openstack
/
keystone
Code Issues Proposed changes

Merge remote branch 'rackspace/master'

This commit is contained in:
Yogeshwar Srikrishnan 2011-06-09 01:30:44 -05:00
parent 4cf516ff36 68c5752ee3
commit 49a644a259
2 changed files with 129 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
docs/swift-quick-start.txt
View File

@ -7,7 +7,7 @@ Quick Start to Integrating Swift and Keystone
2. Obtain and install a source copy of Keystone::
git clone https://github.com/khussein/keystone.git ~/keystone
git clone https://github.com/rackspace/keystone.git ~/keystone
cd ~/keystone && sudo python setup.py develop
3. Move included configuration out of the way::

150
test/unit/test_authn_v2.py
View File

@ -17,22 +17,16 @@
import json
import logging
from keystone import server
from test.unit import base
from test.unit.decorators import jsonify, xmlify
from test.unit import test_common as utils
logger = logging.getLogger('test.unit.test_authn_v2')
class TestAuthnV2(base.ServiceAPITest):
class AuthnMethods(object):
"""
Tests for the /v2.0/tokens auth endpoint
"""
api_version = '2.0'
def test_get_fails(self):
def test_authn_get_fails(self):
"""
Test for GH issue #5. GET /tokens works when it should not
"""
@ -50,7 +44,7 @@ class TestAuthnV2(base.ServiceAPITest):
self.status_not_found()
@jsonify
def test_success_json(self):
def test_authn_success_json(self):
"""
Test that good password credentials returns a 200 OK
"""
@ -78,7 +72,7 @@ class TestAuthnV2(base.ServiceAPITest):
self.assert_dict_equal(expected, json.loads(self.res.body))
@jsonify
def test_success_missing_tenant_json(self):
def test_authn_success_missing_tenant_json(self):
"""
Test that supplying an existing user/pass, with a missing tenant ID
in the password credentials results in a 200 OK but a token not
@ -91,6 +85,42 @@ class TestAuthnV2(base.ServiceAPITest):
expires=self.expires,
token_id='NOTENANTTOKEN')
url = "/tokens"
req = self.get_request('POST', url)
body = {
"passwordCredentials": {
"username": self.auth_user['id'],
"password": self.auth_user['password']
}
}
req.body = json.dumps(body)
self.get_response()
self.status_ok()
expected = {
u'auth': {
u'token': {
u'expires': self.expires.strftime("%Y-%m-%dT%H:%M:%S.%f"),
u'id': 'NOTENANTTOKEN'
}
}
}
self.assert_dict_equal(expected, json.loads(self.res.body))
@jsonify
def test_authn_success_none_tenant_json(self):
"""
Test that supplying an existing user/pass, with a tenant ID of None
in the password credentials results in a 200 OK but a token not
matching the token with a tenant attached to it.
"""
# Create a special token for user with no tenant
auth_token = self.fixture_create_token(
user_id=self.auth_user['id'],
tenant_id=None,
expires=self.expires,
token_id='NOTENANTTOKEN')
url = "/tokens"
req = self.get_request('POST', url)
body = {
@ -115,7 +145,7 @@ class TestAuthnV2(base.ServiceAPITest):
self.assert_dict_equal(expected, json.loads(self.res.body))
@jsonify
def test_malformed_creds_json(self):
def test_authn_malformed_creds_json(self):
"""
Test that supplying a malformed password credentials
results in a 400 Bad Request
@ -134,7 +164,7 @@ class TestAuthnV2(base.ServiceAPITest):
self.status_bad_request()
@jsonify
def test_user_not_found_json(self):
def test_authn_user_not_found_json(self):
"""
Test that supplying a non-existing user in the password credentials
results in a 401 Unauthorized
@ -153,7 +183,7 @@ class TestAuthnV2(base.ServiceAPITest):
self.status_unauthorized()
@jsonify
def test_user_missing_json(self):
def test_authn_user_missing_json(self):
"""
Test that supplying a missing user in the password credentials
results in a 401 Unauthorized
@ -172,7 +202,7 @@ class TestAuthnV2(base.ServiceAPITest):
self.status_unauthorized()
@jsonify
def test_bad_pass_json(self):
def test_authn_bad_pass_json(self):
"""
Test that supplying an existing user and a bad password
in the password credentials results in a 401 Unauthorized
@ -191,7 +221,7 @@ class TestAuthnV2(base.ServiceAPITest):
