openstack/python-swiftclient
Code Issues Proposed changes

Merge "Add minimal working service token support."

Browse Source
This commit is contained in:
Jenkins 2015-08-25 02:02:51 +00:00 committed by Gerrit Code Review
commit b4b9254bc3
2 changed files with 409 additions and 20 deletions
swiftclient
client.py
tests/unit
test_swiftclient.py

122
swiftclient/client.py

@ -489,7 +489,8 @@ def store_response(resp, response_dict):
def get_account(url, token, marker=None, limit=None, prefix=None, def get_account(url, token, marker=None, limit=None, prefix=None,
end_marker=None, http_conn=None, full_listing=False): end_marker=None, http_conn=None, full_listing=False,
service_token=None):
""" """
Get a listing of containers for the account. Get a listing of containers for the account.
@ -503,6 +504,7 @@ def get_account(url, token, marker=None, limit=None, prefix=None,
conn object) conn object)
:param full_listing: if True, return a full listing, else returns a max :param full_listing: if True, return a full listing, else returns a max
of 10000 listings of 10000 listings
:param service_token: service auth token
:returns: a tuple of (response headers, a list of containers) The response :returns: a tuple of (response headers, a list of containers) The response
headers will be a dict and all header names will be lowercase. headers will be a dict and all header names will be lowercase.
:raises ClientException: HTTP GET request failed :raises ClientException: HTTP GET request failed
@ -532,6 +534,8 @@ def get_account(url, token, marker=None, limit=None, prefix=None,
qs += '&end_marker=%s' % quote(end_marker) qs += '&end_marker=%s' % quote(end_marker)
full_path = '%s?%s' % (parsed.path, qs) full_path = '%s?%s' % (parsed.path, qs)
headers = {'X-Auth-Token': token} headers = {'X-Auth-Token': token}
if service_token:
headers['X-Service-Token'] = service_token
method = 'GET' method = 'GET'
conn.request(method, full_path, '', headers) conn.request(method, full_path, '', headers)
resp = conn.getresponse() resp = conn.getresponse()
@ -552,7 +556,7 @@ def get_account(url, token, marker=None, limit=None, prefix=None,
return resp_headers, parse_api_response(resp_headers, body) return resp_headers, parse_api_response(resp_headers, body)
def head_account(url, token, http_conn=None): def head_account(url, token, http_conn=None, service_token=None):
""" """
Get account stats. Get account stats.
@ -560,6 +564,7 @@ def head_account(url, token, http_conn=None):
:param token: auth token :param token: auth token
:param http_conn: HTTP connection object (If None, it will create the :param http_conn: HTTP connection object (If None, it will create the
conn object) conn object)
:param service_token: service auth token
:returns: a dict containing the response's headers (all header names will :returns: a dict containing the response's headers (all header names will
be lowercase) be lowercase)
:raises ClientException: HTTP HEAD request failed :raises ClientException: HTTP HEAD request failed
@ -570,6 +575,8 @@ def head_account(url, token, http_conn=None):
parsed, conn = http_connection(url) parsed, conn = http_connection(url)
method = "HEAD" method = "HEAD"
headers = {'X-Auth-Token': token} headers = {'X-Auth-Token': token}
if service_token:
headers['X-Service-Token'] = service_token
conn.request(method, parsed.path, '', headers) conn.request(method, parsed.path, '', headers)
resp = conn.getresponse() resp = conn.getresponse()
body = resp.read() body = resp.read()
@ -585,7 +592,8 @@ def head_account(url, token, http_conn=None):
return resp_headers return resp_headers
def post_account(url, token, headers, http_conn=None, response_dict=None): def post_account(url, token, headers, http_conn=None, response_dict=None,
service_token=None):
""" """
Update an account's metadata. Update an account's metadata.
@ -596,6 +604,7 @@ def post_account(url, token, headers, http_conn=None, response_dict=None):
conn object) conn object)
:param response_dict: an optional dictionary into which to place :param response_dict: an optional dictionary into which to place
the response - status, reason and headers the response - status, reason and headers
:param service_token: service auth token
:raises ClientException: HTTP POST request failed :raises ClientException: HTTP POST request failed
""" """
if http_conn: if http_conn:
@ -604,6 +613,8 @@ def post_account(url, token, headers, http_conn=None, response_dict=None):
parsed, conn = http_connection(url) parsed, conn = http_connection(url)
method = 'POST' method = 'POST'
headers['X-Auth-Token'] = token headers['X-Auth-Token'] = token
if service_token:
headers['X-Service-Token'] = service_token
conn.request(method, parsed.path, '', headers) conn.request(method, parsed.path, '', headers)
resp = conn.getresponse() resp = conn.getresponse()
body = resp.read() body = resp.read()
@ -624,7 +635,7 @@ def post_account(url, token, headers, http_conn=None, response_dict=None):
def get_container(url, token, container, marker=None, limit=None, def get_container(url, token, container, marker=None, limit=None,
prefix=None, delimiter=None, end_marker=None, prefix=None, delimiter=None, end_marker=None,
path=None, http_conn=None, path=None, http_conn=None,
full_listing=False): full_listing=False, service_token=None):
""" """
Get a listing of objects for the container. Get a listing of objects for the container.
