x/swift3
Code Issues Proposed changes

Keystone_token is no longer needed

Browse Source 
Swift3 uses 2 types of tokens when using keystone auth. One is a token
generated from upload information as a canonical string. This token is used
with "Authorization" header. The other is a token retreived from a keystone
server as a pre-autheticated token. This token is used without "Authorization"
header to clarify it as a pre-authenticated request.

We've already have a code to delete that "Authorization" header when the
pre-authenticated request succeeded so that swift3 doesn't need to keep
the keystone_token variable in the Request class.

Change-Id: I27dfff910a0d5517d00809bb65041c3bb5dd35ca
This commit is contained in:
Kota Tsuyuzaki
2015-02-02 08:14:02 -08:00
parent c56e1aa6e4
commit adf42e8dc0
2 changed files with 4 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
swift3/request.py
View File

@@ -96,7 +96,6 @@ class Request(swob.Request):
self._validate_headers()
self.token = base64.urlsafe_b64encode(self._canonical_string())
self.account = None
self.keystone_token = None
self.user_id = None
self.slo_enabled = slo_enabled
@@ -436,10 +435,7 @@ class Request(swob.Request):
if method is not None:
env['REQUEST_METHOD'] = method
if self.keystone_token:
env['HTTP_X_AUTH_TOKEN'] = self.keystone_token
else:
env['HTTP_X_AUTH_TOKEN'] = self.token
env['HTTP_X_AUTH_TOKEN'] = self.token
if obj:
path = '/v1/%s/%s/%s' % (account, container, obj)
@@ -711,7 +707,7 @@ class S3AclRequest(Request):
self.user_id = "%s:%s" % (sw_resp.environ['HTTP_X_TENANT_NAME'],
sw_resp.environ['HTTP_X_USER_NAME'])
self.user_id = utf8encode(self.user_id)
self.keystone_token = sw_req.environ['HTTP_X_AUTH_TOKEN']
self.token = sw_resp.environ['HTTP_X_AUTH_TOKEN']
# Need to skip S3 authorization since authtoken middleware
# overwrites account in PATH_INFO
del self.headers['Authorization']

2
swift3/test/unit/test_request.py
View File

@@ -208,6 +208,7 @@ class TestRequest(Swift3TestCase):
s3_req = S3AclRequest(req.environ, MagicMock())
self.assertTrue('HTTP_AUTHORIZATION' not in s3_req.environ)
self.assertTrue('Authorization' not in s3_req.headers)
self.assertEquals(s3_req.token, 'token')
def test_to_swift_req_Authorization_not_exist_in_swreq_headers(self):
container = 'bucket'
@@ -225,6 +226,7 @@ class TestRequest(Swift3TestCase):
sw_req = s3_req.to_swift_req(method, container, obj)
self.assertTrue('HTTP_AUTHORIZATION' not in sw_req.environ)
self.assertTrue('Authorization' not in sw_req.headers)
self.assertEquals(sw_req.headers['X-Auth-Token'], 'token')
if __name__ == '__main__':