Merge "Run federation tests under Python 3"

2016-04-06 21:34:29 +00:00 · 2016-04-06 21:34:29 +00:00 · d0d38bec29
commit d0d38bec29
parent 5c76025471 6dd8e61a60
4 changed files with 43 additions and 17 deletions
--- a/keystone/federation/controllers.py
+++ b/keystone/federation/controllers.py
@ -16,7 +16,6 @@ import string

 from oslo_config import cfg
 from oslo_log import log
-import six
 from six.moves import urllib
 import webob

@ -373,9 +372,10 @@ class Auth(auth_controllers.Auth):
        return (response, service_provider)

    def _build_response_headers(self, service_provider):
+        # URLs in header are encoded into bytes
        return [('Content-Type', 'text/xml'),
-                ('X-sp-url', six.binary_type(service_provider['sp_url'])),
-                ('X-auth-url', six.binary_type(service_provider['auth_url']))]
+                ('X-sp-url', service_provider['sp_url'].encode('utf-8')),
+                ('X-auth-url', service_provider['auth_url'].encode('utf-8'))]

    @validation.validated(schema.saml_create, 'auth')
    def create_saml_assertion(self, context, auth):
--- a/keystone/tests/unit/test_v3_federation.py
+++ b/keystone/tests/unit/test_v3_federation.py
@ -1097,8 +1097,11 @@ class FederatedIdentityProviderTests(test_v3.RestfulTestCase):
        idp_id = default_idp.get('id')
        url = self.base_url(suffix=idp_id)
        resp = self.get(url)
+        # Strip keys out of `body` dictionary. This is done
+        # to be python 3 compatible
+        body_keys = list(body)
        self.assertValidResponse(resp, 'identity_provider',
-                                 dummy_validator, keys_to_check=body.keys(),
+                                 dummy_validator, keys_to_check=body_keys,
                                 ref=body)

    def test_get_nonexisting_idp(self):
@ -1299,9 +1302,12 @@ class FederatedIdentityProviderTests(test_v3.RestfulTestCase):
        resp = self.get(url)

        reference = {'id': proto_id}
+        # Strip keys out of `body` dictionary. This is done
+        # to be python 3 compatible
+        reference_keys = list(reference)
        self.assertValidResponse(resp, 'protocol',
                                 dummy_validator,
-                                 keys_to_check=reference.keys(),
+                                 keys_to_check=reference_keys,
                                 ref=reference)

    def test_list_protocols(self):
@ -2798,13 +2804,17 @@ class SAMLGenerationTests(test_v3.RestfulTestCase):
                                               self.ROLES, self.PROJECT,
                                               self.PROJECT_DOMAIN)
            assertion_xml = response.assertion.to_string()
+            # The expected values in the assertions bellow need to be 'str' in
+            # Python 2 and 'bytes' in Python 3
            # make sure we have the proper tag and prefix for the assertion
            # namespace
-            self.assertIn('<saml:Assertion', assertion_xml)
-            self.assertIn('xmlns:saml="' + saml2.NAMESPACE + '"',
-                          assertion_xml)
-            self.assertIn('xmlns:xmldsig="' + xmldsig.NAMESPACE + '"',
-                          assertion_xml)
+            self.assertIn(b'<saml:Assertion', assertion_xml)
+            self.assertIn(
+                ('xmlns:saml="' + saml2.NAMESPACE + '"').encode('utf-8'),
+                assertion_xml)
+            self.assertIn(
+                ('xmlns:xmldsig="' + xmldsig.NAMESPACE).encode('utf-8'),
+                assertion_xml)

    def test_saml_signing(self):
        """Test that the SAML generator produces a SAML object.
@ -3228,6 +3238,10 @@ class IdPMetadataGenerationTests(test_v3.RestfulTestCase):
        self.assertEqual('text/xml', r.headers.get('Content-Type'))

        reference_file = _load_xml('idp_saml2_metadata.xml')
+
+        # `reference_file` needs to be converted to bytes to be able to be
+        # compared to `r.result` in the case of Python 3.
+        reference_file = str.encode(reference_file)
        self.assertEqual(reference_file, r.result)


