Merge "Remove fallback to [keystone_authtoken]"
This commit is contained in:
commit
af6a44aa99
@ -30,44 +30,18 @@ cfg.CONF.import_group(CFG_KEYSTONE_GROUP, 'keystonemiddleware.auth_token')
|
|||||||
|
|
||||||
|
|
||||||
def _get_keystone_auth(trust_id=None):
|
def _get_keystone_auth(trust_id=None):
|
||||||
if not cfg.CONF[CFG_MURANO_AUTH_GROUP].auth_type:
|
kwargs = {}
|
||||||
# Fallback to legacy v2 options in keystone_authtoken
|
if trust_id:
|
||||||
# if no auth_type is set.
|
# Remove project_name and project_id, since we need a trust scoped
|
||||||
# If auth_type is set, it is possible to use the auth loader
|
# auth object
|
||||||
# from keystoneauth1. This is the same fallback as keystonemiddleware
|
kwargs['project_name'] = None
|
||||||
# uses.
|
kwargs['project_domain_name'] = None
|
||||||
versionutils.report_deprecated_feature(
|
kwargs['project_id'] = None
|
||||||
LOG, 'Please update configuration in ' + CFG_MURANO_AUTH_GROUP +
|
kwargs['trust_id'] = trust_id
|
||||||
' group')
|
auth = ka_loading.load_auth_from_conf_options(
|
||||||
auth_uri = cfg.CONF[CFG_KEYSTONE_GROUP].auth_uri
|
cfg.CONF,
|
||||||
username = cfg.CONF[CFG_KEYSTONE_GROUP].admin_user
|
CFG_MURANO_AUTH_GROUP,
|
||||||
password = cfg.CONF[CFG_KEYSTONE_GROUP].admin_password
|
**kwargs)
|
||||||
project_name = cfg.CONF[CFG_KEYSTONE_GROUP].admin_tenant_name
|
|
||||||
kwargs = {
|
|
||||||
'auth_url': auth_uri.replace('v2.0', 'v3'),
|
|
||||||
'username': username,
|
|
||||||
'password': password,
|
|
||||||
'user_domain_name': 'default'
|
|
||||||
}
|
|
||||||
if not trust_id:
|
|
||||||
kwargs['project_name'] = project_name
|
|
||||||
kwargs['project_domain_name'] = 'default'
|
|
||||||
else:
|
|
||||||
kwargs['trust_id'] = trust_id
|
|
||||||
auth = identity.Password(**kwargs)
|
|
||||||
else:
|
|
||||||
kwargs = {}
|
|
||||||
if trust_id:
|
|
||||||
# Remove project_name and project_id, since we need a trust scoped
|
|
||||||
# auth object
|
|
||||||
kwargs['project_name'] = None
|
|
||||||
kwargs['project_domain_name'] = None
|
|
||||||
kwargs['project_id'] = None
|
|
||||||
kwargs['trust_id'] = trust_id
|
|
||||||
auth = ka_loading.load_auth_from_conf_options(
|
|
||||||
cfg.CONF,
|
|
||||||
CFG_MURANO_AUTH_GROUP,
|
|
||||||
**kwargs)
|
|
||||||
return auth
|
return auth
|
||||||
|
|
||||||
|
|
||||||
|
@ -38,61 +38,41 @@ class TestAuthUtils(base.MuranoTestCase):
|
|||||||
group=auth_utils.CFG_MURANO_AUTH_GROUP)
|
group=auth_utils.CFG_MURANO_AUTH_GROUP)
|
||||||
self.addCleanup(mock.patch.stopall)
|
self.addCleanup(mock.patch.stopall)
|
||||||
|
|
||||||
def _init_mock_cfg(self, auth_type):
|
def _init_mock_cfg(self):
|
||||||
if auth_type:
|
mock_auth_obj = mock.patch.object(auth_utils, 'ka_loading',
|
||||||
mock_auth_obj = mock.patch.object(auth_utils, 'ka_loading',
|
spec_set=ka_loading).start()
|
||||||
spec_set=ka_loading).start()
|
mock_auth_obj.load_auth_from_conf_options.return_value = \
|
||||||
mock_auth_obj.load_auth_from_conf_options.return_value = \
|
mock.sentinel.auth
|
||||||
mock.sentinel.auth
|
mock_auth_obj.load_session_from_conf_options.\
|
||||||
mock_auth_obj.load_session_from_conf_options.\
|
return_value = mock.sentinel.session
