From d3def837873ef5dc81400760cc7a3b884e478bed Mon Sep 17 00:00:00 2001 From: Dolph Mathews Date: Mon, 20 Jun 2011 15:19:32 -0500 Subject: Issue 31: Changed default ports to 80/8080 --- bin/keystone | 12 +++++++----- etc/keystone.conf | 4 ++-- 2 files changed, 9 insertions(+), 7 deletions(-) diff --git a/bin/keystone b/bin/keystone index fd5646c7..eed99208 100755 --- a/bin/keystone +++ b/bin/keystone @@ -47,10 +47,10 @@ if __name__ == '__main__': config.add_log_options(parser) # Handle a special argument to support starting two endpoints - common_group.add_option('-a', '--admin-port', default=8081, + common_group.add_option('-a', '--admin-port', dest="admin_port", metavar="PORT", help="specifies port for Admin API to listen" - "on (default is 8081)") + "on (default is 8080)") # Parse arguments and load config (options, args) = config.parse_options(parser) @@ -60,15 +60,19 @@ if __name__ == '__main__': # Load Service API server conf, app = config.load_paste_app( 'keystone-legacy-auth', options, args) + admin_conf, admin_app = config.load_paste_app( + 'admin', options, args) debug = options.get('debug') or conf.get('debug', False) debug = debug in [True, "True", "1"] verbose = options.get('verbose') or conf.get('verbose', False) verbose = verbose in [True, "True", "1"] + if debug or verbose: config_file = config.find_config_file(options, args) print "Using config file:", config_file + # Load API server server = wsgi.Server() server.start(app, int(conf['server_bind_port']), conf['server_bind_host']) @@ -76,15 +80,13 @@ if __name__ == '__main__': conf['server_bind_port']) # Load Admin API server - admin_conf, admin_app = config.load_paste_app('admin', options, args) admin_server = wsgi.Server() admin_bind = options.get('admin_port') or admin_conf.get('bind_port') - if conf['server_bind_port'] == admin_bind: - admin_bind += 1 admin_server.start(admin_app, int(admin_bind), admin_conf['bind_host']) print "Admin API listening on %s:%s" % (admin_conf['bind_host'], admin_bind) + # Wait until done server.wait() except RuntimeError, e: diff --git a/etc/keystone.conf b/etc/keystone.conf index c0fa1353..d6b21f60 100755 --- a/etc/keystone.conf +++ b/etc/keystone.conf @@ -32,7 +32,7 @@ service-header-mappings = {'nova' : 'X-Server-Management-Url' , 'swift' : 'X-Sto server_bind_host = 0.0.0.0 # Port the bind the API server to -server_bind_port = 8080 +server_bind_port = 80 [app:admin] paste.app_factory = keystone.server:admin_app_factory @@ -40,7 +40,7 @@ paste.app_factory = keystone.server:admin_app_factory bind_host = 0.0.0.0 # Port the bind the Admin API server to -bind_port = 8081 +bind_port = 8080 [app:server] paste.app_factory = keystone.server:app_factory -- cgit From 975b58a0dd75b3f221a6cbfe05f14b5b42d916b6 Mon Sep 17 00:00:00 2001 From: Dolph Mathews Date: Mon, 20 Jun 2011 15:24:48 -0500 Subject: Committing unit test configuration for issue 31 Also fixed the test_authentication.test_a_authorize_legacy unit test by changing the v1 URL --- keystone/test/unit/test_common.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/keystone/test/unit/test_common.py b/keystone/test/unit/test_common.py index bfad2d62..d05bf203 100755 --- a/keystone/test/unit/test_common.py +++ b/keystone/test/unit/test_common.py @@ -26,8 +26,8 @@ import unittest -URL = 'http://localhost:8081/v2.0/' -URLv1 = 'http://localhost:8080/v1.0/' +URL = 'http://localhost:8080/v2.0/' +URLv1 = 'http://localhost:80/v1.0/' def get_token(user, pswd, tenant_id, kind=''): header = httplib2.Http(".cache") -- cgit From 789b22aeabcb5fdf3f0e8717930bf03c33b3ca67 Mon Sep 17 00:00:00 2001 From: Dolph Mathews Date: Mon, 20 Jun 2011 15:41:30 -0500 Subject: Issue 31: Updated docs and examples --- README.md | 10 +++++----- bin/sampledata.sh | 2 +- examples/echo/echo/echo.ini | 4 ++-- examples/echo/echo/echo_basic.ini | 4 ++-- examples/echo/echo/echo_remote.ini | 2 +- examples/paste/auth_token.ini | 2 +- examples/paste/nova-api-paste.ini | 4 ++-- 7 files changed, 14 insertions(+), 14 deletions(-) diff --git a/README.md b/README.md index 42e35980..146b3b43 100644 --- a/README.md +++ b/README.md @@ -197,11 +197,11 @@ in troubleshooting: 
     # Get an unscoped token
     
-    $ curl -d '{"passwordCredentials": {"username": "joeuser", "password": "secrete"}}' -H "Content-type: application/json" http://localhost:8081/v2.0/tokens
+    $ curl -d '{"passwordCredentials": {"username": "joeuser", "password": "secrete"}}' -H "Content-type: application/json" http://localhost:8080/v2.0/tokens
 
     # Get a token for a tenant
 
-    $ curl -d '{"passwordCredentials": {"username": "joeuser", "password": "secrete", "tenantId": "1234"}}' -H "Content-type: application/json" http://localhost:8081/v2.0/tokens
+    $ curl -d '{"passwordCredentials": {"username": "joeuser", "password": "secrete", "tenantId": "1234"}}' -H "Content-type: application/json" http://localhost:8080/v2.0/tokens
#### Load Testing @@ -213,7 +213,7 @@ in troubleshooting: # Call Apache Bench - $ ab -c 30 -n 1000 -T "application/json" -p post_data http://127.0.0.1:8081/v2.0/tokens + $ ab -c 30 -n 1000 -T "application/json" -p post_data http://127.0.0.1:8080/v2.0/tokens ## NOVA Integration @@ -255,8 +255,8 @@ Assuming you added the test data using bin/sampledata.sh, you can then use joeus $ cd ~/keystone/bin && ./keystone Starting the Legacy Authentication component - Service API listening on 0.0.0.0:8080 - Admin API listening on 0.0.0.0:8081 + Service API listening on 0.0.0.0:80 + Admin API listening on 0.0.0.0:8080 4. In another window, edit the `~/keystone/bin/sampledata.sh` file, find the `public.cloudfiles.com` text and replace it with the URL to your Swift diff --git a/bin/sampledata.sh b/bin/sampledata.sh index 6f73e06c..134c5ea3 100755 --- a/bin/sampledata.sh +++ b/bin/sampledata.sh @@ -43,7 +43,7 @@ ./keystone-manage $* baseURLs add RegionOne nova http://nova.publicinternets.com/v1.1/ http://127.0.0.1:8774/v1.1 http://localhost:8774/v1.1 1 ./keystone-manage $* baseURLs add RegionOne glance http://glance.publicinternets.com/v1.1/%tenant_id% http://nova.admin-nets.local/v1.1/%tenant_id% http://127.0.0.1:9292/v1.1/%tenant_id% 1 ./keystone-manage $* baseURLs add RegionOne cdn http://cdn.publicinternets.com/v1.1/%tenant_id% http://cdn.admin-nets.local/v1.1/%tenant_id% http://127.0.0.1:7777/v1.1/%tenant_id% 1 -./keystone-manage $* baseURLs add RegionOne keystone http://keystone.publicinternets.com/v2.0 http://127.0.0.1:8081/v2.0 http://127.0.0.1:8080/v2.0 1 +./keystone-manage $* baseURLs add RegionOne keystone http://keystone.publicinternets.com/v2.0 http://127.0.0.1:8080/v2.0 http://127.0.0.1:80/v2.0 1 # Groups #./keystone-manage $* group add Admin 1234 diff --git a/examples/echo/echo/echo.ini b/examples/echo/echo/echo.ini index a7b95e9e..b654a13f 100644 --- a/examples/echo/echo/echo.ini +++ b/examples/echo/echo/echo.ini @@ -6,7 +6,7 @@ delay_auth_decision = 0 ;where to find the OpenStack service (if not in local WSGI chain) service_protocol = http service_host = 127.0.0.1 -service_port = 8081 +service_port = 8080 ;used to verify this component with the OpenStack service (or PAPIAuth) service_pass = dTpw @@ -23,7 +23,7 @@ pipeline = paste.filter_factory = keystone.auth_protocols.auth_token:filter_factory ;where to find the token auth service auth_host = 127.0.0.1 -auth_port = 8081 +auth_port = 8080 auth_protocol = http ;how to authenticate to the auth service for priviledged operations ;like validate token diff --git a/examples/echo/echo/echo_basic.ini b/examples/echo/echo/echo_basic.ini index 65c85357..8436d883 100644 --- a/examples/echo/echo/echo_basic.ini +++ b/examples/echo/echo/echo_basic.ini @@ -6,7 +6,7 @@ delay_auth_decision = 0 ;where to find the OpenStack service (if not in local WSGI chain) service_protocol = http service_host = 127.0.0.1 -service_port = 8081 +service_port = 8080 ;used to verify this component with the OpenStack service (or PAPIAuth) service_pass = dTpw @@ -23,7 +23,7 @@ pipeline = paste.filter_factory = keystone.auth_protocols.auth_token:filter_factory ;where to find the token auth service auth_host = 127.0.0.1 -auth_port = 8081 +auth_port = 8080 auth_protocol = http ;how to authenticate to the auth service for priviledged operations ;like validate token diff --git a/examples/echo/echo/echo_remote.ini b/examples/echo/echo/echo_remote.ini index d225f756..7418f574 100644 --- a/examples/echo/echo/echo_remote.ini +++ b/examples/echo/echo/echo_remote.ini @@ -14,6 +14,6 @@ paste.filter_factory = keystone.middleware.remoteauth:filter_factory ; (otherwise we redirect call) remote_auth_pass = dTpw ;where to redirect