openstack
/
tempest
Code Issues Proposed changes

Multiversion authentication part1 

Moves authentication from rest_client to an external auth_provider,
assigned to the client by the client manager.

The auth provider can decorate a request based on credentials (coming
from the client manager) and filters (region, service, endpoint_type)
given by the client. The auth provider can also return the raw
auth_data, which in the Keystone implementation is a tuple (token,
auth_data). The auth provider allows mixing multiple credentials
when decorating a request, possibly using empty or invalid credentials,
to facilitate negative tests.

The auth provider caches auth data, so that all API requests for a
specific set of credentials only require a single call to obtain a
token, unless the token expires or is forcefully deleted from the
auth provder.

Two implementations of the auth provider are included: Keystonev2 and
Keystonev3.  The Manager object behaves as factory of auth_providers,
building the correct one based on the configured auth_version, and on
the interface type (JSON or XML).

Fixes endpoint selection for v3 auth. Drops unused basic_auth.
Extends TokenClients to provide both token and auth data,
and accept different combinations of credentials for v3.
Removes redundant server_client_v3_auth.

Adapts tempest unit tests to work with modified rest client.

Introduces a configuration parameter for authentication version to be
used. That is used when instantiating the client manager, and it
applies to all clients used by api tests.

Next steps (next patches):
- move to credentials as dict (as opposed to tuple)
- expose a get_client method from the client manager
  and create clients only when requested
- remove redundant CustomizedHeader object storage clients
- supports keystone v3 in tenant isolation
- use Auth Provider in scenario tests
- use Auth Provider in CLI tests
- implement parsing of catalog XML format (?)

Partially implements: bp multi-keystone-api-version-tests

Change-Id: Icfa921e9051c01f339f8d2471b12d6ec950cc456
This commit is contained in:
Andrea Frittoli 2014-01-06 11:06:13 +00:00
parent 357295d5c6
commit 8bbdb1660f
119 changed files with 1373 additions and 996 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
etc/tempest.conf.sample
View File

@ -397,6 +397,11 @@
# (string value)
#uri_v3=<None>
# Identity API version to be used for authentication for API
# tests. Planned to extend to tenant isolation, scenario tests
# and CLI tests. (string value)
#auth_version=v2
# The identity region name to use. Also used as the other
# services' region name unless they are set explicitly. If no
# such region is found in the service catalog, the first found

1
tempest/api/compute/base.py
View File

@ -188,7 +188,6 @@ class BaseV2ComputeTest(BaseComputeTest):
cls.instance_usages_audit_log_client = \
cls.os.instance_usages_audit_log_client
cls.hypervisor_client = cls.os.hypervisor_client
cls.servers_client_v3_auth = cls.os.servers_client_v3_auth
cls.certificates_client = cls.os.certificates_client
@classmethod

47
tempest/api/compute/test_authorization.py
View File

@ -57,7 +57,6 @@ class AuthorizationTestJSON(base.BaseV2ComputeTest):
cls.alt_keypairs_client = cls.alt_manager.keypairs_client
cls.alt_security_client = cls.alt_manager.security_groups_client
cls.alt_security_client._set_auth()
resp, server = cls.create_test_server(wait_until='ACTIVE')
resp, cls.server = cls.client.get_server(server['id'])
@ -174,16 +173,14 @@ class AuthorizationTestJSON(base.BaseV2ComputeTest):
def test_create_server_fails_when_tenant_incorrect(self):
# A create server request should fail if the tenant id does not match
# the current user
saved_base_url = self.alt_client.base_url
try:
# Change the base URL to impersonate another user
self.alt_client.base_url = self.client.base_url
self.assertRaises(exceptions.BadRequest,
self.alt_client.create_server, 'test',
self.image['id'], self.flavor_ref)
finally:
# Reset the base_url...
self.alt_client.base_url = saved_base_url
# Change the base URL to impersonate another user
self.alt_client.auth_provider.set_alt_auth_data(
request_part='url',
auth_data=self.client.auth_provider.auth_data
)
self.assertRaises(exceptions.BadRequest,
self.alt_client.create_server, 'test',
self.image['id'], self.flavor_ref)
@attr(type='gate')
def test_create_keypair_in_analt_user_tenant(self):
@ -191,18 +188,18 @@ class AuthorizationTestJSON(base.BaseV2ComputeTest):
# the current user
# POST keypair with other user tenant
k_name = data_utils.rand_name('keypair-')
self.alt_keypairs_client._set_auth()
self.saved_base_url = self.alt_keypairs_client.base_url
try:
# Change the base URL to impersonate another user
self.alt_keypairs_client.base_url = self.keypairs_client.base_url
self.alt_keypairs_client.auth_provider.set_alt_auth_data(
request_part='url',
auth_data=self.keypairs_client.auth_provider.auth_data
)
resp = {}
resp['status'] = None
self.assertRaises(exceptions.BadRequest,
self.alt_keypairs_client.create_keypair, k_name)
finally:
# Reset the base_url...
self.alt_keypairs_client.base_url = self.saved_base_url
# Next request the base_url is back to normal
if (resp['status'] is not None):
resp, _ = self.alt_keypairs_client.delete_keypair(k_name)
LOG.error("Create keypair request should not happen "
@ -242,18 +239,19 @@ class AuthorizationTestJSON(base.BaseV2ComputeTest):
# POST security group with other user tenant
s_name = data_utils.rand_name('security-')
s_description = data_utils.rand_name('security')
self.saved_base_url = self.alt_security_client.base_url
try:
# Change the base URL to impersonate another user
self.alt_security_client.base_url = self.security_client.base_url
self.alt_security_client.auth_provider.set_alt_auth_data(
request_part='url',
auth_data=self.security_client.auth_provider.auth_data
)
resp = {}
resp['status'] = None
self.assertRaises(exceptions.BadRequest,
self.alt_security_client.create_security_group,
s_name, s_description)
finally:
# Reset the base_url...
self.alt_security_client.base_url = self.saved_base_url
# Next request the base_url is back to normal
if resp['status'] is not None:
self.alt_security_client.delete_security_group(resp['id'])
LOG.error("Create Security Group request should not happen if"
@ -282,10 +280,12 @@ class AuthorizationTestJSON(base.BaseV2ComputeTest):
ip_protocol = 'icmp'
from_port = -1
to_port = -1
self.saved_base_url = self.alt_security_client.base_url
try:
# Change the base URL to impersonate another user
self.alt_security_client.base_url = self.security_client.base_url
self.alt_security_client.auth_provider.set_alt_auth_data(
request_part='url',
auth_data=self.security_client.auth_provider.auth_data
)
resp = {}
resp['status'] = None
self.assertRaises(exceptions.BadRequest,
@ -294,8 +294,7 @@ class AuthorizationTestJSON(base.BaseV2ComputeTest):
parent_group_id, ip_protocol, from_port,
to_port)
finally:
# Reset the base_url...
self.alt_security_client.base_url = self.saved_base_url
# Next request the base_url is back to normal
if resp['status'] is not None:
self.alt_security_client.delete_security_group_rule(resp['id'])
LOG.error("Create security group rule request should not "

24
tempest/api/identity/admin/test_roles_negative.py
View File

@ -41,10 +41,10 @@ class RolesNegativeTestJSON(base.BaseIdentityAdminTest):
@attr(type=['negative', 'gate'])
def test_list_roles_request_without_token(self):
# Request to list roles without a valid token should fail
token = self.client.get_auth()
token = self.client.auth_provider.get_token()
self.client.delete_token(token)
self.assertRaises(exceptions.Unauthorized, self.client.list_roles)
self.client.clear_auth()
self.client.auth_provider.clear_auth()
@attr(type=['negative', 'gate'])
def test_role_create_blank_name(self):
@ -61,12 +61,12 @@ class RolesNegativeTestJSON(base.BaseIdentityAdminTest):
@attr(type=['negative', 'gate'])
def test_create_role_request_without_token(self):
# Request to create role without a valid token should fail
token = self.client.get_auth()
token = self.client.auth_provider.get_token()
self.client.delete_token(token)
role_name = data_utils.rand_name(name='role-')
self.assertRaises(exceptions.Unauthorized,
self.client.create_role, role_name)
self.client.clear_auth()
self.client.auth_provider.clear_auth()
@attr(type=['negative', 'gate'])
def test_role_create_duplicate(self):
@ -99,12 +99,12 @@ class RolesNegativeTestJSON(base.BaseIdentityAdminTest):
self.assertEqual(200, resp.status)
self.data.roles.append(body)
role_id = body.get('id')
token = self.client.get_auth()
token = self.client.auth_provider.get_token()
self.client.delete_token(token)
self.assertRaises(exceptions.Unauthorized,
self.client.delete_role,
role_id)
self.client.clear_auth()
self.client.auth_provider.clear_auth()
@attr(type=['negative', 'gate'])
def test_delete_role_non_existent(self):
@ -126,12 +126,12 @@ class RolesNegativeTestJSON(base.BaseIdentityAdminTest):
def test_assign_user_role_request_without_token(self):
# Request to assign a role to a user without a valid token
(user, tenant, role) = self._get_role_params()
token = self.client.get_auth()
token = self.client.auth_provider.get_token()
self.client.delete_token(token)
self.assertRaises(exceptions.Unauthorized,
self.client.assign_user_role, tenant['id'],
user['id'], role['id'])
self.client.clear_auth()
self.client.auth_provider.clear_auth()
@attr(type=['negative', 'gate'])
def test_assign_user_role_for_non_existent_role(self):
@ -176,12 +176,12 @@ class RolesNegativeTestJSON(base.BaseIdentityAdminTest):
resp, user_role = self.client.assign_user_role(tenant['id'],
user['id'],
role['id'])
token = self.client.get_auth()
token = self.client.auth_provider.get_token()
self.client.delete_token(token)
self.assertRaises(exceptions.Unauthorized,
self.client.remove_user_role, tenant['id'],
user['id'], role['id'])
self.client.clear_auth()
self.client.auth_provider.clear_auth()
@attr(type=['negative', 'gate'])
def test_remove_user_role_non_existent_role(self):
@ -219,14 +219,14 @@ class RolesNegativeTestJSON(base.BaseIdentityAdminTest):
def test_list_user_roles_request_without_token(self):
# Request to list user's roles without a valid token should fail
(user, tenant, role) = self._get_role_params()
token = self.client.get_auth()
token = self.client.auth_provider.get_token()
self.client.delete_token(token)
try:
self.assertRaises(exceptions.Unauthorized,
self.client.list_user_roles, tenant['id'],
user['id'])
finally:
self.client.clear_auth()
self.client.auth_provider.clear_auth()
class RolesTestXML(RolesNegativeTestJSON):

16
tempest/api/identity/admin/test_tenant_negative.py
View File

@ -33,10 +33,10 @@ class TenantsNegativeTestJSON(base.BaseIdentityAdminTest):
@attr(type=['negative', 'gate'])
def test_list_tenant_request_without_token(self):
# Request to list tenants without a valid token should fail
token = self.client.get_auth()
token = self.client.auth_provider.get_token()
self.client.delete_token(token)
self.assertRaises(exceptions.Unauthorized, self.client.list_tenants)
self.client.clear_auth()
self.client.auth_provider.clear_auth()
@attr(type=['negative', 'gate'])
def test_tenant_delete_by_unauthorized_user(self):
@ -55,11 +55,11 @@ class TenantsNegativeTestJSON(base.BaseIdentityAdminTest):
resp, tenant = self.client.create_tenant(tenant_name)
self.assertEqual(200, resp.status)
self.data.tenants.append(tenant)
token = self.client.get_auth()
token = self.client.auth_provider.get_token()
self.client.delete_token(token)
self.assertRaises(exceptions.Unauthorized, self.client.delete_tenant,
tenant['id'])
self.client.clear_auth()
self.client.auth_provider.clear_auth()
@attr(type=['negative', 'gate'])
def test_delete_non_existent_tenant(self):
@ -93,11 +93,11 @@ class TenantsNegativeTestJSON(base.BaseIdentityAdminTest):
def test_create_tenant_request_without_token(self):
# Create tenant request without a token should not be authorized
tenant_name = data_utils.rand_name(name='tenant-')
token = self.client.get_auth()
token = self.client.auth_provider.get_token()
self.client.delete_token(token)
self.assertRaises(exceptions.Unauthorized, self.client.create_tenant,
tenant_name)
self.client.clear_auth()
self.client.auth_provider.clear_auth()
@attr(type=['negative', 'gate'])
def test_create_tenant_with_empty_name(self):
@ -135,11 +135,11 @@ class TenantsNegativeTestJSON(base.BaseIdentityAdminTest):
resp, tenant = self.client.create_tenant(tenant_name)
self.assertEqual(200, resp.status)
self.data.tenants.append(tenant)
token = self.client.get_auth()
token = self.client.auth_provider.get_token()
self.client.delete_token(token)
self.assertRaises(exceptions.Unauthorized, self.client.update_tenant,
tenant['id'])
self.client.clear_auth()
self.client.auth_provider.clear_auth()
class TenantsNegativeTestXML(TenantsNegativeTestJSON):

7
tempest/api/identity/admin/test_tokens.py
View File

@ -13,8 +13,6 @@
# License for the specific language governing permissions and limitations
# under the License.
import json
from tempest.api.identity import base
from tempest.common.utils import data_utils
from tempest.test import attr
@ -42,12 +40,11 @@ class TokensTestJSON(base.BaseIdentityAdminTest):
rsp, body = self.token_client.auth(user_name,
user_password,
tenant['name'])
access_data = json.loads(body)['access']
self.assertEqual(rsp['status'], '200')
self.assertEqual(access_data['token']['tenant']['name'],
self.assertEqual(body['token']['tenant']['name'],
tenant['name'])
# then delete the token
token_id = access_data['token']['id']
token_id = body['token']['id']
resp, body = self.client.delete_token(token_id)
self.assertEqual(resp['status'], '204')

4
tempest/api/identity/admin/test_users.py
View File

@ -115,7 +115,7 @@ class UsersTestJSON(base.BaseIdentityAdminTest):
self.token_client.auth(self.data.test_user, self.data.test_password,
self.data.test_tenant)
# Get the token of the current client
token = self.client.get_auth()
token = self.client.auth_provider.get_token()
# Delete the token from database
self.client.delete_token(token)
# Re-auth
@ -123,7 +123,7 @@ class UsersTestJSON(base.BaseIdentityAdminTest):
self.data.test_password,
self.data.test_tenant)
self.assertEqual('200', resp['status'])
self.client.clear_auth()
self.client.auth_provider.clear_auth()
@attr(type='smoke')
def test_get_users(self):

16
tempest/api/identity/admin/test_users_negative.py
View File

@ -75,7 +75,7 @@ class UsersNegativeTestJSON(base.BaseIdentityAdminTest):
# Request to create a user without a valid token should fail
self.data.setup_test_tenant()
# Get the token of the current client
token = self.client.get_auth()
token = self.client.auth_provider.get_token()
# Delete the token from database
self.client.delete_token(token)
self.assertRaises(exceptions.Unauthorized, self.client.create_user,
@ -83,7 +83,7 @@ class UsersNegativeTestJSON(base.BaseIdentityAdminTest):
self.data.tenant['id'], self.alt_email)
# Unset the token to allow further tests to generate a new token
self.client.clear_auth()
self.client.auth_provider.clear_auth()
@attr(type=['negative', 'gate'])
def test_create_user_with_enabled_non_bool(self):
@ -108,14 +108,14 @@ class UsersNegativeTestJSON(base.BaseIdentityAdminTest):
# Request to update a user without a valid token should fail
# Get the token of the current client
token = self.client.get_auth()
token = self.client.auth_provider.get_token()
# Delete the token from database
self.client.delete_token(token)
self.assertRaises(exceptions.Unauthorized, self.client.update_user,
self.alt_user)
# Unset the token to allow further tests to generate a new token
self.client.clear_auth()
self.client.auth_provider.clear_auth()
@attr(type=['negative', 'gate'])
def test_update_user_by_unauthorized_user(self):
@ -143,14 +143,14 @@ class UsersNegativeTestJSON(base.BaseIdentityAdminTest):
# Request to delete a user without a valid token should fail
# Get the token of the current client
token = self.client.get_auth()
token = self.client.auth_provider.get_token()
# Delete the token from database
self.client.delete_token(token)
self.assertRaises(exceptions.Unauthorized, self.client.delete_user,
self.alt_user)
# Unset the token to allow further tests to generate a new token
self.client.clear_auth()
self.client.auth_provider.clear_auth()
@attr(type=['negative', 'gate'])
def test_authentication_for_disabled_user(self):
@ -207,10 +207,10 @@ class UsersNegativeTestJSON(base.BaseIdentityAdminTest):
@attr(type=['negative', 'gate'])
def test_get_users_request_without_token(self):
# Request to get list of users without a valid token should fail
token = self.client.get_auth()
token = self.client.auth_provider.auth_data[0]
self.client.delete_token(token)
self.assertRaises(exceptions.Unauthorized, self.client.get_users)
self.client.clear_auth()
self.client.auth_provider.clear_auth()
@attr(type=['negative', 'gate'])
def test_list_users_with_invalid_tenant(self):

