Merge "Rename auth_details key from swift3 to s3api" into feature/s3api
This commit is contained in:
Zuul
Gerrit Code Review
commit
bb6eeb84af
|
|
@ -422,7 +422,7 @@ class S3Request(swob.Request):
|
|||
self._validate_headers()
|
||||
# Lock in string-to-sign now, before we start messing with query params
|
||||
self.string_to_sign = self._string_to_sign()
|
||||
self.environ['swift3.auth_details'] = {
|
||||
self.environ['s3api.auth_details'] = {
|
||||
'access_key': self.access_key,
|
||||
'signature': self.signature,
|
||||
'string_to_sign': self.string_to_sign,
|
||||
|
|
@ -1342,7 +1342,7 @@ class S3AclRequest(S3Request):
|
|||
# Need to skip S3 authorization on subsequent requests to prevent
|
||||
# overwriting the account in PATH_INFO
|
||||
del self.headers['Authorization']
|
||||
del self.environ['swift3.auth_details']
|
||||
del self.environ['s3api.auth_details']
|
||||
|
||||
def to_swift_req(self, method, container, obj, query=None,
|
||||
body=None, headers=None):
|
||||
|
|
|
|||
|
|
@ -228,7 +228,7 @@ class S3Token(object):
|
|||
return self._app(environ, start_response)
|
||||
|
||||
# Read request signature and access id.
|
||||
s3_auth_details = req.environ.get('swift3.auth_details')
|
||||
s3_auth_details = req.environ.get('s3api.auth_details')
|
||||
if not s3_auth_details:
|
||||
msg = 'No authorization details from s3api. skipping.'
|
||||
self._logger.debug(msg)
|
||||
|
|
|
|||
|
|
@ -273,7 +273,7 @@ class TempAuth(object):
|
|||
return self.app(env, start_response)
|
||||
if env.get('PATH_INFO', '').startswith(self.auth_prefix):
|
||||
return self.handle(env, start_response)
|
||||
s3 = env.get('swift3.auth_details')
|
||||
s3 = env.get('s3api.auth_details')
|
||||
token = env.get('HTTP_X_AUTH_TOKEN', env.get('HTTP_X_STORAGE_TOKEN'))
|
||||
service_token = env.get('HTTP_X_SERVICE_TOKEN')
|
||||
if s3 or (token and token.startswith(self.reseller_prefix)):
|
||||
|
|
@ -433,7 +433,7 @@ class TempAuth(object):
|
|||
if expires < time():
|
||||
groups = None
|
||||
|
||||
s3_auth_details = env.get('swift3.auth_details')
|
||||
s3_auth_details = env.get('s3api.auth_details')
|
||||
if s3_auth_details:
|
||||
if 'check_signature' not in s3_auth_details:
|
||||
self.logger.warning(
|
||||
|
|
|
|||
|
|
@ -117,7 +117,7 @@ class TestS3ApiMiddleware(S3ApiTestCase):
|
|||
with patch('swift.common.middleware.s3api.s3request.'