untrusted calls to -auth_location = http://127.0.0.1:8081/ +auth_location = http://127.0.0.1:8080/ diff --git a/examples/paste/auth_token.ini b/examples/paste/auth_token.ini index 25f2cbbf..3154fc69 100644 --- a/examples/paste/auth_token.ini +++ b/examples/paste/auth_token.ini @@ -5,7 +5,7 @@ paste.app_factory = auth_token:app_factory auth_protocol = http auth_host = 127.0.0.1 -auth_port = 8081 +auth_port = 8080 admin_token = 999888777666 delay_auth_decision = 0 diff --git a/examples/paste/nova-api-paste.ini b/examples/paste/nova-api-paste.ini index b4a94557..2082990d 100644 --- a/examples/paste/nova-api-paste.ini +++ b/examples/paste/nova-api-paste.ini @@ -86,9 +86,9 @@ paste.filter_factory = nova.api.openstack.auth:AuthMiddleware.factory paste.filter_factory = keystone.auth_protocols.auth_token:filter_factory service_protocol = http service_host = 127.0.0.1 -service_port = 808 +service_port = 8080 auth_host = 127.0.0.1 -auth_port = 8081 +auth_port = 8080 auth_protocol = http admin_token = 999888777666 -- cgit From 69db7bd755be5b8a2dfbbbffe3a62f1983cfa357 Mon Sep 17 00:00:00 2001 From: Dolph Mathews Date: Mon, 20 Jun 2011 16:20:43 -0500 Subject: Fixed formatting, imports --- bin/keystone | 14 ++++++-------- 1 file changed, 6 insertions(+), 8 deletions(-) diff --git a/bin/keystone b/bin/keystone index eed99208..82e06bb2 100755 --- a/bin/keystone +++ b/bin/keystone @@ -36,8 +36,7 @@ if os.path.exists(os.path.join(possible_topdir, 'keystone', '__init__.py')): import tools.tracer #@UnusedImport # module runs on import import keystone -from keystone.common import config -from keystone.common import wsgi +from keystone.common import config, wsgi if __name__ == '__main__': @@ -47,10 +46,9 @@ if __name__ == '__main__': config.add_log_options(parser) # Handle a special argument to support starting two endpoints - common_group.add_option('-a', '--admin-port', - dest="admin_port", metavar="PORT", - help="specifies port for Admin API to listen" - "on (default is 8080)") + common_group.add_option( + '-a', '--admin-port', dest="admin_port", metavar="PORT", + help="specifies port for Admin API to listen on (default is 8080)") # Parse arguments and load config (options, args) = config.parse_options(parser) @@ -71,8 +69,8 @@ if __name__ == '__main__': if debug or verbose: config_file = config.find_config_file(options, args) print "Using config file:", config_file - - # Load API server + + # Load API server server = wsgi.Server() server.start(app, int(conf['server_bind_port']), conf['server_bind_host']) -- cgit From 3690d027baa18f01e3a6f53514f686c0e9bc3619 Mon Sep 17 00:00:00 2001 From: Dolph Mathews Date: Tue, 21 Jun 2011 13:18:35 -0500 Subject: Added developer guide build folder to git ignore list --- .gitignore | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.gitignore b/.gitignore index 164c607c..94c324b9 100644 --- a/.gitignore +++ b/.gitignore @@ -11,5 +11,6 @@ keystone.db *.pid pidfile *.komodoproject -docs/build/ +doc/build/ build/ +doc/guide/target -- cgit From a614da6a578ee858373c4ca6f1d7a25276ff1224 Mon Sep 17 00:00:00 2001 From: Dolph Mathews Date: Tue, 21 Jun 2011 13:19:03 -0500 Subject: Updated dev guide publish date --- doc/guide/src/docbkx/identitydevguide.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/guide/src/docbkx/identitydevguide.xml b/doc/guide/src/docbkx/identitydevguide.xml index 7fc0f72e..ec23e38f 100755 --- a/doc/guide/src/docbkx/identitydevguide.xml +++ b/doc/guide/src/docbkx/identitydevguide.xml @@ -60,7 +60,7 @@ API v2.0 Keystone - OpenStack Identity - 2011-06-10 + 2011-06-21 Copyright details are filled in by the template. -- cgit From a5c9fe1dadc134bd7ec230a9f3781cb42e99d4f0 Mon Sep 17 00:00:00 2001 From: Dolph Mathews Date: Tue, 21 Jun 2011 13:19:24 -0500 Subject: Updated token validation sample xml (dev guide) --- doc/guide/src/docbkx/samples/validatetoken.xml | 16 +++++++--------- 1 file changed, 7 insertions(+), 9 deletions(-) diff --git a/doc/guide/src/docbkx/samples/validatetoken.xml b/doc/guide/src/docbkx/samples/validatetoken.xml index af40a8b6..18f26802 100644 --- a/doc/guide/src/docbkx/samples/validatetoken.xml +++ b/doc/guide/src/docbkx/samples/validatetoken.xml @@ -1,14 +1,12 @@ - - - - - - - - + id="ab48a9efdfedb23ty3494" + tenantId="1234"/> + + + + -- cgit From b30158ccc837f27005bf181586834780d4e099a5 Mon Sep 17 00:00:00 2001 From: Dolph Mathews Date: Tue, 21 Jun 2011 13:20:27 -0500 Subject: Republished developer guide for Jun 21, 2011 --- keystone/content/identitydevguide.pdf | Bin 302544 -> 303240 bytes 1 file changed, 0 insertions(+), 0 deletions(-) diff --git a/keystone/content/identitydevguide.pdf b/keystone/content/identitydevguide.pdf index 2113e625..9b5fb8dc 100644 Binary files a/keystone/content/identitydevguide.pdf and b/keystone/content/identitydevguide.pdf differ -- cgit From 99d82c379e2bd38a354a767afed7c9a0995abc2d Mon Sep 17 00:00:00 2001 From: Dolph Mathews Date: Tue, 21 Jun 2011 13:37:39 -0500 Subject: Updated readme to reflect docs/ -> doc/ change Added tools/pip-requires-dev for depelopment dependencies --- README.md | 34 ++++++++++++++++++++++++++-------- tools/pip-requires-dev | 3 +++ 2 files changed, 29 insertions(+), 8 deletions(-) create mode 100644 tools/pip-requires-dev diff --git a/README.md b/README.md index 146b3b43..093735f1 100644 --- a/README.md +++ b/README.md @@ -89,6 +89,11 @@ $ pip install -r tools/pip-requires # Install unit/functional test dependencies $ pip install -r tools/pip-requires-testing + +# Installing Development Dependencies +This will install libraries used for development and testing +$ pip install -r tools/pip-requires-dev + ## Running Keystone @@ -130,7 +135,6 @@ To run client demo (with all auth middleware running locally on sample service): $ ./examples/echo/bin/echod $ python examples/echo/echo_client.py -NOTE: NOT ALL TESTS CONVERTED TO NEW MODEL YET. MANY FAIL. THIS WILL BE ADDRESSED SOON. #### Unit Tests Prepare to run unit tests by changing to the unit test directory: @@ -164,22 +168,29 @@ Using SOAPUI: * Double click on "Keystone Tests" and press the green play (>) button -## Editing and Compiling the Developer Guide +## Writing Documentation + +### Editing and Compiling the Developer Guide Users of the Keystone API are often developers making ReSTfull calls to Keystone. The guide to provide them information is therefore called a `Developer Guide`. Developer in this case is not to be confused with developers working on the Keystone source code itself. The [dev guide](https://github.com/rackspace/keystone/raw/master/keystone/content/identitydevguide.pdf) is automatically -generated from XML and other artifacts in the `keystone/docs/src` folder. +generated from XML and other artifacts in the `doc/guide` folder. + +To build the Developer Guide from source, you need [Maven](http://maven.apache.org/). To build the docs and publish a new PDF: -To build the API `dev guide` from source, you need [Maven](http://maven.apache.org/). To build the docs, -run the following from the `Keystone/docs` folder: + $ cd doc/guide + $ mvn clean generate-sources && cp target/docbkx/pdf/identitydevguide.pdf ../../keystone/content/identitydevguide.pdf - $ mvn clean generate-sources +The output will go into the `doc/guide/target` folder (the source is in `doc/guide/src`). Output generated is PDF and webhelp. -The output will go into the `keystone/docs/target` folder (the source is in `keystone/docs/src`). Output -generated is PDF and webhelp. +### Editing and Compiling the Admin Guide + +The Admin guide is written in RST and compiled using sphinx. From the `keystone` folder: + + $ python setup.py build_sphinx && firefox build/sphinx/html/index.html ## Additional Information: @@ -202,6 +213,13 @@ in troubleshooting: # Get a token for a tenant $ curl -d '{"passwordCredentials": {"username": "joeuser", "password": "secrete", "tenantId": "1234"}}' -H "Content-type: application/json" http://localhost:8080/v2.0/tokens +<<<<<<< HEAD +======= + + # Get an admin token + + $ curl -d '{"passwordCredentials": {"username": "admin", "password": "secrete"}}' -H "Content-type: application/json" http://localhost:8081/v2.0/tokens +>>>>>>> c8de07620830c3d9f5bfb7c8d818a0440d1076c4 #### Load Testing diff --git a/tools/pip-requires-dev b/tools/pip-requires-dev new file mode 100644 index 00000000..efe417e7 --- /dev/null +++ b/tools/pip-requires-dev @@ -0,0 +1,3 @@ +DTest +WebTest +sphinx -- cgit From 2b348106339c0afd83bb143d3323e91edd5e1ec5 Mon Sep 17 00:00:00 2001 From: Dolph Mathews Date: Tue, 21 Jun 2011 14:37:20 -0500 Subject: Adding endpoint related files --- keystone/db/sqlalchemy/api/endpoint_template.py | 185 +++++++ keystone/logic/types/endpoint.py | 223 ++++++++ keystone/test/unit/test_endpoints.py | 669 ++++++++++++++++++++++++ 3 files changed, 1077 insertions(+) create mode 100755 keystone/db/sqlalchemy/api/endpoint_template.py create mode 100644 keystone/logic/types/endpoint.py create mode 100755 keystone/test/unit/test_endpoints.py diff --git a/keystone/db/sqlalchemy/api/endpoint_template.py b/keystone/db/sqlalchemy/api/endpoint_template.py new file mode 100755 index 00000000..f09479e5 --- /dev/null +++ b/keystone/db/sqlalchemy/api/endpoint_template.py @@ -0,0 +1,185 @@ +# vim: tabstop=4 shiftwidth=4 softtabstop=4 + +# Copyright 2010 OpenStack LLC. +# All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + +from keystone.db.sqlalchemy import get_session, models, aliased + +def create(values): + endpoint_template = models.EndpointTemplates() + endpoint_template.update(values) + endpoint_template.save() + return endpoint_template + + +def get(id, session=None): + if not session: + session = get_session() + result = session.query(models.EndpointTemplates).filter_by(id=id).first() + return result + + +def get_all(session=None): + if not session: + session = get_session() + return session.query(models.EndpointTemplates).all() + + +def get_page(marker, limit, session=None): + if not session: + session = get_session() + + if marker: + return session.query(models.EndpointTemplates).filter("id>:marker").params(\ + marker='%s' % marker).order_by(\ + models.EndpointTemplates.id.desc()).limit(limit).all() + else: + return session.query(models.EndpointTemplates).order_by(\ + models.EndpointTemplates.id.desc()).limit(limit).all() + + +def get_page_markers(marker, limit, session=None): + if not session: + session = get_session() + first = session.query(models.EndpointTemplates).order_by(\ + models.EndpointTemplates.id).first() + last = session.query(models.EndpointTemplates).order_by(\ + models.EndpointTemplates.id.desc()).first() + if first is None: + return (None, None) + if marker is None: + marker = first.id + next = session.query(models.EndpointTemplates).filter("id > :marker").params(\ + marker='%s' % marker).order_by(\ + models.EndpointTemplates.id).limit(limit).all() + prev = session.query(models.EndpointTemplates).filter("id < :marker").params(\ + marker='%s' % marker).order_by(\ + models.EndpointTemplates.id.desc()).limit(int(limit)).all() + if len(next) == 0: + next = last + else: + for t in next: + next = t + if len(prev) == 0: + prev = first + else: + for t in prev: + prev = t + if prev.id == marker: + prev = None + else: + prev = prev.id + if next.id == last.id: + next = None + else: + next = next.id + return (prev, next) + + +def endpoint_get_by_tenant_get_page(tenant_id, marker, limit, + session=None): + if not session: + session = get_session() + if marker: + return session.query(models.Endpoints).\ + filter(models.Endpoints.tenant_id == tenant_id).\ + filter("id >= :marker").params( + marker='%s' % marker).order_by( + models.Endpoints.id).limit(limit).all() + else: + return session.query(models.Endpoints).\ + filter(models.Endpoints.tenant_id == tenant_id).\ + order_by(models.Endpoints.id).limit(limit).all() + + +def endpoint_get_by_tenant_get_page_markers(tenant_id, marker, limit, + session=None): + if not session: + session = get_session() + tba = aliased(models.Endpoints) + first = session.query(tba).\ + filter(tba.tenant_id == tenant_id).\ + order_by(tba.id).first() + last = session.query(tba).\ + filter(tba.tenant_id == tenant_id).\ + order_by(tba.id.desc()).first() + if first is None: + return (None, None) + if marker is None: + marker = first.id + next = session.query(tba).\ + filter(tba.tenant_id == tenant_id).\ + filter("id>=:marker").params( + marker='%s' % marker).order_by( + tba.id).limit(int(limit)).all() + + prev = session.query(tba).\ + filter(tba.tenant_id == tenant_id).\ + filter("id < :marker").params( + marker='%s' % marker).order_by( + tba.id).limit(int(limit) + 1).all() + next_len = len(next) + prev_len = len(prev) + + if next_len == 0: + next = last + else: + for t in next: + next = t + if prev_len == 0: + prev = first + else: + for t in prev: + prev = t + if first.id == marker: + prev = None + else: + prev = prev.id + if marker == last.id: + next = None + else: + next = next.id + return (prev, next) + + +def endpoint_add(values): + endpoints = models.Endpoints() + endpoints.update(values) + endpoints.save() + return endpoints + + +def endpoint_get(id, session=None): + if not session: + session = get_session() + result = session.query(models.Endpoints).\ + filter_by(id=id).first() + return result + + +def endpoint_get_by_tenant(tenant_id, session=None): + if not session: + session = get_session() + result = session.query(models.Endpoints).\ + filter_by(tenant_id=tenant_id).first() + return result + + +def endpoint_delete(id, session=None): + if not session: + session = get_session() + with session.begin(): + endpoints = endpoint_get(id, session) + session.delete(endpoints) diff --git a/keystone/logic/types/endpoint.py b/keystone/logic/types/endpoint.py new file mode 100644 index 00000000..fb2e3cf3 --- /dev/null +++ b/keystone/logic/types/endpoint.py @@ -0,0 +1,223 @@ +# Copyright (c) 2010-2011 OpenStack, LLC. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import json +from lxml import etree +import string + +import keystone.logic.types.fault as fault + + +class EndpointTemplate(object): + @staticmethod + def from_xml(xml_str): + try: + dom = etree.Element("root") + dom.append(etree.fromstring(xml_str)) + root = dom.find("{http://docs.openstack.org/identity/api/v2.0}" \ + "endpointTemplate") + if root == None: + raise fault.BadRequestFault("Expecting endpointTemplate") + id = root.get("id") + region = root.get("region") + service = root.get("serviceName") + public_url = root.get("publicURL") + admin_url = root.get("adminURL") + internal_url = root.get("internalURL") + enabled = root.get("enabled") + return EndpointTemplate(id, region, service, public_url, admin_url, + internal_url, enabled) + except etree.LxmlError as e: + raise fault.BadRequestFault("Cannot parse endpointTemplate", str(e)) + + @staticmethod + def from_json(json_str): + try: + obj = json.loads(json_str) + region = None + service = None + public_url = None + admin_url = None + internal_url = None + enabled = None + + if not "endpointTemplate" in obj: + raise fault.BadRequestFault("Expecting endpointTemplate") + endpoint_template = obj["endpointTemplate"] + + # Check that fields are valid + invalid = [key for key in endpoint_template if key not in + ['id', 'region', 'serviceName', 'publicURL', + 'adminURL', 'internalURL', 'enabled']] + if invalid != []: + raise fault.BadRequestFault("Invalid attribute(s): %s" + % invalid) + + if not "id" in endpoint_template: + id = None + else: + id = endpoint_template["id"] + if id == None: + raise fault.BadRequestFault("Expecting endpointTemplate") + + if 'region' in endpoint_template: + region = endpoint_template["region"] + if 'serviceName' in endpoint_template: + service = endpoint_template["serviceName"] + if 'publicURL' in endpoint_template: + public_url = endpoint_template["publicURL"] + if 'adminURL' in endpoint_template: + admin_url = endpoint_template["adminURL"] + if 'internalURL' in endpoint_template: + internal_url = endpoint_template["internalURL"] + if 'enabled' in endpoint_template: + enabled = endpoint_template["enabled"] + + return EndpointTemplate(id, region, service, public_url, admin_url, + internal_url, enabled) + except (ValueError, TypeError) as e: + raise fault.BadRequestFault("Cannot parse endpointTemplate", str(e)) + + def __init__(self, id, region, service, public_url, admin_url, + internal_url, enabled): + self.id = id + self.region = region + self.service = service + self.public_url = public_url + self.admin_url = admin_url + self.internal_url = internal_url + self.enabled = enabled + + def to_dom(self): + dom = etree.Element("endpointTemplate", + xmlns="http://docs.openstack.org/identity/api/v2.0") + if self.id: + dom.set("id", str(self.id)) + if self.region: + dom.set("region", self.region) + if self.service: + dom.set("serviceName", self.service) + if self.public_url: + dom.set("publicURL", self.public_url) + if self.admin_url: + dom.set("adminURL", self.admin_url) + if self.internal_url: + dom.set("internalURL", self.internal_url) + if self.enabled: + dom.set("enabled", 'true') + return dom + + def to_xml(self): + return etree.tostring(self.to_dom()) + + def to_dict(self): + endpoint_template = {} + if self.id: + endpoint_template["id"] = self.id + if self.region: + endpoint_template["region"] = self.region + if self.service: + endpoint_template["serviceName"] = self.service + if self.public_url: + endpoint_template["publicURL"] = self.public_url + if self.admin_url: + endpoint_template["adminURL"] = self.admin_url + if self.internal_url: + endpoint_template["internalURL"] = self.internal_url + if self.enabled: + endpoint_template["enabled"] = self.enabled + return {'endpointTemplate': endpoint_template} + + def to_json(self): + return json.dumps(self.to_dict()) + + +class EndpointTemplates(object): + "A collection of endpointTemplates." + + def __init__(self, values, links): + self.values = values + self.links = links + + def to_xml(self): + dom = etree.Element("endpointTemplates") + dom.set(u"xmlns", "http://docs.openstack.org/identity/api/v2.0") + + for t in self.values: + dom.append(t.to_dom()) + + for t in self.links: + dom.append(t.to_dom()) + + return etree.tostring(dom) + + def to_json(self): + values = [t.to_dict()["endpointTemplate"] for t in self.values] + links = [t.to_dict()["links"] for t in self.links] + return json.dumps({"endpointTemplates": {"values": values, "links": links}}) + + +class Endpoint(object): + def __init__(self, id, href): + self.id = id + self.href = href + + def to_dom(self): + dom = etree.Element("endpoint", + xmlns="http://docs.openstack.org/identity/api/v2.0") + if self.id: + dom.set("id", str(self.id)) + if self.href: + dom.set("href", self.href) + return dom + + def to_xml(self): + return etree.tostring(self.to_dom()) + + def to_dict(self): + endpoint = {} + if self.id: + endpoint["id"] = self.id + if self.href: + endpoint["href"] = self.href + return {'endpoint': endpoint} + + def to_json(self): + return json.dumps(self.to_dict()) + + +class Endpoints(object): + "A collection of endpoints." + + def __init__(self, values, links): + self.values = values + self.links = links + + def to_xml(self): + dom = etree.Element("endpoints") + dom.set(u"xmlns", "http://docs.openstack.org/identity/api/v2.0") + + for t in self.values: + dom.append(t.to_dom()) + + for t in self.links: + dom.append(t.to_dom()) + + return etree.tostring(dom) + + def to_json(self): + values = [t.to_dict()["endpoint"] for t in self.values] + links = [t.to_dict()["links"] for t in self.links] + return json.dumps({"endpoints": {"values": values, "links": links}}) diff --git a/keystone/test/unit/test_endpoints.py b/keystone/test/unit/test_endpoints.py new file mode 100755 index 00000000..8a9a32cf --- /dev/null +++ b/keystone/test/unit/test_endpoints.py @@ -0,0 +1,669 @@ +# vim: tabstop=4 shiftwidth=4 softtabstop=4 +# Copyright (c) 2010-2011 OpenStack, LLC. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. + + +import httplib2 +import json +from lxml import etree +import os +import sys +sys.path.append(os.path.abspath(os.path.join(os.path.abspath(__file__), + '..', '..', '..', '..', '..', 'keystone'))) +import unittest + +import test_common as utils +from test_common import URL + +from keystone.logic.types import fault + +class EndpointTemplatesTest(unittest.TestCase): + def setUp(self): + self.tenant = utils.get_tenant() + self.password = utils.get_password() + self.email = utils.get_email() + self.user = utils.get_user() + self.userdisabled = utils.get_userdisabled() + self.auth_token = utils.get_auth_token() + self.exp_auth_token = utils.get_exp_auth_token() + self.disabled_token = utils.get_disabled_token() + self.missing_token = utils.get_none_token() + self.invalid_token = utils.get_non_existing_token() + utils.create_tenant(self.tenant, str(self.auth_token)) + utils.create_user(self.tenant, self.user, self.auth_token) + self.token = utils.get_token(self.user, 'secrete', self.tenant, + 'token') + + def tearDown(self): + utils.delete_user(self.user, self.auth_token) + utils.delete_tenant(self.tenant, self.auth_token) + utils.delete_all_endpoint(self.tenant, self.auth_token) + +class GetEndpointTemplatesTest(EndpointTemplatesTest): + def test_get_endpoint_templates(self): + header = httplib2.Http(".cache") + url = '%sendpointTemplates' % (utils.URL) + #test for Content-Type = application/json + resp, content = header.request(url, "GET", body='{}', + headers={"Content-Type": "application/json", + "X-Auth-Token": self.auth_token}) + if int(resp['status']) == 500: + self.fail('Identity Fault') + elif int(resp['status']) == 503: + self.fail('Service Not Available') + self.assertEqual(200, int(resp['status'])) + + #verify content + obj = json.loads(content) + if not "endpointTemplates" in obj: + raise self.fail("Expecting endpointTemplates") + + def test_get_endpoint_templates_using_expired_auth_token(self): + header = httplib2.Http(".cache") + url = '%sendpointTemplates' % (utils.URL) + #test for Content-Type = application/json + resp, content = header.request(url, "GET", body='{}', + headers={"Content-Type": "application/json", + "X-Auth-Token": self.exp_auth_token}) + if int(resp['status']) == 500: + self.fail('Identity Fault') + elif int(resp['status']) == 503: + self.fail('Service Not Available') + self.assertEqual(403 , int(resp['status'])) + + def test_get_endpoint_templates_using_disabled_auth_token(self): + header = httplib2.Http(".cache") + url = '%sendpointTemplates' % (utils.URL) + #test for Content-Type = application/json + resp, content = header.request(url, "GET", body='{}', + headers={"Content-Type": "application/json", + "X-Auth-Token": self.disabled_token}) + if int(resp['status']) == 500: + self.fail('Identity Fault') + elif int(resp['status']) == 503: + self.fail('Service Not Available') + self.assertEqual(403 , int(resp['status'])) + + def test_get_endpoint_templates_using_missing_auth_token(self): + header = httplib2.Http(".cache") + url = '%sendpointTemplates' % (utils.URL) + #test for Content-Type = application/json + resp, content = header.request(url, "GET", body='{}', + headers={"Content-Type": "application/json", + "X-Auth-Token": self.missing_token}) + if int(resp['status']) == 500: + self.fail('Identity Fault') + elif int(resp['status']) == 503: + self.fail('Service Not Available') + self.assertEqual(401 , int(resp['status'])) + + def test_get_endpoint_templates_using_invalid_auth_token(self): + header = httplib2.Http(".cache") + url = '%sendpointTemplates' % (utils.URL) + #test for Content-Type = application/json + resp, content = header.request(url, "GET", body='{}', + headers={"Content-Type": "application/json", + "X-Auth-Token": self.invalid_token}) + if int(resp['status']) == 500: + self.fail('Identity Fault') + elif int(resp['status']) == 503: + self.fail('Service Not Available') + self.assertEqual(404 , int(resp['status'])) + + def test_get_endpoint_templates_xml(self): + header = httplib2.Http(".cache") + url = '%sendpointTemplates' % (utils.URL) + #test for Content-Type = application/json + resp, content = header.request(url, "GET", body='{}', + headers={"Content-Type": "application/xml", + "X-Auth-Token": self.auth_token, + "ACCEPT": "application/xml"}) + if int(resp['status']) == 500: + self.fail('Identity Fault') + elif int(resp['status']) == 503: + self.fail('Service Not Available') + self.assertEqual(200, int(resp['status'])) + + #verify content + dom = etree.Element("root") + dom.append(etree.fromstring(content)) + endpoint_templates = dom.find("{http://docs.openstack.org/identity/api/v2.0}" \ + "endpointTemplates") + if endpoint_templates == None: + self.fail("Expecting endpointTemplates") + + def test_get_endpoint_templates_xml_expired_auth_token(self): + header = httplib2.Http(".cache") + url = '%sendpointTemplates' % (utils.URL) + #test for Content-Type = application/json + resp, content = header.request(url, "GET", body='{}', + headers={"Content-Type": "application/xml", + "X-Auth-Token": self.exp_auth_token, + "ACCEPT": "application/xml"}) + if int(resp['status']) == 500: + self.fail('Identity Fault') + elif int(resp['status']) == 503: + self.fail('Service Not Available') + self.assertEqual(403, int(resp['status'])) + + def test_get_endpoint_templates_xml_disabled_auth_token(self): + header = httplib2.Http(".cache") + url = '%sendpointTemplates' % (utils.URL) + #test for Content-Type = application/json + resp, content = header.request(url, "GET", body='{}', + headers={"Content-Type": "application/xml", + "X-Auth-Token": self.disabled_token, + "ACCEPT": "application/xml"}) + if int(resp['status']) == 500: + self.fail('Identity Fault') + elif int(resp['status']) == 503: + self.fail('Service Not Available') + self.assertEqual(403, int(resp['status'])) + + def test_get_endpoint_templates_xml_missing_auth_token(self): + header = httplib2.Http(".cache") + url = '%sendpointTemplates' % (utils.URL) + #test for Content-Type = application/json + resp, content = header.request(url, "GET", body='{}', + headers={"Content-Type": "application/xml", + "X-Auth-Token": self.missing_token, + "ACCEPT": "application/xml"}) + if int(resp['status']) == 500: + self.fail('Identity Fault') + elif int(resp['status']) == 503: + self.fail('Service Not Available') + self.assertEqual(401, int(resp['status'])) + + def test_get_endpoint_templates_xml_invalid_auth_token(self): + header = httplib2.Http(".cache") + url = '%sendpointTemplates' % (utils.URL) + #test for Content-Type = application/json + resp, content = header.request(url, "GET", body='{}', + headers={"Content-Type": "application/xml", + "X-Auth-Token": self.invalid_token, + "ACCEPT": "application/xml"}) + if int(resp['status']) == 500: + self.fail('Identity Fault') + elif int(resp['status']) == 503: + self.fail('Service Not Available') + self.assertEqual(404, int(resp['status'])) + +class GetEndpointTemplateTest(EndpointTemplatesTest): + def test_get_endpoint(self): + header = httplib2.Http(".cache") + url = '%sendpointTemplates/%s' % (utils.URL, '1') + #test for Content-Type = application/json + resp, content = header.request(url, "GET", body='{}', + headers={"Content-Type": "application/json", + "X-Auth-Token": self.auth_token}) + if int(resp['status']) == 500: + self.fail('Identity Fault') + elif int(resp['status']) == 503: + self.fail('Service Not Available') + self.assertEqual(200, int(resp['status'])) + + #verify content + obj = json.loads(content) + if not "endpointTemplate" in obj: + raise self.fail("Expecting endpointTemplate") + + def test_get_endpoint_using_expired_auth_token(self): + header = httplib2.Http(".cache") + url = '%sendpointTemplates/%s' % (utils.URL, '1') + #test for Content-Type = application/json + resp, content = header.request(url, "GET", body='{}', + headers={"Content-Type": "application/json", + "X-Auth-Token": self.exp_auth_token}) + if int(resp['status']) == 500: + self.fail('Identity Fault') + elif int(resp['status']) == 503: + self.fail('Service Not Available') + self.assertEqual(403, int(resp['status'])) + + def test_get_endpoint_using_disabled_auth_token(self): + header = httplib2.Http(".cache") + url = '%sendpointTemplates/%s' % (utils.URL, '1') + #test for Content-Type = application/json + resp, content = header.request(url, "GET", body='{}', + headers={"Content-Type": "application/json", + "X-Auth-Token": self.disabled_token}) + if int(resp['status']) == 500: + self.fail('Identity Fault') + elif int(resp['status']) == 503: + self.fail('Service Not Available') + self.assertEqual(403, int(resp['status'])) + + def test_get_endpoint_using_missing_auth_token(self): + header = httplib2.Http(".cache") + url = '%sendpointTemplates/%s' % (utils.URL, '1') + #test for Content-Type = application/json + resp, content = header.request(url, "GET", body='{}', + headers={"Content-Type": "application/json", + "X-Auth-Token": self.missing_token}) + if int(resp['status']) == 500: + self.fail('Identity Fault') + elif int(resp['status']) == 503: + self.fail('Service Not Available') + self.assertEqual(401, int(resp['status'])) + + + def test_get_endpoint_using_invalid_auth_token(self): + header = httplib2.Http(".cache") + url = '%sendpointTemplates/%s' % (utils.URL, '1') + #test for Content-Type = application/json + resp, content = header.request(url, "GET", body='{}', + headers={"Content-Type": "application/json", + "X-Auth-Token": self.invalid_token}) + if int(resp['status']) == 500: + self.fail('Identity Fault') + elif int(resp['status']) == 503: + self.fail('Service Not Available') + self.assertEqual(404, int(resp['status'])) + + def test_get_endpoint_xml(self): + header = httplib2.Http(".cache") + url = '%sendpointTemplates/%s' % (utils.URL, '1') + #test for Content-Type = application/json + resp, content = header.request(url, "GET", body='{}', + headers={"Content-Type": "application/xml", + "X-Auth-Token": self.auth_token, + "ACCEPT": "application/xml"}) + if int(resp['status']) == 500: + self.fail('Identity Fault') + elif int(resp['status']) == 503: + self.fail('Service Not Available') + self.assertEqual(200, int(resp['status'])) + + #verify content + dom = etree.Element("root") + dom.append(etree.fromstring(content)) + endpoint = dom.find("{http://docs.openstack.org/identity/api/v2.0}" \ + "endpointTemplate") + if endpoint == None: + self.fail("Expecting endpointTemplate") + + +class CreateEndpointRefsTest(EndpointTemplatesTest): + def test_endpoint_create_json(self): + header = httplib2.Http(".cache") + resp, content = utils.create_endpoint(self.tenant, "1", + str(self.auth_token)) + resp_val = int(resp['status']) + self.assertEqual(201, resp_val) + + def test_endpoint_create_json_using_expired_token(self): + header = httplib2.Http(".cache") + resp, content = utils.create_endpoint(self.tenant, "1", + str(self.exp_auth_token)) + resp_val = int(resp['status']) + self.assertEqual(403, resp_val) + + def test_endpoint_create_json_using_disabled_token(self): + header = httplib2.Http(".cache") + resp, content = utils.create_endpoint(self.tenant, "1", + str(self.disabled_token)) + resp_val = int(resp['status']) + self.assertEqual(403, resp_val) + + def test_endpoint_create_json_using_missing_token(self): + header = httplib2.Http(".cache") + resp, content = utils.create_endpoint(self.tenant, "1", + str(self.missing_token)) + resp_val = int(resp['status']) + self.assertEqual(401, resp_val) + + def test_endpoint_create_json_using_invalid_token(self): + header = httplib2.Http(".cache") + resp, content = utils.create_endpoint(self.tenant, "1", + str(self.invalid_token)) + resp_val = int(resp['status']) + self.assertEqual(404, resp_val) + + def test_endpoint_create_xml(self): + header = httplib2.Http(".cache") + + resp, content = utils.create_endpoint_xml(self.tenant, "1", + str(self.auth_token)) + resp_val = int(resp['status']) + self.assertEqual(201, resp_val) + url = '%stenants/%s/endpoints/%s' % (URL, self.tenant, '1') + resp, content = header.request(url, "DELETE", body='', + headers={"Content-Type": "application/json", + "X-Auth-Token": str(self.auth_token)}) + resp_val = int(resp['status']) + self.assertEqual(204, resp_val) + + def test_endpoint_create_xml_using_expired_token(self): + header = httplib2.Http(".cache") + + resp, content = utils.create_endpoint_xml(self.tenant, "1", + str(self.auth_token)) + resp_val = int(resp['status']) + self.assertEqual(201, resp_val) + url = '%stenants/%s/endpoints/%s' % (URL, self.tenant, '1') + resp, content = header.request(url, "DELETE", body='', + headers={"Content-Type": "application/json", + "X-Auth-Token": str(self.exp_auth_token)}) + resp_val = int(resp['status']) + self.assertEqual(403, resp_val) + + def test_endpoint_create_xml_using_disabled_token(self): + header = httplib2.Http(".cache") + + resp, content = utils.create_endpoint_xml(self.tenant, "1", + str(self.auth_token)) + resp_val = int(resp['status']) + self.assertEqual(201, resp_val) + url = '%stenants/%s/endpoints/%s' % (URL, self.tenant, '1') + resp, content = header.request(url, "DELETE", body='', + headers={"Content-Type": "application/json", + "X-Auth-Token": str(self.disabled_token)}) + resp_val = int(resp['status']) + self.assertEqual(403, resp_val) + + def test_endpoint_create_xml_using_missing_token(self): + header = httplib2.Http(".cache") + + resp, content = utils.create_endpoint_xml(self.tenant, "1", + str(self.auth_token)) + resp_val = int(resp['status']) + self.assertEqual(201, resp_val) + url = '%stenants/%s/endpoints/%s' % (URL, self.tenant, '1') + resp, content = header.request(url, "DELETE", body='', + headers={"Content-Type": "application/json", + "X-Auth-Token": str(self.missing_token)}) + resp_val = int(resp['status']) + self.assertEqual(401, resp_val) + + def test_endpoint_create_xml_using_invalid_token(self): + header = httplib2.Http(".cache") + + resp, content = utils.create_endpoint_xml(self.tenant, "1", + str(self.auth_token)) + resp_val = int(resp['status']) + self.assertEqual(201, resp_val) + url = '%stenants/%s/endpoints/%s' % (URL, self.tenant, '1') + resp, content = header.request(url, "DELETE", body='', + headers={"Content-Type": "application/json", + "X-Auth-Token": str(self.invalid_token)}) + resp_val = int(resp['status']) + self.assertEqual(404, resp_val) + +class GetEndPointTest(EndpointTemplatesTest): + def test_get_endpoint_xml(self): + header = httplib2.Http(".cache") + url = '%stenants/%s/endpoints' % (URL, self.tenant) + #test for