From 8ea9bee56c5ba0f98bb4cb9310e4d0fd8d89c6fc Mon Sep 17 00:00:00 2001 From: Colleen Murphy Date: Sat, 9 Feb 2019 21:34:48 +0100 Subject: [PATCH] Expose app creds and new attrs in fixtures To help enable testing authenticating with application credentials in keystonemiddleware we need the keystoneauth token fixtures to support application credentials. This change adds application credentials to the fixtures along with mocking of the new access rules attribute. Additionally, add support for the new attribute in the AccessInfoV3 object so that it will fully represent the new structure. bp whitelist-extension-for-app-creds Change-Id: Ia6fece77390942ac012be1c80691ba86dc1e49b4 --- keystoneauth1/access/access.py | 4 ++++ keystoneauth1/fixture/v3.py | 37 ++++++++++++++++++++++++++++++++-- 2 files changed, 39 insertions(+), 2 deletions(-) diff --git a/keystoneauth1/access/access.py b/keystoneauth1/access/access.py index 37e0bd32..cbec0127 100644 --- a/keystoneauth1/access/access.py +++ b/keystoneauth1/access/access.py @@ -741,6 +741,10 @@ class AccessInfoV3(AccessInfo): def application_credential_id(self): return self._data['token']['application_credential']['id'] + @_missingproperty + def application_credential_access_rules(self): + return self._data['token']['application_credential']['access_rules'] + @property def _oauth(self): return self._data['token']['OS-OAUTH1'] diff --git a/keystoneauth1/fixture/v3.py b/keystoneauth1/fixture/v3.py index 4bf1ed1d..15f7379f 100644 --- a/keystoneauth1/fixture/v3.py +++ b/keystoneauth1/fixture/v3.py @@ -61,8 +61,10 @@ class Token(dict): project_id=None, project_name=None, project_domain_id=None, project_domain_name=None, domain_id=None, domain_name=None, trust_id=None, trust_impersonation=None, trustee_user_id=None, - trustor_user_id=None, oauth_access_token_id=None, - oauth_consumer_id=None, audit_id=None, audit_chain_id=None, + trustor_user_id=None, application_credential_id=None, + application_credential_access_rules=None, + oauth_access_token_id=None, oauth_consumer_id=None, + audit_id=None, audit_chain_id=None, is_admin_project=None, project_is_domain=None): super(Token, self).__init__() @@ -112,6 +114,11 @@ class Token(dict): trustee_user_id=trustee_user_id, trustor_user_id=trustor_user_id) + if application_credential_id: + self.set_application_credential( + application_credential_id, + access_rules=application_credential_access_rules) + if oauth_access_token_id or oauth_consumer_id: self.set_oauth(access_token_id=oauth_access_token_id, consumer_id=oauth_consumer_id) @@ -308,6 +315,26 @@ class Token(dict): trust = self.root.setdefault('OS-TRUST:trust', {}) trust.setdefault('trustor_user', {})['id'] = value + @property + def application_credential_id(self): + return self.root.get('application_credential', {}).get('id') + + @application_credential_id.setter + def application_credential_id(self, value): + application_credential = self.root.setdefault( + 'application_credential', {}) + application_credential.setdefault('id', value) + + @property + def application_credential_access_rules(self): + return self.root.get('application_credential', {}).get('access_rules') + + @application_credential_access_rules.setter + def application_credential_access_rules(self, value): + application_credential = self.root.setdefault( + 'application_credential', {}) + application_credential.setdefault('access_rules', value) + @property def oauth_access_token_id(self): return self.root.get('OS-OAUTH1', {}).get('access_token_id') @@ -439,6 +466,12 @@ class Token(dict): self.oauth_access_token_id = access_token_id or uuid.uuid4().hex self.oauth_consumer_id = consumer_id or uuid.uuid4().hex + def set_application_credential(self, application_credential_id, + access_rules=None): + self.application_credential_id = application_credential_id + if access_rules is not None: + self.application_credential_access_rules = access_rules + @property def service_providers(self): return self.root.get('service_providers')