Let Oidc* auth plugins accept scope parameters as kwargs

The OidcPassword and OidcAauthCode auth plugins should accept scope parameters like the project, otherwise it would be impossible to get a scoped token, making python-openstackclient fail. Closes-Bug: #1582774 Change-Id: I960d67b4529afbc83eff0da945677b2fd83973e1
2016-05-27 10:53:00 +02:00 · 2016-05-27 10:53:00 +02:00 · 4343ce524a
parent 44b8d0f907
commit 4343ce524a
3 changed files with 15 additions and 5 deletions
--- a/keystoneauth1/identity/v3/oidc.py
+++ b/keystoneauth1/identity/v3/oidc.py
@ -127,7 +127,7 @@ class OidcPassword(_OidcBase):
    def __init__(self, auth_url, identity_provider, protocol,
                 client_id, client_secret, access_token_endpoint,
                 grant_type='password', access_token_type='access_token',
-                 username=None, password=None, scope='profile'):
+                 username=None, password=None, scope='profile', **kwargs):
        """The OpenID Password plugin expects the following.

        :param username: Username used to authenticate
@ -149,7 +149,8 @@ class OidcPassword(_OidcBase):
            client_secret=client_secret,
            access_token_endpoint=access_token_endpoint,
            grant_type=grant_type,
-            access_token_type=access_token_type)
+            access_token_type=access_token_type,
+            **kwargs)
        self.username = username
        self.password = password
        self.scope = scope
@ -193,7 +194,7 @@ class OidcAuthorizationCode(_OidcBase):
                 client_id, client_secret, access_token_endpoint,
                 grant_type='authorization_code',
                 access_token_type='access_token',
-                 redirect_uri=None, code=None):
+                 redirect_uri=None, code=None, **kwargs):
        """The OpenID Authorization Code plugin expects the following.

        :param redirect_uri: OpenID Connect Client Redirect URL
@ -211,7 +212,8 @@ class OidcAuthorizationCode(_OidcBase):
            client_secret=client_secret,
            access_token_endpoint=access_token_endpoint,
            grant_type=grant_type,
-            access_token_type=access_token_type)
+            access_token_type=access_token_type,
+            **kwargs)
        self.redirect_uri = redirect_uri
        self.code = code

--- a/keystoneauth1/releasenotes/notes/bug-1582774-49af731b6dfc6f2f.yaml
+++ b/keystoneauth1/releasenotes/notes/bug-1582774-49af731b6dfc6f2f.yaml
@ -0,0 +1,4 @@
+---
+fixes:
+  - Fix passing scope parameters in Oidc* auth plugins.
+    [Bug `1582774 <https://bugs.launchpad.net/bugs/1582774>`_]
--- a/keystoneauth1/tests/unit/identity/test_identity_v3_oidc.py
+++ b/keystoneauth1/tests/unit/identity/test_identity_v3_oidc.py
@ -33,6 +33,7 @@ class AuthenticateOIDCTests(utils.TestCase):
        self.IDENTITY_PROVIDER = 'bluepages'
        self.PROTOCOL = 'oidc'
        self.USER_NAME = 'oidc_user@example.com'
+        self.PROJECT_NAME = 'foo project'
        self.PASSWORD = uuid.uuid4().hex
        self.CLIENT_ID = uuid.uuid4().hex
        self.CLIENT_SECRET = uuid.uuid4().hex
@ -51,6 +52,7 @@ class AuthenticateOIDCTests(utils.TestCase):
            client_id=self.CLIENT_ID,
            client_secret=self.CLIENT_SECRET,
            access_token_endpoint=self.ACCESS_TOKEN_ENDPOINT,
+            project_name=self.PROJECT_NAME,
            username=self.USER_NAME,
            password=self.PASSWORD)

@ -62,13 +64,15 @@ class AuthenticateOIDCTests(utils.TestCase):
            client_secret=self.CLIENT_SECRET,
            access_token_endpoint=self.ACCESS_TOKEN_ENDPOINT,
            redirect_uri=self.REDIRECT_URL,
+            project_name=self.PROJECT_NAME,
            code=self.CODE)

        self.oidc_token = oidc.OidcAccessToken(
            self.AUTH_URL,
            self.IDENTITY_PROVIDER,
            self.PROTOCOL,
-            access_token=self.ACCESS_TOKEN)
+            access_token=self.ACCESS_TOKEN,
+            project_name=self.PROJECT_NAME)


 class OIDCPasswordTests(AuthenticateOIDCTests):