def test_loading_v3(self): section = uuid.uuid4().hex token = uuid.uuid4().hex trust_id = uuid.uuid4().hex project_id = uuid.uuid4().hex project_domain_name = uuid.uuid4().hex self.conf_fixture.config(auth_section=section, group=self.GROUP) conf.register_conf_options(self.conf_fixture.conf, group=self.GROUP) self.conf_fixture.register_opts(v3_auth.Token.get_options(), group=section) self.conf_fixture.config(auth_plugin=self.V3TOKEN, token=token, trust_id=trust_id, project_id=project_id, project_domain_name=project_domain_name, group=section) a = conf.load_from_conf_options(self.conf_fixture.conf, self.GROUP) self.assertEqual(token, a.auth_methods[0].token) self.assertEqual(trust_id, a.trust_id) self.assertEqual(project_id, a.project_id) self.assertEqual(project_domain_name, a.project_domain_name)
def setUp(self): super(AuthenticateOIDCTests, self).setUp() self.conf_fixture = self.useFixture(config.Config()) conf.register_conf_options(self.conf_fixture.conf, group=self.GROUP) self.session = session.Session() self.IDENTITY_PROVIDER = 'bluepages' self.PROTOCOL = 'oidc' self.USER_NAME = '*****@*****.**' self.PASSWORD = uuid.uuid4().hex self.CLIENT_ID = uuid.uuid4().hex self.CLIENT_SECRET = uuid.uuid4().hex self.ACCESS_TOKEN_ENDPOINT = 'https://localhost:8020/oidc/token' self.FEDERATION_AUTH_URL = '%s/%s' % ( self.TEST_URL, 'OS-FEDERATION/identity_providers/bluepages/protocols/oidc/auth') self.oidcplugin = oidc.OidcPassword( self.TEST_URL, self.IDENTITY_PROVIDER, self.PROTOCOL, username=self.USER_NAME, password=self.PASSWORD, client_id=self.CLIENT_ID, client_secret=self.CLIENT_SECRET, access_token_endpoint=self.ACCESS_TOKEN_ENDPOINT)
def test_conf_params(self): section = uuid.uuid4().hex identity_provider = uuid.uuid4().hex identity_provider_url = uuid.uuid4().hex sp_endpoint = uuid.uuid4().hex username = uuid.uuid4().hex password = uuid.uuid4().hex self.conf_fixture.config(auth_section=section, group=self.GROUP) conf.register_conf_options(self.conf_fixture.conf, group=self.GROUP) self.conf_fixture.register_opts(saml2.ADFSUnscopedToken.get_options(), group=section) self.conf_fixture.config(auth_plugin='v3unscopedadfs', identity_provider=identity_provider, identity_provider_url=identity_provider_url, service_provider_endpoint=sp_endpoint, username=username, password=password, group=section) a = conf.load_from_conf_options(self.conf_fixture.conf, self.GROUP) self.assertEqual(identity_provider, a.identity_provider) self.assertEqual(identity_provider_url, a.identity_provider_url) self.assertEqual(sp_endpoint, a.service_provider_endpoint) self.assertEqual(username, a.username) self.assertEqual(password, a.password)
