Enable py3 tests for test_v3_auth

Enable python3 testing for test_v3_auth.

Co-Authored-By: Victor Stinner <vstinner@redhat.com>
Change-Id: I06fe42cc061b1daaca05ce591fd4bace823c21dd
This commit is contained in:
Morgan Fainberg 2016-05-18 16:50:29 -07:00 committed by Sean Perry
parent 3afbf86b56
commit 68473b26ee
4 changed files with 30 additions and 29 deletions

View File

@ -62,7 +62,7 @@ def _generate_totp_passcode(secret):
decoded = base64.b32decode(secret) decoded = base64.b32decode(secret)
totp = crypto_totp.TOTP( totp = crypto_totp.TOTP(
decoded, 6, hashes.SHA1(), 30, backend=default_backend()) decoded, 6, hashes.SHA1(), 30, backend=default_backend())
return totp.generate(timeutils.utcnow_ts(microsecond=True)) return six.text_type(totp.generate(timeutils.utcnow_ts(microsecond=True)))
@dependency.requires('credential_api') @dependency.requires('credential_api')

View File

@ -409,7 +409,7 @@ def new_ec2_credential(user_id, project_id=None, blob=None, **kwargs):
def new_totp_credential(user_id, project_id=None, blob=None): def new_totp_credential(user_id, project_id=None, blob=None):
if not blob: if not blob:
blob = base64.b32encode(uuid.uuid4().hex).rstrip('=') blob = base64.b32encode(os.urandom(20)).decode('utf-8')
credential = new_credential_ref(user_id=user_id, credential = new_credential_ref(user_id=user_id,
project_id=project_id, project_id=project_id,
blob=blob, blob=blob,

