openstack/python-keystoneclient
Code Issues Proposed changes

Fix s3_token middleware parsing insecure option

Browse Source 
The "insecure" option was being treated as a bool when it was
actually provided as a string. The fix is to parse the string to
a bool.

Closes-Bug: 1411063
Change-Id: Id674f40532215788675c97a8fdfa91d4420347b3
This commit is contained in:
Brant Knudson
2015-04-07 19:38:29 +00:00
committed by Tristan Cacqueray
parent a335b7f6f2
commit 85eeecbd3d
2 changed files with 25 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
keystoneclient/middleware/s3_token.py
View File

@@ -34,6 +34,7 @@ This WSGI component:
import logging import logging
from oslo_serialization import jsonutils from oslo_serialization import jsonutils
from oslo_utils import strutils
import requests import requests
import six import six
from six.moves import urllib from six.moves import urllib
@@ -116,7 +117,7 @@ class S3Token(object):
self.request_uri = '%s://%s:%s' % (auth_protocol, auth_host, auth_port) self.request_uri = '%s://%s:%s' % (auth_protocol, auth_host, auth_port)
# SSL # SSL
insecure = conf.get('insecure', False) insecure = strutils.bool_from_string(conf.get('insecure', False))
cert_file = conf.get('certfile') cert_file = conf.get('certfile')
key_file = conf.get('keyfile') key_file = conf.get('keyfile')

24
keystoneclient/tests/unit/test_s3_token_middleware.py
View File

@@ -124,7 +124,7 @@ class S3TokenMiddlewareTestGood(S3TokenMiddlewareTestBase):
@mock.patch.object(requests, 'post') @mock.patch.object(requests, 'post')
def test_insecure(self, MOCK_REQUEST): def test_insecure(self, MOCK_REQUEST):
self.middleware = ( self.middleware = (
s3_token.filter_factory({'insecure': True})(FakeApp())) s3_token.filter_factory({'insecure': 'True'})(FakeApp()))
text_return_value = jsonutils.dumps(GOOD_RESPONSE) text_return_value = jsonutils.dumps(GOOD_RESPONSE)
if six.PY3: if six.PY3:
@@ -142,6 +142,28 @@ class S3TokenMiddlewareTestGood(S3TokenMiddlewareTestBase):
mock_args, mock_kwargs = MOCK_REQUEST.call_args mock_args, mock_kwargs = MOCK_REQUEST.call_args
self.assertIs(mock_kwargs['verify'], False) self.assertIs(mock_kwargs['verify'], False)
def test_insecure_option(self):
# insecure is passed as a string.
# Some non-secure values.
true_values = ['true', 'True', '1', 'yes']
for val in true_values:
config = {'insecure': val, 'certfile': 'false_ind'}
middleware = s3_token.filter_factory(config)(FakeApp())
self.assertIs(False, middleware.verify)
# Some "secure" values, including unexpected value.
false_values = ['false', 'False', '0', 'no', 'someweirdvalue']
for val in false_values:
config = {'insecure': val, 'certfile': 'false_ind'}
middleware = s3_token.filter_factory(config)(FakeApp())
self.assertEqual('false_ind', middleware.verify)
# Default is secure.
config = {'certfile': 'false_ind'}
middleware = s3_token.filter_factory(config)(FakeApp())
self.assertIs('false_ind', middleware.verify)
class S3TokenMiddlewareTestBad(S3TokenMiddlewareTestBase): class S3TokenMiddlewareTestBad(S3TokenMiddlewareTestBase):
def setUp(self): def setUp(self):