openstack/keystone
Code Issues Proposed changes
Files
49f5385b8d5474c7846624a8f04566570d949650
keystone/tests/test_cert_setup.py
Jamie Lennox 3afd9791ef Isolate eventlet code into environment. 
The environment module will be configured once, during code initialization.
Subsequently all other possibly-evented modules will retrieve from
environment and transparently obtain either the eventlet or standard
library modules.

If eventlet, httplib, subprocess or other environment dependant module
is referenced outside of the environment module it should be considered
a bug.

The changes to tests are required to ensure that test is imported first
to setup the environment. Hopefully these can all be replaced with an
__init__.py in a post-nose keystone.

Implements: blueprint extract-eventlet
Change-Id: Icacd6f2ee0906ac5d303777c1f87a184f38283bf
2013-06-18 14:10:36 -04:00

103 lines
3.2 KiB
Python
Raw Blame History

# vim: tabstop=4 shiftwidth=4 softtabstop=4
# Copyright 2012 OpenStack LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
# implied.
# See the License for the specific language governing permissions and
# limitations under the License.
import os
import shutil
from keystone import test
from keystone.common import openssl
from keystone import exception
from keystone import token
import default_fixtures
ROOTDIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
SSLDIR = "%s/tests/ssl/" % ROOTDIR
CONF = test.CONF
DEFAULT_DOMAIN_ID = CONF.identity.default_domain_id
def rootdir(*p):
return os.path.join(SSLDIR, *p)
CERTDIR = rootdir("certs")
KEYDIR = rootdir("private")
class CertSetupTestCase(test.TestCase):
def setUp(self):
super(CertSetupTestCase, self).setUp()
CONF.signing.certfile = os.path.join(CERTDIR, 'signing_cert.pem')
CONF.signing.ca_certs = os.path.join(CERTDIR, "ca.pem")
CONF.signing.ca_key = os.path.join(CERTDIR, "cakey.pem")
CONF.signing.keyfile = os.path.join(KEYDIR, "signing_key.pem")
CONF.ssl.ca_certs = CONF.signing.ca_certs
CONF.ssl.ca_key = CONF.signing.ca_key
CONF.ssl.certfile = os.path.join(CERTDIR, 'keystone.pem')
CONF.ssl.keyfile = os.path.join(KEYDIR, 'keystonekey.pem')
self.load_backends()
self.load_fixtures(default_fixtures)
self.controller = token.controllers.Auth()
def test_can_handle_missing_certs(self):
self.opt_in_group('signing', token_format='PKI')
self.opt_in_group('signing', certfile='invalid')
user = {
'id': 'fake1',
'name': 'fake1',
'password': 'fake1',
'domain_id': DEFAULT_DOMAIN_ID
}
body_dict = {
'passwordCredentials': {
'userId': user['id'],
'password': user['password'],
},
}
self.identity_api.create_user(user['id'], user)
self.assertRaises(exception.UnexpectedError,
self.controller.authenticate,
{}, body_dict)
def test_create_pki_certs(self):
pki = openssl.ConfigurePKI(None, None)
pki.run()
self.assertTrue(os.path.exists(CONF.signing.certfile))
self.assertTrue(os.path.exists(CONF.signing.ca_certs))
self.assertTrue(os.path.exists(CONF.signing.keyfile))
def test_create_ssl_certs(self):
ssl = openssl.ConfigureSSL(None, None)
ssl.run()
self.assertTrue(os.path.exists(CONF.ssl.ca_certs))
self.assertTrue(os.path.exists(CONF.ssl.certfile))
self.assertTrue(os.path.exists(CONF.ssl.keyfile))
def tearDown(self):
try:
shutil.rmtree(rootdir(SSLDIR))
except OSError:
pass
super(CertSetupTestCase, self).tearDown()
View Git Blame Copy Permalink