@ -641,6 +652,7 @@ def get_container(url, token, container, marker=None, limit=None,
conn object) conn object)
:param full_listing: if True, return a full listing, else returns a max :param full_listing: if True, return a full listing, else returns a max
of 10000 listings of 10000 listings
:param service_token: service auth token
:returns: a tuple of (response headers, a list of objects) The response :returns: a tuple of (response headers, a list of objects) The response
headers will be a dict and all header names will be lowercase. headers will be a dict and all header names will be lowercase.
:raises ClientException: HTTP GET request failed :raises ClientException: HTTP GET request failed
@ -649,7 +661,8 @@ def get_container(url, token, container, marker=None, limit=None,
http_conn = http_connection(url) http_conn = http_connection(url)
if full_listing: if full_listing:
rv = get_container(url, token, container, marker, limit, prefix, rv = get_container(url, token, container, marker, limit, prefix,
delimiter, end_marker, path, http_conn) delimiter, end_marker, path, http_conn,
service_token)
listing = rv[1] listing = rv[1]
while listing: while listing:
if not delimiter: if not delimiter:
@ -658,7 +671,7 @@ def get_container(url, token, container, marker=None, limit=None,
marker = listing[-1].get('name', listing[-1].get('subdir')) marker = listing[-1].get('name', listing[-1].get('subdir'))
listing = get_container(url, token, container, marker, limit, listing = get_container(url, token, container, marker, limit,
prefix, delimiter, end_marker, path, prefix, delimiter, end_marker, path,
http_conn)[1] http_conn, service_token)[1]
if listing: if listing:
rv[1].extend(listing) rv[1].extend(listing)
return rv return rv
@ -678,6 +691,8 @@ def get_container(url, token, container, marker=None, limit=None,
if path: if path:
qs += '&path=%s' % quote(path) qs += '&path=%s' % quote(path)
headers = {'X-Auth-Token': token} headers = {'X-Auth-Token': token}
if service_token:
headers['X-Service-Token'] = service_token
method = 'GET' method = 'GET'
conn.request(method, '%s?%s' % (cont_path, qs), '', headers) conn.request(method, '%s?%s' % (cont_path, qs), '', headers)
resp = conn.getresponse() resp = conn.getresponse()
@ -702,7 +717,8 @@ def get_container(url, token, container, marker=None, limit=None,
return resp_headers, parse_api_response(resp_headers, body) return resp_headers, parse_api_response(resp_headers, body)
def head_container(url, token, container, http_conn=None, headers=None): def head_container(url, token, container, http_conn=None, headers=None,
service_token=None):
""" """
Get container stats. Get container stats.
@ -711,6 +727,7 @@ def head_container(url, token, container, http_conn=None, headers=None):
:param container: container name to get stats for :param container: container name to get stats for
:param http_conn: HTTP connection object (If None, it will create the :param http_conn: HTTP connection object (If None, it will create the
conn object) conn object)
:param service_token: service auth token
:returns: a dict containing the response's headers (all header names will :returns: a dict containing the response's headers (all header names will
be lowercase) be lowercase)
:raises ClientException: HTTP HEAD request failed :raises ClientException: HTTP HEAD request failed
@ -722,6 +739,8 @@ def head_container(url, token, container, http_conn=None, headers=None):
path = '%s/%s' % (parsed.path, quote(container)) path = '%s/%s' % (parsed.path, quote(container))
method = 'HEAD' method = 'HEAD'
req_headers = {'X-Auth-Token': token} req_headers = {'X-Auth-Token': token}
if service_token:
req_headers['X-Service-Token'] = service_token
if headers: if headers:
req_headers.update(headers) req_headers.update(headers)
conn.request(method, path, '', req_headers) conn.request(method, path, '', req_headers)
@ -743,7 +762,7 @@ def head_container(url, token, container, http_conn=None, headers=None):
def put_container(url, token, container, headers=None, http_conn=None, def put_container(url, token, container, headers=None, http_conn=None,
response_dict=None): response_dict=None, service_token=None):
""" """
Create a container Create a container
@ -755,6 +774,7 @@ def put_container(url, token, container, headers=None, http_conn=None,
conn object) conn object)
:param response_dict: an optional dictionary into which to place :param response_dict: an optional dictionary into which to place
the response - status, reason and headers the response - status, reason and headers
:param service_token: service auth token
:raises ClientException: HTTP PUT request failed :raises ClientException: HTTP PUT request failed
""" """
if http_conn: if http_conn:
@ -766,6 +786,8 @@ def put_container(url, token, container, headers=None, http_conn=None,
if not headers: if not headers:
headers = {} headers = {}
headers['X-Auth-Token'] = token headers['X-Auth-Token'] = token
if service_token:
headers['X-Service-Token'] = service_token
if 'content-length' not in (k.lower() for k in headers): if 'content-length' not in (k.lower() for k in headers):
headers['Content-Length'] = '0' headers['Content-Length'] = '0'
conn.request(method, path, '', headers) conn.request(method, path, '', headers)
@ -785,7 +807,7 @@ def put_container(url, token, container, headers=None, http_conn=None,
def post_container(url, token, container, headers, http_conn=None, def post_container(url, token, container, headers, http_conn=None,
response_dict=None): response_dict=None, service_token=None):
""" """
Update a container's metadata. Update a container's metadata.
