diff options
author | Jenkins <jenkins@review.openstack.org> | 2013-06-28 16:49:23 +0000 |
---|---|---|
committer | Gerrit Code Review <review@openstack.org> | 2013-06-28 16:49:23 +0000 |
commit | 9ee038fc65a439d16d949e56efa65b147b9b8923 (patch) | |
tree | fcd1aac0dcd00998e202f596546f6617904ebcb7 | |
parent | 900e1433f1398550b0ebec62e34b91f783ef9ca3 (diff) | |
parent | fe8f9023acb945ad3c201a42baa28179eb08b388 (diff) | |
download | python-keystoneclient-9ee038fc65a439d16d949e56efa65b147b9b8923.tar.gz |
Merge "Fix and enable H401"0.3.1
-rw-r--r-- | keystoneclient/access.py | 12 | ||||
-rw-r--r-- | keystoneclient/common/cms.py | 3 | ||||
-rw-r--r-- | keystoneclient/exceptions.py | 2 | ||||
-rw-r--r-- | keystoneclient/generic/client.py | 16 | ||||
-rw-r--r-- | keystoneclient/middleware/auth_token.py | 8 | ||||
-rwxr-xr-x | keystoneclient/middleware/memcache_crypt.py | 24 | ||||
-rw-r--r-- | keystoneclient/v2_0/client.py | 8 | ||||
-rw-r--r-- | keystoneclient/v2_0/roles.py | 4 | ||||
-rw-r--r-- | keystoneclient/v2_0/tenants.py | 6 | ||||
-rw-r--r-- | keystoneclient/v3/client.py | 6 | ||||
-rw-r--r-- | tests/test_auth_token_middleware.py | 22 | ||||
-rw-r--r-- | tests/utils.py | 7 | ||||
-rw-r--r-- | tests/v3/utils.py | 7 | ||||
-rw-r--r-- | tox.ini | 3 |
14 files changed, 65 insertions, 63 deletions
diff --git a/keystoneclient/access.py b/keystoneclient/access.py index c8b4ffc..0f0bbd7 100644 --- a/keystoneclient/access.py +++ b/keystoneclient/access.py @@ -173,10 +173,10 @@ class AccessInfo(dict): @property def scoped(self): - """ Returns true if the authorization token was scoped to a tenant - (project), and contains a populated service catalog. + """Returns true if the authorization token was scoped to a tenant + (project), and contains a populated service catalog. - This is deprecated, use project_scoped instead. + This is deprecated, use project_scoped instead. :returns: bool """ @@ -184,8 +184,8 @@ class AccessInfo(dict): @property def project_scoped(self): - """ Returns true if the authorization token was scoped to a tenant - (project). + """Returns true if the authorization token was scoped to a tenant + (project). :returns: bool """ @@ -193,7 +193,7 @@ class AccessInfo(dict): @property def domain_scoped(self): - """ Returns true if the authorization token was scoped to a domain. + """Returns true if the authorization token was scoped to a domain. :returns: bool """ diff --git a/keystoneclient/common/cms.py b/keystoneclient/common/cms.py index 48b991a..3cca85c 100644 --- a/keystoneclient/common/cms.py +++ b/keystoneclient/common/cms.py @@ -118,7 +118,8 @@ def is_ans1_token(token): def cms_sign_text(text, signing_cert_file_name, signing_key_file_name): - """ Uses OpenSSL to sign a document + """Uses OpenSSL to sign a document. + Produces a Base64 encoding of a DER formatted CMS Document http://en.wikipedia.org/wiki/Cryptographic_Message_Syntax """ diff --git a/keystoneclient/exceptions.py b/keystoneclient/exceptions.py index 4b33ae0..30426f8 100644 --- a/keystoneclient/exceptions.py +++ b/keystoneclient/exceptions.py @@ -29,7 +29,7 @@ class EndpointNotFound(Exception): class EmptyCatalog(Exception): - """ The service catalog is empty. """ + """The service catalog is empty. """ pass diff --git a/keystoneclient/generic/client.py b/keystoneclient/generic/client.py index d2ac0db..d3e3ce1 100644 --- a/keystoneclient/generic/client.py +++ b/keystoneclient/generic/client.py @@ -47,12 +47,12 @@ class Client(client.HTTPClient): """ def __init__(self, endpoint=None, **kwargs): - """ Initialize a new client for the Keystone v2.0 API. """ + """Initialize a new client for the Keystone v2.0 API.""" super(Client, self).