Browse Source

Merge "Skip middleware request processing for admin token"

changes/35/318435/117
Jenkins 6 years ago committed by Gerrit Code Review
parent
commit
aaf13edcf1
  1. 11
      keystone/middleware/auth.py
  2. 9
      keystone/tests/unit/test_middleware.py

11
keystone/middleware/auth.py

@ -45,9 +45,6 @@ class AuthContextMiddleware(auth_token.BaseAuthProtocol):
enforce_token_bind=bind)
def fetch_token(self, token):
if CONF.admin_token and token == CONF.admin_token:
return {}
try:
return self.token_provider_api.validate_token(token)
except exception.TokenNotFound:
@ -138,10 +135,12 @@ class AuthContextMiddleware(auth_token.BaseAuthProtocol):
@wsgi.middleware_exceptions
def process_request(self, request):
resp = super(AuthContextMiddleware, self).process_request(request)
context_env = request.environ.get(core.CONTEXT_ENV, {})
if not context_env.get('is_admin', False):
resp = super(AuthContextMiddleware, self).process_request(request)
if resp:
return resp
if resp:
return resp
# NOTE(jamielennox): function is split so testing can check errors from
# fill_context. There is no actual reason for fill_context to raise

9
keystone/tests/unit/test_middleware.py

@ -16,6 +16,7 @@ import copy
import hashlib
import uuid
import fixtures
from six.moves import http_client
import webtest
@ -762,3 +763,11 @@ class AuthContextMiddlewareTest(test_backend_sql.SqlTests,
self.assertRaisesRegexp(exception.TokenlessAuthConfigError,
expected_msg,
auth._build_idp_id)
def test_admin_token_context(self):
self.config_fixture.config(admin_token='ADMIN')
log_fix = self.useFixture(fixtures.FakeLogger())
headers = {middleware.AUTH_TOKEN_HEADER: 'ADMIN'}
environ = {middleware.core.CONTEXT_ENV: {'is_admin': True}}
self._do_middleware_request(headers=headers, extra_environ=environ)
self.assertNotIn('Invalid user token', log_fix.output)

Loading…
Cancel
Save