Merge "[placement] re-use existing conf with auth token middleware" into stable/pike

2018-03-02 19:08:54 +00:00 · 2018-03-02 19:08:54 +00:00 · 0b7f8064df
parent 15a66d57c9 5d76284261
commit 0b7f8064df
2 changed files with 47 additions and 2 deletions
--- a/nova/api/openstack/placement/deploy.py
+++ b/nova/api/openstack/placement/deploy.py
@ -38,9 +38,11 @@ def deploy(conf, project_name):
    if conf.api.auth_strategy == 'noauth2':
        auth_middleware = auth.NoAuthMiddleware
    else:
-        # Do not provide global conf to middleware here.
+        # Do not use 'oslo_config_project' param here as the conf
+        # location may have been overridden earlier in the deployment
+        # process with OS_PLACEMENT_CONFIG_DIR in wsgi.py.
        auth_middleware = auth_token.filter_factory(
-            {}, oslo_config_project=project_name)
+            {}, oslo_config_config=conf)

    # Pass in our CORS config, if any, manually as that's a)
    # explicit, b) makes testing more straightfoward, c) let's
--- a/nova/tests/unit/api/openstack/placement/test_deploy.py
+++ b/nova/tests/unit/api/openstack/placement/test_deploy.py
@ -0,0 +1,43 @@
+# All Rights Reserved.
+#
+#    Licensed under the Apache License, Version 2.0 (the "License"); you may
+#    not use this file except in compliance with the License. You may obtain
+#    a copy of the License at
+#
+#         http://www.apache.org/licenses/LICENSE-2.0
+#
+#    Unless required by applicable law or agreed to in writing, software
+#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+#    License for the specific language governing permissions and limitations
+#    under the License.
+"""Unit tests for the deply function used to build the Placement service."""
+
+from oslo_config import cfg
+import webob
+
+from nova.api.openstack.placement import deploy
+from nova import test
+
+
+CONF = cfg.CONF
+
+
+class DeployTest(test.NoDBTestCase):
+
+    def test_auth_middleware_factory(self):
+        """Make sure that configuration settings make their way to
+        the keystone middleware correctly.
+        """
+        auth_uri = 'http://example.com/identity'
+        authenticate_header_value = "Keystone uri='%s'" % auth_uri
+        self.flags(auth_uri=auth_uri, group='keystone_authtoken')
+        # ensure that the auth_token middleware is chosen
+        self.flags(auth_strategy='keystone', group='api')
+        app = deploy.deploy(CONF, 'nova')
+        req = webob.Request.blank('/', method="GET")
+
+        response = req.get_response(app)
+
+        self.assertEqual(authenticate_header_value,
+                         response.headers['www-authenticate'])