diff options
author | Zuul <zuul@review.openstack.org> | 2018-03-29 01:37:15 +0000 |
---|---|---|
committer | Gerrit Code Review <review@openstack.org> | 2018-03-29 01:37:15 +0000 |
commit | bb6eeb84af49df81d7f7147655a0e0fb130b6895 (patch) | |
tree | b62438fa455410e6ce47fa64fb6a23503e2b5b8a | |
parent | 945285ae70ae65d570c5a197a713d6d967efef74 (diff) | |
parent | 29b085a1477d0db49cf85593de624308fc80e620 (diff) | |
download | swift-bb6eeb84af49df81d7f7147655a0e0fb130b6895.tar.gz |
Merge "Rename auth_details key from swift3 to s3api" into feature/s3api
-rw-r--r-- | swift/common/middleware/s3api/s3request.py | 4 | ||||
-rw-r--r-- | swift/common/middleware/s3api/s3token.py | 2 | ||||
-rw-r--r-- | swift/common/middleware/tempauth.py | 4 | ||||
-rw-r--r-- | test/unit/common/middleware/s3api/test_s3api.py | 4 | ||||
-rw-r--r-- | test/unit/common/middleware/s3api/test_s3request.py | 4 | ||||
-rw-r--r-- | test/unit/common/middleware/s3api/test_s3token.py | 46 | ||||
-rw-r--r-- | test/unit/common/middleware/test_tempauth.py | 6 |
7 files changed, 35 insertions, 35 deletions
diff --git a/swift/common/middleware/s3api/s3request.py b/swift/common/middleware/s3api/s3request.py index f51be1ce6..990404eaf 100644 --- a/swift/common/middleware/s3api/s3request.py +++ b/swift/common/middleware/s3api/s3request.py @@ -422,7 +422,7 @@ class S3Request(swob.Request): self._validate_headers() # Lock in string-to-sign now, before we start messing with query params self.string_to_sign = self._string_to_sign() - self.environ['swift3.auth_details'] = { + self.environ['s3api.auth_details'] = { 'access_key': self.access_key, 'signature': self.signature, 'string_to_sign': self.string_to_sign, @@ -1342,7 +1342,7 @@ class S3AclRequest(S3Request): # Need to skip S3 authorization on subsequent requests to prevent # overwriting the account in PATH_INFO del self.headers['Authorization'] - del self.environ['swift3.auth_details'] + del self.environ['s3api.auth_details'] def to_swift_req(self, method, container, obj, query=None, body=None, headers=None): diff --git a/swift/common/middleware/s3api/s3token.py b/swift/common/middleware/s3api/s3token.py index 0c7bdf1cb..0450ab679 100644 --- a/swift/common/middleware/s3api/s3token.py +++ b/swift/common/middleware/s3api/s3token.py @@ -228,7 +228,7 @@ class S3Token(object): return self._app(environ, start_response) # Read request signature and access id. - s3_auth_details = req.environ.get('swift3.auth_details') + s3_auth_details = req.environ.get('s3api.auth_details') if not s3_auth_details: msg = 'No authorization details from s3api. skipping.' self._logger.debug(msg) diff --git a/swift/common/middleware/tempauth.py b/swift/common/middleware/tempauth.py index 3c64090e9..27b7a111d 100644 --- a/swift/common/middleware/tempauth.py +++ b/swift/common/middleware/tempauth.py @@ -273,7 +273,7 @@ class TempAuth(object): return self.app(env, start_response) if env.get('PATH_INFO', '').startswith(self.auth_prefix): return self.handle(env, start_response) - s3 = env.get('swift3.auth_details') + s3 = env.get('s3api.auth_details') token = env.get('HTTP_X_AUTH_TOKEN', env.get('HTTP_X_STORAGE_TOKEN')) service_token = env.get('HTTP_X_SERVICE_TOKEN') if s3 or (token and token.startswith(self.reseller_prefix)): @@ -433,7 +433,7 @@ class TempAuth(object): if expires < time(): groups = None - s3_auth_details = env.get('swift3.auth_details') + s3_auth_details = env.get('s3api.auth_details') if s3_auth_details: if 'check_signature' not in s3_auth_details: self.logger.warning( diff --git a/test/unit/common/middleware/s3api/test_s3api.py b/test/unit/common/middleware/s3api/test_s3api.py index 6c3282722..209a53e4e 100644 --- a/test/unit/common/middleware/s3api/test_s3api.py +++ b/test/unit/common/middleware/s3api/test_s3api.py @@ -117,7 +117,7 @@ class TestS3ApiMiddleware(S3ApiTestCase): with patch('swift.common.middleware.s3api.s3request.' 