summaryrefslogtreecommitdiff
path: root/heat/tests/test_auth_password.py
Commit message (Collapse)AuthorAgeFilesLines
* Use mock in test_auth_password.pyricolin2018-03-131-41/+31
| | | | | | | | In heat, some unit tests still use mox3, which will make the test speed more slower, so I decide to remove it. Change-Id: I68f016053de61ec274636dfe9f83ae57b1b9a84b
* Make standalone heat work with keystone v3rabi2017-07-171-48/+25
| | | | | | | | | | - Fix authpassword middleware - Pass user_domain/project_domain all through. user_domain is required whenever authenticating a user with 'username' and creating the 'password' auth_plugin. Change-Id: I692639a16be42b755628695d89731aa23eb9221b Closes-Bug: #1699418
* Migrate to keystoneauthLu lei2016-09-061-1/+1
| | | | | | | | | | | | This is the final patch to switch from keystoneclient to keystoneauth. keystoneclient's auth session, plugins,and adapter code has been deprecated. For more information: [1] http://docs.openstack.org/developer/keystoneauth/migrating.html Change-Id: If8449382aeccf51587d991f55a53c43742ad7a72
* Use generic auth pluginsrabi2016-06-071-17/+17
| | | | | | | | This change removes use of version specific auth plugins and instead uses generic plugins. Change-Id: I19898d351c4a08f5f865f9debd60070d50aa5eff Related-Bug: #1554533
* Move heat_keystoneclient to clients packagerabi2016-06-011-1/+2
| | | | | | | | This moves the heat_keystoneclient wrapper to heat.engine.clients package. Change-Id: I39636abb946a7608014145d9edca5297d9f929d0 Related-Bug: #1554533
* Use keystoneauth1 instead of keystoneclient.authEthan Lynn2016-05-241-2/+2
| | | | | | | keystoneclient.auth is deprecated, use keystoneauth1 instead. Change-Id: Idf6daaccef8547755989140a91e4543cc94f9b58 Closes-Bug: #1554533
* Use user_domain for password auth_pluginRabi Mishra2016-01-051-3/+6
| | | | | | Use available user_domain for password auth_plugin. Change-Id: Ibb15367f7ac54a565319c6097e4d6f12b07ebd7e
* py34: test_auth_*Sirushti Murugesan2015-08-051-1/+2
| | | | | | | | convert to bytes before assigning value to resp.body partial blueprint heat-python34-support Change-Id: I6929b96cb9742df26c037deb94bef194feb06903
* Remove deprecated headers in auth_passwordSergey Kraynev2015-06-151-5/+0
| | | | | | | | | | According decisions in: https://etherpad.openstack.org/p/YVR-heat-liberty-deprecation deprecated headers were deleted, also context class was switched on using Project header instead of Tenant. Change-Id: Ibe0b572dd7315a82774077a77579dd1380b59d6d
* Make import of oslo libraries namespacelessJens Rosenboom2015-02-181-1/+1
| | | | | | | See https://blueprints.launchpad.net/oslo-incubator/+spec/drop-namespace-packages Closes-Bug: 1423174 Change-Id: I48680ce6e7ce91005c147ab4388203946171d433
* Use keystoneclient auth pluginsJamie Lennox2015-01-271-38/+35
| | | | | | | | | | | | | | | This is the first step in converting to using keystoneclient auth plugins. It moves responsibility for controlling authentication away from the keystoneclient and onto the equivalent functions provided by the context. The existing functions are left for now with redirects to the context. Have the context create an authentication plugin for the user credentials in the same way that keystoneclient used to. This involves updating a number of tests as we need to stub authentication information from the context and not the client. Change-Id: Ifeb5c99387aec0eb5dce3f2744388c948d78a2bb
* Use configured auth for standalone middlewareSteve Baker2014-12-181-15/+89
| | | | | | | | | | | | | | | | | | | | Previously auth_password.KeystonePasswordAuthProtocol directly created a keystone v2 client, which means that heat-standalone wouldn't work if heat-engine is using the default KeystoneClientV3 client. This change creates a heat_keystoneclient.KeystoneClient and uses that to fetch the data required to build the authenticated env to pass to the request context. This means that the standalone middleware will now work with the default v3 keystone backend, the contrib v2 backend, or any other valid implementation of KeystoneClient. The type of KeystoneClient is determined by the heat.conf keystone_backend value, which means that this value is now read by heat-api when using the standalone middleware. For v3 the service catalog is left empty, which means heat-engine will fetch it again. Change-Id: I46d4edbfffdb0e606e4f4c767610c137d03495f4 Closes-Bug: #1402472
* Fix [H302] errors in heat/testsPeter Razumovsky2014-11-261-4/+5
| | | | Change-Id: Ia7527c6704e61d854be8e847e2401f33fb48d4df
* Don't import HeatTestCase directlyZhenguo Niu2014-10-221-2/+2
| | | | | | | Fix the HeatTestCase import issue as required by H302, a following patch of https://review.openstack.org/#/c/129846/ Change-Id: Iab9a508682e9fe2932b7d00b191c8a4cdea4738b
* Merge "Make the first line of every file consistent."Jenkins2014-04-081-1/+1
|\
