Rename v2 token schema used for validation
Move the v2 token validation schema to an appropriate location. Also, make minor changes to Fernet assertion methods under test_v2. Change-Id: I5b1a255807ce26b13fcf14fda85708eb524de837
This commit is contained in:
parent
e4e16cefab
commit
8b082f6f02
|
@ -15,16 +15,17 @@ import copy
|
||||||
|
|
||||||
from keystone.common import validation
|
from keystone.common import validation
|
||||||
from keystone.common.validation import parameter_types
|
from keystone.common.validation import parameter_types
|
||||||
|
from keystone.common.validation import validators
|
||||||
|
|
||||||
|
|
||||||
_project_v2_properties = {
|
_project_properties = {
|
||||||
'id': parameter_types.id_string,
|
'id': parameter_types.id_string,
|
||||||
'name': parameter_types.name,
|
'name': parameter_types.name,
|
||||||
'enabled': parameter_types.boolean,
|
'enabled': parameter_types.boolean,
|
||||||
'description': validation.nullable(parameter_types.description),
|
'description': validation.nullable(parameter_types.description),
|
||||||
}
|
}
|
||||||
|
|
||||||
_token_v2_properties = {
|
_token_properties = {
|
||||||
'audit_ids': {
|
'audit_ids': {
|
||||||
'type': 'array',
|
'type': 'array',
|
||||||
'items': {
|
'items': {
|
||||||
|
@ -38,17 +39,17 @@ _token_v2_properties = {
|
||||||
'issued_at': {'type': 'string'},
|
'issued_at': {'type': 'string'},
|
||||||
'tenant': {
|
'tenant': {
|
||||||
'type': 'object',
|
'type': 'object',
|
||||||
'properties': _project_v2_properties,
|
'properties': _project_properties,
|
||||||
'required': ['id', 'name', 'enabled'],
|
'required': ['id', 'name', 'enabled'],
|
||||||
'additionalProperties': False,
|
'additionalProperties': False,
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
|
||||||
_role_v2_properties = {
|
_role_properties = {
|
||||||
'name': parameter_types.name,
|
'name': parameter_types.name,
|
||||||
}
|
}
|
||||||
|
|
||||||
_user_v2_properties = {
|
_user_properties = {
|
||||||
'id': parameter_types.id_string,
|
'id': parameter_types.id_string,
|
||||||
'name': parameter_types.name,
|
'name': parameter_types.name,
|
||||||
'username': parameter_types.name,
|
'username': parameter_types.name,
|
||||||
|
@ -56,7 +57,7 @@ _user_v2_properties = {
|
||||||
'type': 'array',
|
'type': 'array',
|
||||||
'items': {
|
'items': {
|
||||||
'type': 'object',
|
'type': 'object',
|
||||||
'properties': _role_v2_properties,
|
'properties': _role_properties,
|
||||||
'required': ['name'],
|
'required': ['name'],
|
||||||
'additionalProperties': False,
|
'additionalProperties': False,
|
||||||
},
|
},
|
||||||
|
@ -67,7 +68,7 @@ _user_v2_properties = {
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
|
||||||
_metadata_v2_properties = {
|
_metadata_properties = {
|
||||||
'is_admin': {'type': 'integer'},
|
'is_admin': {'type': 'integer'},
|
||||||
'roles': {
|
'roles': {
|
||||||
'type': 'array',
|
'type': 'array',
|
||||||
|
@ -75,7 +76,7 @@ _metadata_v2_properties = {
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
|
||||||
_endpoint_v2_properties = {
|
_endpoint_properties = {
|
||||||
'id': {'type': 'string'},
|
'id': {'type': 'string'},
|
||||||
'adminURL': parameter_types.url,
|
'adminURL': parameter_types.url,
|
||||||
'internalURL': parameter_types.url,
|
'internalURL': parameter_types.url,
|
||||||
|
@ -83,7 +84,7 @@ _endpoint_v2_properties = {
|
||||||
'region': {'type': 'string'},
|
'region': {'type': 'string'},
|
||||||
}
|
}
|
||||||
|
|
||||||
_service_v2_properties = {
|
_service_properties = {
|
||||||
'type': {'type': 'string'},
|
'type': {'type': 'string'},
|
||||||
'name': parameter_types.name,
