Let Oidc* auth plugins accept scope parameters as kwargs
The OidcPassword and OidcAauthCode auth plugins should accept scope parameters like the project, otherwise it would be impossible to get a scoped token, making python-openstackclient fail. Closes-Bug: #1582774 Change-Id: I960d67b4529afbc83eff0da945677b2fd83973e1
This commit is contained in:
parent
44b8d0f907
commit
4343ce524a
|
@ -127,7 +127,7 @@ class OidcPassword(_OidcBase):
|
|||
def __init__(self, auth_url, identity_provider, protocol,
|
||||
client_id, client_secret, access_token_endpoint,
|
||||
grant_type='password', access_token_type='access_token',
|
||||
username=None, password=None, scope='profile'):
|
||||
username=None, password=None, scope='profile', **kwargs):
|
||||
"""The OpenID Password plugin expects the following.
|
||||
|
||||
:param username: Username used to authenticate
|
||||
|
@ -149,7 +149,8 @@ class OidcPassword(_OidcBase):
|
|||
client_secret=client_secret,
|
||||
access_token_endpoint=access_token_endpoint,
|
||||
grant_type=grant_type,
|
||||
access_token_type=access_token_type)
|
||||
access_token_type=access_token_type,
|
||||
**kwargs)
|
||||
self.username = username
|
||||
self.password = password
|
||||
self.scope = scope
|
||||
|
@ -193,7 +194,7 @@ class OidcAuthorizationCode(_OidcBase):
|
|||
client_id, client_secret, access_token_endpoint,
|
||||
grant_type='authorization_code',
|
||||
access_token_type='access_token',
|
||||
redirect_uri=None, code=None):
|
||||
redirect_uri=None, code=None, **kwargs):
|
||||
"""The OpenID Authorization Code plugin expects the following.
|
||||
|
||||
:param redirect_uri: OpenID Connect Client Redirect URL
|
||||
|
@ -211,7 +212,8 @@ class OidcAuthorizationCode(_OidcBase):
|
|||
client_secret=client_secret,
|
||||
access_token_endpoint=access_token_endpoint,
|
||||
grant_type=grant_type,
|
||||
access_token_type=access_token_type)
|
||||
access_token_type=access_token_type,
|
||||
**kwargs)
|
||||
self.redirect_uri = redirect_uri
|
||||
self.code = code
|
||||
|
||||
|
|
|
@ -0,0 +1,4 @@
|
|||
---
|
||||
fixes:
|
||||
- Fix passing scope parameters in Oidc* auth plugins.
|
||||
[Bug `1582774 <https://bugs.launchpad.net/bugs/1582774>`_]
|
|
@ -33,6 +33,7 @@ class AuthenticateOIDCTests(utils.TestCase):
|
|||
self.IDENTITY_PROVIDER = 'bluepages'
|
||||
self.PROTOCOL = 'oidc'
|
||||
self.USER_NAME = 'oidc_user@example.com'
|
||||
self.PROJECT_NAME = 'foo project'
|
||||
self.PASSWORD = uuid.uuid4().hex
|
||||
self.CLIENT_ID = uuid.uuid4().hex
|
||||
self.CLIENT_SECRET = uuid.uuid4().hex
|
||||
|
@ -51,6 +52,7 @@ class AuthenticateOIDCTests(utils.TestCase):
|
|||
client_id=self.CLIENT_ID,
|
||||
client_secret=self.CLIENT_SECRET,
|
||||
access_token_endpoint=self.ACCESS_TOKEN_ENDPOINT,
|
||||
project_name=self.PROJECT_NAME,
|
||||
username=self.USER_NAME,
|
||||
password=self.PASSWORD)
|
||||
|
||||
|
@ -62,13 +64,15 @@ class AuthenticateOIDCTests(utils.TestCase):
|
|||
client_secret=self.CLIENT_SECRET,
|
||||
access_token_endpoint=self.ACCESS_TOKEN_ENDPOINT,
|
||||
redirect_uri=self.REDIRECT_URL,
|
||||
project_name=self.PROJECT_NAME,
|
||||
code=self.CODE)
|
||||
|
||||
self.oidc_token = oidc.OidcAccessToken(
|
||||
self.AUTH_URL,
|
||||
self.IDENTITY_PROVIDER,
|
||||
self.PROTOCOL,
|
||||
access_token=self.ACCESS_TOKEN)
|
||||
access_token=self.ACCESS_TOKEN,
|
||||
project_name=self.PROJECT_NAME)
|
||||
|
||||
|
||||
class OIDCPasswordTests(AuthenticateOIDCTests):
|
||||
|
|
Loading…
Reference in New Issue