From 4453021476fac599c0cee126b6eaa426d4878145 Mon Sep 17 00:00:00 2001
From: "Kevin L. Mitchell" <kevin.mitchell@rackspace.com>
Date: Fri, 18 Mar 2011 02:09:46 +0000
Subject: Copy over to current trunk my tests, the 401/500 fix, and a couple of
 fixes to the committed fix which was actually brittle around the edges...

---
 nova/api/openstack/auth.py            |  8 ++++++--
 nova/db/api.py                        |  5 +++++
 nova/db/sqlalchemy/api.py             | 14 ++++++++++++--
 nova/tests/api/openstack/test_auth.py | 28 ++++++++++++++++++++++++++++
 4 files changed, 51 insertions(+), 4 deletions(-)

(limited to 'nova')

diff --git a/nova/api/openstack/auth.py b/nova/api/openstack/auth.py
index dff69a7f2..6011e6115 100644
--- a/nova/api/openstack/auth.py
+++ b/nova/api/openstack/auth.py
@@ -26,6 +26,7 @@ import webob.dec
 from nova import auth
 from nova import context
 from nova import db
+from nova import exception
 from nova import flags
 from nova import manager
 from nova import utils
@@ -103,11 +104,14 @@ class AuthMiddleware(wsgi.Middleware):
         2 days ago.
         """
         ctxt = context.get_admin_context()
-        token = self.db.auth_token_get(ctxt, token_hash)
+        try:
+            token = self.db.auth_token_get(ctxt, token_hash)
+        except exception.NotFound:
+            return None
         if token:
             delta = datetime.datetime.now() - token.created_at
             if delta.days >= 2:
-                self.db.auth_token_destroy(ctxt, token.id)
+                self.db.auth_token_destroy(ctxt, token.token_hash)
             else:
                 return self.auth.get_user(token.user_id)
         return None
diff --git a/nova/db/api.py b/nova/db/api.py
index 4c7eb857f..dcaf55e8f 100644
--- a/nova/db/api.py
+++ b/nova/db/api.py
@@ -640,6 +640,11 @@ def auth_token_get(context, token_hash):
     return IMPL.auth_token_get(context, token_hash)
 
 
+def auth_token_update(context, token_hash, values):
+    """Updates a token given the hash representing it."""
+    return IMPL.auth_token_update(context, token_hash, values)
+
+
 def auth_token_create(context, token):
     """Creates a new token."""
     return IMPL.auth_token_create(context, token)
diff --git a/nova/db/sqlalchemy/api.py b/nova/db/sqlalchemy/api.py
index 0be08c4d1..6df2a8843 100644
--- a/nova/db/sqlalchemy/api.py
+++ b/nova/db/sqlalchemy/api.py
@@ -1270,8 +1270,9 @@ def auth_token_destroy(context, token_id):
 
 
 @require_admin_context
-def auth_token_get(context, token_hash):
-    session = get_session()
+def auth_token_get(context, token_hash, session=None):
+    if session is None:
+        session = get_session()
     tk = session.query(models.AuthToken).\
                   filter_by(token_hash=token_hash).\
                   filter_by(deleted=can_read_deleted(context)).\
@@ -1281,6 +1282,15 @@ def auth_token_get(context, token_hash):
     return tk
 
 
+@require_admin_context
+def auth_token_update(context, token_hash, values):
+    session = get_session()
+    with session.begin():
+        token_ref = auth_token_get(context, token_hash, session=session)
+        token_ref.update(values)
+        token_ref.save(session=session)
+
+
 @require_admin_context
 def auth_token_create(_context, token):
     tk = models.AuthToken()
diff --git a/nova/tests/api/openstack/test_auth.py b/nova/tests/api/openstack/test_auth.py
index 86dfb110f..c42c12f7b 100644
--- a/nova/tests/api/openstack/test_auth.py
+++ b/nova/tests/api/openstack/test_auth.py
@@ -26,6 +26,7 @@ import nova.api.openstack.auth
 import nova.auth.manager
 from nova import auth
 from nova import context
+from nova import db
 from nova import test
 from nova.tests.api.openstack import fakes
 
@@ -130,6 +131,33 @@ class Test(test.TestCase):
         self.assertEqual(result.status, '401 Unauthorized')
 
 
+class TestFunctional(test.TestCase):
+    def test_token_lp718999(self):
+        ctx = context.get_admin_context()
+        tok = db.auth_token_create(ctx, dict(
+                token_hash='bacon',
+                cdn_management_url='',
+                server_management_url='',
+                storage_url='',
+                user_id='ham',
+                ))
+
+        db.auth_token_update(ctx, tok.token_hash, dict(
+                created_at=datetime.datetime(2000, 1, 1, 12, 0, 0),
+                ))
+
+        req = webob.Request.blank('/v1.0/')
+        req.headers['X-Auth-Token'] = 'bacon'
+        result = req.get_response(fakes.wsgi_app())
+        self.assertEqual(result.status, '401 Unauthorized')
+
+    def test_token_doesnotexist(self):
+        req = webob.Request.blank('/v1.0/')
+        req.headers['X-Auth-Token'] = 'ham'
+        result = req.get_response(fakes.wsgi_app())
+        self.assertEqual(result.status, '401 Unauthorized')
+
+
 class TestLimiter(test.TestCase):
     def setUp(self):
         super(TestLimiter, self).setUp()
-- 
cgit 


From fa6778586ab303f9e65aa3c50b80d20a4f097c6f Mon Sep 17 00:00:00 2001
From: "Kevin L. Mitchell" <kevin.mitchell@rackspace.com>
Date: Mon, 21 Mar 2011 00:41:23 +0000
Subject: Rename test to describe what it actually does

---
 nova/tests/api/openstack/test_auth.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'nova')

diff --git a/nova/tests/api/openstack/test_auth.py b/nova/tests/api/openstack/test_auth.py
index c42c12f7b..ff8d42a14 100644
--- a/nova/tests/api/openstack/test_auth.py
+++ b/nova/tests/api/openstack/test_auth.py
@@ -132,7 +132,7 @@ class Test(test.TestCase):
 
 
 class TestFunctional(test.TestCase):
-    def test_token_lp718999(self):
+    def test_token_expiry(self):
         ctx = context.get_admin_context()
         tok = db.auth_token_create(ctx, dict(
                 token_hash='bacon',
-- 
cgit