@ -797,6 +819,7 @@ def post_container(url, token, container, headers, http_conn=None,
conn object) conn object)
:param response_dict: an optional dictionary into which to place :param response_dict: an optional dictionary into which to place
the response - status, reason and headers the response - status, reason and headers
:param service_token: service auth token
:raises ClientException: HTTP POST request failed :raises ClientException: HTTP POST request failed
""" """
if http_conn: if http_conn:
@ -806,6 +829,8 @@ def post_container(url, token, container, headers, http_conn=None,
path = '%s/%s' % (parsed.path, quote(container)) path = '%s/%s' % (parsed.path, quote(container))
method = 'POST' method = 'POST'
headers['X-Auth-Token'] = token headers['X-Auth-Token'] = token
if service_token:
headers['X-Service-Token'] = service_token
if 'content-length' not in (k.lower() for k in headers): if 'content-length' not in (k.lower() for k in headers):
headers['Content-Length'] = '0' headers['Content-Length'] = '0'
conn.request(method, path, '', headers) conn.request(method, path, '', headers)
@ -825,7 +850,7 @@ def post_container(url, token, container, headers, http_conn=None,
def delete_container(url, token, container, http_conn=None, def delete_container(url, token, container, http_conn=None,
response_dict=None): response_dict=None, service_token=None):
""" """
Delete a container Delete a container
@ -836,6 +861,7 @@ def delete_container(url, token, container, http_conn=None,
conn object) conn object)
:param response_dict: an optional dictionary into which to place :param response_dict: an optional dictionary into which to place
the response - status, reason and headers the response - status, reason and headers
:param service_token: service auth token
:raises ClientException: HTTP DELETE request failed :raises ClientException: HTTP DELETE request failed
""" """
if http_conn: if http_conn:
@ -844,6 +870,8 @@ def delete_container(url, token, container, http_conn=None,
parsed, conn = http_connection(url) parsed, conn = http_connection(url)
path = '%s/%s' % (parsed.path, quote(container)) path = '%s/%s' % (parsed.path, quote(container))
headers = {'X-Auth-Token': token} headers = {'X-Auth-Token': token}
if service_token:
headers['X-Service-Token'] = service_token
method = 'DELETE' method = 'DELETE'
conn.request(method, path, '', headers) conn.request(method, path, '', headers)
resp = conn.getresponse() resp = conn.getresponse()
@ -863,7 +891,7 @@ def delete_container(url, token, container, http_conn=None,
def get_object(url, token, container, name, http_conn=None, def get_object(url, token, container, name, http_conn=None,
resp_chunk_size=None, query_string=None, resp_chunk_size=None, query_string=None,
response_dict=None, headers=None): response_dict=None, headers=None, service_token=None):
""" """
Get an object Get an object
@ -882,6 +910,7 @@ def get_object(url, token, container, name, http_conn=None,
the response - status, reason and headers the response - status, reason and headers
:param headers: an optional dictionary with additional headers to include :param headers: an optional dictionary with additional headers to include
in the request in the request
:param service_token: service auth token
:returns: a tuple of (response headers, the object's contents) The response :returns: a tuple of (response headers, the object's contents) The response
headers will be a dict and all header names will be lowercase. headers will be a dict and all header names will be lowercase.