|
'name': parameter_types.name,
|
||||||
'endpoints_links': {
|
'endpoints_links': {
|
||||||
|
@ -95,17 +96,17 @@ _service_v2_properties = {
|
||||||
'minItems': 1,
|
'minItems': 1,
|
||||||
'items': {
|
'items': {
|
||||||
'type': 'object',
|
'type': 'object',
|
||||||
'properties': _endpoint_v2_properties,
|
'properties': _endpoint_properties,
|
||||||
'required': ['id', 'publicURL'],
|
'required': ['id', 'publicURL'],
|
||||||
'additionalProperties': False,
|
'additionalProperties': False,
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
|
||||||
_base_access_v2_properties = {
|
_base_access_properties = {
|
||||||
'metadata': {
|
'metadata': {
|
||||||
'type': 'object',
|
'type': 'object',
|
||||||
'properties': _metadata_v2_properties,
|
'properties': _metadata_properties,
|
||||||
'required': ['is_admin', 'roles'],
|
'required': ['is_admin', 'roles'],
|
||||||
'additionalProperties': False,
|
'additionalProperties': False,
|
||||||
},
|
},
|
||||||
|
@ -113,44 +114,48 @@ _base_access_v2_properties = {
|
||||||
'type': 'array',
|
'type': 'array',
|
||||||
'items': {
|
'items': {
|
||||||
'type': 'object',
|
'type': 'object',
|
||||||
'properties': _service_v2_properties,
|
'properties': _service_properties,
|
||||||
'required': ['name', 'type', 'endpoints_links', 'endpoints'],
|
'required': ['name', 'type', 'endpoints_links', 'endpoints'],
|
||||||
'additionalProperties': False,
|
'additionalProperties': False,
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
'token': {
|
'token': {
|
||||||
'type': 'object',
|
'type': 'object',
|
||||||
'properties': _token_v2_properties,
|
'properties': _token_properties,
|
||||||
'required': ['audit_ids', 'id', 'expires', 'issued_at'],
|
'required': ['audit_ids', 'id', 'expires', 'issued_at'],
|
||||||
'additionalProperties': False,
|
'additionalProperties': False,
|
||||||
},
|
},
|
||||||
'user': {
|
'user': {
|
||||||
'type': 'object',
|
'type': 'object',
|
||||||
'properties': _user_v2_properties,
|
'properties': _user_properties,
|
||||||
'required': ['id', 'name', 'username', 'roles', 'roles_links'],
|
'required': ['id', 'name', 'username', 'roles', 'roles_links'],
|
||||||
'additionalProperties': False,
|
'additionalProperties': False,
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
|
||||||
_unscoped_access_v2_properties = copy.deepcopy(_base_access_v2_properties)
|
_unscoped_access_properties = copy.deepcopy(_base_access_properties)
|
||||||
unscoped_metadata = _unscoped_access_v2_properties['metadata']
|
unscoped_metadata = _unscoped_access_properties['metadata']
|
||||||
unscoped_metadata['properties']['roles']['maxItems'] = 0
|
unscoped_metadata['properties']['roles']['maxItems'] = 0
|
||||||
_unscoped_access_v2_properties['user']['properties']['roles']['maxItems'] = 0
|
_unscoped_access_properties['user']['properties']['roles']['maxItems'] = 0
|
||||||
_unscoped_access_v2_properties['serviceCatalog']['maxItems'] = 0
|
_unscoped_access_properties['serviceCatalog']['maxItems'] = 0
|
||||||
|
|
||||||
_scoped_access_v2_properties = copy.deepcopy(_base_access_v2_properties)
|
_scoped_access_properties = copy.deepcopy(_base_access_properties)
|
||||||
_scoped_access_v2_properties['metadata']['properties']['roles']['minItems'] = 1
|
_scoped_access_properties['metadata']['properties']['roles']['minItems'] = 1
|
||||||
_scoped_access_v2_properties['serviceCatalog']['minItems'] = 1
|
_scoped_access_properties['serviceCatalog']['minItems'] = 1
|
||||||
_scoped_access_v2_properties['user']['properties']['roles']['minItems'] = 1
|
_scoped_access_properties['user']['properties']['roles']['minItems'] = 1
|
||||||
|
|