|
||||
'S3Request._validate_headers'):
|
||||
req = S3Request(env)
|
||||
return req.environ['swift3.auth_details']['string_to_sign']
|
||||
return req.environ['s3api.auth_details']['string_to_sign']
|
||||
|
||||
def verify(hash, path, headers):
|
||||
s = canonical_string(path, headers)
|
||||
|
|
@ -387,7 +387,7 @@ class TestS3ApiMiddleware(S3ApiTestCase):
|
|||
'S3Request.check_signature') as mock_cs:
|
||||
status, headers, body = self.call_s3api(req)
|
||||
_, _, headers = self.swift.calls_with_headers[-1]
|
||||
self.assertEqual(req.environ['swift3.auth_details'], {
|
||||
self.assertEqual(req.environ['s3api.auth_details'], {
|
||||
'access_key': 'test:tester',
|
||||
'signature': 'hmac',
|
||||
'string_to_sign': '\n'.join([
|
||||
|
|
|
|||
|
|
@ -245,7 +245,7 @@ class TestRequest(S3ApiTestCase):
|
|||
|
||||
m_swift_resp.return_value = FakeSwiftResponse()
|
||||
s3_req = S3AclRequest(req.environ, MagicMock())
|
||||
self.assertNotIn('swift3.auth_details', s3_req.environ)
|
||||
self.assertNotIn('s3api.auth_details', s3_req.environ)
|
||||
self.assertNotIn('HTTP_AUTHORIZATION', s3_req.environ)
|
||||
self.assertNotIn('Authorization', s3_req.headers)
|
||||
self.assertEqual(s3_req.token, 'token')
|
||||
|
|
@ -264,7 +264,7 @@ class TestRequest(S3ApiTestCase):
|
|||
m_swift_resp.return_value = FakeSwiftResponse()
|
||||
s3_req = S3AclRequest(req.environ, MagicMock())
|
||||
sw_req = s3_req.to_swift_req(method, container, obj)
|
||||
self.assertNotIn('swift3.auth_details', sw_req.environ)
|
||||
self.assertNotIn('s3api.auth_details', sw_req.environ)
|
||||
self.assertNotIn('HTTP_AUTHORIZATION', sw_req.environ)
|
||||
self.assertNotIn('Authorization', sw_req.headers)
|
||||
self.assertEqual(sw_req.headers['X-Auth-Token'], 'token')
|
||||
|
|
|
|||
|
|
@ -229,7 +229,7 @@ class S3TokenMiddlewareTestGood(S3TokenMiddlewareTestBase):
|
|||
|
||||
def test_authorized(self):
|
||||
req = Request.blank('/v1/AUTH_cfa/c/o')
|
||||
req.environ['swift3.auth_details'] = {
|
||||
req.environ['s3api.auth_details'] = {
|
||||
'access_key': u'access',
|
||||
'signature': u'signature',
|
||||
'string_to_sign': u'token',
|
||||
|
|
@ -245,7 +245,7 @@ class S3TokenMiddlewareTestGood(S3TokenMiddlewareTestBase):
|
|||
json=resp)
|
||||
|
||||
req = Request.blank('/v1/AUTH_cfa/c/o')
|
||||
req.environ['swift3.auth_details'] = {
|
||||
req.environ['s3api.auth_details'] = {
|
||||
'access_key': u'access',
|
||||
'signature': u'signature',
|
||||
'string_to_sign': u'token',
|
||||
|
|
@ -255,7 +255,7 @@ class S3TokenMiddlewareTestGood(S3TokenMiddlewareTestBase):
|
|||
|
||||
def test_authorized_bytes(self):
|
||||
req = Request.blank('/v1/AUTH_cfa/c/o')
|
||||
req.environ['swift3.auth_details'] = {
|
||||
req.environ['s3api.auth_details'] = {
|
||||
'access_key': b'access',
|
||||
'signature': b'signature',
|
||||
'string_to_sign': b'token',
|
||||
|
|
@ -276,7 +276,7 @@ class S3TokenMiddlewareTestGood(S3TokenMiddlewareTestBase):
|
|||
'auth_host': host,
|