def setUp(self): super(AuthenticateviaADFSTests, self).setUp() self.conf_fixture = self.useFixture(config.Config()) conf.register_conf_options(self.conf_fixture.conf, group=self.GROUP) self.session = session.Session(session=requests.Session()) self.IDENTITY_PROVIDER = "adfs" self.IDENTITY_PROVIDER_URL = "http://adfs.local/adfs/service/trust/13" "/usernamemixed" self.FEDERATION_AUTH_URL = "%s/%s" % ( self.TEST_URL, "OS-FEDERATION/identity_providers/adfs/protocols/saml2/auth", ) self.SP_ENDPOINT = "https://openstack4.local/Shibboleth.sso/ADFS" self.adfsplugin = saml2.ADFSUnscopedToken( self.TEST_URL, self.IDENTITY_PROVIDER, self.IDENTITY_PROVIDER_URL, self.SP_ENDPOINT, self.TEST_USER, self.TEST_TOKEN, ) self.ADFS_SECURITY_TOKEN_RESPONSE = _load_xml("ADFS_RequestSecurityTokenResponse.xml") self.ADFS_FAULT = _load_xml("ADFS_fault.xml")
def setUp(self): super(AuthenticateviaSAML2Tests, self).setUp() self.conf_fixture = self.useFixture(config.Config()) conf.register_conf_options(self.conf_fixture.conf, group=self.GROUP) self.session = session.Session() self.ECP_SP_EMPTY_REQUEST_HEADERS = { "Accept": "text/html; application/vnd.paos+xml", "PAOS": ('ver="urn:liberty:paos:2003-08";' '"urn:oasis:names:tc:SAML:2.0:profiles:SSO:ecp"'), } self.ECP_SP_SAML2_REQUEST_HEADERS = {"Content-Type": "application/vnd.paos+xml"} self.ECP_SAML2_NAMESPACES = { "ecp": "urn:oasis:names:tc:SAML:2.0:profiles:SSO:ecp", "S": "http://schemas.xmlsoap.org/soap/envelope/", "paos": "urn:liberty:paos:2003-08", } self.ECP_RELAY_STATE = "//ecp:RelayState" self.ECP_SERVICE_PROVIDER_CONSUMER_URL = "/S:Envelope/S:Header/paos:" "Request/" "@responseConsumerURL" self.ECP_IDP_CONSUMER_URL = "/S:Envelope/S:Header/ecp:Response/" "@AssertionConsumerServiceURL" self.IDENTITY_PROVIDER = "testidp" self.IDENTITY_PROVIDER_URL = "http://local.url" self.PROTOCOL = "saml2" self.FEDERATION_AUTH_URL = "%s/%s" % ( self.TEST_URL, "OS-FEDERATION/identity_providers/testidp/protocols/saml2/auth", ) self.SHIB_CONSUMER_URL = "https://openstack4.local/" "Shibboleth.sso/SAML2/ECP" self.saml2plugin = saml2.Saml2UnscopedToken( self.TEST_URL, self.IDENTITY_PROVIDER, self.IDENTITY_PROVIDER_URL, self.TEST_USER, self.TEST_TOKEN )
def test_conf_params(self): """Ensure OpenID Connect config options work.""" section = uuid.uuid4().hex identity_provider = uuid.uuid4().hex protocol = uuid.uuid4().hex username = uuid.uuid4().hex password = uuid.uuid4().hex client_id = uuid.uuid4().hex client_secret = uuid.uuid4().hex access_token_endpoint = uuid.uuid4().hex self.conf_fixture.config(auth_section=section, group=self.GROUP) conf.register_conf_options(self.conf_fixture.conf, group=self.GROUP) self.conf_fixture.register_opts(oidc.OidcPassword.get_options(), group=section) self.conf_fixture.config(auth_plugin='v3oidcpassword', identity_provider=identity_provider, protocol=protocol, username=username, password=password, client_id=client_id, client_secret=client_secret, access_token_endpoint=access_token_endpoint, group=section) a = conf.load_from_conf_options(self.conf_fixture.conf, self.GROUP) self.assertEqual(identity_provider, a.identity_provider) self.assertEqual(protocol, a.protocol) self.assertEqual(username, a.username) self.assertEqual(password, a.password) self.assertEqual(client_id, a.client_id) self.assertEqual(client_secret, a.client_secret) self.assertEqual(access_token_endpoint, a.access_token_endpoint)
