Merge "Raise exception for v2 with domain scope"

2015-09-03 00:45:14 +00:00 · 2015-09-03 00:45:14 +00:00 · 35113c7854
commit 35113c7854
parent a56ed4218a 4a97ce81e6
3 changed files with 22 additions and 3 deletions
--- a/keystoneauth1/identity/generic/base.py
+++ b/keystoneauth1/identity/generic/base.py
@ -119,7 +119,10 @@ class BaseGenericPlugin(base.BaseIdentityPlugin):
            url_parts = urlparse.urlparse(self.auth_url)
            path = url_parts.path.lower()

-            if path.startswith('/v2.0') and not self._has_domain_scope:
+            if path.startswith('/v2.0'):
+                if self._has_domain_scope:
+                    raise exceptions.DiscoveryFailure(
+                        'Cannot use v2 authentication with domain scope')
                plugin = self.create_plugin(session, (2, 0), self.auth_url)
            elif path.startswith('/v3'):
                plugin = self.create_plugin(session, (3, 0), self.auth_url)
@ -127,6 +130,7 @@ class BaseGenericPlugin(base.BaseIdentityPlugin):
        else:
            disc_data = disc.version_data()

+            v2_with_domain_scope = False
            for data in disc_data:
                version = data['version']

@ -134,6 +138,7 @@ class BaseGenericPlugin(base.BaseIdentityPlugin):
                        self._has_domain_scope):
                    # NOTE(jamielennox): if there are domain parameters there
                    # is no point even trying against v2 APIs.
+                    v2_with_domain_scope = True
                    continue

                plugin = self.create_plugin(session,
@ -143,6 +148,9 @@ class BaseGenericPlugin(base.BaseIdentityPlugin):

                if plugin:
                    break
+            if not plugin and v2_with_domain_scope:
+                raise exceptions.DiscoveryFailure(
+                    'Cannot use v2 authentication with domain scope')

        if plugin:
            return plugin
--- a/keystoneauth1/identity/generic/password.py
+++ b/keystoneauth1/identity/generic/password.py
@ -12,6 +12,7 @@

 from keystoneauth1 import _utils as utils
 from keystoneauth1 import discover
+from keystoneauth1 import exceptions
 from keystoneauth1.identity.generic import base
 from keystoneauth1.identity import v2
 from keystoneauth1.identity import v3
@ -44,8 +45,8 @@ class Password(base.BaseGenericPlugin):
    def create_plugin(self, session, version, url, raw_status=None):
        if discover.version_match((2,), version):
            if self._user_domain_id or self._user_domain_name:
-                # If you specify any domain parameters it won't work so quit.
-                return None
+                raise exceptions.DiscoveryFailure(
+                    'Cannot use v2 authentication with domain scope')

            return v2.Password(auth_url=url,
                               user_id=self._user_id,
--- a/keystoneauth1/tests/unit/auth/test_password.py
+++ b/keystoneauth1/tests/unit/auth/test_password.py
@ -41,6 +41,16 @@ class PasswordTests(utils.GenericPluginTestCase):
        self.stub_discovery(v3=False)
        self.assertDiscoveryFailure(user_domain_id=uuid.uuid4().hex)

+    def test_v3_domain_params_v2_url(self):
+        self.stub_discovery(v3=False)
+        self.assertDiscoveryFailure(domain_id=uuid.uuid4().hex)
+
+    def test_v3_disocovery_failure_v2_url(self):
+        auth_url = self.TEST_URL + 'v2.0'
+        self.stub_url('GET', json={}, base_url='/v2.0', status_code=500)
+        self.assertDiscoveryFailure(domain_id=uuid.uuid4().hex,
+                                    auth_url=auth_url)
+
    def test_options(self):
        opts = [o.name for o in generic.Password().get_options()]