1
# vim: tabstop=4 shiftwidth=4 softtabstop=4
2
# Copyright (c) 2011 OpenStack, LLC.
4
# Licensed under the Apache License, Version 2.0 (the "License");
5
# you may not use this file except in compliance with the License.
6
# You may obtain a copy of the License at
8
# http://www.apache.org/licenses/LICENSE-2.0
10
# Unless required by applicable law or agreed to in writing, software
11
# distributed under the License is distributed on an "AS IS" BASIS,
12
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
14
# See the License for the specific language governing permissions and
15
# limitations under the License.
19
import unittest2 as unittest
22
from keystone.test.unit.decorators import jsonify
23
from keystone.logic import signer
24
from keystone.logic.types import auth
26
LOGGER = logging.getLogger('test.unit.test_ec2_authn')
29
class EC2AuthnMethods(base.ServiceAPITest):
32
def test_authn_ec2_success_json(self):
34
Test that good ec2 credentials returns a 200 OK
36
access = "xpd285.access"
37
secret = "345fgi.secret"
39
"user_id": self.auth_user['id'],
40
"tenant_id": self.auth_user['tenant_id'],
45
self.fixture_create_credentials(**kwargs)
47
req = self.get_request('POST', url)
49
"SignatureVersion": "2",
51
"two_params": "happy",
57
"host": "some.host.com:8773",
58
"path": "services/Cloud",
61
sign = signer.Signer(secret)
62
obj_creds = auth.Ec2Credentials(**credentials)
63
credentials['signature'] = sign.generate(obj_creds)
65
"ec2Credentials": credentials,
67
req.body = json.dumps(body)
72
u'serviceCatalog': {},
74
u'expires': self.expires.strftime("%Y-%m-%dT%H:%M:%S.%f"),
75
u'id': self.auth_token_id,
79
self.assert_dict_equal(expected, json.loads(self.res.body))
83
def test_authn_ec2_success_json_bad_user(self):
85
Test that bad credentials returns a 401
87
access = "xpd285.access"
88
secret = "345fgi.secret"
91
"tenant_id": self.auth_user['tenant_id'],
96
self.fixture_create_credentials(**kwargs)
98
req = self.get_request('POST', url)
100
"SignatureVersion": "2",
102
"two_params": "happy",
108
"host": "some.host.com:8773",
109
"path": "services/Cloud",
112
sign = signer.Signer(secret)
113
obj_creds = auth.Ec2Credentials(**credentials)
114
credentials['signature'] = sign.generate(obj_creds)
116
"ec2Credentials": credentials,
118
req.body = json.dumps(body)
124
u'message': u'Unauthorized on this tenant',
127
self.assert_dict_equal(expected, json.loads(self.res.body))
128
self.assertEqual(self.res.status_int, 401)
131
def test_authn_ec2_success_json_bad_tenant(self):
133
Test that bad credentials returns a 401
135
access = "xpd285.access"
136
secret = "345fgi.secret"
138
"user_id": self.auth_user['id'],
144
self.fixture_create_credentials(**kwargs)
146
req = self.get_request('POST', url)
148
"SignatureVersion": "2",
150
"two_params": "happy",
156
"host": "some.host.com:8773",
157
"path": "services/Cloud",
160
sign = signer.Signer(secret)
161
obj_creds = auth.Ec2Credentials(**credentials)
162
credentials['signature'] = sign.generate(obj_creds)
164
"ec2Credentials": credentials,
166
req.body = json.dumps(body)
172
u'message': u'Unauthorized on this tenant',
175
self.assert_dict_equal(expected, json.loads(self.res.body))
176
self.assertEqual(self.res.status_int, 401)
179
if __name__ == '__main__':