9
tempest/api/object_storage/base.py
View File

@ -74,6 +74,15 @@ class BaseObjectTest(tempest.test.BaseTestCase):
cls.container_client_alt = cls.os_alt.container_client
cls.identity_client_alt = cls.os_alt.identity_client
# Make sure we get fresh auth data after assigning swift role
cls.object_client.auth_provider.clear_auth()
cls.container_client.auth_provider.clear_auth()
cls.account_client.auth_provider.clear_auth()
cls.custom_object_client.auth_provider.clear_auth()
cls.custom_account_client.auth_provider.clear_auth()
cls.object_client_alt.auth_provider.clear_auth()
cls.container_client_alt.auth_provider.clear_auth()
cls.data = DataGenerator(cls.identity_admin_client)
@classmethod

33
tempest/api/object_storage/test_account_quotas.py
View File

@ -62,26 +62,34 @@ class AccountQuotasTest(base.BaseObjectTest):
reseller_user_id,
reseller_role_id)
# Retrieve a ResellerAdmin auth token and use it to set a quota
# Retrieve a ResellerAdmin auth data and use it to set a quota
# on the client's account
cls.reselleradmin_token = cls.token_client.get_token(
cls.data.test_user,
cls.data.test_password,
cls.data.test_tenant)
cls.reselleradmin_auth_data = \
cls.os_reselleradmin.get_auth_provider().auth_data
def setUp(self):
super(AccountQuotasTest, self).setUp()
# Set the reselleradmin auth in headers for next custom_account_client
# request
self.custom_account_client.auth_provider.set_alt_auth_data(
request_part='headers',
auth_data=self.reselleradmin_auth_data
)
# Set a quota of 20 bytes on the user's account before each test
headers = {"X-Auth-Token": self.reselleradmin_token,
"X-Account-Meta-Quota-Bytes": "20"}
headers = {"X-Account-Meta-Quota-Bytes": "20"}
self.os.custom_account_client.request("POST", "", headers, "")
def tearDown(self):
# Set the reselleradmin auth in headers for next custom_account_client
# request
self.custom_account_client.auth_provider.set_alt_auth_data(
request_part='headers',
auth_data=self.reselleradmin_auth_data
)
# remove the quota from the container
headers = {"X-Auth-Token": self.reselleradmin_token,
"X-Remove-Account-Meta-Quota-Bytes": "x"}
headers = {"X-Remove-Account-Meta-Quota-Bytes": "x"}
self.os.custom_account_client.request("POST", "", headers, "")
super(AccountQuotasTest, self).tearDown()
@ -118,8 +126,11 @@ class AccountQuotasTest(base.BaseObjectTest):
"""
for quota in ("25", "", "20"):
headers = {"X-Auth-Token": self.reselleradmin_token,
"X-Account-Meta-Quota-Bytes": quota}
self.custom_account_client.auth_provider.set_alt_auth_data(
request_part='headers',
auth_data=self.reselleradmin_auth_data
)
headers = {"X-Account-Meta-Quota-Bytes": quota}
resp, _ = self.os.custom_account_client.request("POST", "",
headers, "")

27
tempest/api/object_storage/test_account_quotas_negative.py
View File

@ -62,26 +62,33 @@ class AccountQuotasNegativeTest(base.BaseObjectTest):
reseller_user_id,
reseller_role_id)
# Retrieve a ResellerAdmin auth token and use it to set a quota
# Retrieve a ResellerAdmin auth data and use it to set a quota
# on the client's account
cls.reselleradmin_token = cls.token_client.get_token(
cls.data.test_user,
cls.data.test_password,
cls.data.test_tenant)
cls.reselleradmin_auth_data = \
cls.os_reselleradmin.get_auth_provider().auth_data
def setUp(self):
super(AccountQuotasNegativeTest, self).setUp()
# Set the reselleradmin auth in headers for next custom_account_client
# request
self.custom_account_client.auth_provider.set_alt_auth_data(
request_part='headers',
auth_data=self.reselleradmin_auth_data
)
# Set a quota of 20 bytes on the user's account before each test
headers = {"X-Auth-Token": self.reselleradmin_token,
"X-Account-Meta-Quota-Bytes": "20"}
headers = {"X-Account-Meta-Quota-Bytes": "20"}
self.os.custom_account_client.request("POST", "", headers, "")
def tearDown(self):
# Set the reselleradmin auth in headers for next custom_account_client
# request
self.custom_account_client.auth_provider.set_alt_auth_data(
request_part='headers',
auth_data=self.reselleradmin_auth_data
)
# remove the quota from the container
headers = {"X-Auth-Token": self.reselleradmin_token,
"X-Remove-Account-Meta-Quota-Bytes": "x"}
headers = {"X-Remove-Account-Meta-Quota-Bytes": "x"}
self.os.custom_account_client.request("POST", "", headers, "")
super(AccountQuotasNegativeTest, self).tearDown()

27
tempest/api/object_storage/test_account_services_negative.py
View File

@ -15,6 +15,7 @@
# under the License.
from tempest.api.object_storage import base
from tempest import clients
from tempest import exceptions
from tempest.test import attr
@ -27,18 +28,26 @@ class AccountNegativeTest(base.BaseObjectTest):
# create user
self.data.setup_test_user()
self.token_client.auth(self.data.test_user,
self.data.test_password,
self.data.test_tenant)
new_token = \
self.token_client.get_token(self.data.test_user,
self.data.test_password,
self.data.test_tenant)
custom_headers = {'X-Auth-Token': new_token}
test_os = clients.Manager(self.data.test_user,
self.data.test_password,
self.data.test_tenant)
test_auth_provider = test_os.get_auth_provider()
# Get auth for the test user
test_auth_provider.auth_data
# Get fresh auth for test user and set it to next auth request for
# custom_account_client
delattr(test_auth_provider, 'auth_data')
test_auth_new_data = test_auth_provider.auth_data
self.custom_account_client.auth_provider.set_alt_auth_data(
request_part='headers',
auth_data=test_auth_new_data
)
params = {'format': 'json'}
# list containers with non-authorized user token
self.assertRaises(exceptions.Unauthorized,
self.custom_account_client.list_account_containers,
params=params, metadata=custom_headers)
params=params)
# delete the user which was created
self.data.teardown_all()

23
tempest/api/object_storage/test_container_acl.py
View File

@ -14,6 +14,7 @@
# under the License.
from tempest.api.object_storage import base
from tempest import clients
from tempest.common.utils import data_utils
from tempest.test import attr
from tempest.test import HTTP_SUCCESS
@ -24,10 +25,10 @@ class ObjectTestACLs(base.BaseObjectTest):
def setUpClass(cls):
super(ObjectTestACLs, cls).setUpClass()
cls.data.setup_test_user()
cls.new_token = cls.token_client.get_token(cls.data.test_user,
cls.data.test_password,
cls.data.test_tenant)
cls.custom_headers = {'X-Auth-Token': cls.new_token}
test_os = clients.Manager(cls.data.test_user,
cls.data.test_password,
cls.data.test_tenant)
cls.test_auth_data = test_os.get_auth_provider().auth_data
@classmethod
def tearDownClass(cls):
@ -61,9 +62,12 @@ class ObjectTestACLs(base.BaseObjectTest):
self.assertEqual(resp['status'], '201')
self.assertHeaders(resp, 'Object', 'PUT')
# Trying to read the object with rights
self.custom_object_client.auth_provider.set_alt_auth_data(
request_part='headers',
auth_data=self.test_auth_data
)
resp, _ = self.custom_object_client.get_object(
self.container_name, object_name,
metadata=self.custom_headers)
self.container_name, object_name)
self.assertIn(int(resp['status']), HTTP_SUCCESS)
self.assertHeaders(resp, 'Object', 'GET')
@ -79,10 +83,13 @@ class ObjectTestACLs(base.BaseObjectTest):
self.assertIn(int(resp_meta['status']), HTTP_SUCCESS)
self.assertHeaders(resp_meta, 'Container', 'POST')
# Trying to write the object with rights
self.custom_object_client.auth_provider.set_alt_auth_data(
request_part='headers',
auth_data=self.test_auth_data
)
object_name = data_utils.rand_name(name='Object')
resp, _ = self.custom_object_client.create_object(
self.container_name,
object_name, 'data',
metadata=self.custom_headers)
object_name, 'data')
self.assertIn(int(resp['status']), HTTP_SUCCESS)
self.assertHeaders(resp, 'Object', 'PUT')

66
tempest/api/object_storage/test_container_acl_negative.py
View File

@ -15,6 +15,7 @@
# under the License.
from tempest.api.object_storage import base
from tempest import clients
from tempest.common.utils import data_utils
from tempest import exceptions
from tempest.test import attr
@ -26,10 +27,10 @@ class ObjectACLsNegativeTest(base.BaseObjectTest):
def setUpClass(cls):
super(ObjectACLsNegativeTest, cls).setUpClass()
cls.data.setup_test_user()
cls.new_token = cls.token_client.get_token(cls.data.test_user,
cls.data.test_password,
cls.data.test_tenant)
cls.custom_headers = {'X-Auth-Token': cls.new_token}
test_os = clients.Manager(cls.data.test_user,
cls.data.test_password,
cls.data.test_tenant)
cls.test_auth_data = test_os.get_auth_provider().auth_data
@classmethod
def tearDownClass(cls):
@ -50,6 +51,10 @@ class ObjectACLsNegativeTest(base.BaseObjectTest):
# trying to create object with empty headers
# X-Auth-Token is not provided
object_name = data_utils.rand_name(name='Object')
self.custom_object_client.auth_provider.set_alt_auth_data(
request_part='headers',
auth_data=None
)
self.assertRaises(exceptions.Unauthorized,
self.custom_object_client.create_object,
self.container_name, object_name, 'data')
@ -62,6 +67,10 @@ class ObjectACLsNegativeTest(base.BaseObjectTest):
object_name, 'data')
# trying to delete object with empty headers
# X-Auth-Token is not provided
self.custom_object_client.auth_provider.set_alt_auth_data(
request_part='headers',
auth_data=None
)
self.assertRaises(exceptions.Unauthorized,
self.custom_object_client.delete_object,
self.container_name, object_name)
@ -72,10 +81,13 @@ class ObjectACLsNegativeTest(base.BaseObjectTest):
# User provided token is forbidden. ACL are not set
object_name = data_utils.rand_name(name='Object')
# trying to create object with non-authorized user
self.custom_object_client.auth_provider.set_alt_auth_data(
request_part='headers',
auth_data=self.test_auth_data
)
self.assertRaises(exceptions.Unauthorized,
self.custom_object_client.create_object,
self.container_name, object_name, 'data',
metadata=self.custom_headers)
self.container_name, object_name, 'data')
@attr(type=['negative', 'gate'])
def test_read_object_with_non_authorized_user(self):
@ -87,10 +99,13 @@ class ObjectACLsNegativeTest(base.BaseObjectTest):
self.assertEqual(resp['status'], '201')
self.assertHeaders(resp, 'Object', 'PUT')
# trying to get object with non authorized user token
self.custom_object_client.auth_provider.set_alt_auth_data(
request_part='headers',
auth_data=self.test_auth_data
)
self.assertRaises(exceptions.Unauthorized,
self.custom_object_client.get_object,
self.container_name, object_name,
metadata=self.custom_headers)
self.container_name, object_name)
@attr(type=['negative', 'gate'])
def test_delete_object_with_non_authorized_user(self):
@ -102,10 +117,13 @@ class ObjectACLsNegativeTest(base.BaseObjectTest):
self.assertEqual(resp['status'], '201')
self.assertHeaders(resp, 'Object', 'PUT')
# trying to delete object with non-authorized user token
self.custom_object_client.auth_provider.set_alt_auth_data(
request_part='headers',
auth_data=self.test_auth_data
)
self.assertRaises(exceptions.Unauthorized,
self.custom_object_client.delete_object,
self.container_name, object_name,
metadata=self.custom_headers)
self.container_name, object_name)
@attr(type=['negative', 'smoke'])
def test_read_object_without_rights(self):
@ -124,10 +142,13 @@ class ObjectACLsNegativeTest(base.BaseObjectTest):
self.assertEqual(resp['status'], '201')
self.assertHeaders(resp, 'Object', 'PUT')
# Trying to read the object without rights
self.custom_object_client.auth_provider.set_alt_auth_data(
request_part='headers',
auth_data=self.test_auth_data
)
self.assertRaises(exceptions.Unauthorized,
self.custom_object_client.get_object,
self.container_name, object_name,
metadata=self.custom_headers)
self.container_name, object_name)
@attr(type=['negative', 'smoke'])
def test_write_object_without_rights(self):
@ -140,12 +161,15 @@ class ObjectACLsNegativeTest(base.BaseObjectTest):
self.assertIn(int(resp_meta['status']), HTTP_SUCCESS)
self.assertHeaders(resp_meta, 'Container', 'POST')
# Trying to write the object without rights
self.custom_object_client.auth_provider.set_alt_auth_data(
request_part='headers',
auth_data=self.test_auth_data
)
object_name = data_utils.rand_name(name='Object')
self.assertRaises(exceptions.Unauthorized,
self.custom_object_client.create_object,
self.container_name,
object_name, 'data',
metadata=self.custom_headers)
object_name, 'data')
@attr(type=['negative', 'smoke'])
def test_write_object_without_write_rights(self):
@ -160,12 +184,15 @@ class ObjectACLsNegativeTest(base.BaseObjectTest):
self.assertIn(int(resp_meta['status']), HTTP_SUCCESS)
self.assertHeaders(resp_meta, 'Container', 'POST')
# Trying to write the object without write rights
self.custom_object_client.auth_provider.set_alt_auth_data(
request_part='headers',
auth_data=self.test_auth_data
)
object_name = data_utils.rand_name(name='Object')
self.assertRaises(exceptions.Unauthorized,
self.custom_object_client.create_object,
self.container_name,
object_name, 'data',
metadata=self.custom_headers)
object_name, 'data')
@attr(type=['negative', 'smoke'])
def test_delete_object_without_write_rights(self):
@ -186,8 +213,11 @@ class ObjectACLsNegativeTest(base.BaseObjectTest):
self.assertEqual(resp['status'], '201')
self.assertHeaders(resp, 'Object', 'PUT')
# Trying to delete the object without write rights
self.custom_object_client.auth_provider.set_alt_auth_data(
request_part='headers',
auth_data=self.test_auth_data
)
self.assertRaises(exceptions.Unauthorized,
self.custom_object_client.delete_object,
self.container_name,
object_name,
metadata=self.custom_headers)
object_name)

18
tempest/api/object_storage/test_container_staticweb.py
View File

@ -56,6 +56,12 @@ class StaticWebTest(base.BaseObjectTest):
self.container_client.update_container_metadata(
self.container_name, metadata=headers)
# Maintain original headers, no auth added
self.custom_account_client.auth_provider.set_alt_auth_data(
request_part='headers',
auth_data=None
)
# test GET on http://account_url/container_name
# we should retrieve the self.object_name file
resp, body = self.custom_account_client.request("GET",
@ -112,6 +118,12 @@ class StaticWebTest(base.BaseObjectTest):
self.container_client.update_container_metadata(
self.container_name, metadata=headers)
# Maintain original headers, no auth added
self.custom_account_client.auth_provider.set_alt_auth_data(
request_part='headers',
auth_data=None
)
# test GET on http://account_url/container_name
# we should retrieve a listing of objects
resp, body = self.custom_account_client.request("GET",
@ -136,6 +148,12 @@ class StaticWebTest(base.BaseObjectTest):
object_name_404,
object_data_404)
# Do not set auth in HTTP headers for next request
self.custom_object_client.auth_provider.set_alt_auth_data(
request_part='headers',
auth_data=None
)
# Request non-existing object
resp, body = self.custom_object_client.get_object(self.container_name,
"notexisting")

5
tempest/api/object_storage/test_crossdomain.py
View File

@ -50,13 +50,12 @@ class CrossdomainTest(base.BaseObjectTest):
super(CrossdomainTest, self).setUp()
client = self.os_test_user.account_client
client._set_auth()
# Turning http://.../v1/foobar into http://.../
client.base_url = "/".join(client.base_url.split("/")[:-2])
client.skip_path()
def tearDown(self):
# clear the base_url for subsequent requests
self.os_test_user.account_client.base_url = None
self.os_test_user.account_client.reset_path()
super(CrossdomainTest, self).tearDown()