|
||||||
return_value = mock.sentinel.session
|
cfg.CONF.set_override('auth_type',
|
||||||
cfg.CONF.set_override('auth_type',
|
'password',
|
||||||
'password',
|
auth_utils.CFG_MURANO_AUTH_GROUP)
|
||||||
auth_utils.CFG_MURANO_AUTH_GROUP)
|
cfg.CONF.set_override('auth_uri',
|
||||||
cfg.CONF.set_override('auth_uri',
|
'foo_auth_uri',
|
||||||
'foo_auth_uri',
|
auth_utils.CFG_MURANO_AUTH_GROUP)
|
||||||
auth_utils.CFG_MURANO_AUTH_GROUP)
|
cfg.CONF.set_override('auth_url',
|
||||||
cfg.CONF.set_override('auth_url',
|
'foo_auth_url',
|
||||||
'foo_auth_url',
|
auth_utils.CFG_MURANO_AUTH_GROUP)
|
||||||
auth_utils.CFG_MURANO_AUTH_GROUP)
|
cfg.CONF.set_override('username',
|
||||||
cfg.CONF.set_override('username',
|
'fakeuser',
|
||||||
'fakeuser',
|
auth_utils.CFG_MURANO_AUTH_GROUP)
|
||||||
auth_utils.CFG_MURANO_AUTH_GROUP)
|
cfg.CONF.set_override('password',
|
||||||
cfg.CONF.set_override('password',
|
'fakepass',
|
||||||
'fakepass',
|
auth_utils.CFG_MURANO_AUTH_GROUP)
|
||||||
auth_utils.CFG_MURANO_AUTH_GROUP)
|
cfg.CONF.set_override('user_domain_name',
|
||||||
cfg.CONF.set_override('user_domain_name',
|
'Default',
|
||||||
'Default',
|
auth_utils.CFG_MURANO_AUTH_GROUP)
|
||||||
auth_utils.CFG_MURANO_AUTH_GROUP)
|
cfg.CONF.set_override('project_domain_name',
|
||||||
cfg.CONF.set_override('project_domain_name',
|
'Default',
|
||||||
'Default',
|
auth_utils.CFG_MURANO_AUTH_GROUP)
|
||||||
auth_utils.CFG_MURANO_AUTH_GROUP)
|
cfg.CONF.set_override('project_name',
|
||||||
cfg.CONF.set_override('project_name',
|
'fakeproj',
|
||||||
'fakeproj',
|
auth_utils.CFG_MURANO_AUTH_GROUP)
|
||||||
auth_utils.CFG_MURANO_AUTH_GROUP)
|
|
||||||
else:
|
|
||||||
mock_auth_obj = mock.patch.object(auth_utils, 'identity',
|
|
||||||
autospec=True).start()
|
|
||||||
mock_auth_obj.Password.return_value = mock.sentinel.auth
|
|
||||||
cfg.CONF.set_override('auth_type',
|
|
||||||
None,
|
|
||||||
auth_utils.CFG_MURANO_AUTH_GROUP)
|
|
||||||
cfg.CONF.set_override('auth_uri',
|
|
||||||
'foo_auth_uri/v3',
|
|
||||||
auth_utils.CFG_KEYSTONE_GROUP)
|
|
||||||
cfg.CONF.set_override('admin_user',
|
|
||||||
'adminuser',
|
|
||||||
auth_utils.CFG_KEYSTONE_GROUP)
|
|
||||||
cfg.CONF.set_override('admin_password',
|
|
||||||
'adminpass',
|
|
||||||
auth_utils.CFG_KEYSTONE_GROUP)
|
|
||||||
cfg.CONF.set_override('admin_tenant_name',
|
|
||||||
'admintenant',
|
|
||||||
auth_utils.CFG_KEYSTONE_GROUP)
|
|
||||||
return mock_auth_obj
|
return mock_auth_obj
|
||||||
|
|
||||||
def test_get_keystone_auth(self):
|
def test_get_keystone_auth(self):
|
||||||
mock_identity = self._init_mock_cfg(True)
|
mock_identity = self._init_mock_cfg()
|
||||||
|
|
||||||
expected_auth = mock.sentinel.auth
|
expected_auth = mock.sentinel.auth
|
||||||
actual_auth = auth_utils._get_keystone_auth()
|
actual_auth = auth_utils._get_keystone_auth()
|
||||||
@ -101,25 +81,8 @@ class TestAuthUtils(base.MuranoTestCase):
|
|||||||
mock_identity.load_auth_from_conf_options.assert_called_once_with(
|
mock_identity.load_auth_from_conf_options.assert_called_once_with(
|
||||||
cfg.CONF, auth_utils.CFG_MURANO_AUTH_GROUP)
|
cfg.CONF, auth_utils.CFG_MURANO_AUTH_GROUP)
|
