Cleaning up Keystone auth tests
Also moving everything into a fixture so we can use the same tests for token based authentication as well. Change-Id: I4f3ee0939268554ff2a92125655ce721171add06
This commit is contained in:
parent
1c479fa865
commit
bc5a607e6d
|
@ -14,7 +14,11 @@ import copy
|
|||
import uuid
|
||||
|
||||
from oslo_serialization import jsonutils
|
||||
from requests_mock.contrib import fixture
|
||||
import six
|
||||
import testtools
|
||||
|
||||
import barbicanclient.barbican
|
||||
|
||||
# these are copied from python-keystoneclient tests
|
||||
BASE_HOST = 'http://keystone.example.com'
|
||||
|
@ -187,3 +191,73 @@ def generate_v3_project_scoped_token(**kwargs):
|
|||
token_id = uuid.uuid4().hex
|
||||
|
||||
return token_id, o
|
||||
|
||||
|
||||
class KeystoneClientFixture(testtools.TestCase):
|
||||
|
||||
def setUp(self):
|
||||
super(KeystoneClientFixture, self).setUp()
|
||||
self.responses = self.useFixture(fixture.Fixture())
|
||||
self.barbican = barbicanclient.barbican.Barbican()
|
||||
|
||||
self.test_arguments = {}
|
||||
|
||||
def get_arguments(self, auth_version='v3'):
|
||||
if auth_version.lower() == 'v3':
|
||||
version_specific = {
|
||||
'--os-auth-url': V3_URL,
|
||||
'--os-project-name': 'my_project_name'
|
||||
}
|
||||
else:
|
||||
version_specific = {
|
||||
'--os-auth-url': V2_URL,
|
||||
'--os-identity-api-version': '2.0',
|
||||
'--os-tenant-name': 'my_tenant_name'
|
||||
}
|
||||
|
||||
self.test_arguments.update(version_specific)
|
||||
return self._to_argv(self.test_arguments)
|
||||
|
||||
def _to_argv(self, argument_dict):
|
||||
# Convert to argv to pass into the client
|
||||
argv = []
|
||||
for k, v in six.iteritems(argument_dict):
|
||||
argv.extend([k, v])
|
||||
return argv
|
||||
|
||||
def _delete_secret(self, auth_version):
|
||||
ref = '{0}/secrets/{1}'.format(BARBICAN_ENDPOINT, uuid.uuid4())
|
||||
|
||||
# Mock delete secret
|
||||
self.responses.delete(ref, status_code=204)
|
||||
|
||||
argv = self.get_arguments(auth_version)
|
||||
argv.extend(['--endpoint', BARBICAN_ENDPOINT, 'secret', 'delete', ref])
|
||||
|
||||
try:
|
||||
self.barbican.run(argv=argv)
|
||||
except:
|
||||
self.fail('failed to delete secret')
|
||||
|
||||
def test_v2_auth(self):
|
||||
# Mock Keystone version discovery and token request
|
||||
self.responses.get(V2_URL, body=V2_VERSION_ENTRY)
|
||||
self.responses.post(
|
||||
'{0}/tokens'.format(V2_URL),
|
||||
json=generate_v2_project_scoped_token()
|
||||
)
|
||||
|
||||
self._delete_secret('v2')
|
||||
|
||||
def test_v3_auth(self):
|
||||
# Mock Keystone version discovery and token request
|
||||
self.responses.get(V3_URL, text=V3_VERSION_ENTRY)
|
||||
id, v3_token = generate_v3_project_scoped_token()
|
||||
|
||||
self.responses.post(
|
||||
'{0}/auth/tokens'.format(V3_URL),
|
||||
json=v3_token,
|
||||
headers={'X-Subject-Token': '1234'}
|
||||
)
|
||||
|
||||
self._delete_secret('v3')
|
||||
|
|
|
@ -123,67 +123,13 @@ class WhenTestingBarbicanCLI(test_client.BaseEntityResource):
|
|||
'secret list', expected_error_msg)
|
||||
|
||||
|
||||
class TestBarbicanWithKeystoneClient(testtools.TestCase):
|
||||
class TestBarbicanWithKeystonePasswordAuth(
|
||||
keystone_client_fixtures.KeystoneClientFixture):
|
||||
|
||||
def setUp(self):
|
||||
super(TestBarbicanWithKeystoneClient, self).setUp()
|
||||
self.responses = self.useFixture(fixture.Fixture())
|
||||
self.kwargs = {'auth_url': keystone_client_fixtures.V3_URL}
|
||||
for arg in ['username', 'password', 'project_name',
|
||||
'user_domain_name', 'project_domain_name']:
|
||||
self.kwargs[arg] = uuid.uuid4().hex
|
||||
self.barbican = barbicanclient.barbican.Barbican()
|
||||
super(TestBarbicanWithKeystonePasswordAuth, self).setUp()
|
||||
|
||||
def _to_argv(self, **kwargs):
|
||||
"""Format Keystone client arguments into command line argv."""
|
||||
argv = []
|
||||
for k, v in six.iteritems(kwargs):
|
||||
argv.append('--os-' + k.replace('_', '-'))
|
||||
argv.append(v)
|
||||
return argv
|
||||
|
||||
def _delete_secret(self, auth_url):
|
||||
self.kwargs['auth_url'] = auth_url
|
||||
argv = self._to_argv(**self.kwargs)
|
||||
barbican_url = keystone_client_fixtures.BARBICAN_ENDPOINT
|
||||
argv.append('--endpoint')
|
||||
argv.append(barbican_url)
|
||||
argv.append('secret')
|
||||
argv.append('delete')
|
||||
mySecretRef = '{0}/secrets/mysecretid'.format(barbican_url)
|
||||
argv.append(mySecretRef)
|
||||
# emulate delete secret
|
||||
self.responses.delete(mySecretRef, status_code=204)
|
||||
|
||||
try:
|
||||
self.barbican.run(argv=argv)
|
||||
except:
|
||||
self.fail('failed to delete secret')
|
||||
|
||||
def test_v2_auth(self):
|
||||
# emulate Keystone version discovery
|
||||
self.responses.get(keystone_client_fixtures.V2_URL,
|
||||
body=keystone_client_fixtures.V2_VERSION_ENTRY)
|
||||
|
||||
# emulate Keystone v2 token request
|
||||
self.responses.post(
|
||||
'{0}/tokens'.format(keystone_client_fixtures.V2_URL),
|
||||
json=keystone_client_fixtures.generate_v2_project_scoped_token())
|
||||
|
||||
self._delete_secret(keystone_client_fixtures.V2_URL)
|
||||
|
||||
def test_v3_auth(self):
|
||||
# emulate Keystone version discovery
|
||||
self.responses.get(keystone_client_fixtures.V3_URL,
|
||||
text=keystone_client_fixtures.V3_VERSION_ENTRY)
|
||||
|
||||
# emulate Keystone v3 token request
|
||||
id, v3_token = \
|
||||
keystone_client_fixtures.generate_v3_project_scoped_token()
|
||||
|
||||
self.responses.post(
|
||||
'{0}/auth/tokens'.format(keystone_client_fixtures.V3_URL),
|
||||
json=v3_token,
|
||||
headers={'X-Subject-Token': '1234'})
|
||||
|
||||
self._delete_secret(keystone_client_fixtures.V3_URL)
|
||||
self.test_arguments = {
|
||||
'--os-username': 'some_user',
|
||||
'--os-password': 'some_pass',
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue