keystoneauth/keystoneauth1/tests/unit/test_service_token.py

# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
#      http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.

import uuid

from keystoneauth1 import fixture
from keystoneauth1 import identity
from keystoneauth1 import service_token
from keystoneauth1 import session
from keystoneauth1.tests.unit import utils


class ServiceTokenTests(utils.TestCase):

    TEST_URL = 'http://test.example.com/path/'
    USER_URL = 'http://user-keystone.example.com/v3'
    SERVICE_URL = 'http://service-keystone.example.com/v3'

    def setUp(self):
        super(ServiceTokenTests, self).setUp()

        self.user_token_id = uuid.uuid4().hex
        self.user_token = fixture.V3Token()
        self.user_token.set_project_scope()
        self.user_auth = identity.V3Password(auth_url=self.USER_URL,
                                             user_id=uuid.uuid4().hex,
                                             password=uuid.uuid4().hex,
                                             project_id=uuid.uuid4().hex)

        self.service_token_id = uuid.uuid4().hex
        self.service_token = fixture.V3Token()
        self.service_token.set_project_scope()
        self.service_auth = identity.V3Password(auth_url=self.SERVICE_URL,
                                                user_id=uuid.uuid4().hex,
                                                password=uuid.uuid4().hex,
                                                project_id=uuid.uuid4().hex)

        for t in (self.user_token, self.service_token):
            s = t.add_service('identity')
            s.add_standard_endpoints(public='http://keystone.example.com',
                                     admin='http://keystone.example.com',
                                     internal='http://keystone.example.com')

        self.test_data = {'data': uuid.uuid4().hex}

        self.user_mock = self.requests_mock.post(
            self.USER_URL + '/auth/tokens',
            json=self.user_token,
            headers={'X-Subject-Token': self.user_token_id})

        self.service_mock = self.requests_mock.post(
            self.SERVICE_URL + '/auth/tokens',
            json=self.service_token,
            headers={'X-Subject-Token': self.service_token_id})

        self.requests_mock.get(self.TEST_URL, json=self.test_data)

        self.combined_auth = service_token.ServiceTokenAuthWrapper(
            self.user_auth,
            self.service_auth)

        self.session = session.Session(auth=self.combined_auth)

    def test_setting_service_token(self):
        self.session.get(self.TEST_URL)

        headers = self.requests_mock.last_request.headers

        self.assertEqual(self.user_token_id, headers['X-Auth-Token'])
        self.assertEqual(self.service_token_id, headers['X-Service-Token'])

        self.assertTrue(self.user_mock.called_once)
        self.assertTrue(self.service_mock.called_once)

    def test_invalidation(self):
        text = uuid.uuid4().hex
        test_url = 'http://test.example.com/abc'

        response_list = [{'status_code': 401}, {'text': text}]
        mock = self.requests_mock.get(test_url, response_list=response_list)

        resp = self.session.get(test_url)
        self.assertEqual(text, resp.text)

        self.assertEqual(2, mock.call_count)
        self.assertEqual(2, self.user_mock.call_count)
        self.assertEqual(2, self.service_mock.call_count)

    def test_pass_throughs(self):
        self.assertEqual(self.user_auth.get_token(self.session),
                         self.combined_auth.get_token(self.session))

        self.assertEqual(
            self.user_auth.get_endpoint(self.session, 'identity'),
            self.combined_auth.get_endpoint(self.session, 'identity'))

        self.assertEqual(self.user_auth.get_user_id(self.session),
                         self.combined_auth.get_user_id(self.session))

        self.assertEqual(self.user_auth.get_project_id(self.session),
                         self.combined_auth.get_project_id(self.session))

        self.assertEqual(self.user_auth.get_sp_auth_url(self.session, 'a'),
                         self.combined_auth.get_sp_auth_url(self.session, 'a'))

        self.assertEqual(self.user_auth.get_sp_url(self.session, 'a'),
                         self.combined_auth.get_sp_url(self.session, 'a'))