Expose app creds and new attrs in fixtures

To help enable testing authenticating with application credentials in
keystonemiddleware we need the keystoneauth token fixtures to support
application credentials. This change adds application credentials to the
fixtures along with mocking of the new access rules attribute. Additionally,
add support for the new attribute in the AccessInfoV3 object so that
it will fully represent the new structure.

bp whitelist-extension-for-app-creds

Change-Id: Ia6fece77390942ac012be1c80691ba86dc1e49b4

keystoneauth1/access/access.py

@@ -741,6 +741,10 @@ class AccessInfoV3(AccessInfo):
     def application_credential_id(self):
         return self._data['token']['application_credential']['id']
 
+    @_missingproperty
+    def application_credential_access_rules(self):
+        return self._data['token']['application_credential']['access_rules']
+
     @property
     def _oauth(self):
         return self._data['token']['OS-OAUTH1']

keystoneauth1/fixture/v3.py

@@ -61,8 +61,10 @@ class Token(dict):
                  project_id=None, project_name=None, project_domain_id=None,
                  project_domain_name=None, domain_id=None, domain_name=None,
                  trust_id=None, trust_impersonation=None, trustee_user_id=None,
-                 trustor_user_id=None, oauth_access_token_id=None,
-                 oauth_consumer_id=None, audit_id=None, audit_chain_id=None,
+                 trustor_user_id=None, application_credential_id=None,
+                 application_credential_access_rules=None,
+                 oauth_access_token_id=None, oauth_consumer_id=None,
+                 audit_id=None, audit_chain_id=None,
                  is_admin_project=None, project_is_domain=None):
         super(Token, self).__init__()
 
@@ -112,6 +114,11 @@ class Token(dict):
                                  trustee_user_id=trustee_user_id,
                                  trustor_user_id=trustor_user_id)
 
+        if application_credential_id:
+            self.set_application_credential(
+                application_credential_id,
+                access_rules=application_credential_access_rules)
+
         if oauth_access_token_id or oauth_consumer_id:
             self.set_oauth(access_token_id=oauth_access_token_id,
                            consumer_id=oauth_consumer_id)
@@ -308,6 +315,26 @@ class Token(dict):
         trust = self.root.setdefault('OS-TRUST:trust', {})
         trust.setdefault('trustor_user', {})['id'] = value
 
+    @property
+    def application_credential_id(self):
+        return self.root.get('application_credential', {}).get('id')
+
+    @application_credential_id.setter
+    def application_credential_id(self, value):
+        application_credential = self.root.setdefault(
+            'application_credential', {})
+        application_credential.setdefault('id', value)
+
+    @property
+    def application_credential_access_rules(self):
+        return self.root.get('application_credential', {}).get('access_rules')
+
+    @application_credential_access_rules.setter
+    def application_credential_access_rules(self, value):
+        application_credential = self.root.setdefault(
+            'application_credential', {})
+        application_credential.setdefault('access_rules', value)
+
     @property
     def oauth_access_token_id(self):
         return self.root.get('OS-OAUTH1', {}).get('access_token_id')
@@ -439,6 +466,12 @@ class Token(dict):
         self.oauth_access_token_id = access_token_id or uuid.uuid4().hex
         self.oauth_consumer_id = consumer_id or uuid.uuid4().hex
 
+    def set_application_credential(self, application_credential_id,
+                                   access_rules=None):
+        self.application_credential_id = application_credential_id
+        if access_rules is not None:
+            self.application_credential_access_rules = access_rules
+
     @property
     def service_providers(self):
         return self.root.get('service_providers')