Moving authentication from keystoneclient to keystoneauth

Currently OpenStackClient uses keystoneclient for authentication. This change will update OpenStackClient to use keystoneauth for authentication. All dependant test have been updated. Updating how auth_ref is set in the tests to use KSA fixtures had some racy side-effects. The user_role_list tests failed when they picked up an auth_ref that was a fixture. This exposed a weakness in ListUserRole that needed to be fixed at the same time re handling of unscoped tokens and options. Change-Id: I4ddb2dbbb3bf2ab37494468eaf65cef9213a6e00 Closes-Bug: 1533369
author: Navid Pustchi <npustchi@gmail.com> 2016-02-04 16:45:38 +0000
committer: Alvaro Lopez Garcia <aloga@ifca.unican.es> 2016-06-09 18:00:40 +0200
commit: 6ae0d2e8a54fd5139e63a990ab4bdce634e73c5e (patch)
tree: 5833e88147e71524b49a5b25979fd17869dd455c /openstackclient/tests/identity/v3
parent: ada6abb30e6b1c49229817ae53ab96d88c50fd21 (diff)
download: python-openstackclient-6ae0d2e8a54fd5139e63a990ab4bdce634e73c5e.tar.gz
3 files changed, 79 insertions, 23 deletions
diff --git a/openstackclient/tests/identity/v3/fakes.py b/openstackclient/tests/identity/v3/fakes.py
index 1422166a..cd1b4bd7 100644
--- a/openstackclient/tests/identity/v3/fakes.py
+++ b/openstackclient/tests/identity/v3/fakes.py
@@ -13,8 +13,12 @@
 #   under the License.
 #
 
+import copy
 import mock
 
+from keystoneauth1 import access
+from keystoneauth1 import fixture
+
 from openstackclient.tests import fakes
 from openstackclient.tests import utils
 
@@ -419,6 +423,36 @@ OAUTH_VERIFIER = {
 }
 
 
+def fake_auth_ref(fake_token, fake_service=None):
+    """Create an auth_ref using keystoneauth's fixtures"""
+    token_copy = copy.deepcopy(fake_token)
+    token_id = token_copy.pop('id')
+    token = fixture.V3Token(**token_copy)
+    # An auth_ref is actually an access info object
+    auth_ref = access.create(
+        body=token,
+        auth_token=token_id,
+    )
+
+    # Create a service catalog
+    if fake_service:
+        service = token.add_service(
+            fake_service['type'],
+            fake_service['name'],
+        )
+        # TODO(dtroyer): Add an 'id' element to KSA's _Service fixure
+        service['id'] = fake_service['id']
+        for e in fake_service['endpoints']:
+            region = e.get('region_id') or e.get('region', '<none>')
+            service.add_endpoint(
+                e['interface'],
+                e['url'],
+                region=region,
+            )
+
+    return auth_ref
+
+
 class FakeAuth(object):
 
     def __init__(self, auth_method_class=None):
diff --git a/openstackclient/tests/identity/v3/test_catalog.py b/openstackclient/tests/identity/v3/test_catalog.py
index 1b8fa085..e3c5ed3d 100644
--- a/openstackclient/tests/identity/v3/test_catalog.py
+++ b/openstackclient/tests/identity/v3/test_catalog.py
@@ -14,6 +14,7 @@
 import mock
 
 from openstackclient.identity.v3 import catalog
+from openstackclient.tests.identity.v3 import fakes as identity_fakes
 from openstackclient.tests import utils
 
 
@@ -50,7 +51,7 @@ class TestCatalog(utils.TestCommand):
         super(TestCatalog, self).setUp()
 
         self.sc_mock = mock.MagicMock()
-        self.sc_mock.service_catalog.get_data.return_value = [
+        self.sc_mock.service_catalog.catalog.return_value = [
             self.fake_service,
         ]
 
@@ -69,6 +70,13 @@ class TestCatalogList(TestCatalog):
         self.cmd = catalog.ListCatalog(self.app, None)
 
     def test_catalog_list(self):
+        auth_ref = identity_fakes.fake_auth_ref(
+            identity_fakes.TOKEN_WITH_PROJECT_ID,
+            fake_service=self.fake_service,
+        )
+        self.ar_mock = mock.PropertyMock(return_value=auth_ref)
+        type(self.app.client_manager).auth_ref = self.ar_mock
+
         arglist = []
         verifylist = []
         parsed_args = self.check_parser(self.cmd, arglist, verifylist)
@@ -77,7 +85,6 @@ class TestCatalogList(TestCatalog):
         # returns a tuple containing the column names and an iterable
         # containing the data to be listed.
         columns, data = self.cmd.take_action(parsed_args)
-        self.sc_mock.service_catalog.get_data.assert_called_with()
 
         collist = ('Name', 'Type', 'Endpoints')
         self.assertEqual(collist, columns)
@@ -101,6 +108,13 @@ class TestCatalogShow(TestCatalog):
         self.cmd = catalog.ShowCatalog(self.app, None)
 
     def test_catalog_show(self):
+        auth_ref = identity_fakes.fake_auth_ref(
+            identity_fakes.TOKEN_WITH_PROJECT_ID,
+            fake_service=self.fake_service,
+        )
+        self.ar_mock = mock.PropertyMock(return_value=auth_ref)
+        type(self.app.client_manager).auth_ref = self.ar_mock
+
         arglist = [
             'compute',
         ]
@@ -113,7 +127,6 @@ class TestCatalogShow(TestCatalog):
         # returns a two-part tuple with a tuple of column names and a tuple of
         # data to be shown.
         columns, data = self.cmd.take_action(parsed_args)
-        self.sc_mock.service_catalog.get_data.assert_called_with()
 
         collist = ('endpoints', 'id', 'name', 'type')
         self.assertEqual(collist, columns)
diff --git a/openstackclient/tests/identity/v3/test_token.py b/openstackclient/tests/identity/v3/test_token.py
index b68bc242..9728c6e1 100644
--- a/openstackclient/tests/identity/v3/test_token.py
+++ b/openstackclient/tests/identity/v3/test_token.py
@@ -24,10 +24,9 @@ class TestToken(identity_fakes.TestIdentityv3):
     def setUp(self):
         super(TestToken, self).setUp()
 
