Merge "Use idp_id and protocol_id in jsonhome"

2015-11-23 16:43:27 +00:00 · 2015-11-23 16:43:27 +00:00 · f468f32d8f
parent b11b262d32 4f6cc67941
commit f468f32d8f
4 changed files with 19 additions and 21 deletions
--- a/doc/source/configure_federation.rst
+++ b/doc/source/configure_federation.rst
@ -182,7 +182,7 @@ issue an HTTP POST request with authentication data in the request body. To
 start federated authentication a user must access the dedicated URL with
 Identity Provider's and Protocol's identifiers stored within a protected URL.
 The URL has a format of:
-``/v3/OS-FEDERATION/identity_providers/{identity_provider}/protocols/{protocol}/auth``.
+``/v3/OS-FEDERATION/identity_providers/{idp_id}/protocols/{protocol_id}/auth``.

 In this instance we follow a standard SAML2 authentication procedure, that is,
 the user will be redirected to the Identity Provider's authentication webpage
@ -207,7 +207,7 @@ SAML authentication procedure.

 .. code-block:: bash

-    $ curl -X GET -D - http://localhost:5000/v3/OS-FEDERATION/identity_providers/{identity_provider}/protocols/{protocol}/auth
+    $ curl -X GET -D - http://localhost:5000/v3/OS-FEDERATION/identity_providers/{idp_id}/protocols/{protocol_id}/auth

 Determine accessible resources
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
--- a/keystone/federation/controllers.py
+++ b/keystone/federation/controllers.py
@ -278,7 +278,7 @@ class Auth(auth_controllers.Auth):

        return host

-    def federated_authentication(self, context, identity_provider, protocol):
+    def federated_authentication(self, context, idp_id, protocol_id):
        """Authenticate from dedicated url endpoint.

        Build HTTP request body for federated authentication and inject
@ -287,10 +287,10 @@ class Auth(auth_controllers.Auth):
        """
        auth = {
            'identity': {
-                'methods': [protocol],
-                protocol: {
-                    'identity_provider': identity_provider,
-                    'protocol': protocol
+                'methods': [protocol_id],
+                protocol_id: {
+                    'identity_provider': idp_id,
+                    'protocol': protocol_id
                }
            }
        }
--- a/keystone/federation/routers.py
+++ b/keystone/federation/routers.py
@ -68,10 +68,10 @@ class Routers(wsgi.RoutersBase):
        DELETE /OS-FEDERATION/service_providers/{sp_id}
        PATCH /OS-FEDERATION/service_providers/{sp_id}

-        GET /OS-FEDERATION/identity_providers/{identity_provider}/
-            protocols/{protocol}/auth
-        POST /OS-FEDERATION/identity_providers/{identity_provider}/
-            protocols/{protocol}/auth
+        GET /OS-FEDERATION/identity_providers/{idp_id}/
+            protocols/{protocol_id}/auth
+        POST /OS-FEDERATION/identity_providers/{idp_id}/
+            protocols/{protocol_id}/auth
        GET /auth/OS-FEDERATION/identity_providers/
            {idp_id}/protocols/{protocol_id}/websso
            ?origin=https%3A//horizon.example.com
@ -206,14 +206,14 @@ class Routers(wsgi.RoutersBase):
        # Auth operations
        self._add_resource(
            mapper, auth_controller,
-            path=self._construct_url('identity_providers/{identity_provider}/'
-                                     'protocols/{protocol}/auth'),
+            path=self._construct_url('identity_providers/{idp_id}/'
+                                     'protocols/{protocol_id}/auth'),
            get_post_action='federated_authentication',
            rel=build_resource_relation(
                resource_name='identity_provider_protocol_auth'),
            path_vars={
-                'identity_provider': IDP_ID_PARAMETER_RELATION,
-                'protocol': PROTOCOL_ID_PARAMETER_RELATION,
+                'idp_id': IDP_ID_PARAMETER_RELATION,
+                'protocol_id': PROTOCOL_ID_PARAMETER_RELATION,
            })
        self._add_resource(
            mapper, auth_controller,
--- a/keystone/tests/unit/test_versions.py
+++ b/keystone/tests/unit/test_versions.py
@ -169,9 +169,8 @@ BASE_EP_FILTER = BASE_EP_FILTER_PREFIX + '/endpoint_groups/{endpoint_group_id}'
 BASE_ACCESS_TOKEN = (
    '/users/{user_id}/OS-OAUTH1/access_tokens/{access_token_id}')

-# TODO(stevemar): Use BASE_IDP_PROTOCOL when bug 1420125 is resolved.
-FEDERATED_AUTH_URL = ('/OS-FEDERATION/identity_providers/{identity_provider}'
-                      '/protocols/{protocol}/auth')
+FEDERATED_AUTH_URL = ('/OS-FEDERATION/identity_providers/{idp_id}'
+                      '/protocols/{protocol_id}/auth')
 FEDERATED_IDP_SPECIFIC_WEBSSO = ('/auth/OS-FEDERATION/identity_providers/'
                                 '{idp_id}/protocols/{protocol_id}/websso')

@ -394,12 +393,11 @@ V3_JSON_HOME_RESOURCES_INHERIT_DISABLED = {
        'href-template': BASE_IDP_PROTOCOL,
        'href-vars': {
            'idp_id': IDP_ID_PARAMETER_RELATION}},
-    # TODO(stevemar): Update href-vars when bug 1420125 is resolved.
    _build_federation_rel(resource_name='identity_provider_protocol_auth'): {
        'href-template': FEDERATED_AUTH_URL,
        'href-vars': {
-            'identity_provider': IDP_ID_PARAMETER_RELATION,
-            'protocol': PROTOCOL_ID_PARAM_RELATION, }},
+            'idp_id': IDP_ID_PARAMETER_RELATION,
+            'protocol_id': PROTOCOL_ID_PARAM_RELATION, }},
    _build_oauth1_rel(resource_name='access_tokens'): {
        'href': '/OS-OAUTH1/access_token'},
    _build_oauth1_rel(resource_name='request_tokens'): {