| * Make the first line of every file consistent.Jason Dunsmore2014-03-041-1/+1
| | | | | | | | Change-Id: I2e1a809cfca8e88693551d58d33e747f54ee5eb1
* | Order imports in alphabetical order (7/9)Pavlo Shchelokovskyy2014-03-181-1/+1
|/ | | | | | | | | This patch is one in a series to re-enable H306 style check rule (imports are in alphabetical order). It touches roughly half of tests (up to and including test_m*). Implements: blueprint reduce-flake8-ignored-rules (partial) Change-Id: Id1e10f7a519ceeb4339488760b36950440461edb
* Remove vim header from files.Jason Dunsmore2014-03-041-1/+0
| | | | | Change-Id: Ia6131f8fcac6902c80c80aa805c8cd7a2a41f280 Closes-Bug: #1229324
* Move X-Auth-Url logic to auth_url middlewareAnderson Mesquita2014-02-201-60/+2
| | | | | | | | | | | | | Refactoring the auth_password middleware to move X-Auth-Url logic into the auth_url middleware, so that all X-Auth-Url logic is handled in one place. This also adds the auth_url middleware in front of the auth_password middleware, so that there should be no behavior change Co-Authored-By: Richard Lee <rblee88@gmail.com> Related-Bug: #1259364 Change-Id: I3819cbf1a4c4955752dc7c804b0add1bab2b962c
* Fix incompatibilities in tests with keystoneclient 0.6Thomas Herve2014-02-141-6/+9
| | | | | | | | The patch removes usage of StubOutClassWithMocks with keystone Client class, which doesn't work anymore now that there is an ABC in the MRO. Change-Id: I4e8ff2cde2723060faf9906ecf51b13911ac5f42 Closes-Bug: #1279907
* Fix order of arguments in assertEqual (patch 1/2)Pavlo Shchelokovskyy2014-01-241-5/+5
| | | | | | | | | | | | | | Some tests used incorrect order assertEqual(observed, expected). The correct order expected by testtools is assertEqual(expected, observed). This patch includes roughly half of the files touched by these changes (up to and including test_m* sans contrib code) to ease the review. Partial-Bug: #1259292 Change-Id: I44bff827c7c50726d48aa649b7685712a233ee62
* Fix unused variables 2/2: enable unused var checkJUN JIE NAN2014-01-081-1/+1
| | | | | | | To make code simple and clean and enable unused local variables(F841) check. Change-Id: I420e4b3c8845efc616d447922122167af383dbc1
* Replace OpenStack LLC with OpenStack FoundationZhiQiang Fan2013-09-201-1/+1
| | | | | Change-Id: Ia3489a1cff5070b000098e278c772cb823ae688c Fixes-Bug: #1214176
* Run cfg.CONF.reset() on test cleanupSteve Baker2013-09-061-5/+0
| | | | | | | | | | | | This means clear_override and clear_default do not need to be called explicitly for each set_override and set_default call. This also fixes any potential test execution order issues where an option has been set without being cleared at all. Change-Id: Ic40c3be10b32eb3011bc0733cee9c1faaf8f1240 Fixes-Bug: #1221476
* Always validate auth_uri with allowed_auth_urisSteve Baker2013-08-221-5/+13
| | | | | | | | | | | | | | | | | | | | The original intention was to allow heat to orchestrate on any requested cloud when allowed_auth_uris is configured with an empty list. This change makes all requests be validated against allowed_auth_uris for the following reasons: - there is a potential security issue with requests being authorised by a fake keystone, allowing an exploit in heat to be executed without any valid authentication factors first being presented. - ec2token middleware will also need to be made multi-cloud aware however as a compatible API it is not possible to specify the desired auth_uri with each request. Instead ec2token will need a list of configured endpoints so that it can try each one until a request is authenticated. Change-Id: I3d6b7edf381a66b87b6e1fae07bc5dbe9db024bc
* Enable multi-cloud standalone modeBen Nemec2013-08-111-0/+56
| | | | | | | | | | | | Adds a multi_cloud configuration parameter for auth_password that tells a standalone Heat installation to look for its auth_url in the request headers instead of the configuration file. Also adds an allowed_auth_uris configuration option to specify which auth_urls are allowed as targets. bp heat-multicloud Change-Id: Ic0929586ac3b57c7f9f3335e0dbd5e14e6b56067
* Key error when auth in standalone modeAndrew Plunk2013-06-111-1/+1
| | | | | | | | | Fix a key error caused from the response of authing in stand alone mode. The keystone docs indicate that the schema for a response user name is ['user']['name'] rather than ['user']['username']. Change-Id: I9ac94feeef8f9f2dedaa3842f64a3491e701e199
* Support password authentication.Cody A.W. Somerville2013-05-061-0/+119
Add alternative authentication middleware to authenticate against Keystone using username and password instead of validating existing auth token. The benefit being that you no longer require admin/service token to authenticate users. To use, update heat-api.conf: [paste_deploy] flavor = standalone This should make it possible to try heat out against existing public clouds. Change-Id: Ia584bba78e8984581f0fb6882bbb17d5efa238db
View Lorry Controller Status