diff options
author | Charles Hsu <charles0126@gmail.com> | 2019-12-18 00:32:36 +0800 |
---|---|---|
committer | Charles Hsu <charles0126@gmail.com> | 2020-04-16 12:41:04 +0800 |
commit | 02b637cdca6963e8dcab5170422347df99606f92 (patch) | |
tree | e245ccc06d484fbc6981deff47cf3f50018d8d52 /test/unit/test_swiftclient.py | |
parent | c36616292fa27d5da956d58fcb20470e04fd9946 (diff) | |
download | python-swiftclient-02b637cdca6963e8dcab5170422347df99606f92.tar.gz |
Support v3 application credentials auth.
Use keystoneauth1 application credential plugin and session to fetch
a token and endpoint catalog url.
$ swift --os-auth-url http://172.16.1.2:5000/v3 --auth-version 3\
--os-application-credential-id THE_ID \
--os-application-credential-secret THE_SECRET \
--os-auth-type v3applicationcredential auth
Change-Id: I9190e5e7e24b6a741970fa0d0ac792deccf73d25
Closes-Bug: 1843901
Closes-Bug: 1856635
Diffstat (limited to 'test/unit/test_swiftclient.py')
-rw-r--r-- | test/unit/test_swiftclient.py | 57 |
1 files changed, 57 insertions, 0 deletions
diff --git a/test/unit/test_swiftclient.py b/test/unit/test_swiftclient.py index 2d45deb..7354bdc 100644 --- a/test/unit/test_swiftclient.py +++ b/test/unit/test_swiftclient.py @@ -562,6 +562,63 @@ class TestGetAuth(MockHttpTest): self.assertTrue(url.startswith("http")) self.assertTrue(token) + def test_auth_v3applicationcredential(self): + from keystoneauth1 import exceptions as ksauthexceptions + + os_options = { + "auth_type": "v3applicationcredential", + "application_credential_id": "proejct_id", + "application_credential_secret": "secret"} + + class FakeEndpointData(object): + catalog_url = 'http://swift.cluster/v1/KEY_project_id' + + class FakeKeystoneuth1v3Session(object): + + def __init__(self, auth): + self.auth = auth + self.token = 'token' + + def get_token(self): + if self.auth.auth_url == 'http://keystone:5000/v3': + return self.token + elif self.auth.auth_url == 'http://keystone:9000/v3': + raise ksauthexceptions.AuthorizationFailure + else: + raise ksauthexceptions.Unauthorized + + def get_endpoint_data(self, service_type, endpoint_type, **kwargs): + return FakeEndpointData() + + mock_sess = FakeKeystoneuth1v3Session + with mock.patch('keystoneauth1.session.Session', mock_sess): + url, token = c.get_auth('http://keystone:5000', '', '', + os_options=os_options, + auth_version="3") + + self.assertTrue(url.startswith("http")) + self.assertEqual(url, 'http://swift.cluster/v1/KEY_project_id') + self.assertEqual(token, 'token') + + with mock.patch('keystoneauth1.session.Session', mock_sess): + with self.assertRaises(c.ClientException) as exc_mgr: + url, token = c.get_auth('http://keystone:9000', '', '', + os_options=os_options, + auth_version="3") + + body = 'Unauthorized. Check application credential id and secret.' + body = 'Authorization Failure. Cannot authorize API client.' + self.assertEqual(exc_mgr.exception.__str__()[-89:], body) + + with mock.patch('keystoneauth1.session.Session', mock_sess): + with self.assertRaises(c.ClientException) as exc_mgr: + url, token = c.get_auth('http://keystone:5000', '', '', + os_options=os_options, + auth_version="2") + + body = 'Unauthorized. Check application credential id and secret.' + self.assertEqual(exc_mgr.exception.__str__()[-89:], body) + def test_get_keystone_client_2_0(self): # check the correct auth version is passed to get_auth_keystone os_options = {'tenant_name': 'asdf'} |