Merge "Fixes create_saml_assertion() return"
This commit is contained in:
commit
a13c0b6de1
|
@ -274,12 +274,12 @@ class Auth(auth_controllers.Auth):
|
|||
subject = token_ref.user_name
|
||||
roles = token_ref.role_names
|
||||
|
||||
if token_ref.project_scoped:
|
||||
project = token_ref.project_name
|
||||
else:
|
||||
raise ValueError(_('Use a project scoped token when attempting to'
|
||||
'create a SAML assertion'))
|
||||
if not token_ref.project_scoped:
|
||||
action = _('Use a project scoped token when attempting to create '
|
||||
'a SAML assertion')
|
||||
raise exception.ForbiddenAction(action=action)
|
||||
|
||||
project = token_ref.project_name
|
||||
generator = keystone_idp.SAMLGenerator()
|
||||
response = generator.samlize_token(issuer, recipient, subject, roles,
|
||||
project)
|
||||
|
|
|
@ -1878,6 +1878,8 @@ class SAMLGenerationTests(FederationTests):
|
|||
"""Test that the SAML generation fails when passing tokens
|
||||
not scoped by project.
|
||||
|
||||
The server should return a 403 Forbidden Action.
|
||||
|
||||
"""
|
||||
self.config_fixture.config(group='saml', idp_entity_id=self.ISSUER)
|
||||
region_id = self._create_region_with_url()
|
||||
|
@ -1886,10 +1888,8 @@ class SAMLGenerationTests(FederationTests):
|
|||
|
||||
with mock.patch.object(keystone_idp, '_sign_assertion',
|
||||
return_value=self.signed_assertion):
|
||||
# NOTE(rodrigods): currently, sending a request using a domain
|
||||
# scoped token returns 500 due bug #1395117
|
||||
self.post(self.SAML_GENERATION_ROUTE, body=body,
|
||||
expected_status=500)
|
||||
expected_status=403)
|
||||
|
||||
def test_generate_saml_route(self):
|
||||
"""Test that the SAML generation endpoint produces XML.
|
||||
|
|
Loading…
Reference in New Issue