diff options
| author | Jenkins <jenkins@review.openstack.org> | 2011-09-28 01:15:32 +0000 |
|---|---|---|
| committer | Gerrit Code Review <review@openstack.org> | 2011-09-28 01:15:32 +0000 |
| commit | 661d1a0af757f6b83bc1d8712e45015c73dccc49 (patch) | |
| tree | 095e8a477cc32a32cd2f84583f147bced29a25f4 | |
| parent | da0a47c27eeea33b9ec787148d6fa2fa62fc36f2 (diff) | |
| parent | fd1e7306f39b04a2b08d7c1992c6d21746248c09 (diff) | |
Merge "Changes to support authenticate call to accept token as per agreed format."
| -rwxr-xr-x | keystone/logic/types/auth.py | 19 | ||||
| -rw-r--r-- | keystone/test/functional/test_auth.py | 14 |
2 files changed, 22 insertions, 11 deletions
diff --git a/keystone/logic/types/auth.py b/keystone/logic/types/auth.py index b6022c11..684f48e7 100755 --- a/keystone/logic/types/auth.py +++ b/keystone/logic/types/auth.py @@ -34,13 +34,16 @@ class AuthWithUnscopedToken(object): "auth") if root == None: raise fault.BadRequestFault("Expecting auth") - - token_id = root.get("tokenId") - tenant_id = root.get("tenantId") - + token = \ + root.find("{http://docs.openstack.org/identity/api/v2.0}" + "token") + if token is None: + raise fault.BadRequestFault("Expecting token") + token_id = token.get("id") if token_id is None: raise fault.BadRequestFault("Expecting a token id") + tenant_id = root.get("tenantId") if tenant_id is None: raise fault.BadRequestFault("Expecting a tenant id") @@ -52,16 +55,18 @@ class AuthWithUnscopedToken(object): def from_json(json_str): try: obj = json.loads(json_str) - if not obj.get("auth"): raise fault.BadRequestFault("Expecting auth") - if not obj['auth'].get("tokenId"): + if not "token" in obj.get("auth"): + raise fault.BadRequestFault("Expecting token") + token = obj['auth']['token'] + if not token.get("id"): raise fault.BadRequestFault("Expecting token id") if not obj['auth'].get("tenantId"): raise fault.BadRequestFault("Expecting tenant id") tenant_id = obj["auth"]["tenantId"] - token_id = obj["auth"]["tokenId"] + token_id = obj["auth"]["token"]["id"] return AuthWithUnscopedToken(token_id, tenant_id) except (ValueError, TypeError) as e: diff --git a/keystone/test/functional/test_auth.py b/keystone/test/functional/test_auth.py index de954176..37830632 100644 --- a/keystone/test/functional/test_auth.py +++ b/keystone/test/functional/test_auth.py @@ -39,7 +39,9 @@ class TestAdminAuthenticationNegative(common.FunctionalTestCase): # Try to authenticate for this tenant access = self.post_token(as_json={ 'auth': { - 'tokenId': self.admin_token, + 'token': { + 'id': self.admin_token + }, 'tenantId': tenant['id']}}).json['access'] self.assertEqual(access['token']['tenant']['id'], tenant['id']) @@ -51,8 +53,10 @@ class TestAdminAuthenticationNegative(common.FunctionalTestCase): # Try (and fail) to authenticate for this tenant self.post_token(as_json={ 'auth': { - 'tokenId': self.admin_token, - 'tenantId': tenant['id']}}, assert_status=401) + 'token': { + 'id': self.admin_token + }, + 'tenantId': tenant['id']}}, assert_status=401) def test_service_token_as_admin_token(self): """Admin actions should fail for mere service tokens""" @@ -141,7 +145,9 @@ class TestServiceAuthentication(common.FunctionalTestCase): # We can now get a token scoped to our tenant scoped = self.post_token(as_json={ 'auth': { - 'tokenId': unscoped['token']['id'], + 'token': { + 'id': unscoped['token']['id'] + }, 'tenantId': tenant['id']}}).json['access'] self.assertEqual(scoped['token']['tenant']['id'], tenant['id']) |