Content-Type = application/xml + resp, content = header.request(url, "GET", body='{}', + headers={"Content-Type": "application/xml", + "X-Auth-Token": str(self.auth_token), + "ACCEPT": "application/xml"}) + if int(resp['status']) == 500: + self.fail('Identity Fault') + elif int(resp['status']) == 503: + self.fail('Service Not Available') + self.assertEqual(200, int(resp['status'])) + + def test_get_endpoint_xml_using_expired_auth_token(self): + header = httplib2.Http(".cache") + url = '%stenants/%s/endpoints' % (URL, self.tenant) + #test for Content-Type = application/xml + resp, content = header.request(url, "GET", body='{}', + headers={"Content-Type": "application/xml", + "X-Auth-Token": str(self.exp_auth_token), + "ACCEPT": "application/xml"}) + if int(resp['status']) == 500: + self.fail('Identity Fault') + elif int(resp['status']) == 503: + self.fail('Service Not Available') + self.assertEqual(403, int(resp['status'])) + + def test_get_endpoint_xml_using_disabled_auth_token(self): + header = httplib2.Http(".cache") + url = '%stenants/%s/endpoints' % (URL, self.tenant) + #test for Content-Type = application/xml + resp, content = header.request(url, "GET", body='{}', + headers={"Content-Type": "application/xml", + "X-Auth-Token": str(self.disabled_token), + "ACCEPT": "application/xml"}) + if int(resp['status']) == 500: + self.fail('Identity Fault') + elif int(resp['status']) == 503: + self.fail('Service Not Available') + self.assertEqual(403, int(resp['status'])) + + def test_get_endpoint_xml_using_missing_auth_token(self): + header = httplib2.Http(".cache") + url = '%stenants/%s/endpoints' % (URL, self.tenant) + #test for Content-Type = application/xml + resp, content = header.request(url, "GET", body='{}', + headers={"Content-Type": "application/xml", + "X-Auth-Token": str(self.missing_token), + "ACCEPT": "application/xml"}) + if int(resp['status']) == 500: + self.fail('Identity Fault') + elif int(resp['status']) == 503: + self.fail('Service Not Available') + self.assertEqual(401, int(resp['status'])) + + def test_get_endpoint_xml_using_invalid_auth_token(self): + header = httplib2.Http(".cache") + url = '%stenants/%s/endpoints' % (URL, self.tenant) + #test for Content-Type = application/xml + resp, content = header.request(url, "GET", body='{}', + headers={"Content-Type": "application/xml", + "X-Auth-Token": str(self.invalid_token), + "ACCEPT": "application/xml"}) + if int(resp['status']) == 500: + self.fail('Identity Fault') + elif int(resp['status']) == 503: + self.fail('Service Not Available') + self.assertEqual(404, int(resp['status'])) + + def test_get_endpoint_json(self): + header = httplib2.Http(".cache") + url = '%stenants/%s/endpoints' % (URL, self.tenant) + #test for Content-Type = application/json + resp, content = header.request(url, "GET", body='{}', + headers={"Content-Type": "application/json", + "X-Auth-Token": str(self.auth_token), + "ACCEPT": "application/json"}) + if int(resp['status']) == 500: + self.fail('Identity Fault') + elif int(resp['status']) == 503: + self.fail('Service Not Available') + self.assertEqual(200, int(resp['status'])) + obj = json.loads(content) + if not "endpoints" in obj: + raise self.fail("Expecting endpoints") + + def test_get_endpoint_json_using_expired_auth_token(self): + header = httplib2.Http(".cache") + url = '%stenants/%s/endpoints' % (URL, self.tenant) + #test for Content-Type = application/json + resp, content = header.request(url, "GET", body='{}', + headers={"Content-Type": "application/json", + "X-Auth-Token": str(self.exp_auth_token), + "ACCEPT": "application/json"}) + if int(resp['status']) == 500: + self.fail('Identity Fault') + elif int(resp['status']) == 503: + self.fail('Service Not Available') + self.assertEqual(403, int(resp['status'])) + obj = json.loads(content) + + def test_get_endpoint_json_using_disabled_auth_token(self): + header = httplib2.Http(".cache") + url = '%stenants/%s/endpoints' % (URL, self.tenant) + #test for Content-Type = application/json + resp, content = header.request(url, "GET", body='{}', + headers={"Content-Type": "application/json", + "X-Auth-Token": str(self.disabled_token), + "ACCEPT": "application/json"}) + if int(resp['status']) == 500: + self.fail('Identity Fault') + elif int(resp['status']) == 503: + self.fail('Service Not Available') + self.assertEqual(403, int(resp['status'])) + obj = json.loads(content) + + def test_get_endpoint_json_using_missing_auth_token(self): + header = httplib2.Http(".cache") + url = '%stenants/%s/endpoints' % (URL, self.tenant) + #test for Content-Type = application/json + resp, content = header.request(url, "GET", body='{}', + headers={"Content-Type": "application/json", + "X-Auth-Token": str(self.missing_token), + "ACCEPT": "application/json"}) + if int(resp['status']) == 500: + self.fail('Identity Fault') + elif int(resp['status']) == 503: + self.fail('Service Not Available') + self.assertEqual(401, int(resp['status'])) + obj = json.loads(content) + + def test_get_endpoint_json_using_invalid_auth_token(self): + header = httplib2.Http(".cache") + url = '%stenants/%s/endpoints' % (URL, self.tenant) + #test for Content-Type = application/json + resp, content = header.request(url, "GET", body='{}', + headers={"Content-Type": "application/json", + "X-Auth-Token": str(self.invalid_token), + "ACCEPT": "application/json"}) + if int(resp['status']) == 500: + self.fail('Identity Fault') + elif int(resp['status']) == 503: + self.fail('Service Not Available') + self.assertEqual(404, int(resp['status'])) + obj = json.loads(content) + +class DeleteEndpointsTest(EndpointTemplatesTest): + def test_delete_endpoint(self): + header = httplib2.Http(".cache") + resp, content = utils.create_endpoint(self.tenant, "1", + str(self.auth_token)) + resp_val = int(resp['status']) + self.assertEqual(201, resp_val) + obj = json.loads(content) + if not "endpoint" in obj: + raise fault.BadRequestFault("Expecting endpoint") + endpoint = obj["endpoint"] + if not "id" in endpoint: + endpoint_id = None + else: + endpoint_id = endpoint["id"] + if endpoint_id is None: + raise fault.BadRequestFault("Expecting endpointID") + url = '%stenants/%s/endpoints/%s' % (URL, self.tenant, endpoint_id) + resp, content = header.request(url, "DELETE", body='', + headers={"Content-Type": "application/json", + "X-Auth-Token": str(self.auth_token)}) + resp_val = int(resp['status']) + self.assertEqual(204, resp_val) + + def test_delete_endpoint_using_expired_auth_token(self): + header = httplib2.Http(".cache") + resp, content = utils.create_endpoint(self.tenant, "1", + str(self.auth_token)) + resp_val = int(resp['status']) + self.assertEqual(201, resp_val) + obj = json.loads(content) + if not "endpoint" in obj: + raise fault.BadRequestFault("Expecting endpoint") + endpoint = obj["endpoint"] + if not "id" in endpoint: + endpoint_id = None + else: + endpoint_id = endpoint["id"] + if endpoint_id is None: + raise fault.BadRequestFault("Expecting endpoint id") + url = '%stenants/%s/endpoints/%s' % (URL, self.tenant, endpoint_id) + resp, content = header.request(url, "DELETE", body='', + headers={"Content-Type": "application/json", + "X-Auth-Token": str(self.exp_auth_token)}) + resp_val = int(resp['status']) + self.assertEqual(403, resp_val) + + def test_delete_endpoint_using_disabled_auth_token(self): + header = httplib2.Http(".cache") + resp, content = utils.create_endpoint(self.tenant, "1", + str(self.auth_token)) + resp_val = int(resp['status']) + self.assertEqual(201, resp_val) + obj = json.loads(content) + if not "endpoint" in obj: + raise fault.BadRequestFault("Expecting endpoint") + endpoint = obj["endpoint"] + if not "id" in endpoint: + endpoint_id = None + else: + endpoint_id = endpoint["id"] + if endpoint_id is None: + raise fault.BadRequestFault("Expecting endpoint id") + url = '%stenants/%s/endpoints/%s' % (URL, self.tenant, endpoint_id) + resp, content = header.request(url, "DELETE", body='', + headers={"Content-Type": "application/json", + "X-Auth-Token": str(self.disabled_token)}) + resp_val = int(resp['status']) + self.assertEqual(403, resp_val) + + def test_delete_endpoint_using_missing_auth_token(self): + header = httplib2.Http(".cache") + resp, content = utils.create_endpoint(self.tenant, "1", + str(self.auth_token)) + resp_val = int(resp['status']) + self.assertEqual(201, resp_val) + obj = json.loads(content) + if not "endpoint" in obj: + raise fault.BadRequestFault("Expecting endpoint") + endpoint = obj["endpoint"] + if not "id" in endpoint: + endpoint_id = None + else: + endpoint_id = endpoint["id"] + if endpoint_id is None: + raise