||||
'auth_port': port})(self.app))
|
||||
req = Request.blank('/v1/AUTH_cfa/c/o')
|
||||
req.environ['swift3.auth_details'] = {
|
||||
req.environ['s3api.auth_details'] = {
|
||||
'access_key': u'access',
|
||||
'signature': u'signature',
|
||||
'string_to_sign': u'token',
|
||||
|
|
@ -298,7 +298,7 @@ class S3TokenMiddlewareTestGood(S3TokenMiddlewareTestBase):
|
|||
'auth_port': port,
|
||||
'auth_version': '3'})(self.app))
|
||||
req = Request.blank('/v1/AUTH_cfa/c/o')
|
||||
req.environ['swift3.auth_details'] = {
|
||||
req.environ['s3api.auth_details'] = {
|
||||
'access_key': u'access',
|
||||
'signature': u'signature',
|
||||
'string_to_sign': u'token',
|
||||
|
|
@ -310,7 +310,7 @@ class S3TokenMiddlewareTestGood(S3TokenMiddlewareTestBase):
|
|||
self.middleware = s3token.filter_factory({
|
||||
'auth_uri': self.TEST_AUTH_URI + '/'})(self.app)
|
||||
req = Request.blank('/v1/AUTH_cfa/c/o')
|
||||
req.environ['swift3.auth_details'] = {
|
||||
req.environ['s3api.auth_details'] = {
|
||||
'access_key': u'access',
|
||||
'signature': u'signature',
|
||||
'string_to_sign': u'token',
|
||||
|
|
@ -320,7 +320,7 @@ class S3TokenMiddlewareTestGood(S3TokenMiddlewareTestBase):
|
|||
|
||||
def test_authorization_nova_toconnect(self):
|
||||
req = Request.blank('/v1/AUTH_swiftint/c/o')
|
||||
req.environ['swift3.auth_details'] = {
|
||||
req.environ['s3api.auth_details'] = {
|
||||
'access_key': u'access:FORCED_TENANT_ID',
|
||||
'signature': u'signature',
|
||||
'string_to_sign': u'token',
|
||||
|
|
@ -339,7 +339,7 @@ class S3TokenMiddlewareTestGood(S3TokenMiddlewareTestBase):
|
|||
'text': text_return_value})
|
||||
|
||||
req = Request.blank('/v1/AUTH_cfa/c/o')
|
||||
req.environ['swift3.auth_details'] = {
|
||||
req.environ['s3api.auth_details'] = {
|
||||
'access_key': u'access',
|
||||
'signature': u'signature',
|
||||
'string_to_sign': u'token',
|
||||
|
|
@ -435,7 +435,7 @@ class S3TokenMiddlewareTestGood(S3TokenMiddlewareTestBase):
|
|||
'text': json.dumps(GOOD_RESPONSE_V2)})
|
||||
|
||||
req = Request.blank('/v1/AUTH_cfa/c/o')
|
||||
req.environ['swift3.auth_details'] = {
|
||||
req.environ['s3api.auth_details'] = {
|
||||
'access_key': u'access',
|
||||
'signature': u'signature',
|
||||
'string_to_sign': u'token',
|
||||
|
|
@ -519,7 +519,7 @@ class S3TokenMiddlewareTestGood(S3TokenMiddlewareTestBase):
|
|||
def test_unicode_path(self):
|
||||
url = u'/v1/AUTH_cfa/c/euro\u20ac'.encode('utf8')
|
||||
req = Request.blank(urllib.parse.quote(url))
|
||||
req.environ['swift3.auth_details'] = {
|
||||
req.environ['s3api.auth_details'] = {
|
||||
'access_key': u'access',
|
||||
'signature': u'signature',
|
||||
'string_to_sign': u'token',
|
||||
|
|
@ -536,7 +536,7 @@ class S3TokenMiddlewareTestBad(S3TokenMiddlewareTestBase):
|
|||
"title": "Unauthorized"}}
|
||||
self.requests_mock.post(self.TEST_URL, status_code=403, json=ret)
|
||||
req = Request.blank('/v1/AUTH_cfa/c/o')
|
||||
req.environ['swift3.auth_details'] = {
|
||||