4
tempest/api/object_storage/test_healthcheck.py
View File

@ -29,10 +29,8 @@ class HealthcheckTest(base.BaseObjectTest):
def setUp(self):
super(HealthcheckTest, self).setUp()
self.account_client._set_auth()
# Turning http://.../v1/foobar into http://.../
self.account_client.base_url = "/".join(
self.account_client.base_url.split("/")[:-2])
self.account_client.skip_path()
@attr('gate')
def test_get_healthcheck(self):

16
tempest/api/object_storage/test_object_services.py
View File

@ -357,8 +357,12 @@ class PublicObjectTest(base.BaseObjectTest):
self.assertEqual(resp_meta['x-container-read'], '.r:*,.rlistings')
# trying to get object with empty headers as it is public readable
self.custom_object_client.auth_provider.set_alt_auth_data(
request_part='headers',
auth_data=None
)
resp, body = self.custom_object_client.get_object(
self.container_name, object_name, metadata={})
self.container_name, object_name)
self.assertHeaders(resp, 'Object', 'GET')
self.assertEqual(body, data)
@ -393,12 +397,14 @@ class PublicObjectTest(base.BaseObjectTest):
self.assertEqual(resp['x-container-read'], '.r:*,.rlistings')
# get auth token of alternative user
token = self.identity_client_alt.get_auth()
headers = {'X-Auth-Token': token}
alt_auth_data = self.identity_client_alt.auth_provider.auth_data
self.custom_object_client.auth_provider.set_alt_auth_data(
request_part='headers',
auth_data=alt_auth_data
)
# access object using alternate user creds
resp, body = self.custom_object_client.get_object(
self.container_name, object_name,
metadata=headers)
self.container_name, object_name)
self.assertHeaders(resp, 'Object', 'GET')
self.assertEqual(body, data)

413
tempest/auth.py Normal file
View File

@ -0,0 +1,413 @@
# Copyright 2014 Hewlett-Packard Development Company, L.P.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
import copy
import exceptions
import re
import urlparse
from datetime import datetime
from tempest import config
from tempest.services.identity.json import identity_client as json_id
from tempest.services.identity.v3.json import identity_client as json_v3id
from tempest.services.identity.v3.xml import identity_client as xml_v3id
from tempest.services.identity.xml import identity_client as xml_id
from tempest.openstack.common import log as logging
CONF = config.CONF
LOG = logging.getLogger(__name__)
class AuthProvider(object):
"""
Provide authentication
"""
def __init__(self, credentials, client_type='tempest',
interface=None):
"""
:param credentials: credentials for authentication
:param client_type: 'tempest' or 'official'
:param interface: 'json' or 'xml'. Applicable for tempest client only
"""
if self.check_credentials(credentials):
self.credentials = credentials
else:
raise TypeError("Invalid credentials")
self.credentials = credentials
self.client_type = client_type
self.interface = interface
if self.client_type == 'tempest' and self.interface is None:
self.interface = 'json'
self.cache = None
self.alt_auth_data = None
self.alt_part = None
def __str__(self):
return "Creds :{creds}, client type: {client_type}, interface: " \
"{interface}, cached auth data: {cache}".format(
creds=self.credentials, client_type=self.client_type,
interface=self.interface, cache=self.cache
)
def _decorate_request(self, filters, method, url, headers=None, body=None,
auth_data=None):
"""
Decorate request with authentication data
"""
raise NotImplemented
def _get_auth(self):
raise NotImplemented
@classmethod
def check_credentials(cls, credentials):
"""
Verify credentials are valid. Subclasses can do a better check.
"""
return isinstance(credentials, dict)
@property
def auth_data(self):
if self.cache is None or self.is_expired(self.cache):
self.cache = self._get_auth()
return self.cache
@auth_data.deleter
def auth_data(self):
self.clear_auth()
def clear_auth(self):
"""
Can be called to clear the access cache so that next request
will fetch a new token and base_url.
"""
self.cache = None
def is_expired(self, auth_data):
raise NotImplemented
def auth_request(self, method, url, headers=None, body=None, filters=None):
"""
Obtains auth data and decorates a request with that.
:param method: HTTP method of the request
:param url: relative URL of the request (path)
:param headers: HTTP headers of the request
:param body: HTTP body in case of POST / PUT
:param filters: select a base URL out of the catalog
:returns a Tuple (url, headers, body)
"""
LOG.debug("Auth request m:{m}, u:{u}, h:{h}, b:{b}, f:{f}".format(
m=method, u=url, h=headers, b=body, f=filters
))
orig_req = dict(url=url, headers=headers, body=body)
auth_url, auth_headers, auth_body = self._decorate_request(
filters, method, url, headers, body)
auth_req = dict(url=auth_url, headers=auth_headers, body=auth_body)
# Overwrite part if the request if it has been requested
if self.alt_part is not None:
if self.alt_auth_data is not None:
alt_url, alt_headers, alt_body = self._decorate_request(
filters, method, url, headers, body,
auth_data=self.alt_auth_data)
alt_auth_req = dict(url=alt_url, headers=alt_headers,
body=alt_body)
self._log_auth_request(alt_auth_req, 'ALTERNATE')
auth_req[self.alt_part] = alt_auth_req[self.alt_part]
else:
# If alt auth data is None, skip auth in the requested part
auth_req[self.alt_part] = orig_req[self.alt_part]
# Next auth request will be normal, unless otherwise requested
self.reset_alt_auth_data()
self._log_auth_request(auth_req, 'Authorized Request:')
return auth_req['url'], auth_req['headers'], auth_req['body']
def _log_auth_request(self, auth_req, tag):
url = auth_req.get('url', None)
headers = copy.deepcopy(auth_req.get('headers', None))
body = auth_req.get('body', None)
if headers is not None:
if 'X-Auth-Token' in headers.keys():
headers['X-Auth-Token'] = '<Token Omitted>'
LOG.debug("[{tag}]: u: {url}, h: {headers}, b: {body}".format(
tag=tag, url=url, headers=headers, body=body
))
def reset_alt_auth_data(self):
"""
Configure auth provider to provide valid authentication data
"""
self.alt_part = None
self.alt_auth_data = None
def set_alt_auth_data(self, request_part, auth_data):
"""
Configure auth provider to provide alt authentication data
on a part of the *next* auth_request. If credentials are None,
set invalid data.
:param request_part: request part to contain invalid auth: url,
headers, body
:param auth_data: alternative auth_data from which to get the
invalid data to be injected
"""
self.alt_part = request_part
self.alt_auth_data = auth_data
def base_url(self, filters, auth_data=None):
"""
Extracts the base_url based on provided filters
"""
raise NotImplemented
class KeystoneAuthProvider(AuthProvider):
def __init__(self, credentials, client_type='tempest', interface=None):
super(KeystoneAuthProvider, self).__init__(credentials, client_type,
interface)
self.auth_client = self._auth_client()
def _decorate_request(self, filters, method, url, headers=None, body=None,
auth_data=None):
if auth_data is None:
auth_data = self.auth_data
token, _ = auth_data
base_url = self.base_url(filters=filters, auth_data=auth_data)
# build authenticated request
# returns new request, it does not touch the original values
_headers = copy.deepcopy(headers)
_headers['X-Auth-Token'] = token
if url is None or url == "":
_url = base_url
else:
# Join base URL and url, and remove multiple contiguous slashes
_url = "/".join([base_url, url])
parts = [x for x in urlparse.urlparse(_url)]
parts[2] = re.sub("/{2,}", "/", parts[2])
_url = urlparse.urlunparse(parts)
# no change to method or body
return _url, _headers, body
def _auth_client(self):
raise NotImplemented
def _auth_params(self):
raise NotImplemented
def _get_auth(self):
# Bypasses the cache
if self.client_type == 'tempest':
auth_func = getattr(self.auth_client, 'get_token')
auth_params = self._auth_params()
# returns token, auth_data
token, auth_data = auth_func(**auth_params)
return token, auth_data
else:
raise NotImplemented
def get_token(self):
return self.auth_data[0]
class KeystoneV2AuthProvider(KeystoneAuthProvider):
EXPIRY_DATE_FORMAT = '%Y-%m-%dT%H:%M:%SZ'
@classmethod
def check_credentials(cls, credentials, scoped=True):
# tenant_name is optional if not scoped
valid = super(KeystoneV2AuthProvider, cls).check_credentials(
credentials) and 'username' in credentials and \
'password' in credentials
if scoped:
valid = valid and 'tenant_name' in credentials
return valid
def _auth_client(self):
if self.client_type == 'tempest':
if self.interface == 'json':
return json_id.TokenClientJSON()
else:
return xml_id.TokenClientXML()
else:
raise NotImplemented
def _auth_params(self):
if self.client_type == 'tempest':
return dict(
user=self.credentials['username'],
password=self.credentials['password'],
tenant=self.credentials.get('tenant_name', None),
auth_data=True)
else:
raise NotImplemented
def base_url(self, filters, auth_data=None):
"""
Filters can be:
- service: compute, image, etc
- region: the service region
- endpoint_type: adminURL, publicURL, internalURL
- api_version: replace catalog version with this
- skip_path: take just the base URL
"""
if auth_data is None:
auth_data = self.auth_data
token, _auth_data = auth_data
service = filters.get('service')
region = filters.get('region')
endpoint_type = filters.get('endpoint_type', 'publicURL')
if service is None:
raise exceptions.EndpointNotFound("No service provided")
_base_url = None
for ep in _auth_data['serviceCatalog']:
if ep["type"] == service:
for _ep in ep['endpoints']:
if region is not None and _ep['region'] == region:
_base_url = _ep.get(endpoint_type)
if not _base_url:
# No region matching, use the first
_base_url = ep['endpoints'][0].get(endpoint_type)
break
if _base_url is None:
raise exceptions.EndpointNotFound(service)
parts = urlparse.urlparse(_base_url)
if filters.get('api_version', None) is not None:
path = "/" + filters['api_version']
noversion_path = "/".join(parts.path.split("/")[2:])
if noversion_path != "":
path += noversion_path
_base_url = _base_url.replace(parts.path, path)
if filters.get('skip_path', None) is not None:
_base_url = _base_url.replace(parts.path, "/")
return _base_url
def is_expired(self, auth_data):
_, access = auth_data
expiry = datetime.strptime(access['token']['expires'],
self.EXPIRY_DATE_FORMAT)
return expiry <= datetime.now()
class KeystoneV3AuthProvider(KeystoneAuthProvider):
EXPIRY_DATE_FORMAT = '%Y-%m-%dT%H:%M:%S.%fZ'
@classmethod
def check_credentials(cls, credentials, scoped=True):
# tenant_name is optional if not scoped
valid = super(KeystoneV3AuthProvider, cls).check_credentials(
credentials) and 'username' in credentials and \
'password' in credentials and 'domain_name' in credentials
if scoped:
valid = valid and 'tenant_name' in credentials
return valid
def _auth_client(self):
if self.client_type == 'tempest':
if self.interface == 'json':
return json_v3id.V3TokenClientJSON()
else:
return xml_v3id.V3TokenClientXML()
else:
raise NotImplemented
def _auth_params(self):
if self.client_type == 'tempest':
return dict(
user=self.credentials['username'],
password=self.credentials['password'],
tenant=self.credentials.get('tenant_name', None),
domain=self.credentials['domain_name'],
auth_data=True)
else:
raise NotImplemented
def base_url(self, filters, auth_data=None):
"""
Filters can be:
- service: compute, image, etc
- region: the service region
- endpoint_type: adminURL, publicURL, internalURL
- api_version: replace catalog version with this
- skip_path: take just the base URL
"""
if auth_data is None:
auth_data = self.auth_data
token, _auth_data = auth_data
service = filters.get('service')
region = filters.get('region')
endpoint_type = filters.get('endpoint_type', 'public')
if service is None:
raise exceptions.EndpointNotFound("No service provided")
if 'URL' in endpoint_type:
endpoint_type = endpoint_type.replace('URL', '')
_base_url = None
catalog = _auth_data['catalog']
# Select entries with matching service type
service_catalog = [ep for ep in catalog if ep['type'] == service]
if len(service_catalog) > 0:
service_catalog = service_catalog[0]['endpoints']
else:
# No matching service
raise exceptions.EndpointNotFound(service)
# Filter by endpoint type (interface)
filtered_catalog = [ep for ep in service_catalog if
ep['interface'] == endpoint_type]
if len(filtered_catalog) == 0:
# No matching type, keep all and try matching by region at least
filtered_catalog = service_catalog
# Filter by region
filtered_catalog = [ep for ep in filtered_catalog if
ep['region'] == region]
if len(filtered_catalog) == 0:
# No matching region, take the first endpoint
filtered_catalog = [filtered_catalog[0]]
# There should be only one match. If not take the first.
_base_url = filtered_catalog[0].get('url', None)
if _base_url is None:
raise exceptions.EndpointNotFound(service)
parts = urlparse.urlparse(_base_url)
if filters.get('api_version', None) is not None:
path = "/" + filters['api_version']
noversion_path = "/".join(parts.path.split("/")[2:])
if noversion_path != "":
path += noversion_path
_base_url = _base_url.replace(parts.path, path)
if filters.get('skip_path', None) is not None:
_base_url = _base_url.replace(parts.path, "/")
return _base_url
def is_expired(self, auth_data):
_, access = auth_data
expiry = datetime.strptime(access['expires_at'],
self.EXPIRY_DATE_FORMAT)
return expiry <= datetime.now()

