diff options
author | Dolph Mathews <dolph.mathews@gmail.com> | 2014-08-20 15:18:22 -0500 |
---|---|---|
committer | Dolph Mathews <dolph.mathews@gmail.com> | 2014-08-20 21:29:06 -0500 |
commit | 52727bcea3a98e72331e748ce5f9e3a111a64cd1 (patch) | |
tree | 4e88066fc188325f9e21ce30ea21285f262bd373 | |
parent | 9c400a7da08d14562a616357a220daa5b5df852d (diff) | |
download | pycadf-52727bcea3a98e72331e748ce5f9e3a111a64cd1.tar.gz |
add federated credential0.6.0
This is in support of bp audit-support-for-federation in Keystone.
Change-Id: Ibba203b4131a46fcfd7cc1e54b480b9c1392fe83
Closes-Bug: 1359495
-rw-r--r-- | pycadf/credential.py | 48 | ||||
-rw-r--r-- | pycadf/tests/test_cadf_spec.py | 15 |
2 files changed, 60 insertions, 3 deletions
diff --git a/pycadf/credential.py b/pycadf/credential.py index e6e045d..45e2789 100644 --- a/pycadf/credential.py +++ b/pycadf/credential.py @@ -26,8 +26,16 @@ CRED_KEYNAMES = [CRED_KEYNAME_TYPE, CRED_KEYNAME_TOKEN] -class Credential(cadftype.CADFAbstractType): +FED_CRED_KEYNAME_IDENTITY_PROVIDER = "identity_provider" +FED_CRED_KEYNAME_USER = "user" +FED_CRED_KEYNAME_GROUPS = "groups" + +FED_CRED_KEYNAMES = CRED_KEYNAMES + [FED_CRED_KEYNAME_IDENTITY_PROVIDER, + FED_CRED_KEYNAME_USER, + FED_CRED_KEYNAME_GROUPS] + +class Credential(cadftype.CADFAbstractType): type = cadftype.ValidatorDescriptor( CRED_KEYNAME_TYPE, lambda x: isinstance(x, six.string_types)) @@ -51,7 +59,41 @@ class Credential(cadftype.CADFAbstractType): # TODO(mrutkows): validate this cadf:Credential type against schema def is_valid(self): - """Validation to ensure Credential required attributes are set. - """ + """Validation to ensure Credential required attributes are set.""" # TODO(mrutkows): validate specific attribute type/format return self._isset(CRED_KEYNAME_TOKEN) + + +class FederatedCredential(Credential): + identity_provider = cadftype.ValidatorDescriptor( + FED_CRED_KEYNAME_IDENTITY_PROVIDER, + lambda x: isinstance(x, six.string_types)) + user = cadftype.ValidatorDescriptor( + FED_CRED_KEYNAME_USER, + lambda x: isinstance(x, six.string_types)) + groups = cadftype.ValidatorDescriptor( + FED_CRED_KEYNAME_GROUPS, + lambda x: isinstance(x, list)) + + def __init__(self, token, type, identity_provider, user, groups): + super(FederatedCredential, self).__init__( + token=token, + type=type) + + # FederatedCredential.identity_provider + setattr(self, FED_CRED_KEYNAME_IDENTITY_PROVIDER, identity_provider) + + # FederatedCredential.user + setattr(self, FED_CRED_KEYNAME_USER, user) + + # FederatedCredential.groups + setattr(self, FED_CRED_KEYNAME_GROUPS, groups) + + def is_valid(self): + """Validation to ensure Credential required attributes are set.""" + return ( + super(FederatedCredential, self).is_valid() + and self._isset(CRED_KEYNAME_TYPE) + and self._isset(FED_CRED_KEYNAME_IDENTITY_PROVIDER) + and self._isset(FED_CRED_KEYNAME_USER) + and self._isset(FED_CRED_KEYNAME_GROUPS)) diff --git a/pycadf/tests/test_cadf_spec.py b/pycadf/tests/test_cadf_spec.py index 68761a4..577f429 100644 --- a/pycadf/tests/test_cadf_spec.py +++ b/pycadf/tests/test_cadf_spec.py @@ -59,6 +59,21 @@ class TestCADFSpec(base.TestCase): for key in credential.CRED_KEYNAMES: self.assertIn(key, dict_cred) + def test_federated_credential(self): + cred = credential.FederatedCredential( + token=identifier.generate_uuid(), + type='http://docs.oasis-open.org/security/saml/v2.0', + identity_provider=identifier.generate_uuid(), + user=identifier.generate_uuid(), + groups=[ + identifier.generate_uuid(), + identifier.generate_uuid(), + identifier.generate_uuid()]) + self.assertEqual(cred.is_valid(), True) + dict_cred = cred.as_dict() + for key in credential.FED_CRED_KEYNAMES: + self.assertIn(key, dict_cred) + def test_geolocation(self): geo = geolocation.Geolocation(id=identifier.generate_uuid(), latitude='43.6481 N', |