req.environ['s3api.auth_details'] = {
|
||||
'access_key': u'access',
|
||||
'signature': u'signature',
|
||||
'string_to_sign': u'token',
|
||||
|
|
@ -570,7 +570,7 @@ class S3TokenMiddlewareTestBad(S3TokenMiddlewareTestBase):
|
|||
o.side_effect = s3_invalid_resp
|
||||
|
||||
req = Request.blank('/v1/AUTH_cfa/c/o')
|
||||
req.environ['swift3.auth_details'] = {
|
||||
req.environ['s3api.auth_details'] = {
|
||||
'access_key': u'access',
|
||||
'signature': u'signature',
|
||||
'string_to_sign': u'token',
|
||||
|
|
@ -588,7 +588,7 @@ class S3TokenMiddlewareTestBad(S3TokenMiddlewareTestBase):
|
|||
text=response_body)
|
||||
|
||||
req = Request.blank('/v1/AUTH_cfa/c/o')
|
||||
req.environ['swift3.auth_details'] = {
|
||||
req.environ['s3api.auth_details'] = {
|
||||
'access_key': u'access',
|
||||
'signature': u'signature',
|
||||
'string_to_sign': u'token',
|
||||
|
|
@ -658,7 +658,7 @@ class S3TokenMiddlewareTestDeferredAuth(S3TokenMiddlewareTestBase):
|
|||
"title": "Unauthorized"}}
|
||||
self.requests_mock.post(self.TEST_URL, status_code=403, json=ret)
|
||||
req = Request.blank('/v1/AUTH_cfa/c/o')
|
||||
req.environ['swift3.auth_details'] = {
|
||||
req.environ['s3api.auth_details'] = {
|
||||
'access_key': u'access',
|
||||
'signature': u'signature',
|
||||
'string_to_sign': u'token',
|
||||
|
|
@ -682,7 +682,7 @@ class S3TokenMiddlewareTestDeferredAuth(S3TokenMiddlewareTestBase):
|
|||
o.side_effect = self.middleware._deny_request('InvalidURI')
|
||||
|
||||
req = Request.blank('/v1/AUTH_cfa/c/o')
|
||||
req.environ['swift3.auth_details'] = {
|
||||
req.environ['s3api.auth_details'] = {
|
||||
'access_key': u'access',
|
||||
'signature': u'signature',
|
||||
'string_to_sign': u'token',
|
||||
|
|
@ -700,7 +700,7 @@ class S3TokenMiddlewareTestDeferredAuth(S3TokenMiddlewareTestBase):
|
|||
text="<badreply>")
|
||||
|
||||
req = Request.blank('/v1/AUTH_cfa/c/o')
|
||||
req.environ['swift3.auth_details'] = {
|
||||
req.environ['s3api.auth_details'] = {
|
||||
'access_key': u'access',
|
||||
'signature': u'signature',
|
||||
'string_to_sign': u'token',
|
||||
|
|
@ -749,7 +749,7 @@ class S3TokenMiddlewareTestV3(S3TokenMiddlewareTestBase):
|
|||
|
||||
def test_authorized(self):
|
||||
req = Request.blank('/v1/AUTH_cfa/c/o')
|
||||
req.environ['swift3.auth_details'] = {
|
||||
req.environ['s3api.auth_details'] = {
|
||||
'access_key': u'access',
|
||||
'signature': u'signature',
|
||||
'string_to_sign': u'token',
|
||||
|
|
@ -759,7 +759,7 @@ class S3TokenMiddlewareTestV3(S3TokenMiddlewareTestBase):
|
|||
|
||||
def test_authorized_bytes(self):
|
||||
req = Request.blank('/v1/AUTH_cfa/c/o')
|
||||
req.environ['swift3.auth_details'] = {
|
||||
req.environ['s3api.auth_details'] = {
|
||||
'access_key': b'access',
|
||||
'signature': b'signature',
|
||||
'string_to_sign': b'token',
|
||||
|
|
@ -780,7 +780,7 @@ class S3TokenMiddlewareTestV3(S3TokenMiddlewareTestBase):
|
|||
'auth_host': host,
|
||||
'auth_port': port})(self.app))
|
||||
