From c3c6edbe8a083aef0fb6aea3cb461ff8e715fc59 Mon Sep 17 00:00:00 2001 From: Dean Troyer Date: Thu, 9 Oct 2014 15:16:07 -0500 Subject: Add plugin to support token-endpoint auth The ksc auth plugins do not have support for the original token-endpoint (aka token flow) auth where the user supplies a token (possibly the Keystone admin_token) and an API endpoint. This is used for bootstrapping Keystone but also has other uses when a scoped user token is provided. The api.auth:TokenEndpoint class is required to provide the same interface methods so all of the special-case code branches to support token-endpoint can be removed. Some additional cleanups related to ClientManager and creating the Compute client also were done to streamline using sessions. Change-Id: I1a6059afa845a591eff92567ca346c09010a93af --- openstackclient/tests/common/test_clientmanager.py | 48 ++++++++++++++++------ 1 file changed, 36 insertions(+), 12 deletions(-) (limited to 'openstackclient/tests') diff --git a/openstackclient/tests/common/test_clientmanager.py b/openstackclient/tests/common/test_clientmanager.py index 18461fb7..5ec86d59 100644 --- a/openstackclient/tests/common/test_clientmanager.py +++ b/openstackclient/tests/common/test_clientmanager.py @@ -76,6 +76,31 @@ class TestClientManager(utils.TestCase): url=fakes.AUTH_URL, verb='GET') + def test_client_manager_token_endpoint(self): + + client_manager = clientmanager.ClientManager( + auth_options=FakeOptions(os_token=fakes.AUTH_TOKEN, + os_url=fakes.AUTH_URL, + os_auth_plugin='token_endpoint'), + api_version=API_VERSION, + verify=True + ) + self.assertEqual( + fakes.AUTH_URL, + client_manager._url, + ) + + self.assertEqual( + fakes.AUTH_TOKEN, + client_manager._token, + ) + self.assertIsInstance( + client_manager.auth, + auth.TokenEndpoint, + ) + self.assertFalse(client_manager._insecure) + self.assertTrue(client_manager._verify) + def test_client_manager_token(self): client_manager = clientmanager.ClientManager( @@ -176,8 +201,7 @@ class TestClientManager(utils.TestCase): self.assertTrue(client_manager._verify) self.assertEqual('cafile', client_manager._cacert) - def _client_manager_guess_auth_plugin(self, auth_params, - api_version, auth_plugin): + def _select_auth_plugin(self, auth_params, api_version, auth_plugin): auth_params['os_auth_plugin'] = auth_plugin auth_params['os_identity_api_version'] = api_version client_manager = clientmanager.ClientManager( @@ -190,25 +214,25 @@ class TestClientManager(utils.TestCase): client_manager._auth_plugin, ) - def test_client_manager_guess_auth_plugin(self): + def test_client_manager_select_auth_plugin(self): # test token auth params = dict(os_token=fakes.AUTH_TOKEN, os_auth_url=fakes.AUTH_URL) - self._client_manager_guess_auth_plugin(params, '2.0', 'v2token') - self._client_manager_guess_auth_plugin(params, '3', 'v3token') - self._client_manager_guess_auth_plugin(params, 'XXX', 'token') - # test service auth + self._select_auth_plugin(params, '2.0', 'v2token') + self._select_auth_plugin(params, '3', 'v3token') + self._select_auth_plugin(params, 'XXX', 'token') + # test token/endpoint auth params = dict(os_token=fakes.AUTH_TOKEN, os_url='test') - self._client_manager_guess_auth_plugin(params, 'XXX', '') + self._select_auth_plugin(params, 'XXX', 'token_endpoint') # test password auth params = dict(os_auth_url=fakes.AUTH_URL, os_username=fakes.USERNAME, os_password=fakes.PASSWORD) - self._client_manager_guess_auth_plugin(params, '2.0', 'v2password') - self._client_manager_guess_auth_plugin(params, '3', 'v3password') - self._client_manager_guess_auth_plugin(params, 'XXX', 'password') + self._select_auth_plugin(params, '2.0', 'v2password') + self._select_auth_plugin(params, '3', 'v3password') + self._select_auth_plugin(params, 'XXX', 'password') - def test_client_manager_guess_auth_plugin_failure(self): + def test_client_manager_select_auth_plugin_failure(self): self.assertRaises(exc.CommandError, clientmanager.ClientManager, auth_options=FakeOptions(os_auth_plugin=''), -- cgit v1.2.1