From e7b5120e76234002f72bb085bf6e287bf534090d Mon Sep 17 00:00:00 2001
From: Jamie Lennox <jamielennox@redhat.com>
Date: Mon, 14 Apr 2014 13:17:51 +1000
Subject: [PATCH] Don't use generic kwargs in v2 Token Generation

We need to allow for people adding other stuff to the tokens however it
shouldn't be available in the standard case where for example a misspelt
variable would be propagated.

This is in line with how v3 is going to handle this same scenario.

Change-Id: I1aad17893574ebc7c3a6b84f4d6ba1cd27932158
Closes-Bug: #1307278
---
 keystoneclient/fixture/v2.py                 | 43 +++++++-------
 keystoneclient/tests/v2_0/client_fixtures.py | 61 ++++++++++----------
 2 files changed, 53 insertions(+), 51 deletions(-)

diff --git a/keystoneclient/fixture/v2.py b/keystoneclient/fixture/v2.py
index 5f1b268ec..3482519da 100644
--- a/keystoneclient/fixture/v2.py
+++ b/keystoneclient/fixture/v2.py
@@ -20,14 +20,15 @@ from keystoneclient.openstack.common import timeutils
 class _Service(dict):
 
     def add_endpoint(self, public, admin=None, internal=None,
-                     tenant_id=None, **kwargs):
-        kwargs['tenantId'] = tenant_id or uuid.uuid4().hex
-        kwargs['publicURL'] = public
-        kwargs['adminURL'] = admin or public
-        kwargs['internalURL'] = internal or public
+                     tenant_id=None, region=None):
+        data = {'tenantId': tenant_id or uuid.uuid4().hex,
+                'publicURL': public,
+                'adminURL': admin or public,
+                'internalURL': internal or public,
+                'region': region}
 
-        self['endpoints'].append(kwargs)
-        return kwargs
+        self.setdefault('endpoints', []).append(data)
+        return data
 
 
 class Token(dict):
@@ -41,15 +42,15 @@ class Token(dict):
 
     def __init__(self, token_id=None,
                  expires=None, tenant_id=None, tenant_name=None, user_id=None,
-                 user_name=None, **kwargs):
-        super(Token, self).__init__(access=kwargs)
+                 user_name=None):
+        super(Token, self).__init__()
 
         self.token_id = token_id or uuid.uuid4().hex
         self.user_id = user_id or uuid.uuid4().hex
         self.user_name = user_name or uuid.uuid4().hex
 
         if not expires:
-            expires = timeutils.utcnow() + datetime.timedelta(days=1)
+            expires = timeutils.utcnow() + datetime.timedelta(hours=1)
 
         try:
             self.expires = expires
@@ -62,7 +63,7 @@ class Token(dict):
 
     @property
     def root(self):
-        return self['access']
+        return self.setdefault('access', {})
 
     @property
     def _token(self):
@@ -140,21 +141,19 @@ class Token(dict):
             msg = 'You must have roles on a token to scope it'
             raise exception.FixtureValidationError(msg)
 
-    def add_role(self, name=None, id=None, **kwargs):
+    def add_role(self, name=None, id=None):
         roles = self._user.setdefault('roles', [])
-        kwargs['id'] = id or uuid.uuid4().hex
-        kwargs['name'] = name or uuid.uuid4().hex
-        roles.append(kwargs)
-        return kwargs
+        data = {'id': id or uuid.uuid4().hex,
+                'name': name or uuid.uuid4().hex}
+        roles.append(data)
+        return data
 
-    def add_service(self, type, name=None, **kwargs):
-        kwargs.setdefault('endpoints', [])
-        kwargs['name'] = name or uuid.uuid4().hex
-        service = _Service(type=type, **kwargs)
+    def add_service(self, type, name=None):
+        name = name or uuid.uuid4().hex
+        service = _Service(name=name, type=type)
         self.root.setdefault('serviceCatalog', []).append(service)
         return service
 