313
tempest/clients.py
View File

@ -13,6 +13,7 @@
# License for the specific language governing permissions and limitations
# under the License.
from tempest import auth
from tempest.common.rest_client import NegativeRestClient
from tempest import config
from tempest import exceptions
@ -185,172 +186,208 @@ class Manager(object):
:param password: Override of the password
:param tenant_name: Override of the tenant name
"""
# If no creds are provided, we fall back on the defaults
# in the config file for the Compute API.
self.username = username or CONF.identity.username
self.password = password or CONF.identity.password
self.tenant_name = tenant_name or CONF.identity.tenant_name
if None in (self.username, self.password, self.tenant_name):
msg = ("Missing required credentials. "
"username: %(u)s, password: %(p)s, "
"tenant_name: %(t)s" %
{'u': username, 'p': password, 't': tenant_name})
raise exceptions.InvalidConfiguration(msg)
self.auth_url = CONF.identity.uri
self.auth_url_v3 = CONF.identity.uri_v3
client_args = (self.username, self.password,
self.auth_url, self.tenant_name)
if self.auth_url_v3:
auth_version = 'v3'
client_args_v3_auth = (self.username,
self.password, self.auth_url_v3,
self.tenant_name, auth_version)
self.interface = interface
self.auth_version = CONF.identity.auth_version
# FIXME(andreaf) Change Manager __init__ to accept a credentials dict
if username is None or password is None:
# Tenant None is a valid use case
self.credentials = self.get_default_credentials()
else:
client_args_v3_auth = None
self.credentials = dict(username=username, password=password,
tenant_name=tenant_name)
if self.auth_version == 'v3':
self.credentials['domain_name'] = 'Default'
# Setup an auth provider
auth_provider = self.get_auth_provider(self.credentials)
self.servers_client_v3_auth = None
if interface == 'xml':
self.certificates_client = CertificatesClientXML(*client_args)
self.servers_client = ServersClientXML(*client_args)
self.limits_client = LimitsClientXML(*client_args)
self.images_client = ImagesClientXML(*client_args)
self.keypairs_client = KeyPairsClientXML(*client_args)
self.quotas_client = QuotasClientXML(*client_args)
self.flavors_client = FlavorsClientXML(*client_args)
self.extensions_client = ExtensionsClientXML(*client_args)
if self.interface == 'xml':
self.certificates_client = CertificatesClientXML(
auth_provider)
self.servers_client = ServersClientXML(auth_provider)
self.limits_client = LimitsClientXML(auth_provider)
self.images_client = ImagesClientXML(auth_provider)
self.keypairs_client = KeyPairsClientXML(auth_provider)
self.quotas_client = QuotasClientXML(auth_provider)
self.flavors_client = FlavorsClientXML(auth_provider)
self.extensions_client = ExtensionsClientXML(auth_provider)
self.volumes_extensions_client = VolumesExtensionsClientXML(
*client_args)
self.floating_ips_client = FloatingIPsClientXML(*client_args)
self.snapshots_client = SnapshotsClientXML(*client_args)
self.volumes_client = VolumesClientXML(*client_args)
self.volume_types_client = VolumeTypesClientXML(*client_args)
self.identity_client = IdentityClientXML(*client_args)
self.identity_v3_client = IdentityV3ClientXML(*client_args)
self.token_client = TokenClientXML()
auth_provider)
self.floating_ips_client = FloatingIPsClientXML(
auth_provider)
self.snapshots_client = SnapshotsClientXML(auth_provider)
self.volumes_client = VolumesClientXML(auth_provider)
self.volume_types_client = VolumeTypesClientXML(
auth_provider)
self.identity_client = IdentityClientXML(auth_provider)
self.identity_v3_client = IdentityV3ClientXML(
auth_provider)
self.security_groups_client = SecurityGroupsClientXML(
*client_args)
self.interfaces_client = InterfacesClientXML(*client_args)
self.endpoints_client = EndPointClientXML(*client_args)
self.fixed_ips_client = FixedIPsClientXML(*client_args)
auth_provider)
self.interfaces_client = InterfacesClientXML(auth_provider)
self.endpoints_client = EndPointClientXML(auth_provider)
self.fixed_ips_client = FixedIPsClientXML(auth_provider)
self.availability_zone_client = AvailabilityZoneClientXML(
*client_args)
self.service_client = ServiceClientXML(*client_args)
self.aggregates_client = AggregatesClientXML(*client_args)
self.services_client = ServicesClientXML(*client_args)
self.tenant_usages_client = TenantUsagesClientXML(*client_args)
self.policy_client = PolicyClientXML(*client_args)
self.hosts_client = HostsClientXML(*client_args)
self.hypervisor_client = HypervisorClientXML(*client_args)
self.token_v3_client = V3TokenClientXML(*client_args)
self.network_client = NetworkClientXML(*client_args)
self.credentials_client = CredentialsClientXML(*client_args)
auth_provider)
self.service_client = ServiceClientXML(auth_provider)
self.aggregates_client = AggregatesClientXML(auth_provider)
self.services_client = ServicesClientXML(auth_provider)
self.tenant_usages_client = TenantUsagesClientXML(
auth_provider)
self.policy_client = PolicyClientXML(auth_provider)
self.hosts_client = HostsClientXML(auth_provider)
self.hypervisor_client = HypervisorClientXML(auth_provider)
self.network_client = NetworkClientXML(auth_provider)
self.credentials_client = CredentialsClientXML(
auth_provider)
self.instance_usages_audit_log_client = \
InstanceUsagesAuditLogClientXML(*client_args)
self.volume_hosts_client = VolumeHostsClientXML(*client_args)
InstanceUsagesAuditLogClientXML(auth_provider)
self.volume_hosts_client = VolumeHostsClientXML(
auth_provider)
self.volumes_extension_client = VolumeExtensionClientXML(
*client_args)
if client_args_v3_auth:
self.servers_client_v3_auth = ServersClientXML(
*client_args_v3_auth)
auth_provider)
if CONF.service_available.ceilometer:
self.telemetry_client = TelemetryClientXML(*client_args)
self.telemetry_client = TelemetryClientXML(
auth_provider)
self.token_client = TokenClientXML()
self.token_v3_client = V3TokenClientXML()
elif interface == 'json':
self.certificates_client = CertificatesClientJSON(*client_args)
elif self.interface == 'json':
self.certificates_client = CertificatesClientJSON(
auth_provider)
self.certificates_v3_client = CertificatesV3ClientJSON(
*client_args)
self.baremetal_client = BaremetalClientJSON(*client_args)
self.servers_client = ServersClientJSON(*client_args)
self.servers_v3_client = ServersV3ClientJSON(*client_args)
self.limits_client = LimitsClientJSON(*client_args)
self.images_client = ImagesClientJSON(*client_args)
self.keypairs_v3_client = KeyPairsV3ClientJSON(*client_args)
self.keypairs_client = KeyPairsClientJSON(*client_args)
self.keypairs_v3_client = KeyPairsV3ClientJSON(*client_args)
self.quotas_client = QuotasClientJSON(*client_args)
self.quotas_v3_client = QuotasV3ClientJSON(*client_args)
self.flavors_client = FlavorsClientJSON(*client_args)
self.flavors_v3_client = FlavorsV3ClientJSON(*client_args)
self.extensions_v3_client = ExtensionsV3ClientJSON(*client_args)
self.extensions_client = ExtensionsClientJSON(*client_args)
auth_provider)
self.baremetal_client = BaremetalClientJSON(auth_provider)
self.servers_client = ServersClientJSON(auth_provider)
self.servers_v3_client = ServersV3ClientJSON(auth_provider)
self.limits_client = LimitsClientJSON(auth_provider)
self.images_client = ImagesClientJSON(auth_provider)
self.keypairs_v3_client = KeyPairsV3ClientJSON(
auth_provider)
self.keypairs_client = KeyPairsClientJSON(auth_provider)
self.keypairs_v3_client = KeyPairsV3ClientJSON(
auth_provider)
self.quotas_client = QuotasClientJSON(auth_provider)
self.quotas_v3_client = QuotasV3ClientJSON(auth_provider)
self.flavors_client = FlavorsClientJSON(auth_provider)
self.flavors_v3_client = FlavorsV3ClientJSON(auth_provider)
self.extensions_v3_client = ExtensionsV3ClientJSON(
auth_provider)
self.extensions_client = ExtensionsClientJSON(
auth_provider)
self.volumes_extensions_client = VolumesExtensionsClientJSON(
*client_args)
self.floating_ips_client = FloatingIPsClientJSON(*client_args)
self.snapshots_client = SnapshotsClientJSON(*client_args)
self.volumes_client = VolumesClientJSON(*client_args)
self.volume_types_client = VolumeTypesClientJSON(*client_args)
self.identity_client = IdentityClientJSON(*client_args)
self.identity_v3_client = IdentityV3ClientJSON(*client_args)
self.token_client = TokenClientJSON()
auth_provider)
self.floating_ips_client = FloatingIPsClientJSON(
auth_provider)
self.snapshots_client = SnapshotsClientJSON(auth_provider)
self.volumes_client = VolumesClientJSON(auth_provider)
self.volume_types_client = VolumeTypesClientJSON(
auth_provider)
self.identity_client = IdentityClientJSON(auth_provider)
self.identity_v3_client = IdentityV3ClientJSON(
auth_provider)
self.security_groups_client = SecurityGroupsClientJSON(
*client_args)
self.interfaces_v3_client = InterfacesV3ClientJSON(*client_args)
self.interfaces_client = InterfacesClientJSON(*client_args)
self.endpoints_client = EndPointClientJSON(*client_args)
self.fixed_ips_client = FixedIPsClientJSON(*client_args)
auth_provider)
self.interfaces_v3_client = InterfacesV3ClientJSON(
auth_provider)
self.interfaces_client = InterfacesClientJSON(
auth_provider)
self.endpoints_client = EndPointClientJSON(auth_provider)
self.fixed_ips_client = FixedIPsClientJSON(auth_provider)
self.availability_zone_v3_client = AvailabilityZoneV3ClientJSON(
*client_args)
auth_provider)
self.availability_zone_client = AvailabilityZoneClientJSON(
*client_args)
self.services_v3_client = ServicesV3ClientJSON(*client_args)
self.service_client = ServiceClientJSON(*client_args)
self.aggregates_v3_client = AggregatesV3ClientJSON(*client_args)
self.aggregates_client = AggregatesClientJSON(*client_args)
self.services_client = ServicesClientJSON(*client_args)
auth_provider)
self.services_v3_client = ServicesV3ClientJSON(
auth_provider)
self.service_client = ServiceClientJSON(auth_provider)
self.aggregates_v3_client = AggregatesV3ClientJSON(
auth_provider)
self.aggregates_client = AggregatesClientJSON(
auth_provider)
self.services_client = ServicesClientJSON(auth_provider)
self.tenant_usages_v3_client = TenantUsagesV3ClientJSON(
*client_args)
self.tenant_usages_client = TenantUsagesClientJSON(*client_args)
self.version_v3_client = VersionV3ClientJSON(*client_args)
self.policy_client = PolicyClientJSON(*client_args)
self.hosts_client = HostsClientJSON(*client_args)
self.hypervisor_v3_client = HypervisorV3ClientJSON(*client_args)
self.hypervisor_client = HypervisorClientJSON(*client_args)
self.token_v3_client = V3TokenClientJSON(*client_args)
self.network_client = NetworkClientJSON(*client_args)
self.credentials_client = CredentialsClientJSON(*client_args)
auth_provider)
self.tenant_usages_client = TenantUsagesClientJSON(
auth_provider)
self.version_v3_client = VersionV3ClientJSON(auth_provider)
self.policy_client = PolicyClientJSON(auth_provider)
self.hosts_client = HostsClientJSON(auth_provider)
self.hypervisor_v3_client = HypervisorV3ClientJSON(
auth_provider)
self.hypervisor_client = HypervisorClientJSON(
auth_provider)
self.network_client = NetworkClientJSON(auth_provider)
self.credentials_client = CredentialsClientJSON(
auth_provider)
self.instance_usages_audit_log_client = \
InstanceUsagesAuditLogClientJSON(*client_args)
InstanceUsagesAuditLogClientJSON(auth_provider)
self.instance_usages_audit_log_v3_client = \
InstanceUsagesAuditLogV3ClientJSON(*client_args)
self.volume_hosts_client = VolumeHostsClientJSON(*client_args)
InstanceUsagesAuditLogV3ClientJSON(auth_provider)
self.volume_hosts_client = VolumeHostsClientJSON(
auth_provider)
self.volumes_extension_client = VolumeExtensionClientJSON(
*client_args)
self.hosts_v3_client = HostsV3ClientJSON(*client_args)
auth_provider)
self.hosts_v3_client = HostsV3ClientJSON(auth_provider)
if CONF.service_available.ceilometer:
self.telemetry_client = TelemetryClientJSON(*client_args)
self.negative_client = NegativeRestClient(*client_args)
self.telemetry_client = TelemetryClientJSON(
auth_provider)
self.token_client = TokenClientJSON()
self.token_v3_client = V3TokenClientJSON()
self.negative_client = NegativeRestClient(auth_provider)
self.negative_client.service = service
if client_args_v3_auth:
self.servers_client_v3_auth = ServersClientJSON(
*client_args_v3_auth)
self.negative_v3_client = NegativeRestClient(
*client_args_v3_auth)
self.negative_v3_client.service = service
else:
msg = "Unsupported interface type `%s'" % interface
raise exceptions.InvalidConfiguration(msg)
# TODO(andreaf) EC2 client still do their auth, v2 only
ec2_client_args = (self.credentials.get('username'),
self.credentials.get('password'),
CONF.identity.uri,
self.credentials.get('tenant_name'))
# common clients
self.account_client = AccountClient(*client_args)
self.account_client = AccountClient(auth_provider)
if CONF.service_available.glance:
self.image_client = ImageClientJSON(*client_args)
self.image_client_v2 = ImageClientV2JSON(*client_args)
self.container_client = ContainerClient(*client_args)
self.object_client = ObjectClient(*client_args)
self.orchestration_client = OrchestrationClient(*client_args)
self.ec2api_client = botoclients.APIClientEC2(*client_args)
self.s3_client = botoclients.ObjectClientS3(*client_args)
self.custom_object_client = ObjectClientCustomizedHeader(*client_args)
self.image_client = ImageClientJSON(auth_provider)
self.image_client_v2 = ImageClientV2JSON(auth_provider)
self.container_client = ContainerClient(auth_provider)
self.object_client = ObjectClient(auth_provider)
self.orchestration_client = OrchestrationClient(
auth_provider)
self.ec2api_client = botoclients.APIClientEC2(*ec2_client_args)
self.s3_client = botoclients.ObjectClientS3(*ec2_client_args)
self.custom_object_client = ObjectClientCustomizedHeader(
auth_provider)
self.custom_account_client = \
AccountClientCustomizedHeader(*client_args)
self.data_processing_client = DataProcessingClient(*client_args)
AccountClientCustomizedHeader(auth_provider)
self.data_processing_client = DataProcessingClient(
auth_provider)
@classmethod
def get_auth_provider_class(cls, auth_version):
if auth_version == 'v2':
return auth.KeystoneV2AuthProvider
else:
return auth.KeystoneV3AuthProvider
def get_default_credentials(self):
return dict(
username=CONF.identity.username,
password=CONF.identity.password,
tenant_name=CONF.identity.tenant_name
)
def get_auth_provider(self, credentials=None):
auth_params = dict(client_type='tempest',
interface=self.interface)
auth_provider_class = self.get_auth_provider_class(self.auth_version)
# If invalid / incomplete credentials are provided, use default ones
if credentials is None or \
not auth_provider_class.check_credentials(credentials):
credentials = self.credentials
auth_params['credentials'] = credentials
return auth_provider_class(**auth_params)
class AltManager(Manager):

22
tempest/common/glance_http.py
View File

@ -45,8 +45,10 @@ TOKEN_CHARS_RE = re.compile('^[-A-Za-z0-9+/=]*$')
class HTTPClient(object):
def __init__(self, endpoint, **kwargs):
self.endpoint = endpoint
def __init__(self, auth_provider, filters, **kwargs):
self.auth_provider = auth_provider
self.filters = filters
self.endpoint = auth_provider.base_url(filters)
endpoint_parts = self.parse_endpoint(self.endpoint)
self.endpoint_scheme = endpoint_parts.scheme
self.endpoint_hostname = endpoint_parts.hostname
@ -57,8 +59,6 @@ class HTTPClient(object):
self.connection_kwargs = self.get_connection_kwargs(
self.endpoint_scheme, **kwargs)
self.auth_token = kwargs.get('token')
@staticmethod
def parse_endpoint(endpoint):
return urlparse.urlparse(endpoint)
@ -100,15 +100,15 @@ class HTTPClient(object):
# Copy the kwargs so we can reuse the original in case of redirects
kwargs['headers'] = copy.deepcopy(kwargs.get('headers', {}))
kwargs['headers'].setdefault('User-Agent', USER_AGENT)
if self.auth_token:
kwargs['headers'].setdefault('X-Auth-Token', self.auth_token)
self._log_request(method, url, kwargs['headers'])
conn = self.get_connection()
try:
conn_url = posixpath.normpath('%s/%s' % (self.endpoint_path, url))
url_parts = self.parse_endpoint(url)
conn_url = posixpath.normpath(url_parts.path)
LOG.debug('Actual Path: {path}'.format(path=conn_url))
if kwargs['headers'].get('Transfer-Encoding') == 'chunked':
conn.putrequest(method, conn_url)
for header, value in kwargs['headers'].items():
@ -198,7 +198,13 @@ class HTTPClient(object):
# We use 'Transfer-Encoding: chunked' because
# body size may not always be known in advance.
kwargs['headers']['Transfer-Encoding'] = 'chunked'
return self._http_request(url, method, **kwargs)
# Decorate the request with auth
req_url, kwargs['headers'], kwargs['body'] = \
self.auth_provider.auth_request(
method=method, url=url, headers=kwargs['headers'],
body=kwargs.get('body', None), filters=self.filters)
return self._http_request(req_url, method, **kwargs)
class OpenSSLConnectionDelegator(object):