-        # Get a shortcut to the Service Catalog Mock
-        self.sc_mock = mock.Mock()
-        self.app.client_manager.auth_ref = mock.Mock()
-        self.app.client_manager.auth_ref.service_catalog = self.sc_mock
+        # Get a shortcut to the Auth Ref Mock
+        self.ar_mock = mock.PropertyMock()
+        type(self.app.client_manager).auth_ref = self.ar_mock
 
 
 class TestTokenIssue(TestToken):
@@ -38,23 +37,25 @@ class TestTokenIssue(TestToken):
         self.cmd = token.IssueToken(self.app, None)
 
     def test_token_issue_with_project_id(self):
+        auth_ref = identity_fakes.fake_auth_ref(
+            identity_fakes.TOKEN_WITH_PROJECT_ID,
+        )
+        self.ar_mock = mock.PropertyMock(return_value=auth_ref)
+        type(self.app.client_manager).auth_ref = self.ar_mock
+
         arglist = []
         verifylist = []
         parsed_args = self.check_parser(self.cmd, arglist, verifylist)
-        self.sc_mock.get_token.return_value = \
-            identity_fakes.TOKEN_WITH_PROJECT_ID
 
         # In base command class ShowOne in cliff, abstract method take_action()
         # returns a two-part tuple with a tuple of column names and a tuple of
         # data to be shown.
         columns, data = self.cmd.take_action(parsed_args)
 
-        self.sc_mock.get_token.assert_called_with()
-
         collist = ('expires', 'id', 'project_id', 'user_id')
         self.assertEqual(collist, columns)
         datalist = (
-            identity_fakes.token_expires,
+            auth_ref.expires,
             identity_fakes.token_id,
             identity_fakes.project_id,
             identity_fakes.user_id,
@@ -62,45 +63,53 @@ class TestTokenIssue(TestToken):
         self.assertEqual(datalist, data)
 
     def test_token_issue_with_domain_id(self):
+        auth_ref = identity_fakes.fake_auth_ref(
+            identity_fakes.TOKEN_WITH_DOMAIN_ID,
+        )
+        self.ar_mock = mock.PropertyMock(return_value=auth_ref)
+        type(self.app.client_manager).auth_ref = self.ar_mock
+
         arglist = []
         verifylist = []
         parsed_args = self.check_parser(self.cmd, arglist, verifylist)
-        self.sc_mock.get_token.return_value = \
-            identity_fakes.TOKEN_WITH_DOMAIN_ID
 
         # In base command class ShowOne in cliff, abstract method take_action()
         # returns a two-part tuple with a tuple of column names and a tuple of
         # data to be shown.
         columns, data = self.cmd.take_action(parsed_args)
 
-        self.sc_mock.get_token.assert_called_with()
-
         collist = ('domain_id', 'expires', 'id', 'user_id')
         self.assertEqual(collist, columns)
         datalist = (
             identity_fakes.domain_id,
-            identity_fakes.token_expires,
+            auth_ref.expires,
             identity_fakes.token_id,
             identity_fakes.user_id,
         )
         self.assertEqual(datalist, data)
 
     def test_token_issue_with_unscoped(self):
+        auth_ref = identity_fakes.fake_auth_ref(
+            identity_fakes.UNSCOPED_TOKEN,
+        )
+        self.ar_mock = mock.PropertyMock(return_value=auth_ref)
+        type(self.app.client_manager).auth_ref = self.ar_mock
+
         arglist = []
         verifylist = []
         parsed_args = self.check_parser(self.cmd, arglist, verifylist)
-        self.sc_mock.get_token.return_value = \
-            identity_fakes.UNSCOPED_TOKEN
 
         # DisplayCommandBase.take_action() returns two tuples
         columns, data = self.cmd.take_action(parsed_args)
 
-        self.sc_mock.get_token.assert_called_with()
-
-        collist = ('expires', 'id', 'user_id')
+        collist = (
+            'expires',
+            'id',
+            'user_id',
+        )
         self.assertEqual(collist, columns)
         datalist = (
-            identity_fakes.token_expires,
+            auth_ref.expires,
             identity_fakes.token_id,
             identity_fakes.user_id,
         )
author	Navid Pustchi <npustchi@gmail.com>	2016-02-04 16:45:38 +0000
committer	Alvaro Lopez Garcia <aloga@ifca.unican.es>	2016-06-09 18:00:40 +0200
commit	6ae0d2e8a54fd5139e63a990ab4bdce634e73c5e (patch)
tree	5833e88147e71524b49a5b25979fd17869dd455c /openstackclient/tests/identity/v3
parent	ada6abb30e6b1c49229817ae53ab96d88c50fd21 (diff)
download	python-openstackclient-6ae0d2e8a54fd5139e63a990ab4bdce634e73c5e.tar.gz