self.status_unauthorized()
@jsonify
def test_bad_tenant_json(self):
def test_authn_bad_tenant_json(self):
"""
Test that supplying an existing user/pass, with a bad tenant ID
in the password credentials results in a 401 Unauthorized
@ -210,7 +240,7 @@ class TestAuthnV2(base.ServiceAPITest):
self.status_unauthorized()
@xmlify
def test_success_xml(self):
def test_authn_success_xml(self):
"""
Test that good password credentials returns a 200 OK
"""
@ -235,7 +265,7 @@ class TestAuthnV2(base.ServiceAPITest):
self.assert_xml_strings_equal(expected, self.res.body)
@xmlify
def test_success_missing_tenant_xml(self):
def test_authn_success_missing_tenant_xml(self):
"""
Test that supplying an existing user/pass, with a missing tenant ID
in the password credentials results in a 200 OK but a token not
@ -286,7 +316,7 @@ class TestAuthnV2(base.ServiceAPITest):
self.status_bad_request()
@xmlify
def test_user_not_found_xml(self):
def test_authn_user_not_found_xml(self):
"""
Test that supplying a non-existing user in the password credentials
results in a 401 Unauthorized
@ -304,7 +334,7 @@ class TestAuthnV2(base.ServiceAPITest):
self.status_unauthorized()
@xmlify
def test_user_missing_xml(self):
def test_authn_user_missing_xml(self):
"""
Test that supplying a missing user in the password credentials
results in a 400 Bad Request
@ -321,7 +351,7 @@ class TestAuthnV2(base.ServiceAPITest):
self.status_bad_request()
@xmlify
def test_bad_pass_xml(self):
def test_authn_bad_pass_xml(self):
"""
Test that supplying a bad password in the password credentials
results in a 401 Unauthorized
@ -339,7 +369,7 @@ class TestAuthnV2(base.ServiceAPITest):
self.status_unauthorized()
@xmlify
def test_bad_tenant_xml(self):
def test_authn_bad_tenant_xml(self):
"""
Test that supplying a bad tenant in the password credentials
results in a 401 Unauthorized
@ -355,3 +385,79 @@ class TestAuthnV2(base.ServiceAPITest):
'badtenant')
self.get_response()
self.status_unauthorized()
class TestAuthnV2(base.ServiceAPITest, AuthnMethods):
"""
Tests for the /v2.0/tokens auth endpoint with main service API
"""
class TestAdminAuthnV2(base.AdminAPITest, AuthnMethods):
"""
Tests for the /v2.0/tokens auth endpoint with admin API
"""
@jsonify
def test_validate_token_json(self):
"""
Test successful validation of the token we use in authn
"""
url = "/tokens/%s" % self.auth_token_id
headers = {"X-Auth-Token": self.auth_token_id}
req = self.get_request('GET', url, headers)
self.get_response()
self.status_ok()
expected = {
"auth": {
"token": {
u'expires': self.expires.strftime("%Y-%m-%dT%H:%M:%S.%f"),
u'id': self.auth_token_id,
"tenantId": self.auth_user['tenant_id']
},
"user": {
"username": self.auth_user['id'],
"tenantId": self.auth_user['tenant_id'],
"roleRefs": []
}
}
}
for user_role in self.auth_user['roles']:
expected["auth"]["user"]["roleRefs"].append(
{"roleId": user_role['role_id'], "id": user_role['id']})
self.assert_dict_equal(expected, json.loads(self.res.body))
@xmlify
def test_validate_token_xml(self):
"""
Test successful validation of the token we use in authn
"""
url = "/tokens/%s" % self.auth_token_id
headers = {"X-Auth-Token": self.auth_token_id}
req = self.get_request('GET', url, headers)
self.get_response()
self.status_ok()
expected = """<auth xmlns="http://docs.openstack.org/identity/api/v2.0">
<token expires="%s" id="%s" tenantId="%s"/>
<user username="%s" tenantId="%s">
<roleRefs xmlns="http://docs.openstack.org/identity/api/v2.0">
""" % (
self.expires.strftime("%Y-%m-%dT%H:%M:%S.%f"),
self.auth_token_id,
self.auth_user['tenant_id'],
self.auth_user['id'],
self.auth_user['tenant_id'])
for user_role in self.auth_user['roles']:
expected = expected + """
<roleRef xmlns="http://docs.openstack.org/identity/api/v2.0"
id="%s" roleId="%s"/>""" % (user_role['id'],
user_role['role_id'])
expected = expected + """</roleRefs>
</user>
</auth>"""
self.assert_xml_strings_equal(expected, self.res.body)