fault.BadRequestFault("Expecting endpointID") + url = '%stenants/%s/endpoints/%s' % (URL, self.tenant, endpoint_id) + resp, content = header.request(url, "DELETE", body='', + headers={"Content-Type": "application/json", + "X-Auth-Token": str(self.missing_token)}) + resp_val = int(resp['status']) + self.assertEqual(401, resp_val) + + def test_delete_endpoint_using_invalid_auth_token(self): + header = httplib2.Http(".cache") + resp, content = utils.create_endpoint(self.tenant, "1", + str(self.auth_token)) + resp_val = int(resp['status']) + self.assertEqual(201, resp_val) + obj = json.loads(content) + if not "endpoint" in obj: + raise fault.BadRequestFault("Expecting endpoint") + endpoint = obj["endpoint"] + if not "id" in endpoint: + endpoint_id = None + else: + endpoint_id = endpoint["id"] + if endpoint_id is None: + raise fault.BadRequestFault("Expecting endpoint ID") + url = '%stenants/%s/endpoints/%s' % (URL, self.tenant, endpoint_id) + resp, content = header.request(url, "DELETE", body='', + headers={"Content-Type": "application/json", + "X-Auth-Token": str(self.invalid_token)}) + resp_val = int(resp['status']) + self.assertEqual(404, resp_val) + +if __name__ == '__main__': + unittest.main() -- cgit From ac708ae577bdbed106dbe819238a3b1407446273 Mon Sep 17 00:00:00 2001 From: Dolph Mathews Date: Tue, 21 Jun 2011 14:56:04 -0500 Subject: Issue 31: Reverted ports to 8080/8081 while the issue is under discussion --- README.md | 6 +++--- bin/keystone | 2 +- bin/sampledata.sh | 2 +- etc/keystone.conf | 4 ++-- examples/echo/echo/echo.ini | 4 ++-- examples/echo/echo/echo_basic.ini | 4 ++-- examples/echo/echo/echo_remote.ini | 2 +- examples/paste/auth_token.ini | 2 +- examples/paste/nova-api-paste.ini | 4 ++-- keystone/test/unit/test_common.py | 4 ++-- 10 files changed, 17 insertions(+), 17 deletions(-) diff --git a/README.md b/README.md index 093735f1..82037e89 100644 --- a/README.md +++ b/README.md @@ -231,7 +231,7 @@ in troubleshooting: # Call Apache Bench - $ ab -c 30 -n 1000 -T "application/json" -p post_data http://127.0.0.1:8080/v2.0/tokens + $ ab -c 30 -n 1000 -T "application/json" -p post_data http://127.0.0.1:8081/v2.0/tokens ## NOVA Integration @@ -273,8 +273,8 @@ Assuming you added the test data using bin/sampledata.sh, you can then use joeus $ cd ~/keystone/bin && ./keystone Starting the Legacy Authentication component - Service API listening on 0.0.0.0:80 - Admin API listening on 0.0.0.0:8080 + Service API listening on 0.0.0.0:8080 + Admin API listening on 0.0.0.0:8081 4. In another window, edit the `~/keystone/bin/sampledata.sh` file, find the `public.cloudfiles.com` text and replace it with the URL to your Swift diff --git a/bin/keystone b/bin/keystone index 82e06bb2..30c5653c 100755 --- a/bin/keystone +++ b/bin/keystone @@ -48,7 +48,7 @@ if __name__ == '__main__': # Handle a special argument to support starting two endpoints common_group.add_option( '-a', '--admin-port', dest="admin_port", metavar="PORT", - help="specifies port for Admin API to listen on (default is 8080)") + help="specifies port for Admin API to listen on (default is 8081)") # Parse arguments and load config (options, args) = config.parse_options(parser) diff --git a/bin/sampledata.sh b/bin/sampledata.sh index 134c5ea3..6f73e06c 100755 --- a/bin/sampledata.sh +++ b/bin/sampledata.sh @@ -43,7 +43,7 @@ ./keystone-manage $* baseURLs add RegionOne nova http://nova.publicinternets.com/v1.1/ http://127.0.0.1:8774/v1.1 http://localhost:8774/v1.1 1 ./keystone-manage $* baseURLs add RegionOne glance http://glance.publicinternets.com/v1.1/%tenant_id% http://nova.admin-nets.local/v1.1/%tenant_id% http://127.0.0.1:9292/v1.1/%tenant_id% 1 ./keystone-manage $* baseURLs add RegionOne cdn http://cdn.publicinternets.com/v1.1/%tenant_id% http://cdn.admin-nets.local/v1.1/%tenant_id% http://127.0.0.1:7777/v1.1/%tenant_id% 1 -./keystone-manage $* baseURLs add RegionOne keystone http://keystone.publicinternets.com/v2.0 http://127.0.0.1:8080/v2.0 http://127.0.0.1:80/v2.0 1 +./keystone-manage $* baseURLs add RegionOne keystone http://keystone.publicinternets.com/v2.0 http://127.0.0.1:8081/v2.0 http://127.0.0.1:8080/v2.0 1 # Groups #./keystone-manage $* group add Admin 1234 diff --git a/etc/keystone.conf b/etc/keystone.conf index d6b21f60..c0fa1353 100755 --- a/etc/keystone.conf +++ b/etc/keystone.conf @@ -32,7 +32,7 @@ service-header-mappings = {'nova' : 'X-Server-Management-Url' , 'swift' : 'X-Sto server_bind_host = 0.0.0.0 # Port the bind the API server to -server_bind_port = 80 +server_bind_port = 8080 [app:admin] paste.app_factory = keystone.server:admin_app_factory @@ -40,7 +40,7 @@ paste.app_factory = keystone.server:admin_app_factory bind_host = 0.0.0.0 # Port the bind the Admin API server to -bind_port = 8080 +bind_port = 8081 [app:server] paste.app_factory = keystone.server:app_factory diff --git a/examples/echo/echo/echo.ini b/examples/echo/echo/echo.ini index b654a13f..a7b95e9e 100644 --- a/examples/echo/echo/echo.ini +++ b/examples/echo/echo/echo.ini @@ -6,7 +6,7 @@ delay_auth_decision = 0 ;where to find the OpenStack service (if not in local WSGI chain) service_protocol = http service_host = 127.0.0.1 -service_port = 8080 +service_port = 8081 ;used to verify this component with the OpenStack service (or PAPIAuth) service_pass = dTpw @@ -23,7 +23,7 @@ pipeline = paste.filter_factory = keystone.auth_protocols.auth_token:filter_factory ;where to find the token auth service auth_host = 127.0.0.1 -auth_port = 8080 +auth_port = 8081 auth_protocol = http ;how to authenticate to the auth service for priviledged operations ;like validate token diff --git a/examples/echo/echo/echo_basic.ini b/examples/echo/echo/echo_basic.ini index 8436d883..65c85357 100644 --- a/examples/echo/echo/echo_basic.ini +++ b/examples/echo/echo/echo_basic.ini @@ -6,7 +6,7 @@ delay_auth_decision = 0 ;where to find the OpenStack service (if not in local WSGI chain) service_protocol = http service_host = 127.0.0.1 -service_port = 8080 +service_port = 8081 ;used to verify this component with the OpenStack service (or PAPIAuth) service_pass = dTpw @@ -23,7 +23,7 @@ pipeline = paste.filter_factory = keystone.auth_protocols.auth_token:filter_factory ;where to find the token auth service auth_host = 127.0.0.1 -auth_port = 8080 +auth_port = 8081 auth_protocol = http ;how to authenticate to the auth service for priviledged operations ;like validate token diff --git a/examples/echo/echo/echo_remote.ini b/examples/echo/echo/echo_remote.ini index 7418f574..d225f756 100644 --- a/examples/echo/echo/echo_remote.ini +++ b/examples/echo/echo/echo_remote.ini @@ -14,6 +14,6 @@ paste.filter_factory = keystone.middleware.remoteauth:filter_factory ; (otherwise we redirect call) remote_auth_pass = dTpw ;where to redirect untrusted calls to -auth_location = http://127.0.0.1:8080/ +auth_location = http://127.0.0.1:8081/ diff --git a/examples/paste/auth_token.ini b/examples/paste/auth_token.ini index 3154fc69..25f2cbbf 100644 --- a/examples/paste/auth_token.ini +++ b/examples/paste/auth_token.ini @@ -5,7 +5,7 @@ paste.app_factory = auth_token:app_factory auth_protocol = http auth_host = 127.0.0.1 -auth_port = 8080 +auth_port = 8081 admin_token = 999888777666 delay_auth_decision = 0 diff --git a/examples/paste/nova-api-paste.ini b/examples/paste/nova-api-paste.ini index 2082990d..b4a94557 100644 --- a/examples/paste/nova-api-paste.ini +++ b/examples/paste/nova-api-paste.ini @@ -86,9 +86,9 @@ paste.filter_factory = nova.api.openstack.auth:AuthMiddleware.factory paste.filter_factory = keystone.auth_protocols.auth_token:filter_factory service_protocol = http service_host = 127.0.0.1 -service_port = 8080 +service_port = 808 auth_host = 127.0.0.1 -auth_port = 8080 +auth_port = 8081 auth_protocol = http admin_token = 999888777666 diff --git a/keystone/test/unit/test_common.py b/keystone/test/unit/test_common.py index d05bf203..bfad2d62 100755 --- a/keystone/test/unit/test_common.py +++ b/keystone/test/unit/test_common.py @@ -26,8 +26,8 @@ import unittest -URL = 'http://localhost:8080/v2.0/' -URLv1 = 'http://localhost:80/v1.0/' +URL = 'http://localhost:8081/v2.0/' +URLv1 = 'http://localhost:8080/v1.0/' def get_token(user, pswd, tenant_id, kind=''): header = httplib2.Http(".cache") -- cgit From ac68fbdeeda0e91c5efa9d4c75f2f66ce3b980f2 Mon Sep 17 00:00:00 2001 From: Dolph Mathews Date: Tue, 21 Jun 2011 15:17:47 -0500 Subject: Issue 32: ./bin/keystone cannot be executed outside of bin/ --- etc/keystone.