||||||
|
|
||||||
def test_get_keystone_auth_fallback_to_v2(self):
|
|
||||||
mock_identity = self._init_mock_cfg(False)
|
|
||||||
|
|
||||||
expected_kwargs = {
|
|
||||||
'auth_url': 'foo_auth_uri/v3',
|
|
||||||
'username': 'adminuser',
|
|
||||||
'password': 'adminpass',
|
|
||||||
'user_domain_name': 'default',
|
|
||||||
'project_name': 'admintenant',
|
|
||||||
'project_domain_name': 'default'
|
|
||||||
}
|
|
||||||
expected_auth = mock.sentinel.auth
|
|
||||||
actual_auth = auth_utils._get_keystone_auth()
|
|
||||||
|
|
||||||
self.assertEqual(expected_auth, actual_auth)
|
|
||||||
mock_identity.Password.assert_called_once_with(**expected_kwargs)
|
|
||||||
|
|
||||||
def test_get_keystone_with_trust_id(self):
|
def test_get_keystone_with_trust_id(self):
|
||||||
mock_ka_loading = self._init_mock_cfg(True)
|
mock_ka_loading = self._init_mock_cfg()
|
||||||
|
|
||||||
expected_kwargs = {
|
expected_kwargs = {
|
||||||
'project_name': None,
|
'project_name': None,
|
||||||
@ -136,26 +99,10 @@ class TestAuthUtils(base.MuranoTestCase):
|
|||||||
auth_utils.CFG_MURANO_AUTH_GROUP,
|
auth_utils.CFG_MURANO_AUTH_GROUP,
|
||||||
**expected_kwargs)
|
**expected_kwargs)
|
||||||
|
|
||||||
def test_get_keystone_auth_with_trust_id_fallback_to_v2(self):
|
|
||||||
mock_identity = self._init_mock_cfg(False)
|
|
||||||
|
|
||||||
expected_kwargs = {
|
|
||||||
'auth_url': 'foo_auth_uri/v3',
|
|
||||||
'username': 'adminuser',
|
|
||||||
'password': 'adminpass',
|
|
||||||
'user_domain_name': 'default',
|
|
||||||
'trust_id': mock.sentinel.trust_id
|
|
||||||
}
|
|
||||||
expected_auth = mock.sentinel.auth
|
|
||||||
actual_auth = auth_utils._get_keystone_auth(mock.sentinel.trust_id)
|
|
||||||
|
|
||||||
self.assertEqual(expected_auth, actual_auth)
|
|
||||||
mock_identity.Password.assert_called_once_with(**expected_kwargs)
|
|
||||||
|
|
||||||
@mock.patch.object(auth_utils, 'ks_client', autospec=True)
|
@mock.patch.object(auth_utils, 'ks_client', autospec=True)
|
||||||
@mock.patch.object(auth_utils, '_get_session', autospec=True)
|
@mock.patch.object(auth_utils, '_get_session', autospec=True)
|
||||||
def test_create_keystone_admin_client(self, mock_get_sess, mock_ks_client):
|
def test_create_keystone_admin_client(self, mock_get_sess, mock_ks_client):
|
||||||
self._init_mock_cfg(False)
|
self._init_mock_cfg()
|
||||||
mock_get_sess.return_value = mock.sentinel.session
|
mock_get_sess.return_value = mock.sentinel.session
|
||||||
mock_ks_client.Client.return_value = mock.sentinel.ks_admin_client
|
mock_ks_client.Client.return_value = mock.sentinel.ks_admin_client
|
||||||
|
|
||||||
@ -311,7 +258,7 @@ class TestAuthUtils(base.MuranoTestCase):
|
|||||||
self.assertIsNone(auth_utils._get_config_option(None, 'url'))
|
self.assertIsNone(auth_utils._get_config_option(None, 'url'))
|
||||||
|
|
||||||
def test_get_session(self):
|
def test_get_session(self):
|
||||||
mock_ka_loading = self._init_mock_cfg(True)
|
mock_ka_loading = self._init_mock_cfg()
|
||||||
|
|
||||||
session = auth_utils._get_session(mock.sentinel.auth)
|
session = auth_utils._get_session(mock.sentinel.auth)
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user