From 7cc8c6cbc1e1c19d1704e9bda25b6a2da8097bd5 Mon Sep 17 00:00:00 2001 From: Jay Pipes Date: Sun, 5 Jun 2011 12:56:34 -0400 Subject: Add test verifying a missing tenantId key in the password creds works properly in JSON --- test/unit/test_authn_v2.py | 36 ++++++++++++++++++++++++++++++++++++ 1 file changed, 36 insertions(+) diff --git a/test/unit/test_authn_v2.py b/test/unit/test_authn_v2.py index 284cb7b6..2ec2e07a 100644 --- a/test/unit/test_authn_v2.py +++ b/test/unit/test_authn_v2.py @@ -91,6 +91,42 @@ class TestAuthnV2(base.ServiceAPITest): expires=self.expires, token_id='NOTENANTTOKEN') + url = "/tokens" + req = self.get_request('POST', url) + body = { + "passwordCredentials": { + "username": self.auth_user['id'], + "password": self.auth_user['password'] + } + } + req.body = json.dumps(body) + self.get_response() + self.status_ok() + + expected = { + u'auth': { + u'token': { + u'expires': self.expires.strftime("%Y-%m-%dT%H:%M:%S.%f"), + u'id': 'NOTENANTTOKEN' + } + } + } + self.assert_dict_equal(expected, json.loads(self.res.body)) + + @jsonify + def test_success_none_tenant_json(self): + """ + Test that supplying an existing user/pass, with a tenant ID of None + in the password credentials results in a 200 OK but a token not + matching the token with a tenant attached to it. + """ + # Create a special token for user with no tenant + auth_token = self.fixture_create_token( + user_id=self.auth_user['id'], + tenant_id=None, + expires=self.expires, + token_id='NOTENANTTOKEN') + url = "/tokens" req = self.get_request('POST', url) body = { -- cgit From 9a09871daab263e2be6ef33ea95f866d46649fe5 Mon Sep 17 00:00:00 2001 From: Jay Pipes Date: Sun, 5 Jun 2011 13:19:13 -0400 Subject: Add Admin API tests for v2 authentication --- test/unit/test_authn_v2.py | 43 ++++++++++++++++++++++++++----------------- 1 file changed, 26 insertions(+), 17 deletions(-) diff --git a/test/unit/test_authn_v2.py b/test/unit/test_authn_v2.py index 2ec2e07a..9ce62a4e 100644 --- a/test/unit/test_authn_v2.py +++ b/test/unit/test_authn_v2.py @@ -17,9 +17,9 @@ import json import logging +from keystone import server from test.unit import base from test.unit.decorators import jsonify, xmlify -from test.unit import test_common as utils logger = logging.getLogger('test.unit.test_authn_v2') @@ -27,12 +27,12 @@ logger = logging.getLogger('test.unit.test_authn_v2') class TestAuthnV2(base.ServiceAPITest): """ - Tests for the /v2.0/tokens auth endpoint + Tests for the /v2.0/tokens auth endpoint with main service API """ api_version = '2.0' - def test_get_fails(self): + def test_authn_get_fails(self): """ Test for GH issue #5. GET /tokens works when it should not """ @@ -50,7 +50,7 @@ class TestAuthnV2(base.ServiceAPITest): self.status_not_found() @jsonify - def test_success_json(self): + def test_authn_success_json(self): """ Test that good password credentials returns a 200 OK """ @@ -78,7 +78,7 @@ class TestAuthnV2(base.ServiceAPITest): self.assert_dict_equal(expected, json.loads(self.res.body)) @jsonify - def test_success_missing_tenant_json(self): + def test_authn_success_missing_tenant_json(self): """ Test that supplying an existing user/pass, with a missing tenant ID in the password credentials results in a 200 OK but a token not @@ -114,7 +114,7 @@ class TestAuthnV2(base.ServiceAPITest): self.assert_dict_equal(expected, json.loads(self.res.body)) @jsonify - def test_success_none_tenant_json(self): + def test_authn_success_none_tenant_json(self): """ Test that supplying