openstack/keystone
Code Issues Proposed changes

Merge "Fix 500 error when authenticate with "mapped""

Browse Source
This commit is contained in:
Zuul 2017-11-14 23:40:03 +00:00 committed by Gerrit Code Review
commit 3ceed8e4bb
2 changed files with 29 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
keystone/auth/plugins/mapped.py
View File

@ -202,8 +202,16 @@ def handle_unscoped_token(request, auth_payload, resource_api, federation_api,
return resp return resp
assertion = extract_assertion_data(request) assertion = extract_assertion_data(request)
try:
identity_provider = auth_payload['identity_provider'] identity_provider = auth_payload['identity_provider']
except KeyError:
raise exception.ValidationError(
attribute='identity_provider', target='mapped')
try:
protocol = auth_payload['protocol'] protocol = auth_payload['protocol']
except KeyError:
raise exception.ValidationError(
attribute='protocol', target='mapped')
utils.assert_enabled_identity_provider(federation_api, identity_provider) utils.assert_enabled_identity_provider(federation_api, identity_provider)

19
keystone/tests/unit/test_auth_plugin.py
View File

@ -18,6 +18,7 @@ import mock
from keystone import auth from keystone import auth
from keystone.auth.plugins import base from keystone.auth.plugins import base
from keystone.auth.plugins import mapped
from keystone import exception from keystone import exception
from keystone.tests import unit from keystone.tests import unit
from keystone.tests.unit.ksfixtures import auth_plugins from keystone.tests.unit.ksfixtures import auth_plugins
@ -189,6 +190,24 @@ class TestMapped(unit.TestCase):
kwargs) = authenticate.call_args kwargs) = authenticate.call_args
self.assertEqual(method_name, auth_payload['protocol']) self.assertEqual(method_name, auth_payload['protocol'])
def test_mapped_without_identity_provider_or_protocol(self):
test_mapped = mapped.Mapped()
test_mapped.resource_api = mock.Mock()
test_mapped.federation_api = mock.Mock()
test_mapped.identity_api = mock.Mock()
test_mapped.assignment_api = mock.Mock()
test_mapped.role_api = mock.Mock()
request = self.make_request()
auth_payload = {'identity_provider': 'test_provider'}
self.assertRaises(exception.ValidationError, test_mapped.authenticate,
request, auth_payload)
auth_payload = {'protocol': 'saml2'}
self.assertRaises(exception.ValidationError, test_mapped.authenticate,
request, auth_payload)
def test_supporting_multiple_methods(self): def test_supporting_multiple_methods(self):
method_names = ('saml2', 'openid', 'x509', 'mapped') method_names = ('saml2', 'openid', 'x509', 'mapped')
self.useFixture(auth_plugins.LoadAuthPlugins(*method_names)) self.useFixture(auth_plugins.LoadAuthPlugins(*method_names))