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/etc/keystone.conf b/etc/keystone.conf index c0fa1353..8efa5d7e 100755 --- a/etc/keystone.conf +++ b/etc/keystone.conf @@ -18,7 +18,7 @@ log_file = keystone.log # SQLAlchemy connection string for the reference implementation # registry server. Any valid SQLAlchemy connection string is fine. # See: http://www.sqlalchemy.org/docs/05/reference/sqlalchemy/connections.html#sqlalchemy.create_engine -sql_connection = sqlite:///../keystone/keystone.db +sql_connection = sqlite:///keystone.db # Period in seconds after which SQLAlchemy should reestablish its connection # to the database. -- cgit From 3c3e212baef8e56b53a64643bc374727c418e797 Mon Sep 17 00:00:00 2001 From: Dolph Mathews Date: Tue, 21 Jun 2011 15:18:09 -0500 Subject: (Related to) Issue 32: bin/sampledata.sh cannot be executed outside of bin/ --- bin/sampledata.sh | 70 +++++++++++++++++++++++++++---------------------------- 1 file changed, 35 insertions(+), 35 deletions(-) diff --git a/bin/sampledata.sh b/bin/sampledata.sh index 6f73e06c..719bb0bb 100755 --- a/bin/sampledata.sh +++ b/bin/sampledata.sh @@ -19,52 +19,52 @@ # under the License. # Tenants -./keystone-manage $* tenant add 1234 -./keystone-manage $* tenant add ANOTHER:TENANT -./keystone-manage $* tenant add 0000 -./keystone-manage $* tenant disable 0000 +`dirname $0`/keystone-manage $* tenant add 1234 +`dirname $0`/keystone-manage $* tenant add ANOTHER:TENANT +`dirname $0`/keystone-manage $* tenant add 0000 +`dirname $0`/keystone-manage $* tenant disable 0000 # Users -./keystone-manage $* user add joeuser secrete 1234 -./keystone-manage $* user add joeadmin secrete 1234 -./keystone-manage $* user add admin secrete 1234 -./keystone-manage $* user add disabled secrete 1234 -./keystone-manage $* user disable disabled +`dirname $0`/keystone-manage $* user add joeuser secrete 1234 +`dirname $0`/keystone-manage $* user add joeadmin secrete 1234 +`dirname $0`/keystone-manage $* user add admin secrete 1234 +`dirname $0`/keystone-manage $* user add disabled secrete 1234 +`dirname $0`/keystone-manage $* user disable disabled # Roles -./keystone-manage $* role add Admin -./keystone-manage $* role grant Admin admin -./keystone-manage $* role grant Admin joeadmin 1234 -./keystone-manage $* role grant Admin joeadmin ANOTHER:TENANT +`dirname $0`/keystone-manage $* role add Admin +`dirname $0`/keystone-manage $* role grant Admin admin +`dirname $0`/keystone-manage $* role grant Admin joeadmin 1234 +`dirname $0`/keystone-manage $* role grant Admin joeadmin ANOTHER:TENANT #BaseURLs -./keystone-manage $* baseURLs add RegionOne swift http://swift.publicinternets.com/v1/AUTH_%tenant_id% http://swift.admin-nets.local:8080/ http://127.0.0.1:8080/v1/AUTH_%tenant_id% 1 -./keystone-manage $* baseURLs add RegionOne nova_compat http://nova.publicinternets.com/v1.0/ http://127.0.0.1:8774/v1.0 http://localhost:8774/v1.0 1 -./keystone-manage $* baseURLs add RegionOne nova http://nova.publicinternets.com/v1.1/ http://127.0.0.1:8774/v1.1 http://localhost:8774/v1.1 1 -./keystone-manage $* baseURLs add RegionOne glance http://glance.publicinternets.com/v1.1/%tenant_id% http://nova.admin-nets.local/v1.1/%tenant_id% http://127.0.0.1:9292/v1.1/%tenant_id% 1 -./keystone-manage $* baseURLs add RegionOne cdn http://cdn.publicinternets.com/v1.1/%tenant_id% http://cdn.admin-nets.local/v1.1/%tenant_id% http://127.0.0.1:7777/v1.1/%tenant_id% 1 -./keystone-manage $* baseURLs add RegionOne keystone http://keystone.publicinternets.com/v2.0 http://127.0.0.1:8081/v2.0 http://127.0.0.1:8080/v2.0 1 +`dirname $0`/keystone-manage $* baseURLs add RegionOne swift http://swift.publicinternets.com/v1/AUTH_%tenant_id% http://swift.admin-nets.local:8080/ http://127.0.0.1:8080/v1/AUTH_%tenant_id% 1 +`dirname $0`/keystone-manage $* baseURLs add RegionOne nova_compat http://nova.publicinternets.com/v1.0/ http://127.0.0.1:8774/v1.0 http://localhost:8774/v1.0 1 +`dirname $0`/keystone-manage $* baseURLs add RegionOne nova http://nova.publicinternets.com/v1.1/ http://127.0.0.1:8774/v1.1 http://localhost:8774/v1.1 1 +`dirname $0`/keystone-manage $* baseURLs add RegionOne glance http://glance.publicinternets.com/v1.1/%tenant_id% http://nova.admin-nets.local/v1.1/%tenant_id% http://127.0.0.1:9292/v1.1/%tenant_id% 1 +`dirname $0`/keystone-manage $* baseURLs add RegionOne cdn http://cdn.publicinternets.com/v1.1/%tenant_id% http://cdn.admin-nets.local/v1.1/%tenant_id% http://127.0.0.1:7777/v1.1/%tenant_id% 1 +`dirname $0`/keystone-manage $* baseURLs add RegionOne keystone http://keystone.publicinternets.com/v2.0 http://127.0.0.1:8081/v2.0 http://127.0.0.1:8080/v2.0 1 # Groups -#./keystone-manage $* group add Admin 1234 -#./keystone-manage $* group add Default 1234 -#./keystone-manage $* group add Empty 0000 +#`dirname $0`/keystone-manage $* group add Admin 1234 +#`dirname $0`/keystone-manage $* group add Default 1234 +#`dirname $0`/keystone-manage $* group add Empty 0000 # User Group Associations -#./keystone-manage $* user joeuser join Default -#./keystone-manage $* user disabled join Default -#./keystone-manage $* user admin join Admin +#`dirname $0`/keystone-manage $* user joeuser join Default +#`dirname $0`/keystone-manage $* user disabled join Default +#`dirname $0`/keystone-manage $* user admin join Admin # Tokens -./keystone-manage $* token add 887665443383838 joeuser 1234 2012-02-05T00:00 -./keystone-manage $* token add 999888777666 admin 1234 2015-02-05T00:00 -./keystone-manage $* token add 000999 admin 1234 2010-02-05T00:00 -./keystone-manage $* token add 999888777 disabled 1234 2015-02-05T00:00 +`dirname $0`/keystone-manage $* token add 887665443383838 joeuser 1234 2012-02-05T00:00 +`dirname $0`/keystone-manage $* token add 999888777666 admin 1234 2015-02-05T00:00 +`dirname $0`/keystone-manage $* token add 000999 admin 1234 2010-02-05T00:00 +`dirname $0`/keystone-manage $* token add 999888777 disabled 1234 2015-02-05T00:00 #Tenant base urls -./keystone-manage $* tenant_baseURL add 1234 1 -./keystone-manage $* tenant_baseURL add 1234 2 -./keystone-manage $* tenant_baseURL add 1234 3 -./keystone-manage $* tenant_baseURL add 1234 4 -./keystone-manage $* tenant_baseURL add 1234 5 -./keystone-manage $* tenant_baseURL add 1234 6 +`dirname $0`/keystone-manage $* tenant_baseURL add 1234 1 +`dirname $0`/keystone-manage $* tenant_baseURL add 1234 2 +`dirname $0`/keystone-manage $* tenant_baseURL add 1234 3 +`dirname $0`/keystone-manage $* tenant_baseURL add 1234 4 +`dirname $0`/keystone-manage $* tenant_baseURL add 1234 5 +`dirname $0`/keystone-manage $* tenant_baseURL add 1234 6 -- cgit From 7e706eb1c59d18b7448a81d9483ad268b0c29e84 Mon Sep 17 00:00:00 2001 From: Dolph Mathews Date: Tue, 21 Jun 2011 15:20:58 -0500 Subject: Issue 32: Updated readme to reflect fix for issue 32 (removed 'cd bin' prefixes before several commands) --- README.md | 25 ++++++++----------------- 1 file changed, 8 insertions(+), 17 deletions(-) diff --git a/README.md b/README.md index 82037e89..2788b8cb 100644 --- a/README.md +++ b/README.md @@ -46,8 +46,7 @@ documents the APIs to call and how to use them. #### Starting services Starting both Admin and Service API endpoints: - $ cd bin - $ ./keystone + $ ./bin/keystone # For Keystone Contributors @@ -100,18 +99,15 @@ $ pip install -r tools/pip-requires-dev Starting both Admin and Service API endpoints: - $ cd bin - $ ./keystone + $ ./bin/keystone Starting the auth server only (exposes the Service API): - $ cd bin - $ ./keystone-auth + $ ./bin/keystone-auth Starting the admin server only (exposes the Admin API): - $ cd bin - $ ./keystone-admin + $ ./bin/keystone-admin By default, configuration parameters (such as the IP and port binding for each service) are parsed from `etc/keystone.conf`. @@ -122,8 +118,7 @@ Before running tests, ensure you have installed the testing dependencies as desc #### Test data A set of sample data can be added by running a shell script: - $ cd bin - $ ./sampledata.sh + $ ./bin/sampledata.sh The script calls `keystone-manage` to create the sample data. @@ -137,21 +132,17 @@ To run client demo (with all auth middleware running locally on sample service): #### Unit Tests -Prepare to run unit tests by changing to the unit test directory: - - $ cd keystone/test/unit - There are 10 groups of tests. They can be run individually or as an entire colection. To run the entire test suite run: - $ python test_keystone.py + $ python keystone/test/unit/test_keystone.py A test can also be run individually, e.g.: - $ python test_token.py + $ python keystone/test/unit/test_token.py For more on unit testing please refer to: - $ python test_keystone.py --help + $ python keystone/test/unit/test_keystone.py --help #### API Validation -- cgit