"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "keystone/tests/unit/test_v3_auth.py" between
keystone-16.0.0.tar.gz and keystone-16.0.1.tar.gz

About: OpenStack Keystone (Core Service: Identity) provides an authentication and authorization service for other OpenStack services. Provides a catalog of endpoints for all OpenStack services.
The "Train" series (latest release).

test_v3_auth.py  (keystone-16.0.0):test_v3_auth.py  (keystone-16.0.1)
skipping to change at line 2873 skipping to change at line 2873
# Disable the trustor # Disable the trustor
trustor_update_ref = dict(enabled=False) trustor_update_ref = dict(enabled=False)
PROVIDERS.identity_api.update_user(self.user['id'], trustor_update_ref) PROVIDERS.identity_api.update_user(self.user['id'], trustor_update_ref)
# Ensure validating a token for a disabled user fails # Ensure validating a token for a disabled user fails
self._validate_token( self._validate_token(
trust_scoped_token, trust_scoped_token,
expected_status=http_client.FORBIDDEN expected_status=http_client.FORBIDDEN
) )
class TestTokenRevokeSelfAndAdmin(test_v3.RestfulTestCase):
"""Test token revoke using v3 Identity API by token owner and admin."""
def load_sample_data(self):
"""Load Sample Data for Test Cases.
Two domains, domainA and domainB
Two users in domainA, userNormalA and userAdminA
One user in domainB, userAdminB
"""
super(TestTokenRevokeSelfAndAdmin, self).load_sample_data()
# DomainA setup
self.domainA = unit.new_domain_ref()
PROVIDERS.resource_api.create_domain(self.domainA['id'], self.domainA)
self.userAdminA = unit.create_user(PROVIDERS.identity_api,
domain_id=self.domainA['id'])
self.userNormalA = unit.create_user(PROVIDERS.identity_api,
domain_id=self.domainA['id'])
PROVIDERS.assignment_api.create_grant(
self.role['id'], user_id=self.userAdminA['id'],
domain_id=self.domainA['id']
)
def test_user_revokes_own_token(self):
user_token = self.get_requested_token(
self.build_authentication_request(
user_id=self.userNormalA['id'],
password=self.userNormalA['password'],
user_domain_id=self.domainA['id']))
self.assertNotEmpty(user_token)
headers = {'X-Subject-Token': user_token}
adminA_token = self.get_requested_token(
self.build_authentication_request(
user_id=self.userAdminA['id'],
password=self.userAdminA['password'],
domain_name=self.domainA['name']))
self.head('/auth/tokens', headers=headers,
expected_status=http_client.OK,
token=adminA_token)
self.head('/auth/tokens', headers=headers,
expected_status=http_client.OK,
token=user_token)
self.delete('/auth/tokens', headers=headers,
token=user_token)
# invalid X-Auth-Token and invalid X-Subject-Token
self.head('/auth/tokens', headers=headers,
expected_status=http_client.UNAUTHORIZED,
token=user_token)
# invalid X-Auth-Token and invalid X-Subject-Token
self.delete('/auth/tokens', headers=headers,
expected_status=http_client.UNAUTHORIZED,
token=user_token)
# valid X-Auth-Token and invalid X-Subject-Token
self.delete('/auth/tokens', headers=headers,
expected_status=http_client.NOT_FOUND,
token=adminA_token)
# valid X-Auth-Token and invalid X-Subject-Token
self.head('/auth/tokens', headers=headers,
expected_status=http_client.NOT_FOUND,
token=adminA_token)
def test_adminA_revokes_userA_token(self):
user_token = self.get_requested_token(
self.build_authentication_request(
user_id=self.userNormalA['id'],
password=self.userNormalA['password'],
user_domain_id=self.domainA['id']))
self.assertNotEmpty(user_token)
headers = {'X-Subject-Token': user_token}
adminA_token = self.get_requested_token(
self.build_authentication_request(
user_id=self.userAdminA['id'],
password=self.userAdminA['password'],
domain_name=self.domainA['name']))
self.head('/auth/tokens', headers=headers,
expected_status=http_client.OK,
token=adminA_token)
self.head('/auth/tokens', headers=headers,
expected_status=http_client.OK,
token=user_token)
self.delete('/auth/tokens', headers=headers,
token=adminA_token)
# invalid X-Auth-Token and invalid X-Subject-Token
self.head('/auth/tokens', headers=headers,
expected_status=http_client.UNAUTHORIZED,
token=user_token)
# valid X-Auth-Token and invalid X-Subject-Token
self.delete('/auth/tokens', headers=headers,
expected_status=http_client.NOT_FOUND,
token=adminA_token)
# valid X-Auth-Token and invalid X-Subject-Token
self.head('/auth/tokens', headers=headers,
expected_status=http_client.NOT_FOUND,
token=adminA_token)
class TestTokenRevokeById(test_v3.RestfulTestCase): class TestTokenRevokeById(test_v3.RestfulTestCase):
"""Test token revocation on the v3 Identity API.""" """Test token revocation on the v3 Identity API."""
def config_overrides(self): def config_overrides(self):
super(TestTokenRevokeById, self).config_overrides() super(TestTokenRevokeById, self).config_overrides()
self.config_fixture.config( self.config_fixture.config(
group='token', group='token',
provider='fernet', provider='fernet',
revoke_by_id=False) revoke_by_id=False)
self.useFixture( self.useFixture(
 End of changes. 1 change blocks. 
103 lines changed or deleted 0 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)