mark a few oidc parameters as required

to better the user experience, mark a few of the open id connect options as required, users should get back more meaningful error messages. as part of the change, there was also a discrepancy between what the loader used for the authorization code, and what the plugin was using. deprecate the old loader option (authorization-code) in favor of the one used by the plugin (code). Change-Id: I18318ef44f99e4f973176dd99b61770b1151f7a0 Partial-Bug: 1593192
2016-11-01 11:12:12 -04:00 · 2016-11-01 11:12:12 -04:00 · 827895281b
parent e5b9dbc385
commit 827895281b
2 changed files with 7 additions and 5 deletions
--- a/keystoneauth1/loading/_plugins/identity/v3.py
+++ b/keystoneauth1/loading/_plugins/identity/v3.py
@ -148,8 +148,9 @@ class OpenIDConnectPassword(_OpenIDConnectBase):
        options = super(OpenIDConnectPassword, self).get_options()

        options.extend([
-            loading.Opt('username', help='Username'),
-            loading.Opt('password', secret=True, help='Password'),
+            loading.Opt('username', help='Username', required=True),
+            loading.Opt('password', secret=True,
+                        help='Password', required=True),
        ])

        return options
@ -166,7 +167,8 @@ class OpenIDConnectAuthorizationCode(_OpenIDConnectBase):

        options.extend([
            loading.Opt('redirect-uri', help='OpenID Connect Redirect URL'),
-            loading.Opt('authorization-code', secret=True,
+            loading.Opt('code', secret=True, required=True,
+                        deprecated=[loading.Opt('authorization-code')],
                        help='OAuth 2.0 Authorization Code'),
        ])

@ -183,7 +185,7 @@ class OpenIDConnectAccessToken(loading.BaseFederationLoader):
        options = super(OpenIDConnectAccessToken, self).get_options()

        options.extend([
-            loading.Opt('access-token', secret=True,
+            loading.Opt('access-token', secret=True, required=True,
                        help='OAuth 2.0 Access Token'),
        ])
        return options
--- a/keystoneauth1/tests/unit/loading/test_v3.py
+++ b/keystoneauth1/tests/unit/loading/test_v3.py
@ -227,7 +227,7 @@ class OpenIDConnectAuthCodeTests(OpenIDConnectBaseTests, utils.TestCase):
    def test_options(self):
        options = loading.get_plugin_loader(self.plugin_name).get_options()
        self.assertTrue(
-            set(['redirect-uri', 'authorization-code']).issubset(
+            set(['redirect-uri', 'code']).issubset(
                set([o.name for o in options]))
        )