diff options
author | Marek Denis <marek.denis@cern.ch> | 2014-09-12 17:24:59 +0200 |
---|---|---|
committer | Steve Martinelli <stevemar@ca.ibm.com> | 2014-09-17 15:46:49 -0400 |
commit | 7006f9b0088eb1828f4da24b62e306b37eef79d2 (patch) | |
tree | 789acbf1a5da4fd4e6ee0a546e8032b5e165d98a /keystoneclient/fixture | |
parent | 3305c7be4b726de4dcc889006d0be30eb46d3ad9 (diff) | |
download | python-keystoneclient-7006f9b0088eb1828f4da24b62e306b37eef79d2.tar.gz |
Handle federated tokens
Federated tokens don't include domains in the user object.
Keystoneclient should be able to estimate whether the token is a
federated one and, if so, don't expect user domain information.
In case of the federated token keystoneclient returns None in response
to user_domain_name and user_domain_id calls.
Co-Authored-By: Steve Martinelli <stevemar@ca.ibm.com>
Closes-Bug: #1346820
Change-Id: I3453275fa1b0a41b1c015b0c3a92895a77d69a41
Diffstat (limited to 'keystoneclient/fixture')
-rw-r--r-- | keystoneclient/fixture/__init__.py | 2 | ||||
-rw-r--r-- | keystoneclient/fixture/v3.py | 28 |
2 files changed, 30 insertions, 0 deletions
diff --git a/keystoneclient/fixture/__init__.py b/keystoneclient/fixture/__init__.py index faece1e..ad93704 100644 --- a/keystoneclient/fixture/__init__.py +++ b/keystoneclient/fixture/__init__.py @@ -25,6 +25,7 @@ from keystoneclient.fixture.discovery import * # noqa from keystoneclient.fixture.exception import FixtureValidationError # noqa from keystoneclient.fixture.v2 import Token as V2Token # noqa from keystoneclient.fixture.v3 import Token as V3Token # noqa +from keystoneclient.fixture.v3 import V3FederationToken # noqa __all__ = ['DiscoveryList', 'FixtureValidationError', @@ -32,4 +33,5 @@ __all__ = ['DiscoveryList', 'V3Discovery', 'V2Token', 'V3Token', + 'V3FederationToken', ] diff --git a/keystoneclient/fixture/v3.py b/keystoneclient/fixture/v3.py index 18286e3..e40b314 100644 --- a/keystoneclient/fixture/v3.py +++ b/keystoneclient/fixture/v3.py @@ -352,3 +352,31 @@ class Token(dict): def set_oauth(self, access_token_id=None, consumer_id=None): self.oauth_access_token_id = access_token_id or uuid.uuid4().hex self.oauth_consumer_id = consumer_id or uuid.uuid4().hex + + +class V3FederationToken(Token): + """A V3 Keystone Federation token that can be used for testing. + + Similar to V3Token, this object is designed to allow clients to generate + a correct V3 federation token for use in test code. + """ + + def __init__(self, methods=None, identity_provider=None, protocol=None, + groups=None): + methods = methods or ['saml2'] + super(V3FederationToken, self).__init__(methods=methods) + # NOTE(stevemar): Federated tokens do not have a domain for the user + del self._user['domain'] + self.add_federation_info_to_user(identity_provider, protocol, groups) + + def add_federation_info_to_user(self, identity_provider=None, + protocol=None, groups=None): + data = { + "OS-FEDERATION": { + "identity_provider": identity_provider or uuid.uuid4().hex, + "protocol": protocol or uuid.uuid4().hex, + "groups": groups or [{"id": uuid.uuid4().hex}] + } + } + self._user.update(data) + return data |