1
package identityservice
10
gc "gopkg.in/check.v1"
12
"gopkg.in/goose.v1/testing/httpsuite"
15
type KeyPairSuite struct {
19
var _ = gc.Suite(&KeyPairSuite{})
21
func makeKeyPair(user, secret string) (identity *KeyPair) {
22
identity = NewKeyPair()
23
// Ensure that it conforms to the interface
24
var _ IdentityService = identity
26
identity.AddUser(user, secret, "tenant")
31
func (s *KeyPairSuite) setupKeyPair(user, secret string) {
33
identity = makeKeyPair(user, secret)
34
identity.SetupHTTP(s.Mux)
38
func (s *KeyPairSuite) setupKeyPairWithServices(user, secret string, services []Service) {
40
identity = makeKeyPair(user, secret)
41
for _, service := range services {
42
identity.AddService(service)
44
identity.SetupHTTP(s.Mux)
48
const authKeyPairTemplate = `{
50
"tenantName": "tenant-something",
51
"apiAccessKeyCredentials": {
58
func keyPairAuthRequest(URL, access, secret string) (*http.Response, error) {
59
client := http.DefaultClient
60
body := strings.NewReader(fmt.Sprintf(authKeyPairTemplate, access, secret))
61
request, err := http.NewRequest("POST", URL+"/tokens", body)
62
request.Header.Set("Content-Type", "application/json")
66
return client.Do(request)
69
func (s *KeyPairSuite) TestNotJSON(c *gc.C) {
70
// We do everything in keyPairAuthRequest, except set the Content-Type
71
s.setupKeyPair("user", "secret")
72
client := http.DefaultClient
73
body := strings.NewReader(fmt.Sprintf(authTemplate, "user", "secret"))
74
request, err := http.NewRequest("POST", s.Server.URL+"/tokens", body)
75
c.Assert(err, gc.IsNil)
76
res, err := client.Do(request)
77
defer res.Body.Close()
78
c.Assert(err, gc.IsNil)
79
CheckErrorResponse(c, res, http.StatusBadRequest, notJSON)
82
func (s *KeyPairSuite) TestBadJSON(c *gc.C) {
83
// We do everything in keyPairAuthRequest, except set the Content-Type
84
s.setupKeyPair("user", "secret")
85
res, err := keyPairAuthRequest(s.Server.URL, `garbage"in`, "secret")
86
defer res.Body.Close()
87
c.Assert(err, gc.IsNil)
88
CheckErrorResponse(c, res, http.StatusBadRequest, notJSON)
91
func (s *KeyPairSuite) TestNoSuchUser(c *gc.C) {
92
s.setupKeyPair("user", "secret")
93
res, err := keyPairAuthRequest(s.Server.URL, "not-user", "secret")
94
defer res.Body.Close()
95
c.Assert(err, gc.IsNil)
96
CheckErrorResponse(c, res, http.StatusUnauthorized, notAuthorized)
99
func (s *KeyPairSuite) TestBadPassword(c *gc.C) {
100
s.setupKeyPair("user", "secret")
101
res, err := keyPairAuthRequest(s.Server.URL, "user", "not-secret")
102
defer res.Body.Close()
103
c.Assert(err, gc.IsNil)
104
CheckErrorResponse(c, res, http.StatusUnauthorized, invalidUser)
107
func (s *KeyPairSuite) TestValidAuthorization(c *gc.C) {
108
compute_url := "http://testing.invalid/compute"
109
s.setupKeyPairWithServices("user", "secret", []Service{
110
{V2: V2Service{"nova", "compute", []Endpoint{
111
{PublicURL: compute_url},
113
res, err := keyPairAuthRequest(s.Server.URL, "user", "secret")
114
defer res.Body.Close()
115
c.Assert(err, gc.IsNil)
116
c.Check(res.StatusCode, gc.Equals, http.StatusOK)
117
c.Check(res.Header.Get("Content-Type"), gc.Equals, "application/json")
118
content, err := ioutil.ReadAll(res.Body)
119
c.Assert(err, gc.IsNil)
120
var response AccessResponse
121
err = json.Unmarshal(content, &response)
122
c.Assert(err, gc.IsNil)
123
c.Check(response.Access.Token.Id, gc.NotNil)
125
for _, service := range response.Access.ServiceCatalog {
126
if service.Type == "compute" {
127
novaURL = service.Endpoints[0].PublicURL
131
c.Assert(novaURL, gc.Equals, compute_url)