("fake") self.assertTrue(self.client._disabled) # reset the call count to demonstrate that future calls don't # work req.reset_mock() self.client._get_resource_provider("fake") req.assert_not_called()
def test_invalid_credentials(self, mock_get_access): user = self.data.user form_data = self.get_form_data(user) form_data['password'] = "******" url = reverse('login') mock_get_access.side_effect = keystone_exceptions.Unauthorized(401) # GET the page to set the test cookie. response = self.client.get(url, form_data) self.assertEqual(response.status_code, 200) # POST to the page to log in. response = self.client.post(url, form_data) self.assertTemplateUsed(response, 'auth/login.html') self.assertContains(response, "Invalid credentials.") mock_get_access.assert_called_once_with(IsA(session.Session))
def test_request_with_bad_credentials(self): self.m.StubOutWithMock(ks_auth, 'Password') m = ks_auth.Password(auth_url=self.config['auth_uri'], password='******', project_id='tenant_id1', user_domain_id='domain1', username='******') m.AndRaise(keystone_exc.Unauthorized(401)) self.m.ReplayAll() req = webob.Request.blank('/tenant_id1/') req.headers['X_AUTH_USER'] = '******' req.headers['X_AUTH_KEY'] = 'badpassword' req.headers['X_AUTH_URL'] = self.config['auth_uri'] req.headers['X_USER_DOMAIN_ID'] = 'domain1' self.middleware(req.environ, self._start_fake_response) self.m.VerifyAll() self.assertEqual(401, self.response_status)
def test_invalid_credentials(self): user = self.data.user form_data = self.get_form_data(user) form_data['password'] = "******" exc = keystone_exceptions.Unauthorized(401) self._mock_client_password_auth_failure(user.name, "invalid", exc) self.mox.ReplayAll() url = reverse('login') # GET the page to set the test cookie. response = self.client.get(url, form_data) self.assertEqual(response.status_code, 200) # POST to the page to log in. response = self.client.post(url, form_data) self.assertTemplateUsed(response, 'auth/login.html') self.assertContains(response, "Invalid credentials.")
def test_run_discovery_auth(self): url = 'https://example.com' headers = {'Accept': 'application/json'} session = mock.Mock() session.get.side_effect = [ exceptions.Unauthorized('unauthorized'), # Throw a different exception the second time so that we can # catch it in the test and verify the retry. exceptions.BadRequest('bad request'), ] try: discover.get_version_data(session, url) except exceptions.BadRequest: pass # Only one call with 'url' self.assertEqual(2, session.get.call_count) session.get.assert_has_calls([ mock.call(url, headers=headers, authenticated=None), mock.call(url, headers=headers, authenticated=True), ])
def test_authentication_failed_exception(self): from keystoneauth1 import exceptions as ks_exc original_e = KeyError("Oops") e = osclients.AuthenticationFailed(url="https://example.com", username="******", project="project", error=original_e) self.assertEqual( "Failed to authenticate to https://example.com for user 'foo' in " "project 'project': [KeyError] 'Oops'", e.format_message()) original_e = ks_exc.Unauthorized( "The request you have made requires " "authentication.", request_id="ID") e = osclients.AuthenticationFailed(url="https://example.com", username="******", project="project", error=original_e) self.assertEqual( "Failed to authenticate to https://example.com for user 'foo' in " "project 'project': The request you have made requires " "authentication.", e.format_message()) original_e = ks_exc.ConnectionError("Some user-friendly native error") e = osclients.AuthenticationFailed(url="https://example.com", username="******", project="project", error=original_e) self.assertEqual("Some user-friendly native error", e.format_message()) original_e = ks_exc.ConnectionError( "Unable to establish connection to https://example.com:500: " "HTTPSConnectionPool(host='example.com', port=500): Max retries " "exceeded with url: / (Caused by NewConnectionError('<urllib3." "connection.VerifiedHTTPSConnection object at 0x7fb87a48e510>: " "Failed to establish a new connection: [Errno 101] Network " "is unreachable") e = osclients.AuthenticationFailed(url="https://example.com", username="******", project="project", error=original_e) self.assertEqual( "Unable to establish connection to https://example.com:500", e.format_message()) original_e = ks_exc.ConnectionError( "Unable to establish connection to https://example.com:500: " # another pool class "HTTPConnectionPool(host='example.com', port=500): Max retries " "exceeded with url: / (Caused by NewConnectionError('<urllib3." "connection.VerifiedHTTPSConnection object at 0x7fb87a48e510>: " "Failed to establish a new connection: [Errno 101] Network " "is unreachable") e = osclients.AuthenticationFailed(url="https://example.com", username="******", project="project", error=original_e) self.assertEqual( "Unable to establish connection to https://example.com:500", e.format_message())