Fix OAuth1 to not JSON-encode create access token response

The OAuth1 response was a JSON-encoded urlencoded string rather than just a urlencoded string as expected. This also enhances keystone.middleware.wsgi.render_response() to support setting the Content-Type header in the response. Closes-Bug: #1336910 Change-Id: I72dcb61cae712c3c76382d2d6067b4f5fad7729d
2014-07-02 13:36:30 -05:00 · 2014-07-02 13:36:30 -05:00 · 5489117ac2
parent f46287813b
commit 5489117ac2
3 changed files with 46 additions and 14 deletions
--- a/keystone/common/wsgi.py
+++ b/keystone/common/wsgi.py
@ -600,15 +600,25 @@ class ExtensionRouter(Router):

 def render_response(body=None, status=None, headers=None):
    """Forms a WSGI response."""
-    headers = headers or []
+    if headers is None:
+        headers = []
+    else:
+        headers = list(headers)
    headers.append(('Vary', 'X-Auth-Token'))

    if body is None:
        body = ''
        status = status or (204, 'No Content')
    else:
-        body = jsonutils.dumps(body, cls=utils.SmarterEncoder)
-        headers.append(('Content-Type', 'application/json'))
+        content_types = [v for h, v in headers if h == 'Content-Type']
+        if content_types:
+            content_type = content_types[0]
+        else:
+            content_type = None
+        if content_type is None or content_type == 'application/json':
+            body = jsonutils.dumps(body, cls=utils.SmarterEncoder)
+            if content_type is None:
+                headers.append(('Content-Type', 'application/json'))
        status = status or (200, 'OK')

    return webob.Response(body=body,
--- a/keystone/tests/rest.py
+++ b/keystone/tests/rest.py
@ -169,9 +169,12 @@ class RestfulTestCase(tests.TestCase):
                response.result = jsonutils.loads(response.body)
            elif content_type == 'xml':
                response.result = etree.fromstring(response.body)
+            else:
+                response.result = response.body

    def restful_request(self, method='GET', headers=None, body=None,
-                        content_type=None, **kwargs):
+                        content_type=None, response_content_type=None,
+                        **kwargs):
        """Serializes/deserializes json/xml as request/response body.

        .. WARNING::
@ -189,7 +192,8 @@ class RestfulTestCase(tests.TestCase):
        response = self.request(method=method, headers=headers, body=body,
                                **kwargs)

-        self._from_content_type(response, content_type)
+        response_content_type = response_content_type or content_type
+        self._from_content_type(response, content_type=response_content_type)

        # we can save some code & improve coverage by always doing this
        if method != 'HEAD' and response.status_code >= 400:
--- a/keystone/tests/test_v3_oauth1.py
+++ b/keystone/tests/test_v3_oauth1.py
@ -249,7 +249,9 @@ class OAuthFlowTests(OAuth1Tests):

        url, headers = self._create_request_token(self.consumer,
                                                  self.project_id)
-        content = self.post(url, headers=headers)
+        content = self.post(
+            url, headers=headers,
+            response_content_type='application/x-www-urlformencoded')
        credentials = urllib.parse.parse_qs(content.result)
        request_key = credentials['oauth_token'][0]
        request_secret = credentials['oauth_token_secret'][0]
@ -266,7 +268,9 @@ class OAuthFlowTests(OAuth1Tests):
        self.request_token.set_verifier(self.verifier)
        url, headers = self._create_access_token(self.consumer,
                                                 self.request_token)
-        content = self.post(url, headers=headers)
+        content = self.post(
+            url, headers=headers,
+            response_content_type='application/x-www-urlformencoded')
        credentials = urllib.parse.parse_qs(content.result)
        access_key = credentials['oauth_token'][0]
        access_secret = credentials['oauth_token_secret'][0]
@ -510,7 +514,9 @@ class AuthTokenTests(OAuthFlowTests):

        url, headers = self._create_request_token(self.consumer,
                                                  self.project_id)
-        content = self.post(url, headers=headers)
+        content = self.post(
+            url, headers=headers,
+            response_content_type='application/x-www-urlformencoded')
        credentials = urllib.parse.parse_qs(content.result)
        request_key = credentials['oauth_token'][0]
        request_secret = credentials['oauth_token_secret'][0]
@ -589,7 +595,9 @@ class MaliciousOAuth1Tests(OAuth1Tests):
        consumer_secret = consumer['secret']
        consumer = {'key': consumer_id, 'secret': consumer_secret}
        url, headers = self._create_request_token(consumer, self.project_id)
-        self.post(url, headers=headers)
+        self.post(
+            url, headers=headers,
+            response_content_type='application/x-www-urlformencoded')
        url = self._authorize_request_token(uuid.uuid4().hex)
        body = {'roles': [{'id': self.role_id}]}
        self.put(url, body=body, expected_status=404)
@ -601,7 +609,9 @@ class MaliciousOAuth1Tests(OAuth1Tests):
        consumer = {'key': consumer_id, 'secret': consumer_secret}

        url, headers = self._create_request_token(consumer, self.project_id)
-        content = self.post(url, headers=headers)
+        content = self.post(
+            url, headers=headers,
+            response_content_type='application/x-www-urlformencoded')
        credentials = urllib.parse.parse_qs(content.result)
        request_key = credentials['oauth_token'][0]
        request_secret = credentials['oauth_token_secret'][0]
@ -624,7 +634,9 @@ class MaliciousOAuth1Tests(OAuth1Tests):
        consumer = {'key': consumer_id, 'secret': consumer_secret}

        url, headers = self._create_request_token(consumer, self.project_id)
-        content = self.post(url, headers=headers)
+        content = self.post(
+            url, headers=headers,
+            response_content_type='application/x-www-urlformencoded')
        credentials = urllib.parse.parse_qs(content.result)
        request_key = credentials['oauth_token'][0]

@ -646,7 +658,9 @@ class MaliciousOAuth1Tests(OAuth1Tests):

        url, headers = self._create_request_token(self.consumer,
                                                  self.project_id)
-        content = self.post(url, headers=headers)
+        content = self.post(
+            url, headers=headers,
+            response_content_type='application/x-www-urlformencoded')
        credentials = urllib.parse.parse_qs(content.result)
        request_key = credentials['oauth_token'][0]
        request_secret = credentials['oauth_token_secret'][0]
@ -667,7 +681,9 @@ class MaliciousOAuth1Tests(OAuth1Tests):

        url, headers = self._create_request_token(self.consumer,
                                                  self.project_id)
-        content = self.post(url, headers=headers)
+        content = self.post(
+            url, headers=headers,
+            response_content_type='application/x-www-urlformencoded')
        credentials = urllib.parse.parse_qs(content.result)
        request_key = credentials['oauth_token'][0]
        request_secret = credentials['oauth_token_secret'][0]
@ -682,7 +698,9 @@ class MaliciousOAuth1Tests(OAuth1Tests):
        self.request_token.set_verifier(self.verifier)
        url, headers = self._create_access_token(self.consumer,
                                                 self.request_token)
-        content = self.post(url, headers=headers)
+        content = self.post(
+            url, headers=headers,
+            response_content_type='application/x-www-urlformencoded')
        credentials = urllib.parse.parse_qs(content.result)
        access_key = credentials['oauth_token'][0]
        access_secret = credentials['oauth_token_secret'][0]