__init__(endpoint=endpoint, **kwargs) self.endpoint = endpoint def discover(self, url=None): - """ Discover Keystone servers and return API versions supported. + """Discover Keystone servers and return API versions supported. :param url: optional url to test (without version) @@ -74,11 +74,11 @@ class Client(client.HTTPClient): return self._local_keystone_exists() def _local_keystone_exists(self): - """ Checks if Keystone is available on default local port 35357 """ + """Checks if Keystone is available on default local port 35357.""" return self._check_keystone_versions("http://localhost:35357") def _check_keystone_versions(self, url): - """ Calls Keystone URL and detects the available API versions """ + """Calls Keystone URL and detects the available API versions.""" try: httpclient = client.HTTPClient() resp, body = httpclient.request(url, "GET", @@ -125,7 +125,7 @@ class Client(client.HTTPClient): _logger.exception(e) def discover_extensions(self, url=None): - """ Discover Keystone extensions supported. + """Discover Keystone extensions supported. :param url: optional url to test (should have a version in it) @@ -141,7 +141,7 @@ class Client(client.HTTPClient): return self._check_keystone_extensions(url) def _check_keystone_extensions(self, url): - """ Calls Keystone URL and detects the available extensions """ + """Calls Keystone URL and detects the available extensions.""" try: httpclient = client.HTTPClient() if not url.endswith("/"): @@ -184,7 +184,7 @@ class Client(client.HTTPClient): @staticmethod def _get_version_info(version, root_url): - """ Parses version information + """Parses version information. :param version: a dict of a Keystone version response :param root_url: string url used to construct @@ -203,7 +203,7 @@ class Client(client.HTTPClient): @staticmethod def _get_extension_info(extension): - """ Parses extension information + """Parses extension information. :param extension: a dict of a Keystone extension response :returns: tuple - (alias, name) diff --git a/keystoneclient/middleware/auth_token.py b/keystoneclient/middleware/auth_token.py index 89683e6..1b82cfa 100644 --- a/keystoneclient/middleware/auth_token.py +++ b/keystoneclient/middleware/auth_token.py @@ -226,7 +226,7 @@ CACHE_KEY_TEMPLATE = 'tokens/%s' def will_expire_soon(expiry): - """ Determines if expiration is about to occur. + """Determines if expiration is about to occur. :param expiry: a datetime of the expected expiration :returns: boolean : true if expiration is within 30 seconds @@ -382,7 +382,7 @@ class AuthProtocol(object): return CONF.keystone_authtoken[name] def _choose_api_version(self): - """ Determine the api version that we should use.""" + """Determine the api version that we should use.""" # If the configuration specifies an auth_version we will just # assume that is correct and use it. We could, of course, check @@ -896,7 +896,7 @@ class AuthProtocol(object): self.LOG.debug('Cached Token %s seems expired', token) def _cache_store(self, token, data): - """ Store value into memcache. + """Store value into memcache. data may be the string 'invalid' or a tuple like (data, expires) @@ -943,7 +943,7 @@ class AuthProtocol(object): return expires def _cache_put(self, token, data, expires): - """ Put token data into the cache. + """Put token data into the cache. Stores the parsed expire date in cache allowing quick check of token freshness on retrieval. diff --git a/keystoneclient/middleware/memcache_crypt.py b/keystoneclient/middleware/memcache_crypt.py index 6cadf3a..8062333 100755 --- a/keystoneclient/middleware/memcache_crypt.py +++ b/keystoneclient/middleware/memcache_crypt.py @@ -49,7 +49,7 @@ DIGEST_LENGTH_B64 = 4 * int(math.ceil(DIGEST_LENGTH / 3.0)) class InvalidMacError(Exception): - """ raise when unable to verify MACed data + """raise when unable to verify MACed data. This usually indicates that data had been expectedly modified in memcache. @@ -58,21 +58,21 @@ class InvalidMacError(Exception): class DecryptError(Exception): - """ raise when unable to decrypt encrypted data + """raise when unable to decrypt encrypted data. """ pass class CryptoUnavailableError(Exception): - """ raise when Python Crypto module is not available + """raise when Python Crypto module is not available. """ pass def assert_crypto_availability(f): - """ Ensure Crypto module is available. """ + """Ensure Crypto module is available.""" @functools.wraps(f) def wrapper(*args, **kwds): @@ -83,7 +83,7 @@ def assert_crypto_availability(f): def constant_time_compare(first, second): - """ Returns True if both string inputs are equal, otherwise False + """Returns True if both string inputs are equal, otherwise