Merge "Get revocation list with only audit ids"

2016-04-15 01:55:40 +00:00
parent 31a9059460 cb78632350
commit 60ca0ceb18
2 changed files with 35 additions and 4 deletions
--- a/keystoneclient/tests/unit/v3/test_tokens.py
+++ b/keystoneclient/tests/unit/v3/test_tokens.py
@@ -44,8 +44,31 @@ class TokenTests(utils.ClientTestCase, testresources.ResourcedTestCase):
        self.stub_url('GET', ['auth', 'tokens', 'OS-PKI', 'revoked'],
                      json=sample_revoked_response)
        resp = self.client.tokens.get_revoked()
+        self.assertQueryStringIs()
        self.assertEqual(sample_revoked_response, resp)

+    def test_get_revoked_audit_id_only(self):
+        # When get_revoked(audit_id_only=True) then ?audit_id_only is set on
+        # the request.
+        sample_revoked_response = {
+            'revoked': [
+                {
+                    'audit_id': uuid.uuid4().hex,
+                    'expires': '2016-01-21T15:53:52Z',
+                },
+            ],
+        }
+        self.stub_url('GET', ['auth', 'tokens', 'OS-PKI', 'revoked'],
+                      json=sample_revoked_response)
+        resp = self.client.tokens.get_revoked(audit_id_only=True)
+        self.assertQueryStringIs('audit_id_only')
+        self.assertEqual(sample_revoked_response, resp)
+
+    def test_get_revoked_audit_id_only_positional_exc(self):
+        # When get_revoked(True) an exception is raised because this must be
+        # called with named parameter.
+        self.assertRaises(TypeError, self.client.tokens.get_revoked, True)
+
    def test_validate_token_with_token_id(self):
        # Can validate a token passing a string token ID.
        token_id = uuid.uuid4().hex
--- a/keystoneclient/v3/tokens.py
+++ b/keystoneclient/v3/tokens.py
@@ -41,15 +41,23 @@ class TokenManager(object):
        headers = {'X-Subject-Token': token_id}
        return self._client.delete('/auth/tokens', headers=headers)

-    def get_revoked(self):
+    @positional.method(0)
+    def get_revoked(self, audit_id_only=False):
        """Get revoked tokens list.

-        :returns: A dict containing "signed" which is a CMS formatted string.
+        :param bool audit_id_only: If true, the server is requested to not send
+            token IDs. **New in version 2.2.0.**
+        :returns: A dict containing ``signed`` which is a CMS formatted string
+            if the server signed the response. If `audit_id_only` then the
+            response may be a dict containing ``revoked`` which is the list of
+            token audit IDs and expiration times.
        :rtype: dict

        """
-
-        resp, body = self._client.get('/auth/tokens/OS-PKI/revoked')
+        path = '/auth/tokens/OS-PKI/revoked'
+        if audit_id_only:
+            path += '?audit_id_only'
+        resp, body = self._client.get(path)
        return body

    @positional.method(1)