diff options
author | Brant Knudson <bknudson@us.ibm.com> | 2014-09-17 19:15:07 -0500 |
---|---|---|
committer | Brant Knudson <bknudson@us.ibm.com> | 2014-12-08 19:35:08 -0600 |
commit | ee477d461f41ea18889bdf4e907bc7e50d609898 (patch) | |
tree | d25d2a166f29a7111b914796824d243a148108fc | |
parent | b4cb4a17e9a31d8487418762aede196daa7ba957 (diff) | |
download | keystonemiddleware-ee477d461f41ea18889bdf4e907bc7e50d609898.tar.gz |
Auth token tests create temp cert directory
The auth token tests were using the example signing directory as the
default signing directory. This is dangerous because the auth token
middleware may write to the directory in the course of the tests.
With this change, a temporary directory is created for each test
that's populated with the sample files.
Test this by doing `chmod -w examples/pki/certs` before running the
tests.
Change-Id: I139c6f0602d3258ac65ffe54bc0e7c3f82d14264
-rw-r--r-- | keystonemiddleware/tests/test_auth_token_middleware.py | 24 |
1 files changed, 13 insertions, 11 deletions
diff --git a/keystonemiddleware/tests/test_auth_token_middleware.py b/keystonemiddleware/tests/test_auth_token_middleware.py index af8db29..446ea03 100644 --- a/keystonemiddleware/tests/test_auth_token_middleware.py +++ b/keystonemiddleware/tests/test_auth_token_middleware.py @@ -279,9 +279,11 @@ class BaseAuthTokenMiddlewareTest(testtools.TestCase): self.middleware = None self.requests = self.useFixture(rm_fixture.Fixture()) + signing_dir = self._setup_signing_directory() + self.conf = { 'identity_uri': 'https://keystone.example.com:1234/testadmin/', - 'signing_dir': client_fixtures.CERTDIR, + 'signing_dir': signing_dir, 'auth_version': auth_version, 'auth_uri': 'https://keystone.example.com:1234', 'admin_user': uuid.uuid4().hex, @@ -291,6 +293,16 @@ class BaseAuthTokenMiddlewareTest(testtools.TestCase): self.response_status = None self.response_headers = None + def _setup_signing_directory(self): + directory_name = self.useFixture(fixtures.TempDir()).path + + # Copy the sample certificate files into the temporary directory. + for filename in ['cacert.pem', 'signing_cert.pem', ]: + shutil.copy2(os.path.join(client_fixtures.CERTDIR, filename), + os.path.join(directory_name, filename)) + + return directory_name + def set_middleware(self, expected_env=None, conf=None): """Configure the class ready to call the auth_token middleware. @@ -308,14 +320,6 @@ class BaseAuthTokenMiddlewareTest(testtools.TestCase): self.middleware = auth_token.AuthProtocol( self.fake_app(self.expected_env), self.conf) - with tempfile.NamedTemporaryFile(dir=self.middleware._signing_dirname, - delete=False) as f: - pass - self.middleware._revoked_file_name = f.name - - self.addCleanup(cleanup_revoked_file, - self.middleware._revoked_file_name) - self.middleware._token_revocation_list = jsonutils.dumps( {"revoked": [], "extra": "success"}) @@ -1087,7 +1091,6 @@ class CommonAuthTokenMiddlewareTest(object): token_cache_time = 10 conf = { 'token_cache_time': '%s' % token_cache_time, - 'signing_dir': client_fixtures.CERTDIR, } conf.update(extra_conf) self.set_middleware(conf=conf) @@ -1641,7 +1644,6 @@ class CrossVersionAuthTokenMiddlewareTest(BaseAuthTokenMiddlewareTest, """ conf = { - 'signing_dir': client_fixtures.CERTDIR, 'auth_version': 'v2.0' } |