:raises ClientException: HTTP GET request failed :raises ClientException: HTTP GET request failed
@ -896,6 +925,8 @@ def get_object(url, token, container, name, http_conn=None,
method = 'GET' method = 'GET'
headers = headers.copy() if headers else {} headers = headers.copy() if headers else {}
headers['X-Auth-Token'] = token headers['X-Auth-Token'] = token
if service_token:
headers['X-Service-Token'] = service_token
conn.request(method, path, '', headers) conn.request(method, path, '', headers)
resp = conn.getresponse() resp = conn.getresponse()
@ -923,7 +954,8 @@ def get_object(url, token, container, name, http_conn=None,
return parsed_response['headers'], object_body return parsed_response['headers'], object_body
def head_object(url, token, container, name, http_conn=None): def head_object(url, token, container, name, http_conn=None,
service_token=None):
""" """
Get object info Get object info
@ -933,6 +965,7 @@ def head_object(url, token, container, name, http_conn=None):
:param name: object name to get info for :param name: object name to get info for
:param http_conn: HTTP connection object (If None, it will create the :param http_conn: HTTP connection object (If None, it will create the
conn object) conn object)
:param service_token: service auth token
:returns: a dict containing the response's headers (all header names will :returns: a dict containing the response's headers (all header names will
be lowercase) be lowercase)
:raises ClientException: HTTP HEAD request failed :raises ClientException: HTTP HEAD request failed
@ -944,6 +977,8 @@ def head_object(url, token, container, name, http_conn=None):
path = '%s/%s/%s' % (parsed.path, quote(container), quote(name)) path = '%s/%s/%s' % (parsed.path, quote(container), quote(name))
method = 'HEAD' method = 'HEAD'
headers = {'X-Auth-Token': token} headers = {'X-Auth-Token': token}
if service_token:
headers['X-Service-Token'] = service_token
conn.request(method, path, '', headers) conn.request(method, path, '', headers)
resp = conn.getresponse() resp = conn.getresponse()
body = resp.read() body = resp.read()
@ -963,7 +998,7 @@ def head_object(url, token, container, name, http_conn=None):
def put_object(url, token=None, container=None, name=None, contents=None, def put_object(url, token=None, container=None, name=None, contents=None,
content_length=None, etag=None, chunk_size=None, content_length=None, etag=None, chunk_size=None,
content_type=None, headers=None, http_conn=None, proxy=None, content_type=None, headers=None, http_conn=None, proxy=None,
query_string=None, response_dict=None): query_string=None, response_dict=None, service_token=None):
""" """
Put an object Put an object
@ -994,6 +1029,7 @@ def put_object(url, token=None, container=None, name=None, contents=None,
:param query_string: if set will be appended with '?' to generated path :param query_string: if set will be appended with '?' to generated path
:param response_dict: an optional dictionary into which to place :param response_dict: an optional dictionary into which to place
the response - status, reason and headers the response - status, reason and headers
:param service_token: service auth token
:returns: etag :returns: etag
:raises ClientException: HTTP PUT request failed :raises ClientException: HTTP PUT request failed
""" """
@ -1014,6 +1050,8 @@ def put_object(url, token=None, container=None, name=None, contents=None,
headers = {} headers = {}
if token: if token:
headers['X-Auth-Token'] = token headers['X-Auth-Token'] = token
if service_token:
headers['X-Service-Token'] = service_token
if etag: if etag:
headers['ETag'] = etag.strip('"') headers['ETag'] = etag.strip('"')
if content_length is not None: if content_length is not None:
@ -1067,7 +1105,7 @@ def put_object(url, token=None, container=None, name=None, contents=None,
def post_object(url, token, container, name, headers, http_conn=None, def post_object(url, token, container, name, headers, http_conn=None,
response_dict=None): response_dict=None, service_token=None):
""" """
Update object metadata Update object metadata
@ -1080,6 +1118,7 @@ def post_object(url, token, container, name, headers, http_conn=None,
conn object) conn object)
:param response_dict: an optional dictionary into which to place :param response_dict: an optional dictionary into which to place
the response - status, reason and headers the response - status, reason and headers
:param service_token: service auth token
:raises ClientException: HTTP POST request failed :raises ClientException: HTTP POST request failed
""" """
if http_conn: if http_conn:
@ -1088,6 +1127,8 @@ def post_object(url, token, container, name, headers, http_conn=None,
parsed, conn = http_connection(url) parsed, conn = http_connection(url)
path = '%s/%s/%s' % (parsed.path, quote(container), quote(name)) path = '%s/%s/%s' % (parsed.path, quote(container), quote(name))
headers['X-Auth-Token'] = token headers['X-Auth-Token'] = token
if service_token:
headers['X-Service-Token'] = service_token
conn.request('POST', path, '', headers) conn.request('POST', path, '', headers)
resp = conn.getresponse() resp = conn.getresponse()
body = resp.read() body = resp.read()
@ -1105,7 +1146,7 @@ def post_object(url, token, container, name, headers, http_conn=None,
def delete_object(url, token=None, container=None, name=None, http_conn=None, def delete_object(url, token=None, container=None, name=None, http_conn=None,
headers=None, proxy=None, query_string=None, headers=None, proxy=None, query_string=None,
response_dict=None): response_dict=None, service_token=None):
""" """
Delete object Delete object
@ -1123,6 +1164,7 @@ def delete_object(url, token=None, container=None, name=None, http_conn=None,
:param query_string: if set will be appended with '?' to generated path :param query_string: if set will be appended with '?' to generated path
