Test v2 tokens being deleted by v3

This test illustrates that v2 tokens deleted by v3 do not work on v2.

Change-Id: Ia87fc785afe624fde0ad191cc6f031eb7605096e
Related-Bug: 1464377
(cherry picked from commit 0941a5e46391bfeecac1247d12604fcb78047cb7)

1 files changed, 25 insertions, 0 deletions

diff --git a/keystone/tests/test_v3_auth.py b/keystone/tests/test_v3_auth.py
index 7f4270513..48522b5ae 100644
--- a/keystone/tests/test_v3_auth.py
+++ b/keystone/tests/test_v3_auth.py
@@ -374,6 +374,31 @@ class TokenAPITests(object):
 
         self.assertEqual(v2_issued_at, v3_issued_at)
 
+    def test_v2_token_deleted_on_v3(self):
+        # Create a v2 token.
+        body = {
+            'auth': {
+                'passwordCredentials': {
+                    'userId': self.default_domain_user['id'],
+                    'password': self.default_domain_user['password']
+                },
+                'tenantId': self.default_domain_project['id']
+            }
+        }
+        r = self.admin_request(
+            path='/v2.0/tokens', method='POST', body=body)
+        v2_token = r.result['access']['token']['id']
+
+        # Delete the v2 token using v3.
+        resp = self.delete(
+            '/auth/tokens', headers={'X-Subject-Token': v2_token})
+        self.assertEqual(resp.status_code, 204)
+
+        # Attempting to use the deleted token on v2 should fail.
+        self.admin_request(
+            path='/v2.0/tenants', method='GET', token=v2_token,
+            expected_status=401)
+
     def test_rescoping_token(self):
         expires = self.token_data['token']['expires_at']
         auth_data = self.build_authentication_request(