270
tempest/common/rest_client.py
View File

@ -41,29 +41,14 @@ class RestClient(object):
TYPE = "json"
LOG = logging.getLogger(__name__)
def __init__(self, user, password, auth_url, tenant_name=None,
auth_version='v2'):
self.user = user
self.password = password
self.auth_url = auth_url
self.tenant_name = tenant_name
self.auth_version = auth_version
def __init__(self, auth_provider):
self.auth_provider = auth_provider
self.service = None
self.token = None
self.base_url = None
self.region = {}
for cfgname in dir(CONF):
# Find all config.FOO.catalog_type and assume FOO is a service.
cfg = getattr(CONF, cfgname)
catalog_type = getattr(cfg, 'catalog_type', None)
if not catalog_type:
continue
service_region = getattr(cfg, 'region', None)
if not service_region:
service_region = CONF.identity.region
self.region[catalog_type] = service_region
self.endpoint_url = 'publicURL'
self.service = None
# The version of the API this client implements
self.api_version = None
self._skip_path = False
self.headers = {'Content-Type': 'application/%s' % self.TYPE,
'Accept': 'application/%s' % self.TYPE}
self.build_interval = CONF.compute.build_interval
@ -82,194 +67,70 @@ class RestClient(object):
def __str__(self):
STRING_LIMIT = 80
str_format = ("user:%s, password:%s, "
"auth_url:%s, tenant_name:%s, auth_version:%s, "
"service:%s, base_url:%s, region:%s, "
"endpoint_url:%s, build_interval:%s, build_timeout:%s"
str_format = ("config:%s, service:%s, base_url:%s, "
"filters: %s, build_interval:%s, build_timeout:%s"
"\ntoken:%s..., \nheaders:%s...")
return str_format % (self.user, self.password,
self.auth_url, self.tenant_name,
self.auth_version, self.service,
self.base_url, self.region, self.endpoint_url,
self.build_interval, self.build_timeout,
return str_format % (CONF, self.service, self.base_url,
self.filters, self.build_interval,
self.build_timeout,
str(self.token)[0:STRING_LIMIT],
str(self.headers)[0:STRING_LIMIT])
def _set_auth(self):
def _get_region(self, service):
"""
Sets the token and base_url used in requests based on the strategy type
Returns the region for a specific service
"""
service_region = None
for cfgname in dir(CONF._config):
# Find all config.FOO.catalog_type and assume FOO is a service.
cfg = getattr(CONF, cfgname)
catalog_type = getattr(cfg, 'catalog_type', None)
if catalog_type == service:
service_region = getattr(cfg, 'region', None)
if not service_region:
service_region = CONF.identity.region
return service_region
if self.auth_version == 'v3':
auth_func = self.identity_auth_v3
else:
auth_func = self.keystone_auth
@property
def user(self):
return self.auth_provider.credentials.get('username', None)
self.token, self.base_url = (
auth_func(self.user, self.password, self.auth_url,
self.service, self.tenant_name))
@property
def tenant_name(self):
return self.auth_provider.credentials.get('tenant_name', None)
def clear_auth(self):
@property
def password(self):
return self.auth_provider.credentials.get('password', None)
@property
def base_url(self):
return self.auth_provider.base_url(filters=self.filters)
@property
def filters(self):
_filters = dict(
service=self.service,
endpoint_type=self.endpoint_url,
region=self._get_region(self.service)
)
if self.api_version is not None:
_filters['api_version'] = self.api_version
if self._skip_path:
_filters['skip_path'] = self._skip_path
return _filters
def skip_path(self):
"""
Can be called to clear the token and base_url so that the next request
will fetch a new token and base_url.
When set, ignore the path part of the base URL from the catalog
"""
self._skip_path = True
self.token = None
self.base_url = None
def get_auth(self):
"""Returns the token of the current request or sets the token if
none.
def reset_path(self):
"""
if not self.token:
self._set_auth()
return self.token
def keystone_auth(self, user, password, auth_url, service, tenant_name):
When reset, use the base URL from the catalog as-is
"""
Provides authentication via Keystone using v2 identity API.
"""
# Normalize URI to ensure /tokens is in it.
if 'tokens' not in auth_url:
auth_url = auth_url.rstrip('/') + '/tokens'
creds = {
'auth': {
'passwordCredentials': {
'username': user,
'password': password,
},
'tenantName': tenant_name,
}
}
headers = {'Content-Type': 'application/json'}
body = json.dumps(creds)
self._log_request('POST', auth_url, headers, body)
resp, resp_body = self.http_obj.request(auth_url, 'POST',
headers=headers, body=body)
self._log_response(resp, resp_body)
if resp.status == 200:
try:
auth_data = json.loads(resp_body)['access']
token = auth_data['token']['id']
except Exception as e:
print("Failed to obtain token for user: %s" % e)
raise
mgmt_url = None
for ep in auth_data['serviceCatalog']:
if ep["type"] == service:
for _ep in ep['endpoints']:
if service in self.region and \
_ep['region'] == self.region[service]:
mgmt_url = _ep[self.endpoint_url]
if not mgmt_url:
mgmt_url = ep['endpoints'][0][self.endpoint_url]
break
if mgmt_url is None:
raise exceptions.EndpointNotFound(service)
return token, mgmt_url
elif resp.status == 401:
raise exceptions.AuthenticationFailure(user=user,
password=password,
tenant=tenant_name)
raise exceptions.IdentityError('Unexpected status code {0}'.format(
resp.status))
def identity_auth_v3(self, user, password, auth_url, service,
project_name, domain_id='default'):
"""Provides authentication using Identity API v3."""
req_url = auth_url.rstrip('/') + '/auth/tokens'
creds = {
"auth": {
"identity": {
"methods": ["password"],
"password": {
"user": {
"name": user, "password": password,
"domain": {"id": domain_id}
}
}
},
"scope": {
"project": {
"domain": {"id": domain_id},
"name": project_name
}
}
}
}
headers = {'Content-Type': 'application/json'}
body = json.dumps(creds)
resp, body = self.http_obj.request(req_url, 'POST',
headers=headers, body=body)
if resp.status == 201:
try:
token = resp['x-subject-token']
except Exception:
self.LOG.exception("Failed to obtain token using V3"
" authentication (auth URL is '%s')" %
req_url)
raise
catalog = json.loads(body)['token']['catalog']
mgmt_url = None
for service_info in catalog:
if service_info['type'] != service:
continue # this isn't the entry for us.
endpoints = service_info['endpoints']
# Look for an endpoint in the region if configured.
if service in self.region:
region = self.region[service]
for ep in endpoints:
if ep['region'] != region:
continue
mgmt_url = ep['url']
# FIXME(blk-u): this isn't handling endpoint type
# (public, internal, admin).
break
if not mgmt_url:
# Didn't find endpoint for region, use the first.
ep = endpoints[0]
mgmt_url = ep['url']
# FIXME(blk-u): this isn't handling endpoint type
# (public, internal, admin).
break
return token, mgmt_url
elif resp.status == 401:
raise exceptions.AuthenticationFailure(user=user,
password=password,
tenant=project_name)
else:
self.LOG.error("Failed to obtain token using V3 authentication"
" (auth URL is '%s'), the response status is %s" %
(req_url, resp.status))
raise exceptions.AuthenticationFailure(user=user,
password=password,
tenant=project_name)
self._skip_path = False
def expected_success(self, expected_code, read_code):
assert_msg = ("This function only allowed to use for HTTP status"
@ -386,25 +247,26 @@ class RestClient(object):
def _request(self, method, url,
headers=None, body=None):
"""A simple HTTP request interface."""
req_url = "%s/%s" % (self.base_url, url)
self._log_request(method, req_url, headers, body)
resp, resp_body = self.http_obj.request(req_url, method,
headers=headers, body=body)
# Authenticate the request with the auth provider
req_url, req_headers, req_body = self.auth_provider.auth_request(
method, url, headers, body, self.filters)
self._log_request(method, req_url, req_headers, req_body)
# Do the actual request
resp, resp_body = self.http_obj.request(
req_url, method, headers=req_headers, body=req_body)
self._log_response(resp, resp_body)
self.response_checker(method, url, headers, body, resp, resp_body)
# Verify HTTP response codes
self.response_checker(method, url, req_headers, req_body, resp,
resp_body)
return resp, resp_body
def request(self, method, url,
headers=None, body=None):
retry = 0
if (self.token is None) or (self.base_url is None):
self._set_auth()
if headers is None:
headers = {}
headers['X-Auth-Token'] = self.token
resp, resp_body = self._request(method, url,
headers=headers, body=body)

5
tempest/config.py
View File

@ -43,6 +43,11 @@ IdentityGroup = [
help="Full URI of the OpenStack Identity API (Keystone), v2"),
cfg.StrOpt('uri_v3',
help='Full URI of the OpenStack Identity API (Keystone), v3'),
cfg.StrOpt('auth_version',
default='v2',
help="Identity API version to be used for authentication "
"for API tests. Planned to extend to tenant isolation, "
"scenario tests and CLI tests."),
cfg.StrOpt('region',
default='RegionOne',
help="The identity region name to use. Also used as the other "

5
tempest/services/baremetal/base.py
View File

@ -47,9 +47,8 @@ class BaremetalClient(rest_client.RestClient):
"""
def __init__(self, username, password, auth_url, tenant_name=None):
super(BaremetalClient, self).__init__(username, password,
auth_url, tenant_name)
def __init__(self, auth_provider):
super(BaremetalClient, self).__init__(auth_provider)
self.service = CONF.baremetal.catalog_type
self.uri_prefix = ''

5
tempest/services/baremetal/v1/base_v1.py
View File

@ -21,9 +21,8 @@ class BaremetalClientV1(base.BaremetalClient):
methods in order to send requests to Ironic.
"""
def __init__(self, username, password, auth_url, tenant_name=None):
super(BaremetalClientV1, self).__init__(username, password,
auth_url, tenant_name)
def __init__(self, auth_provider):
super(BaremetalClientV1, self).__init__(auth_provider)
self.version = '1'
self.uri_prefix = 'v%s' % self.version

5
tempest/services/baremetal/v1/client_json.py
View File

@ -18,9 +18,8 @@ from tempest.services.baremetal.v1 import base_v1
class BaremetalClientJSON(base_v1.BaremetalClientV1):
"""Tempest REST client for Ironic JSON API v1."""
def __init__(self, username, password, auth_url, tenant_name=None):
super(BaremetalClientJSON, self).__init__(username, password,
auth_url, tenant_name)
def __init__(self, auth_provider):
super(BaremetalClientJSON, self).__init__(auth_provider)
self.serialize = lambda obj_type, obj_body: json.dumps(obj_body)
self.deserialize = json.loads

5
tempest/services/compute/json/aggregates_client.py
View File

@ -24,9 +24,8 @@ CONF = config.CONF
class AggregatesClientJSON(RestClient):
def __init__(self, username, password, auth_url, tenant_name=None):
super(AggregatesClientJSON, self).__init__(username, password,
auth_url, tenant_name)
def __init__(self, auth_provider):
super(AggregatesClientJSON, self).__init__(auth_provider)
self.service = CONF.compute.catalog_type
def list_aggregates(self):

7
tempest/services/compute/json/availability_zone_client.py
View File

@ -23,10 +23,9 @@ CONF = config.CONF
class AvailabilityZoneClientJSON(RestClient):
def __init__(self, username, password, auth_url, tenant_name=None):
super(AvailabilityZoneClientJSON, self).__init__(username,
password, auth_url,
tenant_name)
def __init__(self, auth_provider):
super(AvailabilityZoneClientJSON, self).__init__(
auth_provider)
self.service = CONF.compute.catalog_type
def get_availability_zone_list(self):

6
tempest/services/compute/json/certificates_client.py
View File

@ -23,10 +23,8 @@ CONF = config.CONF
class CertificatesClientJSON(RestClient):
def __init__(self, username, password, auth_url, tenant_name=None):
super(CertificatesClientJSON, self).__init__(username,
password,
auth_url, tenant_name)
def __init__(self, auth_provider):
super(CertificatesClientJSON, self).__init__(auth_provider)
self.service = CONF.compute.catalog_type
def get_certificate(self, id):

5
tempest/services/compute/json/extensions_client.py
View File

@ -23,9 +23,8 @@ CONF = config.CONF
class ExtensionsClientJSON(RestClient):
def __init__(self, username, password, auth_url, tenant_name=None):
super(ExtensionsClientJSON, self).__init__(username, password,
auth_url, tenant_name)
def __init__(self, auth_provider):
super(ExtensionsClientJSON, self).__init__(auth_provider)
self.service = CONF.compute.catalog_type
def list_extensions(self):

5
tempest/services/compute/json/fixed_ips_client.py
View File

@ -23,9 +23,8 @@ CONF = config.CONF
class FixedIPsClientJSON(RestClient):
def __init__(self, username, password, auth_url, tenant_name=None):
super(FixedIPsClientJSON, self).__init__(username, password,
auth_url, tenant_name)
def __init__(self, auth_provider):
super(FixedIPsClientJSON, self).__init__(auth_provider)
self.service = CONF.compute.catalog_type
def get_fixed_ip_details(self, fixed_ip):

5
tempest/services/compute/json/flavors_client.py
View File

@ -24,9 +24,8 @@ CONF = config.CONF
class FlavorsClientJSON(RestClient):
def __init__(self, username, password, auth_url, tenant_name=None):
super(FlavorsClientJSON, self).__init__(username, password,
auth_url, tenant_name)
def __init__(self, auth_provider):
super(FlavorsClientJSON, self).__init__(auth_provider)
self.service = CONF.compute.catalog_type
def list_flavors(self, params=None):

5
tempest/services/compute/json/floating_ips_client.py
View File

@ -24,9 +24,8 @@ CONF = config.CONF
class FloatingIPsClientJSON(RestClient):
def __init__(self, username, password, auth_url, tenant_name=None):
super(FloatingIPsClientJSON, self).__init__(username, password,
auth_url, tenant_name)
def __init__(self, auth_provider):
super(FloatingIPsClientJSON, self).__init__(auth_provider)
self.service = CONF.compute.catalog_type
def list_floating_ips(self, params=None):

5
tempest/services/compute/json/hosts_client.py
View File

@ -23,9 +23,8 @@ CONF = config.CONF
class HostsClientJSON(RestClient):
def __init__(self, username, password, auth_url, tenant_name=None):
super(HostsClientJSON, self).__init__(username, password,
auth_url, tenant_name)
def __init__(self, auth_provider):
super(HostsClientJSON, self).__init__(auth_provider)
self.service = CONF.compute.catalog_type
def list_hosts(self, params=None):

6
tempest/services/compute/json/hypervisor_client.py
View File

@ -23,10 +23,8 @@ CONF = config.CONF
class HypervisorClientJSON(RestClient):
def __init__(self, username, password, auth_url, tenant_name=None):
super(HypervisorClientJSON, self).__init__(username,
password, auth_url,
tenant_name)
def __init__(self, auth_provider):
super(HypervisorClientJSON, self).__init__(auth_provider)
self.service = CONF.compute.catalog_type
def get_hypervisor_list(self):

5
tempest/services/compute/json/images_client.py
View File

@ -26,9 +26,8 @@ CONF = config.CONF
class ImagesClientJSON(RestClient):
def __init__(self, username, password, auth_url, tenant_name=None):
super(ImagesClientJSON, self).__init__(username, password,
auth_url, tenant_name)
def __init__(self, auth_provider):
super(ImagesClientJSON, self).__init__(auth_provider)
self.service = CONF.compute.catalog_type
self.build_interval = CONF.compute.build_interval
self.build_timeout = CONF.compute.build_timeout

4
tempest/services/compute/json/instance_usage_audit_log_client.py
View File

@ -23,9 +23,9 @@ CONF = config.CONF
class InstanceUsagesAuditLogClientJSON(RestClient):
def __init__(self, username, password, auth_url, tenant_name=None):
def __init__(self, auth_provider):
super(InstanceUsagesAuditLogClientJSON, self).__init__(
username, password, auth_url, tenant_name)
auth_provider)
self.service = CONF.compute.catalog_type
def list_instance_usage_audit_logs(self):

5
tempest/services/compute/json/interfaces_client.py
View File

@ -25,9 +25,8 @@ CONF = config.CONF
class InterfacesClientJSON(RestClient):
def __init__(self, username, password, auth_url, tenant_name=None):
super(InterfacesClientJSON, self).__init__(username, password,
auth_url, tenant_name)
def __init__(self, auth_provider):
super(InterfacesClientJSON, self).__init__(auth_provider)
self.service = CONF.compute.catalog_type
def list_interfaces(self, server):

5
tempest/services/compute/json/keypairs_client.py
View File

@ -23,9 +23,8 @@ CONF = config.CONF
class KeyPairsClientJSON(RestClient):
def __init__(self, username, password, auth_url, tenant_name=None):
super(KeyPairsClientJSON, self).__init__(username, password,
auth_url, tenant_name)
def __init__(self, auth_provider):
super(KeyPairsClientJSON, self).__init__(auth_provider)
self.service = CONF.compute.catalog_type
def list_keypairs(self):

5
tempest/services/compute/json/limits_client.py
View File

@ -23,9 +23,8 @@ CONF = config.CONF
class LimitsClientJSON(RestClient):
def __init__(self, username, password, auth_url, tenant_name=None):
super(LimitsClientJSON, self).__init__(username, password,
auth_url, tenant_name)
def __init__(self, auth_provider):
super(LimitsClientJSON, self).__init__(auth_provider)
self.service = CONF.compute.catalog_type
def get_absolute_limits(self):

5
tempest/services/compute/json/quotas_client.py
View File

@ -23,9 +23,8 @@ CONF = config.CONF
class QuotasClientJSON(RestClient):
def __init__(self, username, password, auth_url, tenant_name=None):
super(QuotasClientJSON, self).__init__(username, password,
auth_url, tenant_name)
def __init__(self, auth_provider):
super(QuotasClientJSON, self).__init__(auth_provider)
self.service = CONF.compute.catalog_type
def get_quota_set(self, tenant_id):

6
tempest/services/compute/json/security_groups_client.py
View File

@ -25,10 +25,8 @@ CONF = config.CONF
class SecurityGroupsClientJSON(RestClient):
def __init__(self, username, password, auth_url, tenant_name=None):
super(SecurityGroupsClientJSON, self).__init__(username,
password, auth_url,
tenant_name)
def __init__(self, auth_provider):
super(SecurityGroupsClientJSON, self).__init__(auth_provider)
self.service = CONF.compute.catalog_type
def list_security_groups(self, params=None):

8
tempest/services/compute/json/servers_client.py
View File

@ -28,11 +28,9 @@ CONF = config.CONF
class ServersClientJSON(RestClient):
def __init__(self, username, password, auth_url, tenant_name=None,
auth_version='v2'):
super(ServersClientJSON, self).__init__(username, password,
auth_url, tenant_name,
auth_version=auth_version)
def __init__(self, auth_provider):
super(ServersClientJSON, self).__init__(auth_provider)
self.service = CONF.compute.catalog_type
def create_server(self, name, image_ref, flavor_ref, **kwargs):

