81
82
expected_env={'HTTP_X_AUTH_URL': self.config['auth_uri']})
82
83
self.middleware = KeystonePasswordAuthProtocol(self.app, self.config)
86
super(KeystonePasswordAuthProtocolTest, self).tearDown()
87
cfg.CONF.clear_override('multi_cloud', 'auth_password')
88
cfg.CONF.clear_override('allowed_auth_uris', 'auth_password')
84
90
def _start_fake_response(self, status, headers):
85
91
self.response_status = int(status.split(' ', 1)[0])
86
92
self.response_headers = dict(headers)
117
123
req = webob.Request.blank('/')
118
124
self.middleware(req.environ, self._start_fake_response)
119
125
self.assertEqual(self.response_status, 401)
127
def test_multi_cloud(self):
128
allowed_auth_uris = ['http://multicloud.test.com:5000/v2.0']
129
cfg.CONF.set_override('multi_cloud', True, group='auth_password')
130
auth_url = 'http://multicloud.test.com:5000/v2.0'
131
cfg.CONF.set_override('allowed_auth_uris',
133
group='auth_password')
135
expected_env={'HTTP_X_AUTH_URL': auth_url})
136
self.middleware = KeystonePasswordAuthProtocol(self.app, self.config)
138
self.m.StubOutClassWithMocks(keystone_client, 'Client')
139
mock_client = keystone_client.Client(
140
username='user_name1', password='goodpassword',
141
tenant_id='tenant_id1', auth_url=auth_url)
142
mock_client.auth_ref = TOKEN_RESPONSE
144
req = webob.Request.blank('/tenant_id1/')
145
req.headers['X_AUTH_USER'] = 'user_name1'
146
req.headers['X_AUTH_KEY'] = 'goodpassword'
147
req.headers['X_AUTH_URL'] = auth_url
148
self.middleware(req.environ, self._start_fake_response)
151
def test_multi_cloud_empty_allowed_uris(self):
152
cfg.CONF.set_override('multi_cloud', True, group='auth_password')
153
auth_url = 'http://multicloud.test.com:5000/v2.0'
154
cfg.CONF.set_override('allowed_auth_uris',
156
group='auth_password')
157
req = webob.Request.blank('/tenant_id1/')
158
req.headers['X_AUTH_USER'] = 'user_name1'
159
req.headers['X_AUTH_KEY'] = 'goodpassword'
160
req.headers['X_AUTH_URL'] = auth_url
161
self.middleware(req.environ, self._start_fake_response)
162
self.assertEqual(self.response_status, 401)
164
def test_multi_cloud_target_not_allowed(self):
165
cfg.CONF.set_override('multi_cloud', True, group='auth_password')
166
auth_url = 'http://multicloud.test.com:5000/v2.0'
167
cfg.CONF.set_override('allowed_auth_uris',
168
['http://some.other.url:5000/v2.0'],
169
group='auth_password')
170
req = webob.Request.blank('/tenant_id1/')
171
req.headers['X_AUTH_USER'] = 'user_name1'
172
req.headers['X_AUTH_KEY'] = 'goodpassword'
173
req.headers['X_AUTH_URL'] = auth_url
174
self.middleware(req.environ, self._start_fake_response)
175
self.assertEqual(self.response_status, 401)
177
def test_multi_cloud_no_auth_url(self):
178
cfg.CONF.set_override('multi_cloud', True, group='auth_password')
179
req = webob.Request.blank('/tenant_id1/')
180
req.headers['X_AUTH_USER'] = 'user_name1'
181
req.headers['X_AUTH_KEY'] = 'goodpassword'
182
response = self.middleware(req.environ, self._start_fake_response)
183
self.assertEqual(self.response_status, 400)