:param response_dict: an optional dictionary into which to place :param response_dict: an optional dictionary into which to place
the response - status, reason and headers the response - status, reason and headers
:param service_token: service auth token
:raises ClientException: HTTP DELETE request failed :raises ClientException: HTTP DELETE request failed
""" """
if http_conn: if http_conn:
@ -1142,6 +1184,8 @@ def delete_object(url, token=None, container=None, name=None, http_conn=None,
headers = {} headers = {}
if token: if token:
headers['X-Auth-Token'] = token headers['X-Auth-Token'] = token
if service_token:
headers['X-Service-Token'] = service_token
conn.request('DELETE', path, '', headers) conn.request('DELETE', path, '', headers)
resp = conn.getresponse() resp = conn.getresponse()
body = resp.read() body = resp.read()
@ -1184,7 +1228,19 @@ def get_capabilities(http_conn):
class Connection(object): class Connection(object):
"""Convenience class to make requests that will also retry the request"""
"""
Convenience class to make requests that will also retry the request
Requests will have an X-Auth-Token header whose value is either
the preauthtoken or a token obtained from the auth service using
the user credentials provided as args to the constructor. If
os_options includes a service_username then requests will also have
an X-Service-Token header whose value is a token obtained from the
auth service using the service credentials. In this case the request
url will be set to the storage_url obtained from the auth service
for the service user, unless this is overridden by a preauthurl.
"""
def __init__(self, authurl=None, user=None, key=None, retries=5, def __init__(self, authurl=None, user=None, key=None, retries=5,
preauthurl=None, preauthtoken=None, snet=False, preauthurl=None, preauthtoken=None, snet=False,
@ -1209,7 +1265,8 @@ class Connection(object):
to an auth 2.0 system. to an auth 2.0 system.
:param os_options: The OpenStack options which can have tenant_id, :param os_options: The OpenStack options which can have tenant_id,
auth_token, service_type, endpoint_type, auth_token, service_type, endpoint_type,
tenant_name, object_storage_url, region_name tenant_name, object_storage_url, region_name,
service_username, service_project_name, service_key
:param insecure: Allow to access servers without checking SSL certs. :param insecure: Allow to access servers without checking SSL certs.
The server's certificate will not be verified. The server's certificate will not be verified.
:param ssl_compression: Whether to enable compression at the SSL layer. :param ssl_compression: Whether to enable compression at the SSL layer.
@ -1240,6 +1297,11 @@ class Connection(object):
self.os_options['object_storage_url'] = preauthurl self.os_options['object_storage_url'] = preauthurl
self.url = preauthurl or self.os_options.get('object_storage_url') self.url = preauthurl or self.os_options.get('object_storage_url')
self.token = preauthtoken or self.os_options.get('auth_token') self.token = preauthtoken or self.os_options.get('auth_token')
if self.os_options.get('service_username', None):
self.service_auth = True
else:
self.service_auth = False
self.service_token = None
self.cacert = cacert self.cacert = cacert
self.insecure = insecure self.insecure = insecure
self.ssl_compression = ssl_compression self.ssl_compression = ssl_compression
@ -1267,6 +1329,24 @@ class Connection(object):
timeout=self.timeout) timeout=self.timeout)
return self.url, self.token return self.url, self.token
def get_service_auth(self):
opts = self.os_options
service_options = {}
service_options['tenant_name'] = opts.get('service_project_name', None)
service_options['region_name'] = opts.get('region_name', None)
service_options['object_storage_url'] = opts.get('object_storage_url',
None)
service_user = opts.get('service_username', None)
service_key = opts.get('service_key', None)
return get_auth(self.authurl, service_user,
service_key,
snet=self.snet,
auth_version=self.auth_version,
os_options=service_options,
cacert=self.cacert,
insecure=self.insecure,
timeout=self.timeout)
def http_connection(self, url=None): def http_connection(self, url=None):
return http_connection(url if url else self.url, return http_connection(url if url else self.url,
cacert=self.cacert, cacert=self.cacert,
@ -1294,13 +1374,17 @@ class Connection(object):
if not self.url or not self.token: if not self.url or not self.token:
self.url, self.token = self.get_auth() self.url, self.token = self.get_auth()
self.http_conn = None self.http_conn = None
if self.service_auth and not self.service_token:
self.url, self.service_token = self.get_service_auth()
self.http_conn = None
self.auth_end_time = time() self.auth_end_time = time()
if not self.http_conn: if not self.http_conn:
self.http_conn = self.http_connection() self.http_conn = self.http_connection()
kwargs['http_conn'] = self.http_conn kwargs['http_conn'] = self.http_conn
if caller_response_dict is not None: if caller_response_dict is not None:
kwargs['response_dict'] = {} kwargs['response_dict'] = {}
rv = func(self.url, self.token, *args, **kwargs) rv = func(self.url, self.token, *args,
service_token=self.service_token, **kwargs)
self._add_response_dict(caller_response_dict, kwargs) self._add_response_dict(caller_response_dict, kwargs)
return rv return rv
except SSLError: except SSLError:
@ -1317,7 +1401,7 @@ class Connection(object):
logger.exception(err) logger.exception(err)
raise raise
if err.http_status == 401: if err.http_status == 401:
self.url = self.token = None self.url = self.token = self.service_token = None
if retried_auth or not all((self.authurl, if retried_auth or not all((self.authurl,
self.user, self.user,
self.key)): self.key)):

307
tests/unit/test_swiftclient.py

@ -1333,7 +1333,7 @@ class TestConnection(MockHttpTest):