5
tempest/services/compute/json/services_client.py
View File

@ -25,9 +25,8 @@ CONF = config.CONF
class ServicesClientJSON(RestClient):
def __init__(self, username, password, auth_url, tenant_name=None):
super(ServicesClientJSON, self).__init__(username, password,
auth_url, tenant_name)
def __init__(self, auth_provider):
super(ServicesClientJSON, self).__init__(auth_provider)
self.service = CONF.compute.catalog_type
def list_services(self, params=None):

5
tempest/services/compute/json/tenant_usages_client.py
View File

@ -24,9 +24,8 @@ CONF = config.CONF
class TenantUsagesClientJSON(RestClient):
def __init__(self, username, password, auth_url, tenant_name=None):
super(TenantUsagesClientJSON, self).__init__(
username, password, auth_url, tenant_name)
def __init__(self, auth_provider):
super(TenantUsagesClientJSON, self).__init__(auth_provider)
self.service = CONF.compute.catalog_type
def list_tenant_usages(self, params=None):

7
tempest/services/compute/json/volumes_extensions_client.py
View File

@ -26,10 +26,9 @@ CONF = config.CONF
class VolumesExtensionsClientJSON(RestClient):
def __init__(self, username, password, auth_url, tenant_name=None):
super(VolumesExtensionsClientJSON, self).__init__(username,
password, auth_url,
tenant_name)
def __init__(self, auth_provider):
super(VolumesExtensionsClientJSON, self).__init__(
auth_provider)
self.service = CONF.compute.catalog_type
self.build_interval = CONF.volume.build_interval
self.build_timeout = CONF.volume.build_timeout

6
tempest/services/compute/v3/json/aggregates_client.py
View File

@ -24,10 +24,8 @@ CONF = config.CONF
class AggregatesV3ClientJSON(RestClient):
def __init__(self, username, password, auth_url, tenant_name=None):
super(AggregatesV3ClientJSON, self).__init__(username,
password, auth_url,
tenant_name)
def __init__(self, auth_provider):
super(AggregatesV3ClientJSON, self).__init__(auth_provider)
self.service = CONF.compute.catalog_v3_type
def list_aggregates(self):

7
tempest/services/compute/v3/json/availability_zone_client.py
View File

@ -23,10 +23,9 @@ CONF = config.CONF
class AvailabilityZoneV3ClientJSON(RestClient):
def __init__(self, username, password, auth_url, tenant_name=None):
super(AvailabilityZoneV3ClientJSON, self).__init__(username,
password, auth_url,
tenant_name)
def __init__(self, auth_provider):
super(AvailabilityZoneV3ClientJSON, self).__init__(
auth_provider)
self.service = CONF.compute.catalog_v3_type
def get_availability_zone_list(self):

6
tempest/services/compute/v3/json/certificates_client.py
View File

@ -23,10 +23,8 @@ CONF = config.CONF
class CertificatesV3ClientJSON(RestClient):
def __init__(self, username, password, auth_url, tenant_name=None):
super(CertificatesV3ClientJSON, self).__init__(username,
password,
auth_url, tenant_name)
def __init__(self, auth_provider):
super(CertificatesV3ClientJSON, self).__init__(auth_provider)
self.service = CONF.compute.catalog_v3_type
def get_certificate(self, id):

6
tempest/services/compute/v3/json/extensions_client.py
View File

@ -23,10 +23,8 @@ CONF = config.CONF
class ExtensionsV3ClientJSON(RestClient):
def __init__(self, username, password, auth_url, tenant_name=None):
super(ExtensionsV3ClientJSON, self).__init__(username,
password, auth_url,
tenant_name)
def __init__(self, auth_provider):
super(ExtensionsV3ClientJSON, self).__init__(auth_provider)
self.service = CONF.compute.catalog_v3_type
def list_extensions(self):

5
tempest/services/compute/v3/json/flavors_client.py
View File

@ -24,9 +24,8 @@ CONF = config.CONF
class FlavorsV3ClientJSON(RestClient):
def __init__(self, username, password, auth_url, tenant_name=None):
super(FlavorsV3ClientJSON, self).__init__(username, password,
auth_url, tenant_name)
def __init__(self, auth_provider):
super(FlavorsV3ClientJSON, self).__init__(auth_provider)
self.service = CONF.compute.catalog_v3_type
def list_flavors(self, params=None):

5
tempest/services/compute/v3/json/hosts_client.py
View File

@ -23,9 +23,8 @@ CONF = config.CONF
class HostsV3ClientJSON(RestClient):
def __init__(self, username, password, auth_url, tenant_name=None):
super(HostsV3ClientJSON, self).__init__(username, password,
auth_url, tenant_name)
def __init__(self, auth_provider):
super(HostsV3ClientJSON, self).__init__(auth_provider)
self.service = CONF.compute.catalog_v3_type
def list_hosts(self, params=None):

6
tempest/services/compute/v3/json/hypervisor_client.py
View File

@ -23,10 +23,8 @@ CONF = config.CONF
class HypervisorV3ClientJSON(RestClient):
def __init__(self, username, password, auth_url, tenant_name=None):
super(HypervisorV3ClientJSON, self).__init__(username,
password, auth_url,
tenant_name)
def __init__(self, auth_provider):
super(HypervisorV3ClientJSON, self).__init__(auth_provider)
self.service = CONF.compute.catalog_v3_type
def get_hypervisor_list(self):

4
tempest/services/compute/v3/json/instance_usage_audit_log_client.py
View File

@ -23,9 +23,9 @@ CONF = config.CONF
class InstanceUsagesAuditLogV3ClientJSON(RestClient):
def __init__(self, username, password, auth_url, tenant_name=None):
def __init__(self, auth_provider):
super(InstanceUsagesAuditLogV3ClientJSON, self).__init__(
username, password, auth_url, tenant_name)
auth_provider)
self.service = CONF.compute.catalog_v3_type
def list_instance_usage_audit_logs(self, time_before=None):

6
tempest/services/compute/v3/json/interfaces_client.py
View File

@ -25,10 +25,8 @@ CONF = config.CONF
class InterfacesV3ClientJSON(RestClient):
def __init__(self, username, password, auth_url, tenant_name=None):
super(InterfacesV3ClientJSON, self).__init__(username,
password, auth_url,
tenant_name)
def __init__(self, auth_provider):
super(InterfacesV3ClientJSON, self).__init__(auth_provider)
self.service = CONF.compute.catalog_v3_type
def list_interfaces(self, server):

5
tempest/services/compute/v3/json/keypairs_client.py
View File

@ -23,9 +23,8 @@ CONF = config.CONF
class KeyPairsV3ClientJSON(RestClient):
def __init__(self, username, password, auth_url, tenant_name=None):
super(KeyPairsV3ClientJSON, self).__init__(username, password,
auth_url, tenant_name)
def __init__(self, auth_provider):
super(KeyPairsV3ClientJSON, self).__init__(auth_provider)
self.service = CONF.compute.catalog_v3_type
def list_keypairs(self):

5
tempest/services/compute/v3/json/quotas_client.py
View File

@ -23,9 +23,8 @@ CONF = config.CONF
class QuotasV3ClientJSON(RestClient):
def __init__(self, username, password, auth_url, tenant_name=None):
super(QuotasV3ClientJSON, self).__init__(username, password,
auth_url, tenant_name)
def __init__(self, auth_provider):
super(QuotasV3ClientJSON, self).__init__(auth_provider)
self.service = CONF.compute.catalog_v3_type
def get_quota_set(self, tenant_id):

7
tempest/services/compute/v3/json/servers_client.py
View File

@ -29,11 +29,8 @@ CONF = config.CONF
class ServersV3ClientJSON(RestClient):
def __init__(self, username, password, auth_url,
tenant_name=None, auth_version='v2'):
super(ServersV3ClientJSON, self).__init__(username, password,
auth_url, tenant_name,
auth_version=auth_version)
def __init__(self, auth_provider):
super(ServersV3ClientJSON, self).__init__(auth_provider)
self.service = CONF.compute.catalog_v3_type
def create_server(self, name, image_ref, flavor_ref, **kwargs):

5
tempest/services/compute/v3/json/services_client.py
View File

@ -25,9 +25,8 @@ CONF = config.CONF
class ServicesV3ClientJSON(RestClient):
def __init__(self, username, password, auth_url, tenant_name=None):
super(ServicesV3ClientJSON, self).__init__(username, password,
auth_url, tenant_name)
def __init__(self, auth_provider):
super(ServicesV3ClientJSON, self).__init__(auth_provider)
self.service = CONF.compute.catalog_v3_type
def list_services(self, params=None):

5
tempest/services/compute/v3/json/tenant_usages_client.py
View File

@ -24,9 +24,8 @@ CONF = config.CONF
class TenantUsagesV3ClientJSON(RestClient):
def __init__(self, username, password, auth_url, tenant_name=None):
super(TenantUsagesV3ClientJSON, self).__init__(
username, password, auth_url, tenant_name)
def __init__(self, auth_provider):
super(TenantUsagesV3ClientJSON, self).__init__(auth_provider)
self.service = CONF.compute.catalog_v3_type
def list_tenant_usages(self, params=None):

6
tempest/services/compute/v3/json/version_client.py
View File

@ -23,10 +23,8 @@ CONF = config.CONF
class VersionV3ClientJSON(rest_client.RestClient):
def __init__(self, username, password, auth_url, tenant_name=None):
super(VersionV3ClientJSON, self).__init__(username,
password, auth_url,
tenant_name)
def __init__(self, auth_provider):
super(VersionV3ClientJSON, self).__init__(auth_provider)
self.service = CONF.compute.catalog_v3_type
def get_version(self):

5
tempest/services/compute/xml/aggregates_client.py
View File

@ -28,9 +28,8 @@ CONF = config.CONF
class AggregatesClientXML(RestClientXML):
def __init__(self, username, password, auth_url, tenant_name=None):
super(AggregatesClientXML, self).__init__(username, password,
auth_url, tenant_name)
def __init__(self, auth_provider):
super(AggregatesClientXML, self).__init__(auth_provider)
self.service = CONF.compute.catalog_type
def _format_aggregate(self, g):

7
tempest/services/compute/xml/availability_zone_client.py
View File

@ -24,10 +24,9 @@ CONF = config.CONF
class AvailabilityZoneClientXML(RestClientXML):
def __init__(self, username, password, auth_url, tenant_name=None):
super(AvailabilityZoneClientXML, self).__init__(username,
password, auth_url,
tenant_name)
def __init__(self, auth_provider):
super(AvailabilityZoneClientXML, self).__init__(
auth_provider)
self.service = CONF.compute.catalog_type
def _parse_array(self, node):

5
tempest/services/compute/xml/certificates_client.py
View File

@ -22,9 +22,8 @@ CONF = config.CONF
class CertificatesClientXML(RestClientXML):
def __init__(self, username, password, auth_url, tenant_name=None):
super(CertificatesClientXML, self).__init__(username, password,
auth_url, tenant_name)
def __init__(self, auth_provider):
super(CertificatesClientXML, self).__init__(auth_provider)
self.service = CONF.compute.catalog_type
def get_certificate(self, id):

5
tempest/services/compute/xml/extensions_client.py
View File

@ -24,9 +24,8 @@ CONF = config.CONF
class ExtensionsClientXML(RestClientXML):
def __init__(self, username, password, auth_url, tenant_name=None):
super(ExtensionsClientXML, self).__init__(username, password,
auth_url, tenant_name)
def __init__(self, auth_provider):
super(ExtensionsClientXML, self).__init__(auth_provider)
self.service = CONF.compute.catalog_type
def _parse_array(self, node):

5
tempest/services/compute/xml/fixed_ips_client.py
View File

@ -25,9 +25,8 @@ CONF = config.CONF
class FixedIPsClientXML(RestClientXML):
def __init__(self, username, password, auth_url, tenant_name=None):
super(FixedIPsClientXML, self).__init__(username, password,
auth_url, tenant_name)
def __init__(self, auth_provider):
super(FixedIPsClientXML, self).__init__(auth_provider)
self.service = CONF.compute.catalog_type
def get_fixed_ip_details(self, fixed_ip):

5
tempest/services/compute/xml/flavors_client.py
View File

@ -35,9 +35,8 @@ XMLNS_OS_FLV_ACCESS = \
class FlavorsClientXML(RestClientXML):
def __init__(self, username, password, auth_url, tenant_name=None):
super(FlavorsClientXML, self).__init__(username, password,
auth_url, tenant_name)
def __init__(self, auth_provider):
super(FlavorsClientXML, self).__init__(auth_provider)
self.service = CONF.compute.catalog_type
def _format_flavor(self, f):

5
tempest/services/compute/xml/floating_ips_client.py
View File

@ -28,9 +28,8 @@ CONF = config.CONF
class FloatingIPsClientXML(RestClientXML):
def __init__(self, username, password, auth_url, tenant_name=None):
super(FloatingIPsClientXML, self).__init__(username, password,
auth_url, tenant_name)
def __init__(self, auth_provider):
super(FloatingIPsClientXML, self).__init__(auth_provider)
self.service = CONF.compute.catalog_type
def _parse_array(self, node):

5
tempest/services/compute/xml/hosts_client.py
View File

@ -26,9 +26,8 @@ CONF = config.CONF
class HostsClientXML(RestClientXML):
def __init__(self, username, password, auth_url, tenant_name=None):
super(HostsClientXML, self).__init__(username, password,
auth_url, tenant_name)
def __init__(self, auth_provider):
super(HostsClientXML, self).__init__(auth_provider)
self.service = CONF.compute.catalog_type
def list_hosts(self, params=None):

6
tempest/services/compute/xml/hypervisor_client.py
View File

@ -24,10 +24,8 @@ CONF = config.CONF
class HypervisorClientXML(RestClientXML):
def __init__(self, username, password, auth_url, tenant_name=None):
super(HypervisorClientXML, self).__init__(username,
password, auth_url,
tenant_name)
def __init__(self, auth_provider):
super(HypervisorClientXML, self).__init__(auth_provider)
self.service = CONF.compute.catalog_type
def _parse_array(self, node):

5
tempest/services/compute/xml/images_client.py
View File

@ -32,9 +32,8 @@ CONF = config.CONF
class ImagesClientXML(RestClientXML):
def __init__(self, username, password, auth_url, tenant_name=None):
super(ImagesClientXML, self).__init__(username, password,
auth_url, tenant_name)
def __init__(self, auth_provider):
super(ImagesClientXML, self).__init__(auth_provider)
self.service = CONF.compute.catalog_type
self.build_interval = CONF.compute.build_interval
self.build_timeout = CONF.compute.build_timeout

4
tempest/services/compute/xml/instance_usage_audit_log_client.py
View File

@ -24,9 +24,9 @@ CONF = config.CONF
class InstanceUsagesAuditLogClientXML(RestClientXML):
def __init__(self, username, password, auth_url, tenant_name=None):
def __init__(self, auth_provider):
super(InstanceUsagesAuditLogClientXML, self).__init__(
username, password, auth_url, tenant_name)
auth_provider)
self.service = CONF.compute.catalog_type
def list_instance_usage_audit_logs(self):

5
tempest/services/compute/xml/interfaces_client.py
View File

@ -30,9 +30,8 @@ CONF = config.CONF
class InterfacesClientXML(RestClientXML):
def __init__(self, username, password, auth_url, tenant_name=None):
super(InterfacesClientXML, self).__init__(username, password,
auth_url, tenant_name)
def __init__(self, auth_provider):
super(InterfacesClientXML, self).__init__(auth_provider)
self.service = CONF.compute.catalog_type
def _process_xml_interface(self, node):

5
tempest/services/compute/xml/keypairs_client.py
View File

@ -28,9 +28,8 @@ CONF = config.CONF
class KeyPairsClientXML(RestClientXML):
def __init__(self, username, password, auth_url, tenant_name=None):
super(KeyPairsClientXML, self).__init__(username, password,
auth_url, tenant_name)
def __init__(self, auth_provider):
super(KeyPairsClientXML, self).__init__(auth_provider)
self.service = CONF.compute.catalog_type
def list_keypairs(self):

5
tempest/services/compute/xml/limits_client.py
View File

@ -25,9 +25,8 @@ NS = "{http://docs.openstack.org/common/api/v1.0}"
class LimitsClientXML(RestClientXML):
def __init__(self, username, password, auth_url, tenant_name=None):
super(LimitsClientXML, self).__init__(username, password,
auth_url, tenant_name)
def __init__(self, auth_provider):
super(LimitsClientXML, self).__init__(auth_provider)
self.service = CONF.compute.catalog_type
def get_absolute_limits(self):