View File

@ -15,7 +15,6 @@
import copy import copy
import datetime import datetime
import itertools import itertools
import json
import operator import operator
import uuid import uuid
@ -23,8 +22,10 @@ from keystoneclient.common import cms
import mock import mock
from oslo_config import cfg from oslo_config import cfg
from oslo_log import versionutils from oslo_log import versionutils
from oslo_serialization import jsonutils as json
from oslo_utils import fixture from oslo_utils import fixture
from oslo_utils import timeutils from oslo_utils import timeutils
import six
from six.moves import http_client from six.moves import http_client
from six.moves import range from six.moves import range
from testtools import matchers from testtools import matchers
@ -199,6 +200,17 @@ class TokenAPITests(object):
user['enabled'] = enabled user['enabled'] = enabled
self.identity_api.update_user(user['id'], user) self.identity_api.update_user(user['id'], user)
def assertTimestampEqual(self, expected, value):
# Compare two timestamps but ignore the microseconds part
# of the expected timestamp. Keystone does not track microseconds and
# is working to eliminate microseconds from it's datetimes used.
expected = timeutils.parse_isotime(expected).replace(microsecond=0)
value = timeutils.parse_isotime(value).replace(microsecond=0)
self.assertEqual(
expected,
value,
"%s != %s" % (expected, value))
def test_validate_unscoped_token(self): def test_validate_unscoped_token(self):
unscoped_token = self._get_unscoped_token() unscoped_token = self._get_unscoped_token()
self._validate_token(unscoped_token) self._validate_token(unscoped_token)
@ -603,10 +615,8 @@ class TokenAPITests(object):
self.assertEqual(v2_token_data['access']['user']['id'], self.assertEqual(v2_token_data['access']['user']['id'],
v3_token_data['token']['user']['id']) v3_token_data['token']['user']['id'])
# v2 token time has not fraction of second precision so self.assertTimestampEqual(v2_token_data['access']['token']['expires'],
# just need to make sure the non fraction part agrees v3_token_data['token']['expires_at'])
self.assertIn(v2_token_data['access']['token']['expires'][:-1],
v3_token_data['token']['expires_at'])
def test_v3_v2_token_intermix(self): def test_v3_v2_token_intermix(self):
# FIXME(gyee): PKI tokens are not interchangeable because token # FIXME(gyee): PKI tokens are not interchangeable because token
@ -628,10 +638,8 @@ class TokenAPITests(object):
self.assertEqual(v2_token_data['access']['user']['id'], self.assertEqual(v2_token_data['access']['user']['id'],
v3_token_data['token']['user']['id']) v3_token_data['token']['user']['id'])
# v2 token time has not fraction of second precision so self.assertTimestampEqual(v2_token_data['access']['token']['expires'],
# just need to make sure the non fraction part agrees v3_token_data['token']['expires_at'])
self.assertIn(v2_token_data['access']['token']['expires'][:-1],
v3_token_data['token']['expires_at'])
self.assertEqual(v2_token_data['access']['user']['roles'][0]['name'], self.assertEqual(v2_token_data['access']['user']['roles'][0]['name'],
v3_token_data['token']['roles'][0]['name']) v3_token_data['token']['roles'][0]['name'])
@ -656,10 +664,8 @@ class TokenAPITests(object):
self.assertEqual(v2_token_data['access']['user']['id'], self.assertEqual(v2_token_data['access']['user']['id'],
v3_token_data['token']['user']['id']) v3_token_data['token']['user']['id'])
# v2 token time has not fraction of second precision so self.assertTimestampEqual(v2_token_data['access']['token']['expires'],
# just need to make sure the non fraction part agrees v3_token_data['token']['expires_at'])
self.assertIn(v2_token_data['access']['token']['expires'][-1],
v3_token_data['token']['expires_at'])
def test_v2_v3_token_intermix(self): def test_v2_v3_token_intermix(self):
r = self.admin_request( r = self.admin_request(
@ -683,10 +689,8 @@ class TokenAPITests(object):
self.assertEqual(v2_token_data['access']['user']['id'], self.assertEqual(v2_token_data['access']['user']['id'],
v3_token_data['token']['user']['id']) v3_token_data['token']['user']['id'])
# v2 token time has not fraction of second precision so self.assertTimestampEqual(v2_token_data['access']['token']['expires'],
# just need to make sure the non fraction part agrees v3_token_data['token']['expires_at'])
self.assertIn(v2_token_data['access']['token']['expires'][-1],
v3_token_data['token']['expires_at'])
self.assertEqual(v2_token_data['access']['user']['roles'][0]['name'], self.assertEqual(v2_token_data['access']['user']['roles'][0]['name'],
v3_token_data['token']['roles'][0]['name']) v3_token_data['token']['roles'][0]['name'])
@ -731,7 +735,7 @@ class TokenAPITests(object):
self.assertValidProjectScopedTokenResponse(r) self.assertValidProjectScopedTokenResponse(r)
# ensure token expiration stayed the same # ensure token expiration stayed the same
self.assertEqual(expires, r.result['token']['expires_at']) self.assertTimestampEqual(expires, r.result['token']['expires_at'])
def test_check_token(self): def test_check_token(self):
self.head('/auth/tokens', headers=self.headers, self.head('/auth/tokens', headers=self.headers,
@ -1111,7 +1115,7 @@ class TokenDataTests(object):
r = self.get('/auth/tokens', headers=self.headers) r = self.get('/auth/tokens', headers=self.headers)
# populate the response result with some extra data # populate the response result with some extra data
r.result['token'][u'extra'] = unicode(uuid.uuid4().hex) r.result['token'][u'extra'] = six.text_type(uuid.uuid4().hex)
self.assertRaises(exception.SchemaValidationError, self.assertRaises(exception.SchemaValidationError,
self.assertValidUnscopedTokenResponse, self.assertValidUnscopedTokenResponse,
r) r)
@ -1133,7 +1137,7 @@ class TokenDataTests(object):
r = self.get('/auth/tokens', headers=self.headers) r = self.get('/auth/tokens', headers=self.headers)
# populate the response result with some extra data # populate the response result with some extra data
r.result['token'][u'extra'] = unicode(uuid.uuid4().hex) r.result['token'][u'extra'] = six.text_type(uuid.uuid4().hex)
self.assertRaises(exception.SchemaValidationError, self.assertRaises(exception.SchemaValidationError,
self.assertValidDomainScopedTokenResponse, self.assertValidDomainScopedTokenResponse,
r) r)
@ -1150,7 +1154,7 @@ class TokenDataTests(object):
resp = self.get('/auth/tokens', headers=self.headers) resp = self.get('/auth/tokens', headers=self.headers)
# populate the response result with some extra data # populate the response result with some extra data
resp.result['token'][u'extra'] = unicode(uuid.uuid4().hex) resp.result['token'][u'extra'] = six.text_type(uuid.uuid4().hex)
self.assertRaises(exception.SchemaValidationError, self.assertRaises(exception.SchemaValidationError,
self.assertValidProjectScopedTokenResponse, self.assertValidProjectScopedTokenResponse,
resp) resp)
@ -1258,8 +1262,8 @@ class TestPKITokenAPIs(test_v3.RestfulTestCase, TokenAPITests, TokenDataTests):
decoded_token = self.verify_token(token_id, CONF.signing.certfile, decoded_token = self.verify_token(token_id, CONF.signing.certfile,
CONF.signing.ca_certs) CONF.signing.ca_certs)
decoded_token_dict = json.loads(decoded_token)
decoded_token_dict = json.loads(decoded_token)
token_resp_dict = json.loads(resp.body) token_resp_dict = json.loads(resp.body)
self.assertEqual(decoded_token_dict, token_resp_dict) self.assertEqual(decoded_token_dict, token_resp_dict)
@ -1288,10 +1292,8 @@ class TestPKITokenAPIs(test_v3.RestfulTestCase, TokenAPITests, TokenDataTests):
v2_token = resp.result v2_token = resp.result
self.assertEqual(v2_token['access']['user']['id'], self.assertEqual(v2_token['access']['user']['id'],
token_data['token']['user']['id']) token_data['token']['user']['id'])
# v2 token time has not fraction of second precision so self.assertTimestampEqual(v2_token['access']['token']['expires'],
# just need to make sure the non fraction part agrees token_data['token']['expires_at'])
self.assertIn(v2_token['access']['token']['expires'][:-1],
token_data['token']['expires_at'])
self.assertEqual(v2_token['access']['user']['roles'][0]['name'], self.assertEqual(v2_token['access']['user']['roles'][0]['name'],
token_data['token']['roles'][0]['name']) token_data['token']['roles'][0]['name'])

View File

@ -1,2 +1 @@
keystone.tests.unit.test_v3_auth
keystone.tests.unit.test_v3_oauth1 keystone.tests.unit.test_v3_oauth1