-    def set_scope(self, id=None, name=None, **kwargs):
-        self._token['tenant'] = kwargs
+    def set_scope(self, id=None, name=None):
         self.tenant_id = id or uuid.uuid4().hex
         self.tenant_name = name or uuid.uuid4().hex
diff --git a/keystoneclient/tests/v2_0/client_fixtures.py b/keystoneclient/tests/v2_0/client_fixtures.py
index 6f91acd0f..178b1487a 100644
--- a/keystoneclient/tests/v2_0/client_fixtures.py
+++ b/keystoneclient/tests/v2_0/client_fixtures.py
@@ -77,39 +77,42 @@ def auth_response_body():
                         user_name='jqsmith')
 
     f.add_role(id='234', name='compute:admin')
-    f.add_role(id='235', name='object-store:admin', tenantId='1')
+    role = f.add_role(id='235', name='object-store:admin')
+    role['tenantId'] = '1'
 
     s = f.add_service('compute', 'Cloud Servers')
-    s.add_endpoint(public='https://compute.north.host/v1/1234',
-                   internal='https://compute.north.host/v1/1234',
-                   region='North',
-                   tenant_id='1',
-                   versionId='1.0',
-                   versionInfo='https://compute.north.host/v1.0/',
-                   versionList='https://compute.north.host/')
-    s.add_endpoint(public='https://compute.north.host/v1.1/3456',
-                   internal='https://compute.north.host/v1.1/3456',
-                   region='North',
-                   tenant_id='2',
-                   versionId='1.1',
-                   versionInfo='https://compute.north.host/v1.1/',
-                   versionList='https://compute.north.host/')
+    endpoint = s.add_endpoint(public='https://compute.north.host/v1/1234',
+                              internal='https://compute.north.host/v1/1234',
+                              region='North')
+    endpoint['tenantId'] = '1'
+    endpoint['versionId'] = '1.0'
+    endpoint['versionInfo'] = 'https://compute.north.host/v1.0/'
+    endpoint['versionList'] = 'https://compute.north.host/'
+
+    endpoint = s.add_endpoint(public='https://compute.north.host/v1.1/3456',
+                              internal='https://compute.north.host/v1.1/3456',
+                              region='North')
+    endpoint['tenantId'] = '2'
+    endpoint['versionId'] = '1.1'
+    endpoint['versionInfo'] = 'https://compute.north.host/v1.1/'
+    endpoint['versionList'] = 'https://compute.north.host/'
 
     s = f.add_service('object-store', 'Cloud Files')
-    s.add_endpoint(public='https://swift.north.host/v1/blah',
-                   internal='https://swift.north.host/v1/blah',
-                   region='South',
-                   tenant_id='11',
-                   versionId='1.0',
-                   versionInfo='uri',
-                   versionList='uri')
-    s.add_endpoint(public='https://swift.north.host/v1.1/blah',
-                   internal='https://compute.north.host/v1.1/blah',
-                   region='South',
-                   tenant_id='2',
-                   versionId='1.1',
-                   versionInfo='https://swift.north.host/v1.1/',
-                   versionList='https://swift.north.host/')
+    endpoint = s.add_endpoint(public='https://swift.north.host/v1/blah',
+                              internal='https://swift.north.host/v1/blah',
+                              region='South')
+    endpoint['tenantId'] = '11'
+    endpoint['versionId'] = '1.0'
+    endpoint['versionInfo'] = 'uri'
+    endpoint['versionList'] = 'uri'
+
+    endpoint = s.add_endpoint(public='https://swift.north.host/v1.1/blah',
+                              internal='https://compute.north.host/v1.1/blah',
+                              region='South')
+    endpoint['tenantId'] = '2'
+    endpoint['versionId'] = '1.1'
+    endpoint['versionInfo'] = 'https://swift.north.host/v1.1/'
+    endpoint['versionList'] = 'https://swift.north.host/'
 
     s = f.add_service('image', 'Image Servers')
     s.add_endpoint(public='https://image.north.host/v1/',