diff options
| author | Jenkins <jenkins@review.openstack.org> | 2012-05-15 06:57:07 +0000 |
|---|---|---|
| committer | Gerrit Code Review <review@openstack.org> | 2012-05-15 06:57:07 +0000 |
| commit | 4c8a101dcb2a61b5c2c1946bf286ad204bbdea68 (patch) | |
| tree | 348b343e4c1ea5ef54276349f4ae8f3d2b6524fb /tests | |
| parent | 0b8ed78eb8738045bf0ba74f964b08f4d2f81701 (diff) | |
| parent | a67b24878a6156eab17b9098fa649f0279256f5d (diff) | |
| download | keystone-4c8a101dcb2a61b5c2c1946bf286ad204bbdea68.tar.gz keystone-4c8a101dcb2a61b5c2c1946bf286ad204bbdea68.tar.xz keystone-4c8a101dcb2a61b5c2c1946bf286ad204bbdea68.zip | |
Merge "Invalidate user tokens when password is changed"
Diffstat (limited to 'tests')
| -rw-r--r-- | tests/test_keystoneclient.py | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/tests/test_keystoneclient.py b/tests/test_keystoneclient.py index 064a8e34..a02af87c 100644 --- a/tests/test_keystoneclient.py +++ b/tests/test_keystoneclient.py @@ -286,6 +286,29 @@ class KeystoneClientTests(object): username='blah', password='blah') + def test_change_password_invalidates_token(self): + from keystoneclient import exceptions as client_exceptions + + client = self.get_client(admin=True) + + username = uuid.uuid4().hex + passwd = uuid.uuid4().hex + user = client.users.create(name=username, password=passwd, + email=uuid.uuid4().hex) + + token_id = client.tokens.authenticate(username=username, + password=passwd).id + + # authenticate with a token should work before a password change + client.tokens.authenticate(token=token_id) + + client.users.update_password(user=user.id, password=uuid.uuid4().hex) + + # authenticate with a token should not work after a password change + self.assertRaises(client_exceptions.Unauthorized, + client.tokens.authenticate, + token=token_id) + def test_user_create_update_delete(self): from keystoneclient import exceptions as client_exceptions |