req = Request.blank('/v1/AUTH_cfa/c/o')
|
||||
req.environ['swift3.auth_details'] = {
|
||||
req.environ['s3api.auth_details'] = {
|
||||
'access_key': u'access',
|
||||
'signature': u'signature',
|
||||
'string_to_sign': u'token',
|
||||
|
|
@ -802,7 +802,7 @@ class S3TokenMiddlewareTestV3(S3TokenMiddlewareTestBase):
|
|||
'auth_port': port,
|
||||
'auth_version': '3'})(self.app))
|
||||
req = Request.blank('/v1/AUTH_cfa/c/o')
|
||||
req.environ['swift3.auth_details'] = {
|
||||
req.environ['s3api.auth_details'] = {
|
||||
'access_key': u'access',
|
||||
'signature': u'signature',
|
||||
'string_to_sign': u'token',
|
||||
|
|
@ -814,7 +814,7 @@ class S3TokenMiddlewareTestV3(S3TokenMiddlewareTestBase):
|
|||
self.middleware = s3token.filter_factory({
|
||||
'auth_uri': self.TEST_AUTH_URI + '/'})(self.app)
|
||||
req = Request.blank('/v1/AUTH_cfa/c/o')
|
||||
req.environ['swift3.auth_details'] = {
|
||||
req.environ['s3api.auth_details'] = {
|
||||
'access_key': u'access',
|
||||
'signature': u'signature',
|
||||
'string_to_sign': u'token',
|
||||
|
|
@ -824,7 +824,7 @@ class S3TokenMiddlewareTestV3(S3TokenMiddlewareTestBase):
|
|||
|
||||
def test_authorization_nova_toconnect(self):
|
||||
req = Request.blank('/v1/AUTH_swiftint/c/o')
|
||||
req.environ['swift3.auth_details'] = {
|
||||
req.environ['s3api.auth_details'] = {
|
||||
'access_key': u'access:FORCED_TENANT_ID',
|
||||
'signature': u'signature',
|
||||
'string_to_sign': u'token',
|
||||
|
|
@ -843,7 +843,7 @@ class S3TokenMiddlewareTestV3(S3TokenMiddlewareTestBase):
|
|||
text=json.dumps(resp))
|
||||
|
||||
req = Request.blank('/v1/AUTH_cfa/c/o')
|
||||
req.environ['swift3.auth_details'] = {
|
||||
req.environ['s3api.auth_details'] = {
|
||||
'access_key': u'access',
|
||||
'signature': u'signature',
|
||||
'string_to_sign': u'token',
|
||||
|
|
|
|||
|
|
@ -269,7 +269,7 @@ class TestAuth(unittest.TestCase):
|
|||
local_auth = auth.filter_factory(
|
||||
{'user_s3_s3': 'secret .admin'})(local_app)
|
||||
req = self._make_request('/v1/s3:s3', environ={
|
||||
'swift3.auth_details': {
|
||||
's3api.auth_details': {
|
||||
'access_key': 's3:s3',
|
||||
'signature': b64encode('sig'),
|
||||
'string_to_sign': 't',
|
||||
|
|
@ -287,7 +287,7 @@ class TestAuth(unittest.TestCase):
|
|||
local_auth = auth.filter_factory(
|
||||
{'user_s3_s3': 'secret .admin'})(local_app)
|
||||
req = self._make_request('/v1/s3:s3', environ={
|
||||
'swift3.auth_details': {
|
||||
's3api.auth_details': {
|
||||
'access_key': 's3:s3',
|
||||
'signature': b64encode('sig'),
|
||||
'string_to_sign': 't',
|
||||
|
|
@ -305,7 +305,7 @@ class TestAuth(unittest.TestCase):
|
|||
local_auth = auth.filter_factory(
|
||||
{'user_s3_s3': 'secret .admin'})(local_app)
|
||||
req = self._make_request('/v1/s3:s3', environ={
|
||||
'swift3.auth_details': {
|
||||
's3api.auth_details': {
|
||||
'access_key': 's3:s3',
|
||||
'signature': b64encode('sig'),
|
||||
'string_to_sign': 't'}})
|
||||
|
|
|
|||
Loading…
Reference in New Issue