an existing user/pass, with a tenant ID of None in the password credentials results in a 200 OK but a token not @@ -151,7 +151,7 @@ class TestAuthnV2(base.ServiceAPITest): self.assert_dict_equal(expected, json.loads(self.res.body)) @jsonify - def test_malformed_creds_json(self): + def test_authn_malformed_creds_json(self): """ Test that supplying a malformed password credentials results in a 400 Bad Request @@ -170,7 +170,7 @@ class TestAuthnV2(base.ServiceAPITest): self.status_bad_request() @jsonify - def test_user_not_found_json(self): + def test_authn_user_not_found_json(self): """ Test that supplying a non-existing user in the password credentials results in a 401 Unauthorized @@ -189,7 +189,7 @@ class TestAuthnV2(base.ServiceAPITest): self.status_unauthorized() @jsonify - def test_user_missing_json(self): + def test_authn_user_missing_json(self): """ Test that supplying a missing user in the password credentials results in a 401 Unauthorized @@ -208,7 +208,7 @@ class TestAuthnV2(base.ServiceAPITest): self.status_unauthorized() @jsonify - def test_bad_pass_json(self): + def test_authn_bad_pass_json(self): """ Test that supplying an existing user and a bad password in the password credentials results in a 401 Unauthorized @@ -227,7 +227,7 @@ class TestAuthnV2(base.ServiceAPITest): self.status_unauthorized() @jsonify - def test_bad_tenant_json(self): + def test_authn_bad_tenant_json(self): """ Test that supplying an existing user/pass, with a bad tenant ID in the password credentials results in a 401 Unauthorized @@ -246,7 +246,7 @@ class TestAuthnV2(base.ServiceAPITest): self.status_unauthorized() @xmlify - def test_success_xml(self): + def test_authn_success_xml(self): """ Test that good password credentials returns a 200 OK """ @@ -271,7 +271,7 @@ class TestAuthnV2(base.ServiceAPITest): self.assert_xml_strings_equal(expected, self.res.body) @xmlify - def test_success_missing_tenant_xml(self): + def test_authn_success_missing_tenant_xml(self): """ Test that supplying an existing user/pass, with a missing tenant ID in the password credentials results in a 200 OK but a token not @@ -322,7 +322,7 @@ class TestAuthnV2(base.ServiceAPITest): self.status_bad_request() @xmlify - def test_user_not_found_xml(self): + def test_authn_user_not_found_xml(self): """ Test that supplying a non-existing user in the password credentials results in a 401 Unauthorized @@ -340,7 +340,7 @@ class TestAuthnV2(base.ServiceAPITest): self.status_unauthorized() @xmlify - def test_user_missing_xml(self): + def test_authn_user_missing_xml(self): """ Test that supplying a missing user in the password credentials results in a 400 Bad Request @@ -357,7 +357,7 @@ class TestAuthnV2(base.ServiceAPITest): self.status_bad_request() @xmlify - def test_bad_pass_xml(self): + def test_authn_bad_pass_xml(self): """ Test that supplying a bad password in the password credentials results in a 401 Unauthorized @@ -375,7 +375,7 @@ class TestAuthnV2(base.ServiceAPITest): self.status_unauthorized() @xmlify - def test_bad_tenant_xml(self): + def test_authn_bad_tenant_xml(self): """ Test that supplying a bad tenant in the password credentials results in a 401 Unauthorized @@ -391,3 +391,12 @@ class TestAuthnV2(base.ServiceAPITest): 'badtenant') self.get_response() self.status_unauthorized() + + +class TestAdminAuthnV2(TestAuthnV2): + + """ + Tests for the /v2.0/tokens auth endpoint with admin API + """ + + api_class = server.KeystoneAdminAPI -- cgit From 888ab199746ed6f964222f752d21b30cf23f8cfa