def test_with_multiple_mechanisms(self):
self.stub_auth(json=self.TEST_RESPONSE_DICT)
p = v3.PasswordMethod(username=self.TEST_USER, password=self.TEST_PASS)
t = v3.TokenMethod(token='foo')
a = v3.Auth(self.TEST_URL, [p, t], trust_id='trust')
s = session.Session(auth=a)
self.assertEqual({'X-Auth-Token': self.TEST_TOKEN},
s.get_auth_headers())
req = {
'auth': {
'identity': {
'methods': ['password', 'token'],
'password': {
'user': {
'name': self.TEST_USER,
'password': self.TEST_PASS
}
},
'token': {
'id': 'foo'
}
},
'scope': {
'OS-TRUST:trust': {
'id': 'trust'
}
}
}
}
self.assertRequestBodyIs(json=req)
self.assertEqual(s.auth.auth_ref.auth_token, self.TEST_TOKEN)
def get_raw_token_from_identity_service(self,
auth_url,
user_id=None,
username=None,
user_domain_id=None,
user_domain_name=None,
password=None,
domain_id=None,
domain_name=None,
project_id=None,
project_name=None,
project_domain_id=None,
project_domain_name=None,
token=None,
trust_id=None,
**kwargs):
"""Authenticate against the v3 Identity API.
If password and token methods are both provided then both methods will
be used in the request.
:returns: access.AccessInfo if authentication was successful.
:rtype: :class:`keystoneclient.access.AccessInfoV3`
:raises keystoneclient.exceptions.AuthorizationFailure: if unable to
authenticate or validate the existing authorization token.
:raises keystoneclient.exceptions.Unauthorized: if authentication fails
due to invalid token.
"""
try:
if auth_url is None:
raise ValueError(_("Cannot authenticate without an auth_url"))
auth_methods = []
if token:
auth_methods.append(v3_auth.TokenMethod(token=token))
if password:
m = v3_auth.PasswordMethod(user_id=user_id,
username=username,
user_domain_id=user_domain_id,
user_domain_name=user_domain_name,
password=password)
auth_methods.append(m)
if not auth_methods:
msg = _('A user and password or token is required.')
raise exceptions.AuthorizationFailure(msg)
plugin = v3_auth.Auth(auth_url,
auth_methods,
trust_id=trust_id,
domain_id=domain_id,
domain_name=domain_name,
project_id=project_id,
project_name=project_name,
project_domain_id=project_domain_id,
project_domain_name=project_domain_name)
return plugin.get_auth_ref(self.session)
except (exceptions.AuthorizationFailure, exceptions.Unauthorized):
_logger.debug('Authorization failed.')
raise
except exceptions.EndpointNotFound:
msg = _('There was no suitable authentication url for this'
' request')
raise exceptions.AuthorizationFailure(msg)
except Exception as e:
raise exceptions.AuthorizationFailure(
_('Authorization failed: %s') % e)
