diff options
| author | Jenkins <jenkins@review.openstack.org> | 2012-01-25 21:47:49 +0000 |
|---|---|---|
| committer | Gerrit Code Review <review@openstack.org> | 2012-01-25 21:47:49 +0000 |
| commit | b65382614e84aee2ff187120c0512aa7660ebe4e (patch) | |
| tree | c66fa007102d0cebf51b45d20b2a9c03caab682b | |
| parent | a86a661b2900379139c363dae22aec50c5906da7 (diff) | |
| parent | 2efd3117bd8103f16bf561873deaa5210db257cb (diff) | |
Merge "Test coverage for issue described in bug 919335"
| -rw-r--r-- | keystone/test/functional/test_auth.py | 58 |
1 files changed, 58 insertions, 0 deletions
diff --git a/keystone/test/functional/test_auth.py b/keystone/test/functional/test_auth.py index 145f049e..661901fd 100644 --- a/keystone/test/functional/test_auth.py +++ b/keystone/test/functional/test_auth.py @@ -93,6 +93,64 @@ class TestServiceAuthentication(common.FunctionalTestCase): self.create_endpoint_for_tenant(self.tenant['id'], self.endpoint_templates['id']) + def test_authenticate_twice(self): + """Authenticating twice in a row should not result in a new token + + The original token should not have expired and should be provided again + """ + first_token = self.post_token(as_json={ + 'auth': { + 'passwordCredentials': { + 'username': self.user['name'], + 'password': self.user['password']}}}).\ + json['access']['token']['id'] + + second_token = self.post_token(as_json={ + 'auth': { + 'passwordCredentials': { + 'username': self.user['name'], + 'password': self.user['password']}}}).\ + json['access']['token']['id'] + + self.assertEqual(first_token, second_token) + + def test_authenticate_twice_for_tenant(self): + """Authenticating twice in a row should not result in a new token + + The original token should not have expired and should be provided again + """ + # Additonal setUp + role = self.create_role().json['role'] + self.grant_role_to_user(self.user['id'], role['id'], self.tenant['id']) + + self.service_token = self.post_token(as_json={ + 'auth': { + 'passwordCredentials': { + 'username': self.user['name'], + 'password': self.user['password']}}}).\ + json['access']['token']['id'] + + tenant = self.service_request(method='GET', path='/tenants').\ + json['tenants'][0] + + first_token = self.post_token(as_json={ + 'auth': { + 'passwordCredentials': { + 'username': self.user['name'], + 'password': self.user['password']}, + 'tenantId': tenant['id']}}).json['access']['token']['id'] + + second_token = self.post_token(as_json={ + 'auth': { + 'passwordCredentials': { + 'username': self.user['name'], + 'password': self.user['password']}, + 'tenantId': tenant['id']}}).json['access']['token']['id'] + + # unscoped token should be different than the two scoped tokens + self.assertNotEqual(self.service_token, first_token) + self.assertEqual(first_token, second_token) + def test_unscoped_user_auth(self): """Admin should be able to validate a user's token""" # Authenticate as user to get a token |