openstack/keystone
Code Issues Proposed changes
cb130ffae8
keystone/keystone/tests/unit/test_token_provider.py
Morgan Fainberg 0211cdd05f Remove the rest of v2.0 legacy 
This patch removes the rest of the v2.0 specific code which was being
maintained exclusively due to a copy-paste issue with the deprecation
warning on the EC2 controller(s). With sign off from TC members
we have removed all of the bits except those exclusively tied to
the paste.deploy removal. All paste.deploy specific changes will
be removed in a future patch.

With the conversion to Flask, none of the v2.0 legacy controllers
left were wired up to routes that could be accessed.

Change-Id: I959dac0d0dd2e667982383e1e3d52ab28c4c1e2e
2018-06-06 19:30:14 +00:00

487 lines
17 KiB
Python
Raw Blame History

# Copyright 2013 OpenStack Foundation
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
import datetime
from oslo_utils import timeutils
from keystone.common import provider_api
from keystone.common import utils
import keystone.conf
from keystone import exception
from keystone.tests import unit
from keystone.tests.unit import ksfixtures
from keystone.tests.unit.ksfixtures import database
from keystone import token
CONF = keystone.conf.CONF
PROVIDERS = provider_api.ProviderAPIs
FUTURE_DELTA = datetime.timedelta(seconds=CONF.token.expiration)
CURRENT_DATE = timeutils.utcnow()
SAMPLE_V3_TOKEN = {
"token": {
"catalog": [
{
"endpoints": [
{
"id": "02850c5d1d094887bdc46e81e1e15dc7",
"interface": "admin",
"region": "RegionOne",
"url": "http://localhost:35357/v3"
},
{
"id": "446e244b75034a9ab4b0811e82d0b7c8",
"interface": "internal",
"region": "RegionOne",
"url": "http://localhost:5000/v3"
},
{
"id": "47fa3d9f499240abb5dfcf2668f168cd",
"interface": "public",
"region": "RegionOne",
"url": "http://localhost:5000/v3"
}
],
"id": "26d7541715a44a4d9adad96f9872b633",
"type": "identity",
},
{
"endpoints": [
{
"id": "aaa17a539e364297a7845d67c7c7cc4b",
"interface": "admin",
"region": "RegionOne",
"url": "http://localhost:9292"
},
{
"id": "4fa9620e42394cb1974736dce0856c71",
"interface": "internal",
"region": "RegionOne",
"url": "http://localhost:9292"
},
{
"id": "9673687f9bc441d88dec37942bfd603b",
"interface": "public",
"region": "RegionOne",
"url": "http://localhost:9292"
}
],
"id": "d27a41843f4e4b0e8cf6dac4082deb0d",
"type": "image",
},
{
"endpoints": [
{
"id": "7bd0c643e05a4a2ab40902b2fa0dd4e6",
"interface": "admin",
"region": "RegionOne",
"url": "http://localhost:8080/v1"
},
{
"id": "43bef154594d4ccb8e49014d20624e1d",
"interface": "internal",
"region": "RegionOne",
"url": "http://localhost:8080/v1/AUTH_01257"
},
{
"id": "e63b5f5d7aa3493690189d0ff843b9b3",
"interface": "public",
"region": "RegionOne",
"url": "http://localhost:8080/v1/AUTH_01257"
}
],
"id": "a669e152f1104810a4b6701aade721bb",
"type": "object-store",
},
{
"endpoints": [
{
"id": "51934fe63a5b4ac0a32664f64eb462c3",
"interface": "admin",
"region": "RegionOne",
"url": "http://localhost:8774/v1.1/01257"
},
{
"id": "869b535eea0d42e483ae9da0d868ebad",
"interface": "internal",
"region": "RegionOne",
"url": "http://localhost:8774/v1.1/01257"
},
{
"id": "93583824c18f4263a2245ca432b132a6",
"interface": "public",
"region": "RegionOne",
"url": "http://localhost:8774/v1.1/01257"
}
],
"id": "7f32cc2af6c9476e82d75f80e8b3bbb8",
"type": "compute",
},
{
"endpoints": [
{
"id": "b06997fd08414903ad458836efaa9067",
"interface": "admin",
"region": "RegionOne",
