Create a model for storing session tokens.

2010-07-28 16:55:02 +00:00
parent fdc1467c8d 323384a05e
commit 34a8baa096
2 changed files with 97 additions and 0 deletions
--- a/nova/flags.py
+++ b/nova/flags.py
@@ -76,6 +76,8 @@ DEFINE_string('vpn_key_suffix',
              '-key',
              'Suffix to add to project name for vpn key')

+DEFINE_integer('auth_token_ttl', 3600, 'Seconds for auth tokens to linger')
+
 # UNUSED
 DEFINE_string('node_availability_zone',
                    'nova',
--- a/nova/tests/model_unittest.py
+++ b/nova/tests/model_unittest.py
@@ -16,6 +16,7 @@
 #    License for the specific language governing permissions and limitations
 #    under the License.

+from datetime import datetime, timedelta
 import logging
 import time
 from twisted.internet import defer
@@ -64,6 +65,12 @@ class ModelTestCase(test.TrialTestCase):
        daemon.save()
        return daemon

+    def create_session_token(self):
+        session_token = model.SessionToken('tk12341234')
+        session_token['user'] = 'testuser'
+        session_token.save()
+        return session_token
+
    @defer.inlineCallbacks
    def test_create_instance(self):
        """store with create_instace, then test that a load finds it"""
@@ -202,3 +209,91 @@ class ModelTestCase(test.TrialTestCase):
            if x.identifier == 'testhost:nova-testdaemon':
                found = True
        self.assertTrue(found)
+
+    @defer.inlineCallbacks
+    def test_create_session_token(self):
+        """create"""
+        d = yield self.create_session_token()
+        d = model.SessionToken(d.token)
+        self.assertFalse(d.is_new_record())
+
+    @defer.inlineCallbacks
+    def test_delete_session_token(self):
+        """create, then destroy, then make sure loads a new record"""
+        instance = yield self.create_session_token()
+        yield instance.destroy()
+        newinst = yield model.SessionToken(instance.token)
+        self.assertTrue(newinst.is_new_record())
+
+    @defer.inlineCallbacks
+    def test_session_token_added_to_set(self):
+        """create, then check that it is included in list"""
+        instance = yield self.create_session_token()
+        found = False
+        for x in model.SessionToken.all():
+            if x.identifier == instance.token:
+                found = True
+        self.assert_(found)
+
+    @defer.inlineCallbacks
+    def test_session_token_associates_user(self):
+        """create, then check that it is listed for the user"""
+        instance = yield self.create_session_token()
+        found = False
+        for x in model.SessionToken.associated_to('user', 'testuser'):
+            if x.identifier == instance.identifier:
+                found = True
+        self.assertTrue(found)
+
+    @defer.inlineCallbacks
+    def test_session_token_generation(self):
+        instance = yield model.SessionToken.generate('username', 'TokenType')
+        self.assertFalse(instance.is_new_record())
+
+    @defer.inlineCallbacks
+    def test_find_generated_session_token(self):
+        instance = yield model.SessionToken.generate('username', 'TokenType')
+        found = yield model.SessionToken.lookup(instance.identifier)
+        self.assert_(found)
+
+    def test_update_session_token_expiry(self):
+        instance = model.SessionToken('tk12341234')
+        oldtime = datetime.utcnow()
+        instance['expiry'] = oldtime.strftime(utils.TIME_FORMAT)
+        instance.update_expiry()
+        expiry = utils.parse_isotime(instance['expiry'])
+        self.assert_(expiry > datetime.utcnow())
+
+    @defer.inlineCallbacks
+    def test_session_token_lookup_when_expired(self):
+        instance = yield model.SessionToken.generate("testuser")
+        instance['expiry'] = datetime.utcnow().strftime(utils.TIME_FORMAT)
+        instance.save()
+        inst = model.SessionToken.lookup(instance.identifier)
+        self.assertFalse(inst)
+
+    @defer.inlineCallbacks
+    def test_session_token_lookup_when_not_expired(self):
+        instance = yield model.SessionToken.generate("testuser")
+        inst = model.SessionToken.lookup(instance.identifier)
+        self.assert_(inst)
+
+    @defer.inlineCallbacks
+    def test_session_token_is_expired_when_expired(self):
+        instance = yield model.SessionToken.generate("testuser")
+        instance['expiry'] = datetime.utcnow().strftime(utils.TIME_FORMAT)
+        self.assert_(instance.is_expired())
+
+    @defer.inlineCallbacks
+    def test_session_token_is_expired_when_not_expired(self):
+        instance = yield model.SessionToken.generate("testuser")
+        self.assertFalse(instance.is_expired())
+
+    @defer.inlineCallbacks
+    def test_session_token_ttl(self):
+        instance = yield model.SessionToken.generate("testuser")
+        now = datetime.utcnow()
+        delta = timedelta(hours=1)
+        instance['expiry'] = (now + delta).strftime(utils.TIME_FORMAT)
+        # give 5 seconds of fuzziness
+        self.assert_(abs(instance.ttl() - FLAGS.auth_token_ttl) < 5)