False. This function should take a constant amount of time regardless of how many characters in the strings match. @@ -98,7 +98,7 @@ def constant_time_compare(first, second): def derive_keys(token, secret, strategy): - """ Derives keys for MAC and ENCRYPTION from the user-provided + """Derives keys for MAC and ENCRYPTION from the user-provided secret. The resulting keys should be passed to the protect and unprotect functions. @@ -118,14 +118,14 @@ def derive_keys(token, secret, strategy): def sign_data(key, data): - """ Sign the data using the defined function and the derived key""" + """Sign the data using the defined function and the derived key""" mac = hmac.new(key, data, HASH_FUNCTION).digest() return base64.b64encode(mac) @assert_crypto_availability def encrypt_data(key, data): - """ Encrypt the data with the given secret key. + """Encrypt the data with the given secret key. Padding is n bytes of the value n, where 1 <= n <= blocksize. """ @@ -137,7 +137,7 @@ def encrypt_data(key, data): @assert_crypto_availability def decrypt_data(key, data): - """ Decrypt the data with the given secret key. """ + """Decrypt the data with the given secret key.""" iv = data[:16] cipher = AES.new(key, AES.MODE_CBC, iv) try: @@ -152,7 +152,7 @@ def decrypt_data(key, data): def protect_data(keys, data): - """ Given keys and serialized data, returns an appropriately + """Given keys and serialized data, returns an appropriately protected string suitable for storage in the cache. """ @@ -166,7 +166,7 @@ def protect_data(keys, data): def unprotect_data(keys, signed_data): - """ Given keys and cached string data, verifies the signature, + """Given keys and cached string data, verifies the signature, decrypts if necessary, and returns the original serialized data. """ @@ -195,7 +195,7 @@ def unprotect_data(keys, signed_data): def get_cache_key(keys): - """ Given keys generated by derive_keys(), returns a base64 + """Given keys generated by derive_keys(), returns a base64 encoded value suitable for use as a cache key in memcached. """ diff --git a/keystoneclient/v2_0/client.py b/keystoneclient/v2_0/client.py index 504945a..6b3190e 100644 --- a/keystoneclient/v2_0/client.py +++ b/keystoneclient/v2_0/client.py @@ -122,7 +122,7 @@ class Client(client.HTTPClient): """ def __init__(self, **kwargs): - """ Initialize a new client for the Keystone v2.0 API. """ + """Initialize a new client for the Keystone v2.0 API. """ super(Client, self).__init__(**kwargs) self.version = 'v2.0' self.endpoints = endpoints.EndpointManager(self) @@ -139,7 +139,7 @@ class Client(client.HTTPClient): self.authenticate() def process_token(self): - """ Extract and process information from the new auth_ref. + """Extract and process information from the new auth_ref. And set the relevant authentication information. """ @@ -170,7 +170,7 @@ class Client(client.HTTPClient): tenant_id=None, token=None, project_name=None, project_id=None, **kwargs): - """ Authenticate against the v2 Identity API. + """Authenticate against the v2 Identity API. :returns: (``resp``, ``body``) if authentication was successful. :raises: AuthorizationFailure if unable to authenticate or validate @@ -194,7 +194,7 @@ class Client(client.HTTPClient): def _base_authN(self, auth_url, username=None, password=None, tenant_name=None, tenant_id=None, token=None): - """ Takes a username, password, and optionally a tenant_id or + """Takes a username, password, and optionally a tenant_id or tenant_name to get an authentication token from keystone. May also take a token and a tenant_id to re-scope a token to a tenant.""" diff --git a/keystoneclient/v2_0/roles.py b/keystoneclient/v2_0/roles.py index 71f75ad..f2657d0 100644 --- a/keystoneclient/v2_0/roles.py +++ b/keystoneclient/v2_0/roles.py @@ -62,7 +62,7 @@ class RoleManager(base.ManagerWithFind): return self._list("/users/%s/roles" % user_id, "roles") def add_user_role(self, user, role, tenant=None): - """ Adds a role to a user. + """Adds a role to a user. If tenant is specified, the role is added just for that tenant, otherwise the role is added globally. @@ -78,7 +78,7 @@ class RoleManager(base.ManagerWithFind): return self._update(route % (user_id, role_id), None, "roles") def remove_user_role(self, user, role, tenant=None): - """ Removes a role from a user. + """Removes a role from a user. If tenant is specified, the role is removed just for that tenant, otherwise the role is removed from the user's global roles. diff --git a/keystoneclient/v2_0/tenants.py b/keystoneclient/v2_0/tenants.py index e15341d..380633c 100644 --- a/keystoneclient/v2_0/tenants.py +++ b/keystoneclient/v2_0/tenants.py @@ -140,17 +140,17 @@ class TenantManager(base.ManagerWithFind): return self._delete("/tenants/%s" % (base.getid(tenant))) def list_users(self, tenant): - """ List users for a tenant. """ + """List users for a tenant. """ return self.api.users.list(base.getid(tenant)) def add_user(self, tenant, user, role): - """ Add a user to a tenant with the given role. """ + """Add a user to a tenant with the given role. """ return self.api.roles.add_user_role(base.getid(user), base.getid(role), base.getid(tenant)) def remove_user(self, tenant, user, role): - """ Remove the specified role from the user on the tenant. """ + """Remove the specified role from the user on the tenant. """ return self.api.roles.remove_user_role(base.getid(user), base.getid(role), base.getid(tenant)) diff --git a/keystoneclient/v3/client.py b/keystoneclient/v3/client.py index 6c11ab1..971e67d 100644 --- a/keystoneclient/v3/client.py +++ b/keystoneclient/v3/client.py @@ -84,7 +84,7 @@ class Client(client.Client): """ def __init__(self, **kwargs): - """ Initialize a new client for the Keystone v3 API. """ + """Initialize a new client for the Keystone v3 API.""" super(Client, self).__init__(**kwargs) self.version = 'v3' @@ -102,7 +102,7 @@ class Client(client.Client): return json.dumps(entity, sort_keys=True) def process_token(self): - """ Extract and process information from the new auth_ref. + """Extract and process information from the new auth_ref. And set the relevant authentication information. """ @@ -126,7 +126,7 @@ class Client(client.Client): project_domain_id=None, project_domain_name=None, token=None, **kwargs): - """ Authenticate against the v3 Identity API. + """Authenticate against the v3 Identity API. :returns: (``resp``, ``body``) if authentication was successful. :raises: AuthorizationFailure if unable to authenticate or validate diff --git a/tests/test_auth_token_middleware.py b/tests/test_auth_token_middleware.py index 73779ac..c308aeb 100644 --- a/tests/test_auth_token_middleware.py +++ b/tests/test_auth_token_middleware.py @@ -368,7 +368,7 @@ VERSION_LIST_v2 = { class NoModuleFinder(object): - """ Disallow further imports of 'module' """ + """Disallow further imports of 'module'.""" def __init__(self, module): self.module = module @@ -433,7 +433,7 @@ class FakeHTTPResponse(object): class BaseFakeHTTPConnection(object): def _user_token_responses(self, token_id): - """ Emulate user token responses. + """Emulate user token responses. Return success if the token is in the list we know about. If the request is for revoked tokens, then return @@ -473,7 +473,7 @@ class BaseFakeHTTPConnection(object): class FakeHTTPConnection(BaseFakeHTTPConnection): - """ Emulate a fake Keystone v2 server """ + """Emulate a fake Keystone v2 server.""" def __init__(self, *args, **kwargs): self.send_valid_revocation_list = True @@ -519,7 +519,7 @@ class FakeHTTPConnection(BaseFakeHTTPConnection): class v3FakeHTTPConnection(FakeHTTPConnection): - """ Emulate a fake Keystone v3 server """ + """Emulate a fake Keystone v3 server.""" def request(self, method, path, **kwargs): """Fakes out several http responses. @@ -549,7 +549,7 @@ class v3FakeHTTPConnection(FakeHTTPConnection): class RaisingHTTPConnection(FakeHTTPConnection): - """ An HTTPConnection that always raises.""" + """An HTTPConnection that always raises.""" def request(self, method, path, **kwargs): raise AssertionError("HTTP request was called.") @@ -599,7 +599,7 @@ class v3FakeApp(object): class BaseAuthTokenMiddlewareTest(testtools.TestCase): - """ Base test class for auth_token middleware. + """Base test class for auth_token middleware. All the tests allow for running with auth_token configured for receiving v2 or v3 tokens, with