"url": "http://localhost:8773/services/Admin"
},
{
"id": "411f7de7c9a8484c9b46c254fb2676e2",
"interface": "internal",
"region": "RegionOne",
"url": "http://localhost:8773/services/Cloud"
},
{
"id": "f21c93f3da014785854b4126d0109c49",
"interface": "public",
"region": "RegionOne",
"url": "http://localhost:8773/services/Cloud"
}
],
"id": "b08c9c7d4ef543eba5eeb766f72e5aa1",
"type": "ec2",
},
{
"endpoints": [
{
"id": "077d82df25304abeac2294004441db5a",
"interface": "admin",
"region": "RegionOne",
"url": "http://localhost:8776/v1/01257"
},
{
"id": "875bf282362c40219665278b4fd11467",
"interface": "internal",
"region": "RegionOne",
"url": "http://localhost:8776/v1/01257"
},
{
"id": "cd229aa6df0640dc858a8026eb7e640c",
"interface": "public",
"region": "RegionOne",
"url": "http://localhost:8776/v1/01257"
}
],
"id": "5db21b82617f4a95816064736a7bec22",
"type": "volume",
}
],
"expires_at": "2013-05-22T00:02:43.941430Z",
"issued_at": "2013-05-21T00:02:43.941473Z",
"methods": [
"password"
],
"project": {
"domain": {
"id": "default",
"name": "Default"
},
"id": "01257",
"name": "service"
},
"is_domain": False,
"roles": [
{
"id": "9fe2ff9ee4384b1894a90878d3e92bab",
"name": "_member_"
},
{
"id": "53bff13443bd4450b97f978881d47b18",
"name": "admin"
}
],
"user": {
"domain": {
"id": "default",
"name": "Default"
},
"id": "f19ddbe2c53c46f189fe66d0a7a9c9ce",
"name": "nova",
"password_expires_at": "2013-08-21T00:02:43.941473Z"
},
"OS-TRUST:trust": {
"id": "abc123",
"trustee_user_id": "123456",
"trustor_user_id": "333333",
"impersonation": False
}
}
}
SAMPLE_V3_TOKEN_WITH_EMBEDED_VERSION = {
"token": {
"catalog": [
{
"endpoints": [
{
"id": "02850c5d1d094887bdc46e81e1e15dc7",
"interface": "admin",
"region": "RegionOne",
"url": "http://localhost:35357/v3"
},
{
"id": "446e244b75034a9ab4b0811e82d0b7c8",
"interface": "internal",
"region": "RegionOne",
"url": "http://localhost:5000/v3"
},
{
"id": "47fa3d9f499240abb5dfcf2668f168cd",
"interface": "public",
"region": "RegionOne",
"url": "http://localhost:5000/v3"
}
],
"id": "26d7541715a44a4d9adad96f9872b633",
"type": "identity",
},
{
"endpoints": [
{
"id": "aaa17a539e364297a7845d67c7c7cc4b",
"interface": "admin",
"region": "RegionOne",
"url": "http://localhost:9292"
},
{
"id": "4fa9620e42394cb1974736dce0856c71",
"interface": "internal",
"region": "RegionOne",
"url": "http://localhost:9292"
},
{
"id": "9673687f9bc441d88dec37942bfd603b",
"interface": "public",
"region": "RegionOne",
"url": "http://localhost:9292"
}
],
"id": "d27a41843f4e4b0e8cf6dac4082deb0d",
"type": "image",
},
{
"endpoints": [
{
"id": "7bd0c643e05a4a2ab40902b2fa0dd4e6",
"interface": "admin",
"region": "RegionOne",
"url": "http://localhost:8080/v1"
},
{
"id": "43bef154594d4ccb8e49014d20624e1d",
"interface": "internal",
"region": "RegionOne",
"url": "http://localhost:8080/v1/AUTH_01257"
},
{
"id": "e63b5f5d7aa3493690189d0ff843b9b3",
"interface": "public",
"region": "RegionOne",
"url": "http://localhost:8080/v1/AUTH_01257"
}
],
"id": "a669e152f1104810a4b6701aade721bb",
"type": "object-store",
},
{
"endpoints": [
{
"id": "51934fe63a5b4ac0a32664f64eb462c3",
"interface": "admin",
"region": "RegionOne",
"url": "http://localhost:8774/v1.1/01257"
},
{
"id": "869b535eea0d42e483ae9da0d868ebad",
"interface": "internal",
"region": "RegionOne",
"url": "http://localhost:8774/v1.1/01257"
},
{
"id": "93583824c18f4263a2245ca432b132a6",
"interface": "public",
"region": "RegionOne",
"url": "http://localhost:8774/v1.1/01257"