# represenative of the unit under test. The real get_auth # represenative of the unit under test. The real get_auth
# method will always return the os_option dict's # method will always return the os_option dict's
# object_storage_url which will be overridden by the # object_storage_url which will be overridden by the
# preauthurl paramater to Connection if it is provided. # preauthurl parameter to Connection if it is provided.
return 'http://www.new.com', 'new' return 'http://www.new.com', 'new'
def swap_sleep(*args): def swap_sleep(*args):
@ -1806,3 +1806,308 @@ class TestCloseConnection(MockHttpTest):
self.assertIsInstance(http_conn_obj, c.HTTPConnection) self.assertIsInstance(http_conn_obj, c.HTTPConnection)
self.assertFalse(hasattr(http_conn_obj, 'close')) self.assertFalse(hasattr(http_conn_obj, 'close'))
conn.close() conn.close()
class TestServiceToken(MockHttpTest):
def setUp(self):
super(TestServiceToken, self).setUp()
self.os_options = {
'object_storage_url': 'http://storage_url.com',
'service_username': 'service_username',
'service_project_name': 'service_project_name',
'service_key': 'service_key'}
def get_connection(self):
conn = c.Connection('http://www.test.com', 'asdf', 'asdf',
os_options=self.os_options)
self.assertTrue(isinstance(conn, c.Connection))
conn.get_auth = self.get_auth
conn.get_service_auth = self.get_service_auth
self.assertEqual(conn.attempts, 0)
self.assertEqual(conn.service_token, None)
self.assertTrue(isinstance(conn, c.Connection))
return conn
def get_auth(self):
# The real get_auth function will always return the os_option
# dict's object_storage_url which will be overridden by the
# preauthurl paramater to Connection if it is provided.
return self.os_options.get('object_storage_url'), 'token'
def get_service_auth(self):
# The real get_auth function will always return the os_option
# dict's object_storage_url which will be overridden by the
# preauthurl parameter to Connection if it is provided.
return self.os_options.get('object_storage_url'), 'stoken'
def test_service_token_reauth(self):
get_auth_call_list = []
def get_auth(url, user, key, **kwargs):
# The real get_auth function will always return the os_option
# dict's object_storage_url which will be overridden by the
# preauthurl parameter to Connection if it is provided.
args = {'url': url, 'user': user, 'key': key, 'kwargs': kwargs}
get_auth_call_list.append(args)
return_dict = {'asdf': 'new', 'service_username': 'newserv'}
storage_url = kwargs['os_options'].get('object_storage_url')
return storage_url, return_dict[user]
def swap_sleep(*args):
self.swap_sleep_called = True
c.get_auth = get_auth
with mock.patch('swiftclient.client.http_connection',
self.fake_http_connection(401, 200)):
with mock.patch('swiftclient.client.sleep', swap_sleep):
self.swap_sleep_called = False
conn = c.Connection('http://www.test.com', 'asdf', 'asdf',
preauthurl='http://www.old.com',
preauthtoken='old',
os_options=self.os_options)
self.assertEqual(conn.attempts, 0)
self.assertEqual(conn.url, 'http://www.old.com')
self.assertEqual(conn.token, 'old')
conn.head_account()
self.assertTrue(self.swap_sleep_called)
self.assertEqual(conn.attempts, 2)
# The original 'preauth' storage URL *must* be preserved
self.assertEqual(conn.url, 'http://www.old.com')
self.assertEqual(conn.token, 'new')
self.assertEqual(conn.service_token, 'newserv')
# Check get_auth was called with expected args
auth_args = get_auth_call_list[0]
auth_kwargs = get_auth_call_list[0]['kwargs']
self.assertEqual('asdf', auth_args['user'])
self.assertEqual('asdf', auth_args['key'])
self.assertEqual('service_key',
auth_kwargs['os_options']['service_key'])
self.assertEqual('service_username',
auth_kwargs['os_options']['service_username'])
self.assertEqual('service_project_name',
auth_kwargs['os_options']['service_project_name'])
auth_args = get_auth_call_list[1]
auth_kwargs = get_auth_call_list[1]['kwargs']
self.assertEqual('service_username', auth_args['user'])
self.assertEqual('service_key', auth_args['key'])
self.assertEqual('service_project_name',
auth_kwargs['os_options']['tenant_name'])
def test_service_token_get_account(self):
with mock.patch('swiftclient.client.http_connection',