def setUp(self): super(AuthenticateviaADFSTests, self).setUp() self.deprecations.expect_deprecations() self.conf_fixture = self.useFixture(config.Config()) conf.register_conf_options(self.conf_fixture.conf, group=self.GROUP) self.session = session.Session(session=requests.Session()) self.IDENTITY_PROVIDER = 'adfs' self.IDENTITY_PROVIDER_URL = ('http://adfs.local/adfs/service/trust/13' '/usernamemixed') self.FEDERATION_AUTH_URL = '%s/%s' % ( self.TEST_URL, 'OS-FEDERATION/identity_providers/adfs/protocols/saml2/auth') self.SP_ENDPOINT = 'https://openstack4.local/Shibboleth.sso/ADFS' self.adfsplugin = saml2.ADFSUnscopedToken( self.TEST_URL, self.IDENTITY_PROVIDER, self.IDENTITY_PROVIDER_URL, self.SP_ENDPOINT, self.TEST_USER, self.TEST_TOKEN) self.ADFS_SECURITY_TOKEN_RESPONSE = _load_xml( 'ADFS_RequestSecurityTokenResponse.xml') self.ADFS_FAULT = _load_xml('ADFS_fault.xml')
def setUp(self): super(AuthenticateOIDCTests, self).setUp() self.deprecations.expect_deprecations() self.conf_fixture = self.useFixture(config.Config()) conf.register_conf_options(self.conf_fixture.conf, group=self.GROUP) self.session = session.Session() self.IDENTITY_PROVIDER = 'bluepages' self.PROTOCOL = 'oidc' self.USER_NAME = '*****@*****.**' self.PASSWORD = uuid.uuid4().hex self.CLIENT_ID = uuid.uuid4().hex self.CLIENT_SECRET = uuid.uuid4().hex self.ACCESS_TOKEN_ENDPOINT = 'https://localhost:8020/oidc/token' self.FEDERATION_AUTH_URL = '%s/%s' % ( self.TEST_URL, 'OS-FEDERATION/identity_providers/bluepages/protocols/oidc/auth') self.oidcplugin = oidc.OidcPassword( self.TEST_URL, self.IDENTITY_PROVIDER, self.PROTOCOL, username=self.USER_NAME, password=self.PASSWORD, client_id=self.CLIENT_ID, client_secret=self.CLIENT_SECRET, access_token_endpoint=self.ACCESS_TOKEN_ENDPOINT)
def test_loading_v2(self): section = uuid.uuid4().hex username = uuid.uuid4().hex password = uuid.uuid4().hex trust_id = uuid.uuid4().hex tenant_id = uuid.uuid4().hex self.conf_fixture.config(auth_section=section, group=self.GROUP) conf.register_conf_options(self.conf_fixture.conf, group=self.GROUP) self.conf_fixture.register_opts(v2_auth.Password.get_options(), group=section) self.conf_fixture.config(auth_plugin=self.V2PASS, username=username, password=password, trust_id=trust_id, tenant_id=tenant_id, group=section) a = conf.load_from_conf_options(self.conf_fixture.conf, self.GROUP) self.assertEqual(username, a.username) self.assertEqual(password, a.password) self.assertEqual(trust_id, a.trust_id) self.assertEqual(tenant_id, a.tenant_id)
def setUp(self): super(ConfTests, self).setUp() self.conf_fixture = self.useFixture(config.Config()) # NOTE(jamielennox): we register the basic config options first because # we need them in place before we can stub them. We will need to run # the register again after we stub the auth section and auth plugin so # it can load the plugin specific options. conf.register_conf_options(self.conf_fixture.conf, group=self.GROUP)
