Throw validation response into the environment

Allow other middleware access to the raw response from the token validation step by adding it to the WSGI environment in the 'keystone.token_info' variable. Change-Id: I3849598d6eefd2bfcb04e27d723f08fb1935c231
2012-11-15 16:03:58 -06:00
parent e39351ec65
commit 10e16be489
2 changed files with 13 additions and 0 deletions
--- a/keystoneclient/middleware/auth_token.py
+++ b/keystoneclient/middleware/auth_token.py
@@ -91,6 +91,15 @@ HTTP_X_ROLE
    *Deprecated* in favor of HTTP_X_ROLES
    This is being renamed, and the new header contains the same data.

+OTHER ENVIRONMENT VARIABLES
+---------------------------
+
+keystone.token_info
+    Information about the token discovered in the process of
+    validation.  This may include extended information returned by the
+    Keystone token validation call, as well as basic information about
+    the tenant and user.
+
 """

 import datetime
@@ -283,6 +292,7 @@ class AuthProtocol(object):
            self._remove_auth_headers(env)
            user_token = self._get_user_token_from_header(env)
            token_info = self._validate_user_token(user_token)
+            env['keystone.token_info'] = token_info
            user_headers = self._build_user_headers(token_info)
            self._add_headers(env, user_headers)
            return self.app(env, start_response)
--- a/tests/test_auth_token_middleware.py
+++ b/tests/test_auth_token_middleware.py
@@ -449,6 +449,7 @@ class DiabloAuthTokenMiddlewareTest(BaseAuthTokenMiddlewareTest):
        req.headers['X-Auth-Token'] = VALID_DIABLO_TOKEN
        self.middleware(req.environ, self.start_fake_response)
        self.assertEqual(self.response_status, 200)
+        self.assertTrue('keystone.token_info' in req.environ)


 class AuthTokenMiddlewareTest(test.NoModule, BaseAuthTokenMiddlewareTest):
@@ -459,6 +460,7 @@ class AuthTokenMiddlewareTest(test.NoModule, BaseAuthTokenMiddlewareTest):
        self.assertEqual(self.response_status, 200)
        self.assertTrue(req.headers.get('X-Service-Catalog'))
        self.assertEqual(body, ['SUCCESS'])
+        self.assertTrue('keystone.token_info' in req.environ)

    def test_valid_uuid_request(self):
        self.assert_valid_request_200(UUID_TOKEN_DEFAULT)
@@ -484,6 +486,7 @@ class AuthTokenMiddlewareTest(test.NoModule, BaseAuthTokenMiddlewareTest):
        body = self.middleware(req.environ, self.start_fake_response)
        self.assertEqual(self.response_status, 200)
        self.assertEqual(body, ['SUCCESS'])
+        self.assertTrue('keystone.token_info' in req.environ)

    def test_default_tenant_uuid_token(self):
        self.assert_unscoped_default_tenant_auto_scopes(UUID_TOKEN_DEFAULT)