self.fake_http_connection(200)):
with mock.patch('swiftclient.client.parse_api_response'):
conn = self.get_connection()
conn.get_account()
self.assertEqual(1, len(self.request_log), self.request_log)
for actual in self.iter_request_log():
self.assertEqual('GET', actual['method'])
actual_hdrs = actual['headers']
self.assertTrue('X-Service-Token' in actual_hdrs)
self.assertEqual('stoken', actual_hdrs['X-Service-Token'])
self.assertEqual('token', actual_hdrs['X-Auth-Token'])
self.assertEqual('http://storage_url.com/?format=json',
actual['full_path'])
self.assertEqual(conn.attempts, 1)
def test_service_token_head_account(self):
with mock.patch('swiftclient.client.http_connection',
self.fake_http_connection(200)):
conn = self.get_connection()
conn.head_account()
self.assertEqual(1, len(self.request_log), self.request_log)
for actual in self.iter_request_log():
self.assertEqual('HEAD', actual['method'])
actual_hdrs = actual['headers']
self.assertTrue('X-Service-Token' in actual_hdrs)
self.assertEqual('stoken', actual_hdrs['X-Service-Token'])
self.assertEqual('token', actual_hdrs['X-Auth-Token'])
self.assertEqual('http://storage_url.com', actual['full_path'])
self.assertEqual(conn.attempts, 1)
def test_service_token_post_account(self):
with mock.patch('swiftclient.client.http_connection',
self.fake_http_connection(201)):
conn = self.get_connection()
conn.post_account(headers={})
self.assertEqual(1, len(self.request_log), self.request_log)
for actual in self.iter_request_log():
self.assertEqual('POST', actual['method'])
actual_hdrs = actual['headers']
self.assertTrue('X-Service-Token' in actual_hdrs)
self.assertEqual('stoken', actual_hdrs['X-Service-Token'])
self.assertEqual('token', actual_hdrs['X-Auth-Token'])
self.assertEqual('http://storage_url.com', actual['full_path'])
self.assertEqual(conn.attempts, 1)
def test_service_token_delete_container(self):
with mock.patch('swiftclient.client.http_connection',
self.fake_http_connection(204)):
conn = self.get_connection()
conn.delete_container('container1')
self.assertEqual(1, len(self.request_log), self.request_log)
for actual in self.iter_request_log():
self.assertEqual('DELETE', actual['method'])
actual_hdrs = actual['headers']
self.assertTrue('X-Service-Token' in actual_hdrs)
self.assertEqual('stoken', actual_hdrs['X-Service-Token'])
self.assertEqual('token', actual_hdrs['X-Auth-Token'])
self.assertEqual('http://storage_url.com/container1',
actual['full_path'])
self.assertEqual(conn.attempts, 1)
def test_service_token_get_container(self):
with mock.patch('swiftclient.client.http_connection',
self.fake_http_connection(200)):
with mock.patch('swiftclient.client.parse_api_response'):
conn = self.get_connection()
conn.get_container('container1')
self.assertEqual(1, len(self.request_log), self.request_log)
for actual in self.iter_request_log():
self.assertEqual('GET', actual['method'])
actual_hdrs = actual['headers']
self.assertTrue('X-Service-Token' in actual_hdrs)
self.assertEqual('stoken', actual_hdrs['X-Service-Token'])
self.assertEqual('token', actual_hdrs['X-Auth-Token'])
self.assertEqual('http://storage_url.com/container1?format=json',
actual['full_path'])
self.assertEqual(conn.attempts, 1)
def test_service_token_head_container(self):
with mock.patch('swiftclient.client.http_connection',
self.fake_http_connection(200)):
conn = self.get_connection()
conn.head_container('container1')
self.assertEqual(1, len(self.request_log), self.request_log)
for actual in self.iter_request_log():
self.assertEqual('HEAD', actual['method'])
actual_hdrs = actual['headers']
self.assertTrue('X-Service-Token' in actual_hdrs)
self.assertEqual('stoken', actual_hdrs['X-Service-Token'])
self.assertEqual('token', actual_hdrs['X-Auth-Token'])
self.assertEqual('http://storage_url.com/container1',
actual['full_path'])
self.assertEqual(conn.attempts, 1)
def test_service_token_post_container(self):
with mock.patch('swiftclient.client.http_connection',
self.fake_http_connection(201)):
conn = self.get_connection()
conn.post_container('container1', {})
self.assertEqual(1, len(self.request_log), self.request_log)
for actual in self.iter_request_log():
self.assertEqual('POST', actual['method'])
actual_hdrs = actual['headers']