}
],
"id": "7f32cc2af6c9476e82d75f80e8b3bbb8",
"type": "compute",
},
{
"endpoints": [
{
"id": "b06997fd08414903ad458836efaa9067",
"interface": "admin",
"region": "RegionOne",
"url": "http://localhost:8773/services/Admin"
},
{
"id": "411f7de7c9a8484c9b46c254fb2676e2",
"interface": "internal",
"region": "RegionOne",
"url": "http://localhost:8773/services/Cloud"
},
{
"id": "f21c93f3da014785854b4126d0109c49",
"interface": "public",
"region": "RegionOne",
"url": "http://localhost:8773/services/Cloud"
}
],
"id": "b08c9c7d4ef543eba5eeb766f72e5aa1",
"type": "ec2",
},
{
"endpoints": [
{
"id": "077d82df25304abeac2294004441db5a",
"interface": "admin",
"region": "RegionOne",
"url": "http://localhost:8776/v1/01257"
},
{
"id": "875bf282362c40219665278b4fd11467",
"interface": "internal",
"region": "RegionOne",
"url": "http://localhost:8776/v1/01257"
},
{
"id": "cd229aa6df0640dc858a8026eb7e640c",
"interface": "public",
"region": "RegionOne",
"url": "http://localhost:8776/v1/01257"
}
],
"id": "5db21b82617f4a95816064736a7bec22",
"type": "volume",
}
],
"expires_at": "2013-05-22T00:02:43.941430Z",
"issued_at": "2013-05-21T00:02:43.941473Z",
"methods": [
"password"
],
"project": {
"domain": {
"id": "default",
"name": "Default"
},
"id": "01257",
"name": "service"
},
"roles": [
{
"id": "9fe2ff9ee4384b1894a90878d3e92bab",
"name": "_member_"
},
{
"id": "53bff13443bd4450b97f978881d47b18",
"name": "admin"
}
],
"user": {
"domain": {
"id": "default",
"name": "Default"
},
"id": "f19ddbe2c53c46f189fe66d0a7a9c9ce",
"name": "nova"
},
"OS-TRUST:trust": {
"id": "abc123",
"trustee_user_id": "123456",
"trustor_user_id": "333333",
"impersonation": False
}
},
'token_version': 'v3.0'
}
def create_v3_token():
return {
"token": {
'methods': [],
"expires_at": utils.isotime(timeutils.utcnow() + FUTURE_DELTA),
"issued_at": "2013-05-21T00:02:43.941473Z",
}
}
SAMPLE_V3_TOKEN_EXPIRED = {
"token": {
"expires_at": utils.isotime(CURRENT_DATE),
"issued_at": "2013-05-21T00:02:43.941473Z",
}
}
SAMPLE_MALFORMED_TOKEN = {
"token": {
"bogus": {
"no expiration data": None
}
}
}
class TestTokenProvider(unit.TestCase):
def setUp(self):
super(TestTokenProvider, self).setUp()
self.useFixture(database.Database())
self.useFixture(
ksfixtures.KeyRepository(
self.config_fixture,
'fernet_tokens',
CONF.fernet_tokens.max_active_keys
)
)
self.load_backends()
def test_get_token_version(self):
self.assertEqual(
token.provider.V3,
PROVIDERS.token_provider_api.get_token_version(SAMPLE_V3_TOKEN))
self.assertEqual(
token.provider.V3,
PROVIDERS.token_provider_api.get_token_version(
SAMPLE_V3_TOKEN_WITH_EMBEDED_VERSION))
self.assertRaises(exception.UnsupportedTokenVersionException,
PROVIDERS.token_provider_api.get_token_version,
'bogus')
def test_unsupported_token_provider(self):
self.config_fixture.config(group='token',
provider='MyProvider')
self.assertRaises(ImportError,
token.provider.Manager)
def test_provider_token_expiration_validation(self):
self.assertRaises(exception.TokenNotFound,
PROVIDERS.token_provider_api._is_valid_token,
SAMPLE_V3_TOKEN_EXPIRED)
self.assertRaises(exception.TokenNotFound,
PROVIDERS.token_provider_api._is_valid_token,
SAMPLE_MALFORMED_TOKEN)
self.assertIsNone(
PROVIDERS.token_provider_api._is_valid_token(create_v3_token()))
def test_validate_v3_token_with_no_token_raises_token_not_found(self):
self.assertRaises(
exception.TokenNotFound,
PROVIDERS.token_provider_api.validate_token,
None)
View Git Blame Copy Permalink