5
tempest/services/compute/xml/quotas_client.py
View File

@ -27,9 +27,8 @@ CONF = config.CONF
class QuotasClientXML(RestClientXML):
def __init__(self, username, password, auth_url, tenant_name=None):
super(QuotasClientXML, self).__init__(username, password,
auth_url, tenant_name)
def __init__(self, auth_provider):
super(QuotasClientXML, self).__init__(auth_provider)
self.service = CONF.compute.catalog_type
def _format_quota(self, q):

6
tempest/services/compute/xml/security_groups_client.py
View File

@ -30,10 +30,8 @@ CONF = config.CONF
class SecurityGroupsClientXML(RestClientXML):
def __init__(self, username, password, auth_url, tenant_name=None):
super(SecurityGroupsClientXML, self).__init__(
username, password,
auth_url, tenant_name)
def __init__(self, auth_provider):
super(SecurityGroupsClientXML, self).__init__(auth_provider)
self.service = CONF.compute.catalog_type
def _parse_array(self, node):

7
tempest/services/compute/xml/servers_client.py
View File

@ -141,11 +141,8 @@ def _translate_server_xml_to_json(xml_dom):
class ServersClientXML(RestClientXML):
def __init__(self, username, password, auth_url, tenant_name=None,
auth_version='v2'):
super(ServersClientXML, self).__init__(username, password,
auth_url, tenant_name,
auth_version=auth_version)
def __init__(self, auth_provider):
super(ServersClientXML, self).__init__(auth_provider)
self.service = CONF.compute.catalog_type
def _parse_key_value(self, node):

5
tempest/services/compute/xml/services_client.py
View File

@ -29,9 +29,8 @@ CONF = config.CONF
class ServicesClientXML(RestClientXML):
def __init__(self, username, password, auth_url, tenant_name=None):
super(ServicesClientXML, self).__init__(username, password,
auth_url, tenant_name)
def __init__(self, auth_provider):
super(ServicesClientXML, self).__init__(auth_provider)
self.service = CONF.compute.catalog_type
def list_services(self, params=None):

6
tempest/services/compute/xml/tenant_usages_client.py
View File

@ -26,10 +26,8 @@ CONF = config.CONF
class TenantUsagesClientXML(RestClientXML):
def __init__(self, username, password, auth_url, tenant_name=None):
super(TenantUsagesClientXML, self).__init__(username,
password, auth_url,
tenant_name)
def __init__(self, auth_provider):
super(TenantUsagesClientXML, self).__init__(auth_provider)
self.service = CONF.compute.catalog_type
def _parse_array(self, node):

6
tempest/services/compute/xml/volumes_extensions_client.py
View File

@ -32,9 +32,9 @@ CONF = config.CONF
class VolumesExtensionsClientXML(RestClientXML):
def __init__(self, username, password, auth_url, tenant_name=None):
super(VolumesExtensionsClientXML, self).__init__(username, password,
auth_url, tenant_name)
def __init__(self, auth_provider):
super(VolumesExtensionsClientXML, self).__init__(
auth_provider)
self.service = CONF.compute.catalog_type
self.build_interval = CONF.compute.build_interval
self.build_timeout = CONF.compute.build_timeout

5
tempest/services/data_processing/v1_1/client.py
View File

@ -22,9 +22,8 @@ CONF = config.CONF
class DataProcessingClient(rest_client.RestClient):
def __init__(self, username, password, auth_url, tenant_name=None):
super(DataProcessingClient, self).__init__(username, password,
auth_url, tenant_name)
def __init__(self, auth_provider):
super(DataProcessingClient, self).__init__(auth_provider)
self.service = CONF.data_processing.catalog_type
@classmethod

39
tempest/services/identity/json/identity_client.py
View File

@ -12,7 +12,6 @@
import json
from tempest.common import http
from tempest.common.rest_client import RestClient
from tempest import config
from tempest import exceptions
@ -22,9 +21,8 @@ CONF = config.CONF
class IdentityClientJSON(RestClient):
def __init__(self, username, password, auth_url, tenant_name=None):
super(IdentityClientJSON, self).__init__(username, password,
auth_url, tenant_name)
def __init__(self, auth_provider):
super(IdentityClientJSON, self).__init__(auth_provider)
self.service = CONF.identity.catalog_type
self.endpoint_url = 'adminURL'
@ -243,9 +241,9 @@ class IdentityClientJSON(RestClient):
class TokenClientJSON(RestClient):
def __init__(self):
super(TokenClientJSON, self).__init__(None)
auth_url = CONF.identity.uri
# TODO(jaypipes) Why is this all repeated code in here?
# Normalize URI to ensure /tokens is in it.
if 'tokens' not in auth_url:
auth_url = auth_url.rstrip('/') + '/tokens'
@ -262,16 +260,13 @@ class TokenClientJSON(RestClient):
'tenantName': tenant,
}
}
headers = {'Content-Type': 'application/json'}
body = json.dumps(creds)
resp, body = self.post(self.auth_url, headers=headers, body=body)
return resp, body
resp, body = self.post(self.auth_url, headers=self.headers, body=body)
return resp, body['access']
def request(self, method, url, headers=None, body=None):
"""A simple HTTP request interface."""
dscv = CONF.identity.disable_ssl_certificate_validation
self.http_obj = http.ClosingHttp(
disable_ssl_certificate_validation=dscv)
if headers is None:
headers = {}
@ -280,16 +275,22 @@ class TokenClientJSON(RestClient):
headers=headers, body=body)
self._log_response(resp, resp_body)
if resp.status in (401, 403):
if resp.status in [401, 403]:
resp_body = json.loads(resp_body)
raise exceptions.Unauthorized(resp_body['error']['message'])
elif resp.status not in [200, 201]:
raise exceptions.IdentityError(
'Unexpected status code {0}'.format(resp.status))
return resp, resp_body
return resp, json.loads(resp_body)
def get_token(self, user, password, tenant):
def get_token(self, user, password, tenant, auth_data=False):
"""
Returns (token id, token data) for supplied credentials
"""
resp, body = self.auth(user, password, tenant)
if resp['status'] != '202':
body = json.loads(body)
access = body['access']
token = access['token']
return token['id']
if auth_data:
return body['token']['id'], body
else:
return body['token']['id']

16
tempest/services/identity/v3/json/credentials_client.py
View File

@ -14,7 +14,6 @@
# under the License.
import json
from urlparse import urlparse
from tempest.common.rest_client import RestClient
from tempest import config
@ -24,20 +23,11 @@ CONF = config.CONF
class CredentialsClientJSON(RestClient):
def __init__(self, username, password, auth_url, tenant_name=None):
super(CredentialsClientJSON, self).__init__(username, password,
auth_url, tenant_name)
def __init__(self, auth_provider):
super(CredentialsClientJSON, self).__init__(auth_provider)
self.service = CONF.identity.catalog_type
self.endpoint_url = 'adminURL'
def request(self, method, url, headers=None, body=None, wait=None):
"""Overriding the existing HTTP request in super class rest_client."""
self._set_auth()
self.base_url = self.base_url.replace(urlparse(self.base_url).path,
"/v3")
return super(CredentialsClientJSON, self).request(method, url,
headers=headers,
body=body)
self.api_version = "v3"
def create_credential(self, access_key, secret_key, user_id, project_id):
"""Creates a credential."""

16
tempest/services/identity/v3/json/endpoints_client.py
View File

@ -14,7 +14,6 @@
# under the License.
import json
import urlparse
from tempest.common.rest_client import RestClient
from tempest import config
@ -24,20 +23,11 @@ CONF = config.CONF
class EndPointClientJSON(RestClient):
def __init__(self, username, password, auth_url, tenant_name=None):
super(EndPointClientJSON, self).__init__(username, password,
auth_url, tenant_name)
def __init__(self, auth_provider):
super(EndPointClientJSON, self).__init__(auth_provider)
self.service = CONF.identity.catalog_type
self.endpoint_url = 'adminURL'
def request(self, method, url, headers=None, body=None, wait=None):
"""Overriding the existing HTTP request in super class rest_client."""
self._set_auth()
self.base_url = self.base_url.replace(
urlparse.urlparse(self.base_url).path, "/v3")
return super(EndPointClientJSON, self).request(method, url,
headers=headers,
body=body)
self.api_version = "v3"
def list_endpoints(self):
"""GET endpoints."""

108
tempest/services/identity/v3/json/identity_client.py
View File

@ -14,30 +14,22 @@
# under the License.
import json
from urlparse import urlparse
import urlparse
from tempest.common.rest_client import RestClient
from tempest import config
from tempest import exceptions
CONF = config.CONF
class IdentityV3ClientJSON(RestClient):
def __init__(self, username, password, auth_url, tenant_name=None):
super(IdentityV3ClientJSON, self).__init__(username, password,
auth_url, tenant_name)
def __init__(self, auth_provider):
super(IdentityV3ClientJSON, self).__init__(auth_provider)
self.service = CONF.identity.catalog_type
self.endpoint_url = 'adminURL'
def request(self, method, url, headers=None, body=None, wait=None):
"""Overriding the existing HTTP request in super class rest_client."""
self._set_auth()
self.base_url = self.base_url.replace(urlparse(self.base_url).path,
"/v3")
return super(IdentityV3ClientJSON, self).request(method, url,
headers=headers,
body=body)
self.api_version = "v3"
def create_user(self, user_name, **kwargs):
"""Creates a user."""
@ -462,43 +454,89 @@ class IdentityV3ClientJSON(RestClient):
class V3TokenClientJSON(RestClient):
def __init__(self, username, password, auth_url, tenant_name=None):
super(V3TokenClientJSON, self).__init__(username, password,
auth_url, tenant_name)
self.service = CONF.identity.catalog_type
self.endpoint_url = 'adminURL'
def __init__(self):
super(V3TokenClientJSON, self).__init__(None)
auth_url = CONF.identity.uri_v3
# If the v3 url is not set, get it from the v2 one
if auth_url is None:
auth_url = CONF.identity.uri.replace(urlparse.urlparse(
CONF.identity.uri).path, "/v3")
auth_url = CONF.identity.uri
if 'tokens' not in auth_url:
auth_url = auth_url.rstrip('/') + '/tokens'
if 'auth/tokens' not in auth_url:
auth_url = auth_url.rstrip('/') + '/auth/tokens'
self.auth_url = auth_url
def auth(self, user_id, password):
def auth(self, user, password, tenant=None, user_type='id', domain=None):
"""
:param user: user id or name, as specified in user_type
:param domain: the user and tenant domain
Accepts different combinations of credentials. Restrictions:
- tenant and domain are only name (no id)
- user domain and tenant domain are assumed identical
- domain scope is not supported here
Sample sample valid combinations:
- user_id, password
- username, password, domain
- username, password, tenant, domain
Validation is left to the server side.
"""
creds = {
'auth': {
'identity': {
'methods': ['password'],
'password': {
'user': {
'id': user_id,
'password': password
'password': password,
}
}
}
}
}
headers = {'Content-Type': 'application/json'}
if user_type == 'id':
creds['auth']['identity']['password']['user']['id'] = user
else:
creds['auth']['identity']['password']['user']['name'] = user
if domain is not None:
_domain = dict(name=domain)
creds['auth']['identity']['password']['user']['domain'] = _domain
if tenant is not None:
project = dict(name=tenant, domain=_domain)
scope = dict(project=project)
creds['auth']['scope'] = scope
body = json.dumps(creds)
resp, body = self.post("auth/tokens", headers=headers, body=body)
resp, body = self.post(self.auth_url, headers=self.headers, body=body)
return resp, body
def request(self, method, url, headers=None, body=None, wait=None):
"""Overriding the existing HTTP request in super class rest_client."""
self._set_auth()
self.base_url = self.base_url.replace(urlparse(self.base_url).path,
"/v3")
return super(V3TokenClientJSON, self).request(method, url,
headers=headers,
body=body)
def request(self, method, url, headers=None, body=None):
"""A simple HTTP request interface."""
self._log_request(method, url, headers, body)
resp, resp_body = self.http_obj.request(url, method,
headers=headers, body=body)
self._log_response(resp, resp_body)
if resp.status in [401, 403]:
resp_body = json.loads(resp_body)
raise exceptions.Unauthorized(resp_body['error']['message'])
elif resp.status not in [200, 201, 204]:
raise exceptions.IdentityError(
'Unexpected status code {0}'.format(resp.status))
return resp, json.loads(resp_body)
def get_token(self, user, password, tenant, domain='Default',
auth_data=False):
"""
:param user: username
Returns (token id, token data) for supplied credentials
"""
resp, body = self.auth(user, password, tenant, user_type='name',
domain=domain)
token = resp.get('x-subject-token')
if auth_data:
return token, body['token']
else:
return token

16
tempest/services/identity/v3/json/policy_client.py
View File

@ -14,7 +14,6 @@
# under the License.
import json
from urlparse import urlparse
from tempest.common.rest_client import RestClient
from tempest import config
@ -24,20 +23,11 @@ CONF = config.CONF
class PolicyClientJSON(RestClient):
def __init__(self, username, password, auth_url, tenant_name=None):
super(PolicyClientJSON, self).__init__(username, password,
auth_url, tenant_name)
def __init__(self, auth_provider):
super(PolicyClientJSON, self).__init__(auth_provider)
self.service = CONF.identity.catalog_type
self.endpoint_url = 'adminURL'
def request(self, method, url, headers=None, body=None, wait=None):
"""Overriding the existing HTTP request in super class rest_client."""
self._set_auth()
self.base_url = self.base_url.replace(urlparse(self.base_url).path,
"/v3")
return super(PolicyClientJSON, self).request(method, url,
headers=headers,
body=body)
self.api_version = "v3"
def create_policy(self, blob, type):
"""Creates a Policy."""

16
tempest/services/identity/v3/json/service_client.py
View File

@ -14,7 +14,6 @@
# under the License.
import json
from urlparse import urlparse
from tempest.common.rest_client import RestClient
from tempest import config
@ -24,20 +23,11 @@ CONF = config.CONF
class ServiceClientJSON(RestClient):
def __init__(self, username, password, auth_url, tenant_name=None):
super(ServiceClientJSON, self).__init__(username, password,
auth_url, tenant_name)
def __init__(self, auth_provider):
super(ServiceClientJSON, self).__init__(auth_provider)
self.service = CONF.identity.catalog_type
self.endpoint_url = 'adminURL'
def request(self, method, url, headers=None, body=None, wait=None):
"""Overriding the existing HTTP request in super class rest_client."""
self._set_auth()
self.base_url = self.base_url.replace(urlparse(self.base_url).path,
"/v3")
return super(ServiceClientJSON, self).request(method, url,
headers=headers,
body=body)
self.api_version = "v3"
def update_service(self, service_id, **kwargs):
"""Updates a service."""

