Fix the condition expression for ssl_insecure
In the existing code, self.ssl_insecure is a string. If insecure option is set in nova api-paste.ini, whatever it is 'true' or 'false', kwargs['verify'] will become False. This commit corrects the condition expression. This patch is backported from https://review.openstack.org/#/c/113191/ Change-Id: I91db8e1cb39c017167a4160079846ac7c0663b03 Closes-Bug: 1353315
This commit is contained in:
parent
a505ffbf17
commit
5c9c97f1a5
|
@ -423,6 +423,27 @@ def safe_quote(s):
|
|||
return urllib.parse.quote(s) if s == urllib.parse.unquote(s) else s
|
||||
|
||||
|
||||
def _conf_values_type_convert(conf):
|
||||
"""Convert conf values into correct type."""
|
||||
if not conf:
|
||||
return {}
|
||||
_opts = {}
|
||||
opt_types = dict((o.dest, o.type) for o in opts)
|
||||
for k, v in six.iteritems(conf):
|
||||
try:
|
||||
if v is None:
|
||||
_opts[k] = v
|
||||
else:
|
||||
_opts[k] = opt_types[k](v)
|
||||
except KeyError:
|
||||
_opts[k] = v
|
||||
except ValueError as e:
|
||||
raise ConfigurationError(
|
||||
'Unable to convert the value of %s option into correct '
|
||||
'type: %s' % (k, e))
|
||||
return _opts
|
||||
|
||||
|
||||
class InvalidUserToken(Exception):
|
||||
pass
|
||||
|
||||
|
@ -462,7 +483,10 @@ class AuthProtocol(object):
|
|||
'This middleware module is deprecated as of v0.10.0 in favor of '
|
||||
'keystonemiddleware.auth_token - please update your WSGI pipeline '
|
||||
'to reference the new middleware package.')
|
||||
self.conf = conf
|
||||
# NOTE(wanghong): If options are set in paste file, all the option
|
||||
# values passed into conf are string type. So, we should convert the
|
||||
# conf value into correct type.
|
||||
self.conf = _conf_values_type_convert(conf)
|
||||
self.app = app
|
||||
|
||||
# delay_auth_decision means we still allow unauthenticated requests
|
||||
|
|
|
@ -520,6 +520,29 @@ class GeneralAuthTokenMiddlewareTest(BaseAuthTokenMiddlewareTest,
|
|||
self.assertEqual(middleware.token_revocation_list_cache_timeout,
|
||||
datetime.timedelta(seconds=24))
|
||||
|
||||
def test_conf_values_type_convert(self):
|
||||
conf = {
|
||||
'revocation_cache_time': '24',
|
||||
'identity_uri': 'https://keystone.example.com:1234',
|
||||
'include_service_catalog': '0',
|
||||
'nonexsit_option': '0',
|
||||
}
|
||||
|
||||
middleware = auth_token.AuthProtocol(self.fake_app, conf)
|
||||
self.assertEqual(datetime.timedelta(seconds=24),
|
||||
middleware.token_revocation_list_cache_timeout)
|
||||
self.assertEqual(False, middleware.include_service_catalog)
|
||||
self.assertEqual('https://keystone.example.com:1234',
|
||||
middleware.identity_uri)
|
||||
self.assertEqual('0', middleware.conf['nonexsit_option'])
|
||||
|
||||
def test_conf_values_type_convert_with_wrong_value(self):
|
||||
conf = {
|
||||
'include_service_catalog': '123',
|
||||
}
|
||||
self.assertRaises(auth_token.ConfigurationError,
|
||||
auth_token.AuthProtocol, self.fake_app, conf)
|
||||
|
||||
|
||||
class CommonAuthTokenMiddlewareTest(object):
|
||||
"""These tests are run once using v2 tokens and again using v3 tokens."""
|
||||
|
|
Loading…
Reference in New Issue