openstack/nova
Code Issues Proposed changes

Stop using NoAuthMiddleware in tests

Browse Source 
This rips NoAuthMiddleware completely out of functional tests by:
- Removing our override of [api]auth_strategy in ConfFixture, allowing
  it to default to ``keystone``. This causes the fake wsgi setup to go
  through the same pipeline as real API requests; so making that work
  entails...
- Mocking out the keystonecontext piece of the paste pipeline to create
  the context previously mashed (somewhat inappropriately) into
  NoAuthMiddleware. In the future we may want to mock this more
  shallowly or find a way to make the req more realistic so it needn't
  be mocked at all, but for now this is close to what the noauth2
  pipeline used to do.
- Stubbing out the keystonemiddleware piece of the paste pipeline. In
  the future we should try to use keystonemiddleware's AuthTokenFixture
  so our tests can occur in a more realistic environment, but for now
  this is just mimicking what the noauth2 pipeline used to do; except
  for...
- Removing the authentication portion of the TestOpenStackClient. This
  used to make an actual request(), which landed in NoAuthMiddleware,
  which was hacking together some headers (based, it appears, on a
  protocol which is many years out of date and no longer approximates
  what keystone does, which should be the point if it's going to exist
  at all). So now we just hack up the necessary headers inline.
- Doing the addition of project_id in request URIs in OSAPIFixture.
  This is another thing that NoAuthMiddleware was doing inappropriately
  (IRL the project_id will either be part of the request from the start,
  or it won't). It was also only doing it part of the time; as a result,
  a couple of tests requesting version documents, which were previously
  not expecting the project ID to be present, needed to be modified to
  expect it. This better reflects reality.

Change-Id: I459a605b4a9390f0e36356ca1fe432948159acd4
This commit is contained in:
Eric Fried
2019-10-08 15:15:46 -05:00
parent 18de63deaa
commit 52fe8c0285
10 changed files with 75 additions and 59 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
nova/api/auth.py
View File

@@ -81,6 +81,14 @@ class InjectContext(wsgi.Middleware):
class NovaKeystoneContext(wsgi.Middleware):
"""Make a request context from keystone headers."""
@staticmethod
def _create_context(env, **kwargs):
"""Create a context from a request environ.
This exists to make test stubbing easier.
"""
return context.RequestContext.from_environ(env, **kwargs)
@webob.dec.wsgify(RequestClass=wsgi.Request)
def __call__(self, req):
# Build a context, including the auth_token...
@@ -101,7 +109,7 @@ class NovaKeystoneContext(wsgi.Middleware):
# middleware in newer versions.
user_auth_plugin = req.environ.get('keystone.token_auth')
ctx = context.RequestContext.from_environ(
ctx = self._create_context(
req.environ,
user_auth_plugin=user_auth_plugin,
remote_address=remote_address,