Merge "Skip middleware request processing for admin token"
This commit is contained in:
commit
aaf13edcf1
|
@ -45,9 +45,6 @@ class AuthContextMiddleware(auth_token.BaseAuthProtocol):
|
||||||
enforce_token_bind=bind)
|
enforce_token_bind=bind)
|
||||||
|
|
||||||
def fetch_token(self, token):
|
def fetch_token(self, token):
|
||||||
if CONF.admin_token and token == CONF.admin_token:
|
|
||||||
return {}
|
|
||||||
|
|
||||||
try:
|
try:
|
||||||
return self.token_provider_api.validate_token(token)
|
return self.token_provider_api.validate_token(token)
|
||||||
except exception.TokenNotFound:
|
except exception.TokenNotFound:
|
||||||
|
@ -138,10 +135,12 @@ class AuthContextMiddleware(auth_token.BaseAuthProtocol):
|
||||||
|
|
||||||
@wsgi.middleware_exceptions
|
@wsgi.middleware_exceptions
|
||||||
def process_request(self, request):
|
def process_request(self, request):
|
||||||
resp = super(AuthContextMiddleware, self).process_request(request)
|
context_env = request.environ.get(core.CONTEXT_ENV, {})
|
||||||
|
if not context_env.get('is_admin', False):
|
||||||
|
resp = super(AuthContextMiddleware, self).process_request(request)
|
||||||
|
|
||||||
if resp:
|
if resp:
|
||||||
return resp
|
return resp
|
||||||
|
|
||||||
# NOTE(jamielennox): function is split so testing can check errors from
|
# NOTE(jamielennox): function is split so testing can check errors from
|
||||||
# fill_context. There is no actual reason for fill_context to raise
|
# fill_context. There is no actual reason for fill_context to raise
|
||||||
|
|
|
@ -16,6 +16,7 @@ import copy
|
||||||
import hashlib
|
import hashlib
|
||||||
import uuid
|
import uuid
|
||||||
|
|
||||||
|
import fixtures
|
||||||
from six.moves import http_client
|
from six.moves import http_client
|
||||||
import webtest
|
import webtest
|
||||||
|
|
||||||
|
@ -762,3 +763,11 @@ class AuthContextMiddlewareTest(test_backend_sql.SqlTests,
|
||||||
self.assertRaisesRegexp(exception.TokenlessAuthConfigError,
|
self.assertRaisesRegexp(exception.TokenlessAuthConfigError,
|
||||||
expected_msg,
|
expected_msg,
|
||||||
auth._build_idp_id)
|
auth._build_idp_id)
|
||||||
|
|
||||||
|
def test_admin_token_context(self):
|
||||||
|
self.config_fixture.config(admin_token='ADMIN')
|
||||||
|
log_fix = self.useFixture(fixtures.FakeLogger())
|
||||||
|
headers = {middleware.AUTH_TOKEN_HEADER: 'ADMIN'}
|
||||||
|
environ = {middleware.core.CONTEXT_ENV: {'is_admin': True}}
|
||||||
|
self._do_middleware_request(headers=headers, extra_environ=environ)
|
||||||
|
self.assertNotIn('Invalid user token', log_fix.output)
|
||||||
|
|
Loading…
Reference in New Issue