Browse Source

convert the conf value into correct type

If options are set in paste file e.g. api-paste.ini for nova, all
the option values passed into AuthProtocol.conf are string type.
So, we should convert the conf value into correct type.

Change-Id: I0367cd6b54ee49f5db6541840539e7700f241f87
Closes-Bug: #1353315
changes/91/113191/6
wanghong 7 years ago
parent
commit
5835b23251
  1. 26
      keystonemiddleware/auth_token.py
  2. 23
      keystonemiddleware/tests/test_auth_token_middleware.py

26
keystonemiddleware/auth_token.py

@ -424,6 +424,27 @@ def _safe_quote(s):
return urllib.parse.quote(s) if s == urllib.parse.unquote(s) else s
def _conf_values_type_convert(conf):
"""Convert conf values into correct type."""
if not conf:
return {}
opts = {}
opt_types = dict((o.dest, o.type) for o in _OPTS)
for k, v in six.iteritems(conf):
try:
if v is None:
opts[k] = v
else:
opts[k] = opt_types[k](v)
except KeyError:
opts[k] = v
except ValueError as e:
raise ConfigurationError(
'Unable to convert the value of %s option into correct '
'type: %s' % (k, e))
return opts
class InvalidUserToken(Exception):
pass
@ -459,7 +480,10 @@ class AuthProtocol(object):
def __init__(self, app, conf):
self._LOG = logging.getLogger(conf.get('log_name', __name__))
self._LOG.info('Starting keystone auth_token middleware')
self._conf = conf
# NOTE(wanghong): If options are set in paste file, all the option
# values passed into conf are string type. So, we should convert the
# conf value into correct type.
self._conf = _conf_values_type_convert(conf)
self._app = app
# delay_auth_decision means we still allow unauthenticated requests

23
keystonemiddleware/tests/test_auth_token_middleware.py

@ -531,6 +531,29 @@ class GeneralAuthTokenMiddlewareTest(BaseAuthTokenMiddlewareTest,
self.assertEqual(middleware._token_revocation_list_cache_timeout,
datetime.timedelta(seconds=24))
def test_conf_values_type_convert(self):
conf = {
'revocation_cache_time': '24',
'identity_uri': 'https://keystone.example.com:1234',
'include_service_catalog': '0',
'nonexsit_option': '0',
}
middleware = auth_token.AuthProtocol(self.fake_app, conf)
self.assertEqual(datetime.timedelta(seconds=24),
middleware._token_revocation_list_cache_timeout)
self.assertEqual(False, middleware._include_service_catalog)
self.assertEqual('https://keystone.example.com:1234',
middleware._identity_uri)
self.assertEqual('0', middleware._conf['nonexsit_option'])
def test_conf_values_type_convert_with_wrong_value(self):
conf = {
'include_service_catalog': '123',
}
self.assertRaises(auth_token.ConfigurationError,
auth_token.AuthProtocol, self.fake_app, conf)
class CommonAuthTokenMiddlewareTest(object):
"""These tests are run once using v2 tokens and again using v3 tokens."""

Loading…
Cancel
Save