Merge "Add option to disable testing against external idp"

2019-10-25 21:55:49 +00:00 · 2019-10-25 21:55:49 +00:00 · e3163c2a69
commit e3163c2a69
parent 13a94876e4 8ec445b13d
2 changed files with 35 additions and 6 deletions
--- a/keystone_tempest_plugin/config.py
+++ b/keystone_tempest_plugin/config.py
@ -20,6 +20,11 @@ identity_feature_option = [
                default=False,
                help='Does the environment support the Federated Identity '
                     'feature?'),
+    cfg.BoolOpt('external_idp',
+                default=True,
+                help='Whether to test federated scenarios against an external '
+                     'identity provider. If disabled, only '
+                     'Keystone-to-Keystone tests will be enabled.'),
 ]

 fed_scenario_group = cfg.OptGroup(name='fed_scenario',
--- a/keystone_tempest_plugin/tests/scenario/test_federated_authentication.py
+++ b/keystone_tempest_plugin/tests/scenario/test_federated_authentication.py
@ -183,14 +183,10 @@ class TestSaml2EcpFederatedAuthentication(base.BaseIdentityTest):

        return resp

-    @testtools.skipUnless(CONF.identity_feature_enabled.federation,
-                          "Federated Identity feature not enabled")
-    def test_request_unscoped_token(self):
+    def _test_request_unscoped_token(self):
        self._request_unscoped_token()

-    @testtools.skipUnless(CONF.identity_feature_enabled.federation,
-                          "Federated Identity feature not enabled")
-    def test_request_scoped_token(self):
+    def _test_request_scoped_token(self):
        resp = self._request_unscoped_token()
        token_id = resp.headers['X-Subject-Token']

@ -203,6 +199,24 @@ class TestSaml2EcpFederatedAuthentication(base.BaseIdentityTest):
            project_id=projects[0]['id'], token=token_id)


+class TestSaml2FederatedExternalAuthentication(
+    TestSaml2EcpFederatedAuthentication):
+
+    @testtools.skipUnless(CONF.identity_feature_enabled.federation,
+                          "Federated Identity feature not enabled")
+    @testtools.skipUnless(CONF.identity_feature_enabled.external_idp,
+                          "External identity provider is not available")
+    def test_request_unscoped_token(self):
+        self._test_request_unscoped_token()
+
+    @testtools.skipUnless(CONF.identity_feature_enabled.federation,
+                          "Federated Identity feature not enabled")
+    @testtools.skipUnless(CONF.identity_feature_enabled.external_idp,
+                          "External identity provider is not available")
+    def test_request_scoped_token(self):
+        self._test_request_scoped_token()
+
+
 class TestK2KFederatedAuthentication(TestSaml2EcpFederatedAuthentication):

    def setUp(self):
@ -253,3 +267,13 @@ class TestK2KFederatedAuthentication(TestSaml2EcpFederatedAuthentication):
        self.auth_client.expected_success(200, resp.status)

        return etree.XML(saml), self.sp_url
+
+    @testtools.skipUnless(CONF.identity_feature_enabled.federation,
+                          "Federated Identity feature not enabled")
+    def test_request_unscoped_token(self):
+        self._test_request_unscoped_token()
+
+    @testtools.skipUnless(CONF.identity_feature_enabled.federation,
+                          "Federated Identity feature not enabled")
+    def test_request_scoped_token(self):
+        self._test_request_scoped_token()