def test_same_section(self, m): self.conf_fixture.register_opts(utils.MockPlugin.get_options(), group=self.GROUP) conf.register_conf_options(self.conf_fixture.conf, group=self.GROUP) self.conf_fixture.config(auth_plugin=uuid.uuid4().hex, group=self.GROUP, **self.TEST_VALS) a = conf.load_from_conf_options(self.conf_fixture.conf, self.GROUP) self.assertTestVals(a)
def setUp(self): super(AuthenticateviaSAML2Tests, self).setUp() self.deprecations.expect_deprecations() self.conf_fixture = self.useFixture(config.Config()) conf.register_conf_options(self.conf_fixture.conf, group=self.GROUP) self.session = session.Session() self.ECP_SP_EMPTY_REQUEST_HEADERS = { 'Accept': 'text/html; application/vnd.paos+xml', 'PAOS': ('ver="urn:liberty:paos:2003-08";' '"urn:oasis:names:tc:SAML:2.0:profiles:SSO:ecp"') } self.ECP_SP_SAML2_REQUEST_HEADERS = { 'Content-Type': 'application/vnd.paos+xml' } self.ECP_SAML2_NAMESPACES = { 'ecp': 'urn:oasis:names:tc:SAML:2.0:profiles:SSO:ecp', 'S': 'http://schemas.xmlsoap.org/soap/envelope/', 'paos': 'urn:liberty:paos:2003-08' } self.ECP_RELAY_STATE = '//ecp:RelayState' self.ECP_SERVICE_PROVIDER_CONSUMER_URL = ('/S:Envelope/S:Header/paos:' 'Request/' '@responseConsumerURL') self.ECP_IDP_CONSUMER_URL = ('/S:Envelope/S:Header/ecp:Response/' '@AssertionConsumerServiceURL') self.IDENTITY_PROVIDER = 'testidp' self.IDENTITY_PROVIDER_URL = 'http://local.url' self.PROTOCOL = 'saml2' self.FEDERATION_AUTH_URL = '%s/%s' % ( self.TEST_URL, 'OS-FEDERATION/identity_providers/testidp/protocols/saml2/auth') self.SHIB_CONSUMER_URL = ('https://openstack4.local/' 'Shibboleth.sso/SAML2/ECP') self.saml2plugin = saml2.Saml2UnscopedToken(self.TEST_URL, self.IDENTITY_PROVIDER, self.IDENTITY_PROVIDER_URL, self.TEST_USER, self.TEST_TOKEN)
def setUp(self): super(AuthenticateviaSAML2Tests, self).setUp() self.deprecations.expect_deprecations() self.conf_fixture = self.useFixture(config.Config()) conf.register_conf_options(self.conf_fixture.conf, group=self.GROUP) self.session = session.Session() self.ECP_SP_EMPTY_REQUEST_HEADERS = { 'Accept': 'text/html; application/vnd.paos+xml', 'PAOS': ('ver="urn:liberty:paos:2003-08";' '"urn:oasis:names:tc:SAML:2.0:profiles:SSO:ecp"') } self.ECP_SP_SAML2_REQUEST_HEADERS = { 'Content-Type': 'application/vnd.paos+xml' } self.ECP_SAML2_NAMESPACES = { 'ecp': 'urn:oasis:names:tc:SAML:2.0:profiles:SSO:ecp', 'S': 'http://schemas.xmlsoap.org/soap/envelope/', 'paos': 'urn:liberty:paos:2003-08' } self.ECP_RELAY_STATE = '//ecp:RelayState' self.ECP_SERVICE_PROVIDER_CONSUMER_URL = ('/S:Envelope/S:Header/paos:' 'Request/' '@responseConsumerURL') self.ECP_IDP_CONSUMER_URL = ('/S:Envelope/S:Header/ecp:Response/' '@AssertionConsumerServiceURL') self.IDENTITY_PROVIDER = 'testidp' self.IDENTITY_PROVIDER_URL = 'http://local.url' self.PROTOCOL = 'saml2' self.FEDERATION_AUTH_URL = '%s/%s' % ( self.TEST_URL, 'OS-FEDERATION/identity_providers/testidp/protocols/saml2/auth') self.SHIB_CONSUMER_URL = ('https://openstack4.local/' 'Shibboleth.sso/SAML2/ECP') self.saml2plugin = saml2.Saml2UnscopedToken( self.TEST_URL, self.IDENTITY_PROVIDER, self.IDENTITY_PROVIDER_URL, self.TEST_USER, self.TEST_TOKEN)