'S3Request._validate_headers'): req = S3Request(env) - return req.environ['swift3.auth_details']['string_to_sign'] + return req.environ['s3api.auth_details']['string_to_sign'] def verify(hash, path, headers): s = canonical_string(path, headers) @@ -387,7 +387,7 @@ class TestS3ApiMiddleware(S3ApiTestCase): 'S3Request.check_signature') as mock_cs: status, headers, body = self.call_s3api(req) _, _, headers = self.swift.calls_with_headers[-1] - self.assertEqual(req.environ['swift3.auth_details'], { + self.assertEqual(req.environ['s3api.auth_details'], { 'access_key': 'test:tester', 'signature': 'hmac', 'string_to_sign': '\n'.join([ diff --git a/test/unit/common/middleware/s3api/test_s3request.py b/test/unit/common/middleware/s3api/test_s3request.py index 31e22a2ce..107312213 100644 --- a/test/unit/common/middleware/s3api/test_s3request.py +++ b/test/unit/common/middleware/s3api/test_s3request.py @@ -245,7 +245,7 @@ class TestRequest(S3ApiTestCase): m_swift_resp.return_value = FakeSwiftResponse() s3_req = S3AclRequest(req.environ, MagicMock()) - self.assertNotIn('swift3.auth_details', s3_req.environ) + self.assertNotIn('s3api.auth_details', s3_req.environ) self.assertNotIn('HTTP_AUTHORIZATION', s3_req.environ) self.assertNotIn('Authorization', s3_req.headers) self.assertEqual(s3_req.token, 'token') @@ -264,7 +264,7 @@ class TestRequest(S3ApiTestCase): m_swift_resp.return_value = FakeSwiftResponse() s3_req = S3AclRequest(req.environ, MagicMock()) sw_req = s3_req.to_swift_req(method, container, obj) - self.assertNotIn('swift3.auth_details', sw_req.environ) + self.assertNotIn('s3api.auth_details', sw_req.environ) self.assertNotIn('HTTP_AUTHORIZATION', sw_req.environ) self.assertNotIn('Authorization', sw_req.headers) self.assertEqual(sw_req.headers['X-Auth-Token'], 'token') diff --git a/test/unit/common/middleware/s3api/test_s3token.py b/test/unit/common/middleware/s3api/test_s3token.py index 7505ac091..747c1728d 100644 --- a/test/unit/common/middleware/s3api/test_s3token.py +++ b/test/unit/common/middleware/s3api/test_s3token.py @@ -229,7 +229,7 @@ class S3TokenMiddlewareTestGood(S3TokenMiddlewareTestBase): def test_authorized(self): req = Request.blank('/v1/AUTH_cfa/c/o') - req.environ['swift3.auth_details'] = { + req.environ['s3api.auth_details'] = { 'access_key': u'access', 'signature': u'signature', 'string_to_sign': u'token', @@ -245,7 +245,7 @@ class S3TokenMiddlewareTestGood(S3TokenMiddlewareTestBase): json=resp) req = Request.blank('/v1/AUTH_cfa/c/o') - req.environ['swift3.auth_details'] = { + req.environ['s3api.auth_details'] = { 'access_key': u'access', 'signature': u'signature', 'string_to_sign': u'token', @@ -255,7 +255,7 @@ class S3TokenMiddlewareTestGood(S3TokenMiddlewareTestBase): def test_authorized_bytes(self): req = Request.blank('/v1/AUTH_cfa/c/o') - req.environ['swift3.auth_details'] = { + req.environ['s3api.auth_details'] = { 'access_key': b'access', 'signature': b'signature', 'string_to_sign': b'token', @@ -276,7 +276,7 @@ class S3TokenMiddlewareTestGood(S3TokenMiddlewareTestBase): 'auth_host': host, 'auth_port': port})(self.app)) req = Request.blank('/v1/AUTH_cfa/c/o') - req.environ['swift3.auth_details'] = { + req.environ['s3api.auth_details'] = { 'access_key': u'access', 'signature': u'signature', 'string_to_sign': u'token', @@ -298,7 +298,7 @@ class S3TokenMiddlewareTestGood(S3TokenMiddlewareTestBase): 'auth_port': port, 'auth_version': '3'})(self.app)) req = Request.blank('/v1/AUTH_cfa/c/o') - req.environ['swift3.auth_details'] = { + req.environ['s3api.auth_details'] = { 'access_key': u'access', 'signature': u'signature', 'string_to_sign': u'token', @@ -310,7 +310,7 @@ class S3TokenMiddlewareTestGood(S3TokenMiddlewareTestBase): self.middleware = s3token.filter_factory({ 'auth_uri': self.TEST_AUTH_URI + '/'})(self.app) req = Request.blank('/v1/AUTH_cfa/c/o') - req.environ['swift3.auth_details'] = { + req.environ['s3api.auth_details'] = { 'access_key': u'access', 'signature': u'signature', 'string_to_sign': u'token', @@ -320,7 +320,7 @@ class S3TokenMiddlewareTestGood(S3TokenMiddlewareTestBase): def test_authorization_nova_toconnect(self): req = Request.blank('/v1/AUTH_swiftint/c/o') - req.environ['swift3.auth_details'] = { + req.environ['s3api.auth_details'] = { 'access_key': u'access:FORCED_TENANT_ID', 'signature': u'signature', 'string_to_sign': u'token', @@ -339,7 +339,7 @@ class S3TokenMiddlewareTestGood(S3TokenMiddlewareTestBase): 'text': text_return_value}) req = Request.blank('/v1/AUTH_cfa/c/o') - req.environ['swift3.auth_details'] = { + req.environ['s3api.auth_details'] = { 'access_key': u'access', 'signature': u'signature', 'string_to_sign': u'token', @@ -435,7 +435,7 @@ class S3TokenMiddlewareTestGood(S3TokenMiddlewareTestBase): 'text': json.dumps(GOOD_RESPONSE_V2)}) req = Request.blank('/v1/AUTH_cfa/c/o') - req.environ['swift3.auth_details'] = { + req.environ['s3api.auth_details'] = { 'access_key': u'access', 'signature': u'signature', 'string_to_sign': u'token', @@ -519,7 +519,7 @@ class S3TokenMiddlewareTestGood(S3TokenMiddlewareTestBase): def test_unicode_path(self): url = u'/v1/AUTH_cfa/c/euro\u20ac'.encode('utf8') req = Request.blank(urllib.parse.quote(url)) - req.environ['swift3.auth_details'] = { + req.environ['s3api.auth_details'] = { 'access_key': u'access', 'signature': u'signature', 'string_to_sign': u'token', @@ -536,7 +536,7 @@ class S3TokenMiddlewareTestBad(S3TokenMiddlewareTestBase): "title": "Unauthorized"}} self.requests_mock.post(self.TEST_URL, status_code=403, json=ret) req = Request.blank('/v1/AUTH_cfa/c/o') - req.environ['swift3.auth_details'] = { + req.environ['s3api.auth_details'] = { 'access_key': u'access', 'signature': u'signature', 'string_to_sign': u'token', @@ -570,7 +570,7 @@ class S3TokenMiddlewareTestBad(S3TokenMiddlewareTestBase): o.side_effect = s3_invalid_resp req = Request.blank('/v1/AUTH_cfa/c/o') - req.environ['swift3.auth_details'] = { + req.environ['s3api.auth_details'] = { 'access_key': u'access', 'signature': u'signature', 'string_to_sign': u'token', @@ -588,7 +588,7 @@ class S3TokenMiddlewareTestBad(S3TokenMiddlewareTestBase): text=response_body) req = Request.blank('/v1/AUTH_cfa/c/o') - req.environ['swift3.auth_details'] = { + req.environ['s3api.auth_details'] = { 'access_key': u'access', 'signature': u'signature', 'string_to_sign': u'token', @@ -658,7 +658,7 @@ class S3TokenMiddlewareTestDeferredAuth(S3TokenMiddlewareTestBase): "title": "Unauthorized"}} self.requests_mock.post(self.TEST_URL, status_code=403, json=ret) req = Request.blank('/v1/AUTH_cfa/c/o') - req.environ['swift3.auth_details'] = { + req.environ['s3api.auth_details'] = { 'access_key': u'access', 'signature': u'signature', 'string_to_sign': u'token', @@ -682,7 +682,7 @@ class S3TokenMiddlewareTestDeferredAuth(S3TokenMiddlewareTestBase): o.side_effect = self.middleware._deny_request('InvalidURI') req = Request.blank('/v1/AUTH_cfa/c/o') - req.environ['swift3.auth_details'] = { + req.environ['s3api.auth_details'] = { 'access_key': u'access', 'signature': u'signature', 'string_to_sign': u'token', @@ -700,7 +700,7 @@ class S3TokenMiddlewareTestDeferredAuth(S3TokenMiddlewareTestBase): text="<badreply>") req = Request.blank('/v1/AUTH_cfa/c/o') - req.environ['swift3.auth_details'] = { + req.environ['s3api.auth_details'] = { 'access_key': u'access', 'signature': u'signature', 'string_to_sign': u'token', @@ -749,7 +749,7 @@ class S3TokenMiddlewareTestV3(S3TokenMiddlewareTestBase): def test_authorized(self): req = Request.blank('/v1/AUTH_cfa/c/o') - req.environ['swift3.auth_details'] = { + req.environ['s3api.auth_details'] = { 'access_key': u'access', 'signature': u'signature', 'string_to_sign': u'token', @@ -759,7 +759,7 @@ class S3TokenMiddlewareTestV3(S3TokenMiddlewareTestBase): def test_authorized_bytes(self): req = Request.blank('/v1/AUTH_cfa/c/o') - req.environ['swift3.auth_details'] = { + req.environ['s3api.auth_details'] = { 'access_key': b'access', 'signature': b'signature', 'string_to_sign': b'token', @@ -780,7 +780,7 @@ class S3TokenMiddlewareTestV3(S3TokenMiddlewareTestBase): 'auth_host': host, 'auth_port': port})(self.app)) req = Request.blank('/v1/AUTH_cfa/c/o') - req.environ['swift3.auth_details'] = { + req.environ['s3api.auth_details'] = { 'access_key': u'access', 'signature': u'signature', 'string_to_sign': u'token', @@ -802,7 +802,7 @@ class S3TokenMiddlewareTestV3(S3TokenMiddlewareTestBase): 'auth_port': port, 'auth_version': '3'})(self.app)) req = Request.blank('/v1/AUTH_cfa/c/o') - req.environ['swift3.auth_details'] = { + req.environ['s3api.auth_details'] = { 'access_key': u'access', 'signature': u'signature', 'string_to_sign': u'token', @@ -814,7 +814,7 @@ class S3TokenMiddlewareTestV3(S3TokenMiddlewareTestBase): self.middleware = s3token.filter_factory({ 'auth_uri': self.TEST_AUTH_URI + '/'})(self.app) req = Request.blank('/v1/AUTH_cfa/c/o') - req.environ['swift3.auth_details'] = { + req.environ['s3api.auth_details'] = { 'access_key': u'access', 'signature': u'signature', 'string_to_sign': u'token', @@ -824,7 +824,7 @@ class S3TokenMiddlewareTestV3(S3TokenMiddlewareTestBase): def test_authorization_nova_toconnect(self): req = Request.blank('/v1/AUTH_swiftint/c/o') - req.environ['swift3.auth_details'] = { + req.environ['s3api.auth_details'] = { 'access_key': u'access:FORCED_TENANT_ID', 'signature': u'signature', 'string_to_sign': u'token', @@ -843,7 +843,7 @@ class S3TokenMiddlewareTestV3(S3TokenMiddlewareTestBase): text=json.dumps(resp)) req = Request.blank('/v1/AUTH_cfa/c/o') - req.environ['swift3.auth_details'] = { + req.environ['s3api.auth_details'] = { 'access_key': u'access', 'signature': u'signature', 'string_to_sign': u'token', diff --git a/test/unit/common/middleware/test_tempauth.py b/test/unit/common/middleware/test_tempauth.py index 03fd84b7f..2f85c47f8 100644 --- a/test/unit/common/middleware/test_tempauth.py +++ b/test/unit/common/middleware/test_tempauth.py @@ -269,7 +269,7 @@ class TestAuth(unittest.TestCase): local_auth = auth.filter_factory( {'user_s3_s3': 'secret .admin'})(local_app) req = self._make_request('/v1/s3:s3', environ={ - 'swift3.auth_details': { + 's3api.auth_details': { 'access_key': 's3:s3', 'signature': b64encode('sig'), 'string_to_sign': 't', @@ -287,7 +287,7 @@ class TestAuth(unittest.TestCase): local_auth = auth.filter_factory( {'user_s3_s3': 'secret .admin'})(local_app) req = self._make_request('/v1/s3:s3', environ={ - 'swift3.auth_details': { + 's3api.auth_details': { 'access_key': 's3:s3', 'signature': b64encode('sig'), 'string_to_sign': 't', @@ -305,7 +305,7 @@ class TestAuth(unittest.TestCase): local_auth = auth.filter_factory( {'user_s3_s3': 'secret .admin'})(local_app) req = self._make_request('/v1/s3:s3', environ={ - 'swift3.auth_details': { + 's3api.auth_details': { 'access_key': 's3:s3', 'signature': b64encode('sig'), 'string_to_sign': 't'}}) |