diff options
| author | Fabio Giannetti <fabio.giannetti@hp.com> | 2013-06-15 22:29:21 -0700 |
|---|---|---|
| committer | Jamie Lennox <jamielennox@gmail.com> | 2013-07-17 15:21:33 +1000 |
| commit | 53a03b53e7541367c07df6d4f6739173330f5353 (patch) | |
| tree | 824f746b82e155da13e23b4a3c6425467ce63fa9 /tests/test_v3_auth.py | |
| parent | f6d929db964695a721461ba1116770092a7ba36d (diff) | |
| download | keystone-53a03b53e7541367c07df6d4f6739173330f5353.tar.gz keystone-53a03b53e7541367c07df6d4f6739173330f5353.tar.xz keystone-53a03b53e7541367c07df6d4f6739173330f5353.zip | |
Implemented token creation without catalog response.
Modified the token_factory to create token responses with
or without the catalog entry.
blueprint catalog-optional
Change-Id: Icdc4400f08f4619a19e44129c78240800a3a1e75
Diffstat (limited to 'tests/test_v3_auth.py')
| -rw-r--r-- | tests/test_v3_auth.py | 39 |
1 files changed, 39 insertions, 0 deletions
diff --git a/tests/test_v3_auth.py b/tests/test_v3_auth.py index 7255d3fc..19d6adaa 100644 --- a/tests/test_v3_auth.py +++ b/tests/test_v3_auth.py @@ -845,6 +845,45 @@ class TestAuthJSON(test_v3.RestfulTestCase): self.assertValidProjectScopedTokenResponse(r) self.assertEqual(r.result['token']['project']['id'], project['id']) + def test_default_project_id_scoped_token_with_user_id_no_catalog(self): + # create a second project to work with + ref = self.new_project_ref(domain_id=self.domain_id) + r = self.post('/projects', body={'project': ref}) + project = self.assertValidProjectResponse(r, ref) + + # grant the user a role on the project + self.put( + '/projects/%(project_id)s/users/%(user_id)s/roles/%(role_id)s' % { + 'user_id': self.user['id'], + 'project_id': project['id'], + 'role_id': self.role['id']}) + + # set the user's preferred project + body = {'user': {'default_project_id': project['id']}} + r = self.patch('/users/%(user_id)s' % { + 'user_id': self.user['id']}, + body=body) + self.assertValidUserResponse(r) + + # attempt to authenticate without requesting a project + auth_data = self.build_authentication_request( + user_id=self.user['id'], + password=self.user['password']) + r = self.post('/auth/tokens?nocatalog', body=auth_data) + self.assertValidProjectScopedTokenResponse(r, require_catalog=False) + self.assertEqual(r.result['token']['project']['id'], project['id']) + + def test_implicit_project_id_scoped_token_with_user_id_no_catalog(self): + # attempt to authenticate without requesting a project + auth_data = self.build_authentication_request( + user_id=self.user['id'], + password=self.user['password'], + project_id=self.project['id']) + r = self.post('/auth/tokens?nocatalog', body=auth_data) + self.assertValidProjectScopedTokenResponse(r, require_catalog=False) + self.assertEqual(r.result['token']['project']['id'], + self.project['id']) + def test_default_project_id_scoped_token_with_user_id_401(self): # create a second project to work with ref = self.new_project_ref(domain_id=self.domain['id']) |