From fd1e7306f39b04a2b08d7c1992c6d21746248c09 Mon Sep 17 00:00:00 2001 From: Yogeshwar Srikrishnan Date: Tue, 27 Sep 2011 14:30:22 -0500 Subject: Changes to support authenticate call to accept token as per agreed format. Change-Id: I3853de4201f8bb421ee22f4e9e936d7f0ee52a5f --- keystone/logic/types/auth.py | 19 ++++++++++++------- keystone/test/functional/test_auth.py | 14 ++++++++++---- 2 files changed, 22 insertions(+), 11 deletions(-) diff --git a/keystone/logic/types/auth.py b/keystone/logic/types/auth.py index b6022c11..684f48e7 100755 --- a/keystone/logic/types/auth.py +++ b/keystone/logic/types/auth.py @@ -34,13 +34,16 @@ class AuthWithUnscopedToken(object): "auth") if root == None: raise fault.BadRequestFault("Expecting auth") - - token_id = root.get("tokenId") - tenant_id = root.get("tenantId") - + token = \ + root.find("{http://docs.openstack.org/identity/api/v2.0}" + "token") + if token is None: + raise fault.BadRequestFault("Expecting token") + token_id = token.get("id") if token_id is None: raise fault.BadRequestFault("Expecting a token id") + tenant_id = root.get("tenantId") if tenant_id is None: raise fault.BadRequestFault("Expecting a tenant id") @@ -52,16 +55,18 @@ class AuthWithUnscopedToken(object): def from_json(json_str): try: obj = json.loads(json_str) - if not obj.get("auth"): raise fault.BadRequestFault("Expecting auth") - if not obj['auth'].get("tokenId"): + if not "token" in obj.get("auth"): + raise fault.BadRequestFault("Expecting token") + token = obj['auth']['token'] + if not token.get("id"): raise fault.BadRequestFault("Expecting token id") if not obj['auth'].get("tenantId"): raise fault.BadRequestFault("Expecting tenant id") tenant_id = obj["auth"]["tenantId"] - token_id = obj["auth"]["tokenId"] + token_id = obj["auth"]["token"]["id"] return AuthWithUnscopedToken(token_id, tenant_id) except (ValueError, TypeError) as e: diff --git a/keystone/test/functional/test_auth.py b/keystone/test/functional/test_auth.py index de954176..37830632 100644 --- a/keystone/test/functional/test_auth.py +++ b/keystone/test/functional/test_auth.py @@ -39,7 +39,9 @@ class TestAdminAuthenticationNegative(common.FunctionalTestCase): # Try to authenticate for this tenant access = self.post_token(as_json={ 'auth': { - 'tokenId': self.admin_token, + 'token': { + 'id': self.admin_token + }, 'tenantId': tenant['id']}}).json['access'] self.assertEqual(access['token']['tenant']['id'], tenant['id']) @@ -51,8 +53,10 @@ class TestAdminAuthenticationNegative(common.FunctionalTestCase): # Try (and fail) to authenticate for this tenant self.post_token(as_json={ 'auth': { - 'tokenId': self.admin_token, - 'tenantId': tenant['id']}}, assert_status=401) + 'token': { + 'id': self.admin_token + }, + 'tenantId': tenant['id']}}, assert_status=401) def test_service_token_as_admin_token(self): """Admin actions should fail for mere service tokens""" @@ -141,7 +145,9 @@ class TestServiceAuthentication(common.FunctionalTestCase): # We can now get a token scoped to our tenant scoped = self.post_token(as_json={ 'auth': { - 'tokenId': unscoped['token']['id'], + 'token': { + 'id': unscoped['token']['id'] + }, 'tenantId': tenant['id']}}).json['access'] self.assertEqual(scoped['token']['tenant']['id'], tenant['id']) -- cgit