From 0941a5e46391bfeecac1247d12604fcb78047cb7 Mon Sep 17 00:00:00 2001
From: Dolph Mathews <dolph.mathews@gmail.com>
Date: Thu, 11 Jun 2015 22:27:06 +0000
Subject: [PATCH] Test v2 tokens being deleted by v3

This test illustrates that v2 tokens deleted by v3 do not work on v2.

Change-Id: Ia87fc785afe624fde0ad191cc6f031eb7605096e
Related-Bug: 1464377
---
 keystone/tests/unit/test_v3_auth.py | 25 +++++++++++++++++++++++++
 1 file changed, 25 insertions(+)

diff --git a/keystone/tests/unit/test_v3_auth.py b/keystone/tests/unit/test_v3_auth.py
index 402d221710..96f0ff1f17 100644
--- a/keystone/tests/unit/test_v3_auth.py
+++ b/keystone/tests/unit/test_v3_auth.py
@@ -367,6 +367,31 @@ class TokenAPITests(object):
 
         self.assertEqual(v2_issued_at, v3_issued_at)
 
+    def test_v2_token_deleted_on_v3(self):
+        # Create a v2 token.
+        body = {
+            'auth': {
+                'passwordCredentials': {
+                    'userId': self.default_domain_user['id'],
+                    'password': self.default_domain_user['password']
+                },
+                'tenantId': self.default_domain_project['id']
+            }
+        }
+        r = self.admin_request(
+            path='/v2.0/tokens', method='POST', body=body)
+        v2_token = r.result['access']['token']['id']
+
+        # Delete the v2 token using v3.
+        resp = self.delete(
+            '/auth/tokens', headers={'X-Subject-Token': v2_token})
+        self.assertEqual(resp.status_code, 204)
+
+        # Attempting to use the deleted token on v2 should fail.
+        self.admin_request(
+            path='/v2.0/tenants', method='GET', token=v2_token,
+            expected_status=401)
+
     def test_rescoping_token(self):
         expires = self.v3_token_data['token']['expires_at']