1
package identityservice
10
gc "gopkg.in/check.v1"
12
"gopkg.in/goose.v1/testing/httpsuite"
15
type V3UserPassSuite struct {
19
var _ = gc.Suite(&V3UserPassSuite{})
21
func makeV3UserPass(user, secret string) (identity *V3UserPass) {
22
identity = NewV3UserPass()
23
// Ensure that it conforms to the interface
24
var _ IdentityService = identity
26
identity.AddUser(user, secret, "tenant")
31
func (s *V3UserPassSuite) setupUserPass(user, secret string) {
32
var identity *V3UserPass
33
identity = makeV3UserPass(user, secret)
34
identity.SetupHTTP(s.Mux)
38
func (s *V3UserPassSuite) setupUserPassWithServices(user, secret string, services []Service) {
39
var identity *V3UserPass
40
identity = makeV3UserPass(user, secret)
41
for _, service := range services {
42
identity.AddService(service)
44
identity.SetupHTTP(s.Mux)
48
var v3AuthTemplate = `{
51
"method":["password"],
65
func v3UserPassAuthRequest(URL, user, key string) (*http.Response, error) {
66
client := http.DefaultClient
67
body := strings.NewReader(fmt.Sprintf(v3AuthTemplate, user, key))
68
request, err := http.NewRequest("POST", URL+"/v3/auth/tokens", body)
69
request.Header.Set("Content-Type", "application/json")
73
return client.Do(request)
76
func (s *V3UserPassSuite) TestNotJSON(c *gc.C) {
77
// We do everything in userPassAuthRequest, except set the Content-Type
78
s.setupUserPass("user", "secret")
79
client := http.DefaultClient
80
body := strings.NewReader(fmt.Sprintf(authTemplate, "user", "secret"))
81
request, err := http.NewRequest("POST", s.Server.URL+"/v3/auth/tokens", body)
82
c.Assert(err, gc.IsNil)
83
res, err := client.Do(request)
84
defer res.Body.Close()
85
c.Assert(err, gc.IsNil)
86
CheckErrorResponse(c, res, http.StatusBadRequest, notJSON)
89
func (s *V3UserPassSuite) TestBadJSON(c *gc.C) {
90
// We do everything in userPassAuthRequest, except set the Content-Type
91
s.setupUserPass("user", "secret")
92
res, err := v3UserPassAuthRequest(s.Server.URL, "garbage\"in", "secret")
93
defer res.Body.Close()
94
c.Assert(err, gc.IsNil)
95
CheckErrorResponse(c, res, http.StatusBadRequest, notJSON)
98
func (s *V3UserPassSuite) TestNoSuchUser(c *gc.C) {
99
s.setupUserPass("user", "secret")
100
res, err := v3UserPassAuthRequest(s.Server.URL, "not-user", "secret")
101
defer res.Body.Close()
102
c.Assert(err, gc.IsNil)
103
CheckErrorResponse(c, res, http.StatusUnauthorized, notAuthorized)
106
func (s *V3UserPassSuite) TestBadPassword(c *gc.C) {
107
s.setupUserPass("user", "secret")
108
res, err := v3UserPassAuthRequest(s.Server.URL, "user", "not-secret")
109
defer res.Body.Close()
110
c.Assert(err, gc.IsNil)
111
CheckErrorResponse(c, res, http.StatusUnauthorized, invalidUser)
114
func (s *V3UserPassSuite) TestValidAuthorization(c *gc.C) {
115
compute_url := "http://testing.invalid/compute"
116
s.setupUserPassWithServices("user", "secret", []Service{
117
{V3: V3Service{Name: "nova", Type: "compute", Endpoints: NewV3Endpoints("", "", compute_url, "")}}})
118
res, err := v3UserPassAuthRequest(s.Server.URL, "user", "secret")
119
defer res.Body.Close()
120
c.Assert(err, gc.IsNil)
121
c.Check(res.StatusCode, gc.Equals, http.StatusCreated)
122
c.Check(res.Header.Get("Content-Type"), gc.Equals, "application/json")
123
content, err := ioutil.ReadAll(res.Body)
124
c.Assert(err, gc.IsNil)
125
var response struct {
126
Token V3TokenResponse `json:"token"`
128
err = json.Unmarshal(content, &response)
129
c.Assert(err, gc.IsNil)
130
c.Check(res.Header.Get("X-Subject-Token"), gc.Not(gc.Equals), "")
132
for _, service := range response.Token.Catalog {
133
if service.Type == "compute" {
134
for _, ep := range service.Endpoints {
135
if ep.Interface == "public" {
143
c.Assert(novaURL, gc.Equals, compute_url)