||||||
base_token_v2_schema = {
|
base_token_schema = {
|
||||||
'type': 'object',
|
'type': 'object',
|
||||||
'required': ['metadata', 'user', 'serviceCatalog', 'token'],
|
'required': ['metadata', 'user', 'serviceCatalog', 'token'],
|
||||||
'additionalProperties': False,
|
'additionalProperties': False,
|
||||||
}
|
}
|
||||||
|
|
||||||
unscoped_token_v2_schema = copy.deepcopy(base_token_v2_schema)
|
unscoped_token_schema = copy.deepcopy(base_token_schema)
|
||||||
unscoped_token_v2_schema['properties'] = _unscoped_access_v2_properties
|
unscoped_token_schema['properties'] = _unscoped_access_properties
|
||||||
|
|
||||||
scoped_token_v2_schema = copy.deepcopy(base_token_v2_schema)
|
scoped_token_schema = copy.deepcopy(base_token_schema)
|
||||||
scoped_token_v2_schema['properties'] = _scoped_access_v2_properties
|
scoped_token_schema['properties'] = _scoped_access_properties
|
||||||
|
|
||||||
|
# Validator objects
|
||||||
|
unscoped_validator = validators.SchemaValidator(unscoped_token_schema)
|
||||||
|
scoped_validator = validators.SchemaValidator(scoped_token_schema)
|
|
@ -23,12 +23,10 @@ from six.moves import http_client
|
||||||
from testtools import matchers
|
from testtools import matchers
|
||||||
|
|
||||||
from keystone.common import extension as keystone_extension
|
from keystone.common import extension as keystone_extension
|
||||||
from keystone.common.validation import validators
|
|
||||||
from keystone.tests import unit
|
from keystone.tests import unit
|
||||||
from keystone.tests.unit import ksfixtures
|
from keystone.tests.unit import ksfixtures
|
||||||
from keystone.tests.unit import rest
|
from keystone.tests.unit import rest
|
||||||
from keystone.tests.unit import schema
|
from keystone.tests.unit.schema import v2
|
||||||
|
|
||||||
|
|
||||||
CONF = cfg.CONF
|
CONF = cfg.CONF
|
||||||
|
|
||||||
|
@ -1429,26 +1427,19 @@ class TestFernetTokenProviderV2(RestfulTestCase):
|
||||||
|
|
||||||
self.service = unit.new_service_ref()
|
self.service = unit.new_service_ref()
|
||||||
self.service_id = self.service['id']
|
self.service_id = self.service['id']
|
||||||
self.catalog_api.create_service(self.service_id, self.service.copy())
|
self.catalog_api.create_service(self.service_id, self.service)
|
||||||
|
|
||||||
self.endpoint = unit.new_endpoint_ref(service_id=self.service_id,
|
self.endpoint = unit.new_endpoint_ref(service_id=self.service_id,
|
||||||
interface='public',
|
interface='public',
|
||||||
region_id=self.region_id)
|
region_id=self.region_id)
|
||||||
self.endpoint_id = self.endpoint['id']
|
self.endpoint_id = self.endpoint['id']
|
||||||
self.catalog_api.create_endpoint(self.endpoint_id,
|
self.catalog_api.create_endpoint(self.endpoint_id, self.endpoint)
|
||||||
self.endpoint.copy())
|
|
||||||
|
|
||||||
def assertValidUnscopedTokenResponse(self, r):
|
def assertValidUnscopedTokenResponse(self, r):
|
||||||
token = r.json['access']
|
v2.unscoped_validator.validate(r.json['access'])
|
||||||
validator_object = validators.SchemaValidator(
|
|
||||||
schema.unscoped_token_v2_schema)
|
|
||||||
validator_object.validate(token)
|
|
||||||
|
|
||||||
def assertValidScopedTokenResponse(self, r):
|
def assertValidScopedTokenResponse(self, r):
|
||||||
token = r.json['access']
|
v2.scoped_validator.validate(r.json['access'])
|
||||||
validator_object = validators.SchemaValidator(
|
|
||||||
schema.scoped_token_v2_schema)
|
|
||||||
validator_object.validate(token)
|
|
||||||
|
|
||||||
# Used by RestfulTestCase
|
# Used by RestfulTestCase
|
||||||
def _get_token_id(self, r):
|
def _get_token_id(self, r):
|
||||||
|
|
Loading…
Reference in New Issue