self.assertTrue('X-Service-Token' in actual_hdrs)
self.assertEqual('stoken', actual_hdrs['X-Service-Token'])
self.assertEqual('token', actual_hdrs['X-Auth-Token'])
self.assertEqual('http://storage_url.com/container1',
actual['full_path'])
self.assertEqual(conn.attempts, 1)
def test_service_token_put_container(self):
with mock.patch('swiftclient.client.http_connection',
self.fake_http_connection(200)):
conn = self.get_connection()
conn.put_container('container1')
self.assertEqual(1, len(self.request_log), self.request_log)
for actual in self.iter_request_log():
self.assertEqual('PUT', actual['method'])
actual_hdrs = actual['headers']
self.assertTrue('X-Service-Token' in actual_hdrs)
self.assertEqual('stoken', actual_hdrs['X-Service-Token'])
self.assertEqual('token', actual_hdrs['X-Auth-Token'])
self.assertEqual('http://storage_url.com/container1',
actual['full_path'])
self.assertEqual(conn.attempts, 1)
def test_service_token_get_object(self):
with mock.patch('swiftclient.client.http_connection',
self.fake_http_connection(200)):
conn = self.get_connection()
conn.get_object('container1', 'obj1')
self.assertEqual(1, len(self.request_log), self.request_log)
for actual in self.iter_request_log():
self.assertEqual('GET', actual['method'])
actual_hdrs = actual['headers']
self.assertTrue('X-Service-Token' in actual_hdrs)
self.assertEqual('stoken', actual_hdrs['X-Service-Token'])
self.assertEqual('token', actual_hdrs['X-Auth-Token'])
self.assertEqual('http://storage_url.com/container1/obj1',
actual['full_path'])
self.assertEqual(conn.attempts, 1)
def test_service_token_head_object(self):
with mock.patch('swiftclient.client.http_connection',
self.fake_http_connection(200)):
conn = self.get_connection()
conn.head_object('container1', 'obj1')
self.assertEqual(1, len(self.request_log), self.request_log)
for actual in self.iter_request_log():
self.assertEqual('HEAD', actual['method'])
actual_hdrs = actual['headers']
self.assertTrue('X-Service-Token' in actual_hdrs)
self.assertEqual('stoken', actual_hdrs['X-Service-Token'])
self.assertEqual('token', actual_hdrs['X-Auth-Token'])
self.assertEqual('http://storage_url.com/container1/obj1',
actual['full_path'])
self.assertEqual(conn.attempts, 1)
def test_service_token_put_object(self):
with mock.patch('swiftclient.client.http_connection',
self.fake_http_connection(200)):
conn = self.get_connection()
conn.put_object('container1', 'obj1', 'a_string')
self.assertEqual(1, len(self.request_log), self.request_log)
for actual in self.iter_request_log():
self.assertEqual('PUT', actual['method'])
actual_hdrs = actual['headers']
self.assertTrue('X-Service-Token' in actual_hdrs)
self.assertEqual('stoken', actual_hdrs['X-Service-Token'])
self.assertEqual('token', actual_hdrs['X-Auth-Token'])
self.assertEqual('http://storage_url.com/container1/obj1',
actual['full_path'])
self.assertEqual(conn.attempts, 1)
def test_service_token_post_object(self):
with mock.patch('swiftclient.client.http_connection',
self.fake_http_connection(202)):
conn = self.get_connection()
conn.post_object('container1', 'obj1', {})
self.assertEqual(1, len(self.request_log), self.request_log)
for actual in self.iter_request_log():
self.assertEqual('POST', actual['method'])
actual_hdrs = actual['headers']
self.assertTrue('X-Service-Token' in actual_hdrs)
self.assertEqual('stoken', actual_hdrs['X-Service-Token'])
self.assertEqual('token', actual_hdrs['X-Auth-Token'])
self.assertEqual('http://storage_url.com/container1/obj1',
actual['full_path'])
self.assertEqual(conn.attempts, 1)
def test_service_token_delete_object(self):
with mock.patch('swiftclient.client.http_connection',
self.fake_http_connection(202)):
conn = self.get_connection()
conn.delete_object('container1', 'obj1', 'a_string')
self.assertEqual(1, len(self.request_log), self.request_log)
for actual in self.iter_request_log():
self.assertEqual('DELETE', actual['method'])
actual_hdrs = actual['headers']
self.assertTrue('X-Service-Token' in actual_hdrs)
self.assertEqual('stoken', actual_hdrs['X-Service-Token'])
self.assertEqual('token', actual_hdrs['X-Auth-Token'])
self.assertEqual('http://storage_url.com/container1/obj1?a_string',
actual['full_path'])
self.assertEqual(conn.attempts, 1)