Mon Sep 17 00:00:00 2001 From: Jay Pipes Date: Sun, 5 Jun 2011 14:23:49 -0400 Subject: Add success test for GET /v2.0/tokens/ in json and xml --- test/unit/test_authn_v2.py | 79 ++++++++++++++++++++++++++++++++++++++++------ 1 file changed, 70 insertions(+), 9 deletions(-) diff --git a/test/unit/test_authn_v2.py b/test/unit/test_authn_v2.py index 9ce62a4e..af9d725b 100644 --- a/test/unit/test_authn_v2.py +++ b/test/unit/test_authn_v2.py @@ -24,13 +24,7 @@ from test.unit.decorators import jsonify, xmlify logger = logging.getLogger('test.unit.test_authn_v2') -class TestAuthnV2(base.ServiceAPITest): - - """ - Tests for the /v2.0/tokens auth endpoint with main service API - """ - - api_version = '2.0' +class AuthnMethods(object): def test_authn_get_fails(self): """ @@ -393,10 +387,77 @@ class TestAuthnV2(base.ServiceAPITest): self.status_unauthorized() -class TestAdminAuthnV2(TestAuthnV2): +class TestAuthnV2(base.ServiceAPITest, AuthnMethods): + + """ + Tests for the /v2.0/tokens auth endpoint with main service API + """ + + +class TestAdminAuthnV2(base.AdminAPITest, AuthnMethods): """ Tests for the /v2.0/tokens auth endpoint with admin API """ - api_class = server.KeystoneAdminAPI + @jsonify + def test_validate_token_json(self): + """ + Test successful validation of the token we use in authn + """ + url = "/tokens/%s" % self.auth_token_id + headers = {"X-Auth-Token": self.auth_token_id} + req = self.get_request('GET', url, headers) + self.get_response() + self.status_ok() + + expected = { + "auth": { + "token": { + u'expires': self.expires.strftime("%Y-%m-%dT%H:%M:%S.%f"), + u'id': self.auth_token_id, + "tenantId": self.auth_user['tenant_id'] + }, + "user": { + "username": self.auth_user['id'], + "tenantId": self.auth_user['tenant_id'], + "roleRefs": [] + } + } + } + for user_role in self.auth_user['roles']: + expected["auth"]["user"]["roleRefs"].append( + {"roleId": user_role['role_id'], "id": user_role['id']}) + self.assert_dict_equal(expected, json.loads(self.res.body)) + + @xmlify + def test_validate_token_xml(self): + """ + Test successful validation of the token we use in authn + """ + url = "/tokens/%s" % self.auth_token_id + headers = {"X-Auth-Token": self.auth_token_id} + req = self.get_request('GET', url, headers) + self.get_response() + self.status_ok() + + expected = """ + + + + """ % ( + self.expires.strftime("%Y-%m-%dT%H:%M:%S.%f"), + self.auth_token_id, + self.auth_user['tenant_id'], + self.auth_user['id'], + self.auth_user['tenant_id']) + + for user_role in self.auth_user['roles']: + expected = expected + """ + """ % (user_role['id'], + user_role['role_id']) + expected = expected + """ + + """ + self.assert_xml_strings_equal(expected, self.res.body) -- cgit From 68c5752ee3037a79b4d57f236afccf16ad901f99 Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Tue, 7 Jun 2011 20:09:43 -0700 Subject: keystone repo is now at github.com/rackspace/keystone --- docs/swift-quick-start.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/swift-quick-start.txt b/docs/swift-quick-start.txt index 50b380d8..f201327b 100644 --- a/docs/swift-quick-start.txt +++ b/docs/swift-quick-start.txt @@ -7,7 +7,7 @@ Quick Start to Integrating Swift and Keystone 2. Obtain and install a source copy of Keystone:: - git clone https://github.com/khussein/keystone.git ~/keystone + git clone https://github.com/rackspace/keystone.git ~/keystone cd ~/keystone && sudo python setup.py develop 3. Move included configuration out of the way:: -- cgit