openstack/python-keystoneclient
Code Issues Proposed changes

Add OAuth data to AccessInfo

Browse Source 
Allow access to the access_token_id and the consumer_id that are set as
part of the Oauth authentication process.

This only makes sense for V3 tokens, as Oauth cannot be used with v2.

Change-Id: I9ac76f92acdfd6446a13f535b24e0a99f02f2eef
This commit is contained in:
Jamie Lennox
2014-06-18 14:53:01 +10:00
parent 90abb4cfb2
commit 3d29db1bd1
3 changed files with 78 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
keystoneclient/access.py
View File

@@ -337,6 +337,22 @@ class AccessInfo(dict):
""" """
return self.get('version') return self.get('version')
@property
def oauth_access_token_id(self):
"""Return the access token ID if OAuth authentication used.
:returns: str or None.
"""
raise NotImplementedError()
@property
def oauth_consumer_id(self):
"""Return the consumer ID if OAuth authentication used.
:returns: str or None.
"""
raise NotImplementedError()
class AccessInfoV2(AccessInfo): class AccessInfoV2(AccessInfo):
"""An object for encapsulating a raw v2 auth token from identity """An object for encapsulating a raw v2 auth token from identity
@@ -505,6 +521,14 @@ class AccessInfoV2(AccessInfo):
else: else:
return None return None
@property
def oauth_access_token_id(self):
return None
@property
def oauth_consumer_id(self):
return None
class AccessInfoV3(AccessInfo): class AccessInfoV3(AccessInfo):
"""An object for encapsulating a raw v3 auth token from identity """An object for encapsulating a raw v3 auth token from identity
@@ -647,3 +671,11 @@ class AccessInfoV3(AccessInfo):
else: else:
return None return None
@property
def oauth_access_token_id(self):
return self.get('OS-OAUTH1', {}).get('access_token_id')
@property
def oauth_consumer_id(self):
return self.get('OS-OAUTH1', {}).get('consumer_id')

27
keystoneclient/fixture/v3.py
View File

@@ -59,7 +59,8 @@ class Token(dict):
project_id=None, project_name=None, project_domain_id=None, project_id=None, project_name=None, project_domain_id=None,
project_domain_name=None, domain_id=None, domain_name=None, project_domain_name=None, domain_id=None, domain_name=None,
trust_id=None, trust_impersonation=None, trustee_user_id=None, trust_id=None, trust_impersonation=None, trustee_user_id=None,
trustor_user_id=None): trustor_user_id=None, oauth_access_token_id=None,
oauth_consumer_id=None):
super(Token, self).__init__() super(Token, self).__init__()
self.user_id = user_id or uuid.uuid4().hex self.user_id = user_id or uuid.uuid4().hex
@@ -106,6 +107,10 @@ class Token(dict):
trustee_user_id=trustee_user_id, trustee_user_id=trustee_user_id,
trustor_user_id=trustor_user_id) trustor_user_id=trustor_user_id)
if oauth_access_token_id or oauth_consumer_id:
self.set_oauth(access_token_id=oauth_access_token_id,
consumer_id=oauth_consumer_id)
@property @property
def root(self): def root(self):
return self.setdefault('token', {}) return self.setdefault('token', {})
@@ -272,6 +277,22 @@ class Token(dict):
trust = self.root.setdefault('OS-TRUST:trust', {}) trust = self.root.setdefault('OS-TRUST:trust', {})
trust.setdefault('trustor_user', {})['id'] = value trust.setdefault('trustor_user', {})['id'] = value
@property
def oauth_access_token_id(self):
return self.root.get('OS-OAUTH1', {}).get('access_token_id')
@oauth_access_token_id.setter
def oauth_access_token_id(self, value):
self.root.setdefault('OS-OAUTH1', {})['access_token_id'] = value
@property
def oauth_consumer_id(self):
return self.root.get('OS-OAUTH1', {}).get('consumer_id')
@oauth_consumer_id.setter
def oauth_consumer_id(self, value):
self.root.setdefault('OS-OAUTH1', {})['consumer_id'] = value
def validate(self): def validate(self):
project = self.root.get('project') project = self.root.get('project')
domain = self.root.get('domain') domain = self.root.get('domain')
@@ -327,3 +348,7 @@ class Token(dict):
self.trust_impersonation = impersonation self.trust_impersonation = impersonation
self.trustee_user_id = trustee_user_id or uuid.uuid4().hex self.trustee_user_id = trustee_user_id or uuid.uuid4().hex
self.trustor_user_id = trustor_user_id or uuid.uuid4().hex self.trustor_user_id = trustor_user_id or uuid.uuid4().hex
def set_oauth(self, access_token_id=None, consumer_id=None):
self.oauth_access_token_id = access_token_id or uuid.uuid4().hex
self.oauth_consumer_id = consumer_id or uuid.uuid4().hex

20
keystoneclient/tests/v3/test_access.py
View File

@@ -11,8 +11,10 @@
# under the License. # under the License.
import datetime import datetime
import uuid
from keystoneclient import access from keystoneclient import access
from keystoneclient import fixture
from keystoneclient.openstack.common import timeutils from keystoneclient.openstack.common import timeutils
from keystoneclient.tests.v3 import client_fixtures from keystoneclient.tests.v3 import client_fixtures
from keystoneclient.tests.v3 import utils from keystoneclient.tests.v3 import utils
@@ -152,3 +154,21 @@ class AccessInfoTest(utils.TestCase):
self.assertFalse(auth_ref.domain_scoped) self.assertFalse(auth_ref.domain_scoped)
self.assertTrue(auth_ref.project_scoped) self.assertTrue(auth_ref.project_scoped)
def test_oauth_access(self):
consumer_id = uuid.uuid4().hex
access_token_id = uuid.uuid4().hex
token = fixture.V3Token()
token.set_project_scope()
token.set_oauth(access_token_id=access_token_id,
consumer_id=consumer_id)
auth_ref = access.AccessInfo.factory(body=token)
self.assertEqual(consumer_id, auth_ref.oauth_consumer_id)
self.assertEqual(access_token_id, auth_ref.oauth_access_token_id)
self.assertEqual(consumer_id, auth_ref['OS-OAUTH1']['consumer_id'])
self.assertEqual(access_token_id,
auth_ref['OS-OAUTH1']['access_token_id'])