16
tempest/services/identity/v3/xml/credentials_client.py
View File

@ -14,7 +14,6 @@
# under the License.
import json
from urlparse import urlparse
from lxml import etree
@ -32,20 +31,11 @@ XMLNS = "http://docs.openstack.org/identity/api/v3"
class CredentialsClientXML(RestClientXML):
def __init__(self, username, password, auth_url, tenant_name=None):
super(CredentialsClientXML, self).__init__(username, password,
auth_url, tenant_name)
def __init__(self, auth_provider):
super(CredentialsClientXML, self).__init__(auth_provider)
self.service = CONF.identity.catalog_type
self.endpoint_url = 'adminURL'
def request(self, method, url, headers=None, body=None, wait=None):
"""Overriding the existing HTTP request in super class rest_client."""
self._set_auth()
self.base_url = self.base_url.replace(urlparse(self.base_url).path,
"/v3")
return super(CredentialsClientXML, self).request(method, url,
headers=headers,
body=body)
self.api_version = "v3"
def _parse_body(self, body):
data = xml_to_json(body)

10
tempest/services/identity/v3/xml/endpoints_client.py
View File

@ -12,7 +12,6 @@
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
import urlparse
from lxml import etree
@ -30,11 +29,11 @@ XMLNS = "http://docs.openstack.org/identity/api/v3"
class EndPointClientXML(RestClientXML):
def __init__(self, username, password, auth_url, tenant_name=None):
super(EndPointClientXML, self).__init__(username, password,
auth_url, tenant_name)
def __init__(self, auth_provider):
super(EndPointClientXML, self).__init__(auth_provider)
self.service = CONF.identity.catalog_type
self.endpoint_url = 'adminURL'
self.api_version = "v3"
def _parse_array(self, node):
array = []
@ -53,9 +52,6 @@ class EndPointClientXML(RestClientXML):
dscv = CONF.identity.disable_ssl_certificate_validation
self.http_obj = http.ClosingHttp(
disable_ssl_certificate_validation=dscv)
self._set_auth()
self.base_url = self.base_url.replace(
urlparse.urlparse(self.base_url).path, "/v3")
return super(EndPointClientXML, self).request(method, url,
headers=headers,
body=body)

122
tempest/services/identity/v3/xml/identity_client.py
View File

@ -13,12 +13,14 @@
# License for the specific language governing permissions and limitations
# under the License.
from urlparse import urlparse
import json
import urlparse
from lxml import etree
from tempest.common.rest_client import RestClientXML
from tempest import config
from tempest import exceptions
from tempest.services.compute.xml.common import Document
from tempest.services.compute.xml.common import Element
from tempest.services.compute.xml.common import Text
@ -31,11 +33,11 @@ XMLNS = "http://docs.openstack.org/identity/api/v3"
class IdentityV3ClientXML(RestClientXML):
def __init__(self, username, password, auth_url, tenant_name=None):
super(IdentityV3ClientXML, self).__init__(username, password,
auth_url, tenant_name)
def __init__(self, auth_provider):
super(IdentityV3ClientXML, self).__init__(auth_provider)
self.service = CONF.identity.catalog_type
self.endpoint_url = 'adminURL'
self.api_version = "v3"
def _parse_projects(self, node):
array = []
@ -76,17 +78,8 @@ class IdentityV3ClientXML(RestClientXML):
return array
def _parse_body(self, body):
json = xml_to_json(body)
return json
def request(self, method, url, headers=None, body=None, wait=None):
"""Overriding the existing HTTP request in super class RestClient."""
self._set_auth()
self.base_url = self.base_url.replace(urlparse(self.base_url).path,
"/v3")
return super(IdentityV3ClientXML, self).request(method, url,
headers=headers,
body=body)
_json = xml_to_json(body)
return _json
def create_user(self, user_name, **kwargs):
"""Creates a user."""
@ -454,25 +447,41 @@ class IdentityV3ClientXML(RestClientXML):
class V3TokenClientXML(RestClientXML):
def __init__(self, username, password, auth_url, tenant_name=None):
super(V3TokenClientXML, self).__init__(username, password,
auth_url, tenant_name)
self.service = CONF.identity.catalog_type
self.endpoint_url = 'adminURL'
auth_url = CONF.identity.uri
if 'tokens' not in auth_url:
auth_url = auth_url.rstrip('/') + '/tokens'
def __init__(self):
super(V3TokenClientXML, self).__init__(None)
auth_url = CONF.identity.uri_v3
# If the v3 url is not set, get it from the v2 one
if auth_url is None:
auth_url = CONF.identity.uri.replace(urlparse.urlparse(
CONF.identity.uri).path, "/v3")
if 'auth/tokens' not in auth_url:
auth_url = auth_url.rstrip('/') + '/auth/tokens'
self.auth_url = auth_url
def auth(self, user_id, password):
user = Element('user',
id=user_id,
password=password)
def auth(self, user, password, tenant=None, user_type='id', domain=None):
"""
:param user: user id or name, as specified in user_type
Accepts different combinations of credentials. Restrictions:
- tenant and domain are only name (no id)
- user domain and tenant domain are assumed identical
Sample sample valid combinations:
- user_id, password
- username, password, domain
- username, password, tenant, domain
Validation is left to the server side.
"""
if user_type == 'id':
_user = Element('user', id=user, password=password)
else:
_user = Element('user', name=user, password=password)
if domain is not None:
_domain = Element('domain', name=domain)
_user.append(_domain)
password = Element('password')
password.append(user)
password.append(_user)
method = Element('method')
method.append(Text('password'))
@ -481,18 +490,51 @@ class V3TokenClientXML(RestClientXML):
identity = Element('identity')
identity.append(methods)
identity.append(password)
auth = Element('auth')
auth.append(identity)
headers = {'Content-Type': 'application/xml'}
resp, body = self.post("auth/tokens", headers=headers,
if tenant is not None:
project = Element('project', name=tenant)
project.append(_domain)
scope = Element('scope')
scope.append(project)
auth.append(scope)
resp, body = self.post(self.auth_url, headers=self.headers,
body=str(Document(auth)))
return resp, body
def request(self, method, url, headers=None, body=None, wait=None):
"""Overriding the existing HTTP request in super class rest_client."""
self._set_auth()
self.base_url = self.base_url.replace(urlparse(self.base_url).path,
"/v3")
return super(V3TokenClientXML, self).request(method, url,
headers=headers,
body=body)
def request(self, method, url, headers=None, body=None):
"""A simple HTTP request interface."""
# Send XML, accept JSON. XML response is not easily
# converted to the corresponding JSON one
headers['Accept'] = 'application/json'
self._log_request(method, url, headers, body)
resp, resp_body = self.http_obj.request(url, method,
headers=headers, body=body)
self._log_response(resp, resp_body)
if resp.status in [401, 403]:
resp_body = json.loads(resp_body)
raise exceptions.Unauthorized(resp_body['error']['message'])
elif resp.status not in [200, 201, 204]:
raise exceptions.IdentityError(
'Unexpected status code {0}'.format(resp.status))
return resp, json.loads(resp_body)
def get_token(self, user, password, tenant, domain='Default',
auth_data=False):
"""
:param user: username
Returns (token id, token data) for supplied credentials
"""
resp, body = self.auth(user, password, tenant, user_type='name',
domain=domain)
token = resp.get('x-subject-token')
if auth_data:
return token, body['token']
else:
return token

11
tempest/services/identity/v3/xml/policy_client.py
View File

@ -13,8 +13,6 @@
# License for the specific language governing permissions and limitations
# under the License.
from urlparse import urlparse
from lxml import etree
from tempest.common import http
@ -31,11 +29,11 @@ XMLNS = "http://docs.openstack.org/identity/api/v3"
class PolicyClientXML(RestClientXML):
def __init__(self, username, password, auth_url, tenant_name=None):
super(PolicyClientXML, self).__init__(username, password,
auth_url, tenant_name)
def __init__(self, auth_provider):
super(PolicyClientXML, self).__init__(auth_provider)
self.service = CONF.identity.catalog_type
self.endpoint_url = 'adminURL'
self.api_version = "v3"
def _parse_array(self, node):
array = []
@ -54,9 +52,6 @@ class PolicyClientXML(RestClientXML):
dscv = CONF.identity.disable_ssl_certificate_validation
self.http_obj = http.ClosingHttp(
disable_ssl_certificate_validation=dscv)
self._set_auth()
self.base_url = self.base_url.replace(urlparse(self.base_url).path,
"/v3")
return super(PolicyClientXML, self).request(method, url,
headers=headers,
body=body)

17
tempest/services/identity/v3/xml/service_client.py
View File

@ -13,8 +13,6 @@
# License for the specific language governing permissions and limitations
# under the License.
from urlparse import urlparse
from lxml import etree
from tempest.common.rest_client import RestClientXML
@ -30,11 +28,11 @@ XMLNS = "http://docs.openstack.org/identity/api/v3"
class ServiceClientXML(RestClientXML):
def __init__(self, username, password, auth_url, tenant_name=None):
super(ServiceClientXML, self).__init__(username, password,
auth_url, tenant_name)
def __init__(self, auth_provider):
super(ServiceClientXML, self).__init__(auth_provider)
self.service = CONF.identity.catalog_type
self.endpoint_url = 'adminURL'
self.api_version = "v3"
def _parse_array(self, node):
array = []
@ -46,15 +44,6 @@ class ServiceClientXML(RestClientXML):
data = xml_to_json(body)
return data
def request(self, method, url, headers=None, body=None, wait=None):
"""Overriding the existing HTTP request in super class rest_client."""
self._set_auth()
self.base_url = self.base_url.replace(urlparse(self.base_url).path,
"/v3")
return super(ServiceClientXML, self).request(method, url,
headers=headers,
body=body)
def update_service(self, service_id, **kwargs):
"""Updates a service_id."""
resp, body = self.get_service(service_id)

41
tempest/services/identity/xml/identity_client.py
View File

@ -17,7 +17,6 @@ import json
from lxml import etree
from tempest.common import http
from tempest.common.rest_client import RestClientXML
from tempest import config
from tempest import exceptions
@ -32,9 +31,8 @@ XMLNS = "http://docs.openstack.org/identity/api/v2.0"
class IdentityClientXML(RestClientXML):
def __init__(self, username, password, auth_url, tenant_name=None):
super(IdentityClientXML, self).__init__(username, password,
auth_url, tenant_name)
def __init__(self, auth_provider):
super(IdentityClientXML, self).__init__(auth_provider)
self.service = CONF.identity.catalog_type
self.endpoint_url = 'adminURL'
@ -266,9 +264,9 @@ class IdentityClientXML(RestClientXML):
class TokenClientXML(RestClientXML):
def __init__(self):
super(TokenClientXML, self).__init__(None)
auth_url = CONF.identity.uri
# TODO(jaypipes) Why is this all repeated code in here?
# Normalize URI to ensure /tokens is in it.
if 'tokens' not in auth_url:
auth_url = auth_url.rstrip('/') + '/tokens'
@ -281,33 +279,38 @@ class TokenClientXML(RestClientXML):
password=password)
auth = Element("auth", tenantName=tenant)
auth.append(passwordCreds)
headers = {'Content-Type': 'application/xml'}
resp, body = self.post(self.auth_url, headers=headers,
resp, body = self.post(self.auth_url, headers=self.headers,
body=str(Document(auth)))
return resp, body
return resp, body['access']
def request(self, method, url, headers=None, body=None):
"""A simple HTTP request interface."""
dscv = CONF.identity.disable_ssl_certificate_validation
self.http_obj = http.ClosingHttp(
disable_ssl_certificate_validation=dscv)
if headers is None:
headers = {}
# Send XML, accept JSON. XML response is not easily
# converted to the corresponding JSON one
headers['Accept'] = 'application/json'
self._log_request(method, url, headers, body)
resp, resp_body = self.http_obj.request(url, method,
headers=headers, body=body)
self._log_response(resp, resp_body)
if resp.status in (401, 403):
if resp.status in [401, 403]:
resp_body = json.loads(resp_body)
raise exceptions.Unauthorized(resp_body['error']['message'])
elif resp.status not in [200, 201]:
raise exceptions.IdentityError(
'Unexpected status code {0}'.format(resp.status))
return resp, resp_body
return resp, json.loads(resp_body)
def get_token(self, user, password, tenant):
def get_token(self, user, password, tenant, auth_data=False):
"""
Returns (token id, token data) for supplied credentials
"""
resp, body = self.auth(user, password, tenant)
if resp['status'] != '202':
body = json.loads(body)
access = body['access']
token = access['token']
return token['id']
if auth_data:
return body['token']['id'], body
else:
return body['token']['id']

23
tempest/services/image/v1/json/image_client.py
View File

@ -33,12 +33,10 @@ LOG = logging.getLogger(__name__)
class ImageClientJSON(RestClient):
def __init__(self, username, password, auth_url, tenant_name=None):
super(ImageClientJSON, self).__init__(username, password,
auth_url, tenant_name)
def __init__(self, auth_provider):
super(ImageClientJSON, self).__init__(auth_provider)
self.service = CONF.images.catalog_type
if CONF.service_available.glance:
self.http = self._get_http()
self._http = None
def _image_meta_from_headers(self, headers):
meta = {'properties': {}}
@ -106,13 +104,9 @@ class ImageClientJSON(RestClient):
return None
def _get_http(self):
token, endpoint = self.keystone_auth(self.user,
self.password,
self.auth_url,
self.service,
self.tenant_name)
dscv = CONF.identity.disable_ssl_certificate_validation
return glance_http.HTTPClient(endpoint=endpoint, token=token,
return glance_http.HTTPClient(auth_provider=self.auth_provider,
filters=self.filters,
insecure=dscv)
def _create_with_data(self, headers, data):
@ -132,6 +126,13 @@ class ImageClientJSON(RestClient):
body = json.loads(''.join([c for c in body_iter]))
return resp, body['image']
@property
def http(self):
if self._http is None:
if CONF.service_available.glance:
self._http = self._get_http()
return self._http
def create_image(self, name, container_format, disk_format, **kwargs):
params = {
"name": name,

21
tempest/services/image/v2/json/image_client.py
View File

@ -28,19 +28,15 @@ CONF = config.CONF
class ImageClientV2JSON(rest_client.RestClient):
def __init__(self, username, password, auth_url, tenant_name=None):
super(ImageClientV2JSON, self).__init__(username, password,
auth_url, tenant_name)
def __init__(self, auth_provider):
super(ImageClientV2JSON, self).__init__(auth_provider)
self.service = CONF.images.catalog_type
if CONF.service_available.glance:
self.http = self._get_http()
self._http = None
def _get_http(self):
token, endpoint = self.keystone_auth(self.user, self.password,
self.auth_url, self.service,
self.tenant_name)
dscv = CONF.identity.disable_ssl_certificate_validation
return glance_http.HTTPClient(endpoint=endpoint, token=token,
return glance_http.HTTPClient(auth_provider=self.auth_provider,
filters=self.filters,
insecure=dscv)
def get_images_schema(self):
@ -65,6 +61,13 @@ class ImageClientV2JSON(rest_client.RestClient):
jsonschema.validate(body, schema)
@property
def http(self):
if self._http is None:
if CONF.service_available.glance:
self._http = self._get_http()
return self._http
def create_image(self, name, container_format, disk_format, **kwargs):
params = {
"name": name,

5
tempest/services/network/json/network_client.py
View File

@ -31,9 +31,8 @@ class NetworkClientJSON(network_client_base.NetworkClientBase):
quotas
"""
def get_rest_client(self, username,
password, auth_url, tenant_name=None):
return RestClient(username, password, auth_url, tenant_name)
def get_rest_client(self, auth_provider):
return RestClient(auth_provider)
def deserialize_single(self, body):
return json.loads(body)

8
tempest/services/network/network_client_base.py
View File

@ -46,16 +46,14 @@ resource_plural_map = {
class NetworkClientBase(object):
def __init__(self, username, password,
auth_url, tenant_name=None):
def __init__(self, auth_provider):
self.rest_client = self.get_rest_client(
username, password, auth_url, tenant_name)
auth_provider)
self.rest_client.service = CONF.network.catalog_type
self.version = '2.0'
self.uri_prefix = "v%s" % (self.version)
def get_rest_client(self, username, password,
auth_url, tenant_name):
def get_rest_client(self, auth_provider):
raise NotImplementedError
def post(self, uri, body, headers=None):

6
tempest/services/network/xml/network_client.py
View File

@ -28,10 +28,8 @@ class NetworkClientXML(client_base.NetworkClientBase):
PLURALS = ['dns_nameservers', 'host_routes', 'allocation_pools',
'fixed_ips', 'extensions']
def get_rest_client(self, username, password,
auth_url, tenant_name=None):
return RestClientXML(username, password,
auth_url, tenant_name)
def get_rest_client(self, auth_provider):
return RestClientXML(auth_provider)
def _parse_array(self, node):
array = []

36
tempest/services/object_storage/account_client.py
View File

@ -25,12 +25,15 @@ CONF = config.CONF
class AccountClient(RestClient):
def __init__(self, username, password, auth_url, tenant_name=None):
super(AccountClient, self).__init__(username, password,
auth_url, tenant_name)
def __init__(self, auth_provider):
super(AccountClient, self).__init__(auth_provider)
self.service = CONF.object_storage.catalog_type
self.format = 'json'
@property
def token(self):
return self.auth_provider.auth_data[0]
def create_account(self, data=None,
params=None,
metadata={},
@ -128,20 +131,20 @@ class AccountClient(RestClient):
return resp, body
def list_extensions(self):
_base_url = self.base_url
self.base_url = "/".join(self.base_url.split("/")[:-2])
self.skip_path()
resp, body = self.get('info')
self.base_url = _base_url
self.reset_path()
body = json.loads(body)
return resp, body
class AccountClientCustomizedHeader(RestClient):
def __init__(self, username, password, auth_url, tenant_name=None):
super(AccountClientCustomizedHeader, self).__init__(username,
password, auth_url,
tenant_name)
# TODO(andreaf) This class is now redundant, to be removed in next patch
def __init__(self, auth_provider):
super(AccountClientCustomizedHeader, self).__init__(
auth_provider)
# Overwrites json-specific header encoding in RestClient
self.service = CONF.object_storage.catalog_type
self.format = 'json'
@ -151,14 +154,17 @@ class AccountClientCustomizedHeader(RestClient):
self.http_obj = http.ClosingHttp()
if headers is None:
headers = {}
if self.base_url is None:
self._set_auth()
req_url = "%s/%s" % (self.base_url, url)
# Authorize the request
req_url, req_headers, req_body = self.auth_provider.auth_request(
method=method, url=url, headers=headers, body=body,
filters=self.filters
)
self._log_request(method, req_url, headers, body)
# use original body
resp, resp_body = self.http_obj.request(req_url, method,
headers=headers, body=body)
headers=req_headers,
body=req_body)
self._log_response(resp, resp_body)
if resp.status == 401 or resp.status == 403:

Some files were not shown because too many files have changed in this diff Show More