@ -3498,8 +3512,10 @@ class WebSSOTests(FederatedTokenTests):
    def test_render_callback_template(self):
        token_id = uuid.uuid4().hex
        resp = self.api.render_html_response(self.TRUSTED_DASHBOARD, token_id)
-        self.assertIn(token_id, resp.body)
-        self.assertIn(self.TRUSTED_DASHBOARD, resp.body)
+        # The expected value in the assertions bellow need to be 'str' in
+        # Python 2 and 'bytes' in Python 3
+        self.assertIn(token_id.encode('utf-8'), resp.body)
+        self.assertIn(self.TRUSTED_DASHBOARD.encode('utf-8'), resp.body)

    def test_federated_sso_auth(self):
        environment = {self.REMOTE_ID_ATTR: self.REMOTE_IDS[0]}
@ -3507,7 +3523,10 @@ class WebSSOTests(FederatedTokenTests):
        query_string = {'origin': self.ORIGIN}
        self._inject_assertion(context, 'EMPLOYEE_ASSERTION', query_string)
        resp = self.api.federated_sso_auth(context, self.PROTOCOL)
-        self.assertIn(self.TRUSTED_DASHBOARD, resp.body)
+        # `resp.body` will be `str` in Python 2 and `bytes` in Python 3
+        # which is why expected value: `self.TRUSTED_DASHBOARD`
+        # needs to be encoded
+        self.assertIn(self.TRUSTED_DASHBOARD.encode('utf-8'), resp.body)

    def test_get_sso_origin_host_case_insensitive(self):
        # test lowercase hostname in trusted_dashboard
@ -3534,7 +3553,10 @@ class WebSSOTests(FederatedTokenTests):
        query_string = {'origin': self.ORIGIN}
        self._inject_assertion(context, 'EMPLOYEE_ASSERTION', query_string)
        resp = self.api.federated_sso_auth(context, self.PROTOCOL)
-        self.assertIn(self.TRUSTED_DASHBOARD, resp.body)
+        # `resp.body` will be `str` in Python 2 and `bytes` in Python 3
+        # which is why expected value: `self.TRUSTED_DASHBOARD`
+        # needs to be encoded
+        self.assertIn(self.TRUSTED_DASHBOARD.encode('utf-8'), resp.body)

    def test_federated_sso_auth_bad_remote_id(self):
        environment = {self.REMOTE_ID_ATTR: self.IDP}
@ -3595,7 +3617,10 @@ class WebSSOTests(FederatedTokenTests):
        resp = self.api.federated_idp_specific_sso_auth(context,
                                                        self.idp['id'],
                                                        self.PROTOCOL)
-        self.assertIn(self.TRUSTED_DASHBOARD, resp.body)
+        # `resp.body` will be `str` in Python 2 and `bytes` in Python 3
+        # which is why the expected value: `self.TRUSTED_DASHBOARD`
+        # needs to be encoded
+        self.assertIn(self.TRUSTED_DASHBOARD.encode('utf-8'), resp.body)


 class K2KServiceCatalogTests(test_v3.RestfulTestCase):
--- a/keystone/token/providers/fernet/token_formatters.py
+++ b/keystone/token/providers/fernet/token_formatters.py
@ -534,7 +534,9 @@ class FederatedUnscopedPayload(BasePayload):
        (is_stored_as_bytes, idp_id) = payload[3]
        if is_stored_as_bytes:
            idp_id = cls.convert_uuid_bytes_to_hex(idp_id)
-        protocol_id = payload[4]
+        else:
+            idp_id = idp_id.decode('utf-8')
+        protocol_id = payload[4].decode('utf-8')
        expires_at_str = cls._convert_float_to_time_string(payload[5])
        audit_ids = list(map(provider.base64_encode, payload[6]))
        federated_info = dict(group_ids=group_ids, idp_id=idp_id,
--- a/tests-py3-blacklist.txt
+++ b/tests-py3-blacklist.txt
@ -4,6 +4,5 @@ keystone.tests.unit.test_backend_ldap_pool
 keystone.tests.unit.test_v2
 keystone.tests.unit.test_v3_auth
 keystone.tests.unit.test_v3_credential
-keystone.tests.unit.test_v3_federation
 keystone.tests.unit.test_v3_oauth1
 keystone.tests.unit.token.test_fernet_provider