the @@ -651,7 +651,7 @@ class BaseAuthTokenMiddlewareTest(testtools.TestCase): globals()[signed_list] = globals()[valid_signed_list] def set_fake_http(self, http_handler): - """ Configure the http handler for the auth_token middleware. + """Configure the http handler for the auth_token middleware. Allows tests to override the default handler on specific tests, e.g. to use v2 for those parts of auth_token that still use v2 @@ -663,7 +663,7 @@ class BaseAuthTokenMiddlewareTest(testtools.TestCase): def set_middleware(self, fake_app=None, fake_http=None, expected_env=None, conf=None): - """ Configure the class ready to call the auth_token middleware. + """Configure the class ready to call the auth_token middleware. Set up the various fake items needed to run the middleware. Individual tests that need to further refine these can call this @@ -1197,7 +1197,7 @@ class AuthTokenMiddlewareTest(BaseAuthTokenMiddlewareTest): class v2AuthTokenMiddlewareTest(BaseAuthTokenMiddlewareTest): - """ v2 token specific tests. + """v2 token specific tests. There are some differences between how the auth-token middleware handles v2 and v3 tokens over and above the token formats, namely: @@ -1256,7 +1256,7 @@ class v2AuthTokenMiddlewareTest(BaseAuthTokenMiddlewareTest): self.assertEqual(body, ['SUCCESS']) def test_valid_uuid_request_forced_to_2_0(self): - """ Test forcing auth_token to use lower api version. + """Test forcing auth_token to use lower api version. By installing the v3 http hander, auth_token will be get a version list that looks like a v3 server - from which it @@ -1294,7 +1294,7 @@ class v2AuthTokenMiddlewareTest(BaseAuthTokenMiddlewareTest): class v3AuthTokenMiddlewareTest(AuthTokenMiddlewareTest): - """ Test auth_token middleware with v3 tokens. + """Test auth_token middleware with v3 tokens. Re-execute the AuthTokenMiddlewareTest class tests, but with the the auth_token middleware configured to expect v3 tokens back from diff --git a/tests/utils.py b/tests/utils.py index e6b40e8..16eeecc 100644 --- a/tests/utils.py +++ b/tests/utils.py @@ -94,7 +94,7 @@ class TestCase(testtools.TestCase): class UnauthenticatedTestCase(testtools.TestCase): - """ Class used as base for unauthenticated calls """ + """Class used as base for unauthenticated calls.""" TEST_ROOT_URL = 'http://127.0.0.1:5000/' TEST_URL = '%s%s' % (TEST_ROOT_URL, 'v2.0') TEST_ROOT_ADMIN_URL = 'http://127.0.0.1:35357/' @@ -122,8 +122,9 @@ class UnauthenticatedTestCase(testtools.TestCase): class TestResponse(requests.Response): - """ Class used to wrap requests.Response and provide some - convenience to initialize with a dict """ + """Class used to wrap requests.Response and provide some + convenience to initialize with a dict. + """ def __init__(self, data): self._text = None diff --git a/tests/v3/utils.py b/tests/v3/utils.py index 13f7eda..7da8993 100644 --- a/tests/v3/utils.py +++ b/tests/v3/utils.py @@ -149,7 +149,7 @@ class TestCase(testtools.TestCase): class UnauthenticatedTestCase(testtools.TestCase): - """ Class used as base for unauthenticated calls """ + """Class used as base for unauthenticated calls """ TEST_ROOT_URL = 'http://127.0.0.1:5000/' TEST_URL = '%s%s' % (TEST_ROOT_URL, 'v3') TEST_ROOT_ADMIN_URL = 'http://127.0.0.1:35357/' @@ -364,8 +364,9 @@ class CrudTests(testtools.TestCase): class TestResponse(requests.Response): - """ Class used to wrap requests.Response and provide some - convenience to initialize with a dict """ + """Class used to wrap requests.Response and provide some + convenience to initialize with a dict. + """ def __init__(self, data): self._text = None @@ -35,11 +35,10 @@ downloadcache = ~/cache/pip # H302: import only modules # H304: no relative imports # H306: imports not in alphabetical order -# H401: docstring should not start with a space # H402: one line docstring needs punctuation. # H403: multi line docstring end on new line # H404: multi line docstring should start with a summary # H802: git commit title -ignore = F811,F821,F841,H201,H202,H302,H304,H306,H401,H402,H403,H404,H802 +ignore = F811,F821,F841,H201,H202,H302,H304,H306,H402,H403,H404,H802 show-source = True exclude = .venv,.tox,dist,doc,*egg |