Add get_token_data to token CRUD
We already have the validate method that returns an AccessInfo object. For auth_token middleware it would be simpler if the client returned simply the token data so it presented the same way as other sources of token data. It would also help with the keystoneauth transition in auth_token as we could bypass the keystoneclient.AccessInfo objects. Closes-Bug: #1475041 Change-Id: Ifbe7a7004937d910739c325cc04ae7264a4498e0
This commit is contained in:
Jamie Lennox
parent
f1d0b15bae
commit
a4584c4ba7
|
|
@ -168,6 +168,9 @@ class TokenTests(utils.TestCase):
|
|||
token_fixture = fixture.V2Token(token_id=id_)
|
||||
self.stub_url('GET', ['tokens', id_], json=token_fixture)
|
||||
|
||||
token_data = self.client.tokens.get_token_data(id_)
|
||||
self.assertEqual(token_fixture, token_data)
|
||||
|
||||
token_ref = self.client.tokens.validate(id_)
|
||||
self.assertIsInstance(token_ref, tokens.Token)
|
||||
self.assertEqual(id_, token_ref.id)
|
||||
|
|
@ -178,6 +181,9 @@ class TokenTests(utils.TestCase):
|
|||
id_ = uuid.uuid4().hex
|
||||
# The server is expected to return 404 if the token is invalid.
|
||||
self.stub_url('GET', ['tokens', id_], status_code=404)
|
||||
|
||||
self.assertRaises(exceptions.NotFound,
|
||||
self.client.tokens.get_token_data, id_)
|
||||
self.assertRaises(exceptions.NotFound,
|
||||
self.client.tokens.validate, id_)
|
||||
|
||||
|
|
|
|||
|
|
@ -53,6 +53,10 @@ class TokenTests(utils.TestCase, testresources.ResourcedTestCase):
|
|||
self.examples.v3_UUID_TOKEN_DEFAULT]
|
||||
self.stub_url('GET', ['auth', 'tokens'],
|
||||
headers={'X-Subject-Token': token_id, }, json=token_ref)
|
||||
|
||||
token_data = self.client.tokens.get_token_data(token_id)
|
||||
self.assertEqual(token_data, token_ref)
|
||||
|
||||
access_info = self.client.tokens.validate(token_id)
|
||||
|
||||
self.assertRequestHeaderEqual('X-Subject-Token', token_id)
|
||||
|
|
@ -77,6 +81,9 @@ class TokenTests(utils.TestCase, testresources.ResourcedTestCase):
|
|||
# When the token is invalid the server typically returns a 404.
|
||||
token_id = uuid.uuid4().hex
|
||||
self.stub_url('GET', ['auth', 'tokens'], status_code=404)
|
||||
|
||||
self.assertRaises(exceptions.NotFound,
|
||||
self.client.tokens.get_token_data, token_id)
|
||||
self.assertRaises(exceptions.NotFound,
|
||||
self.client.tokens.validate, token_id)
|
||||
|
||||
|
|
@ -87,6 +94,11 @@ class TokenTests(utils.TestCase, testresources.ResourcedTestCase):
|
|||
self.examples.v3_UUID_TOKEN_DEFAULT]
|
||||
self.stub_url('GET', ['auth', 'tokens'],
|
||||
headers={'X-Subject-Token': token_id, }, json=token_ref)
|
||||
|
||||
token_data = self.client.tokens.get_token_data(token_id)
|
||||
self.assertQueryStringIs()
|
||||
self.assertIn('catalog', token_data['token'])
|
||||
|
||||
access_info = self.client.tokens.validate(token_id)
|
||||
|
||||
self.assertQueryStringIs()
|
||||
|
|
@ -99,6 +111,11 @@ class TokenTests(utils.TestCase, testresources.ResourcedTestCase):
|
|||
self.examples.v3_UUID_TOKEN_UNSCOPED]
|
||||
self.stub_url('GET', ['auth', 'tokens'],
|
||||
headers={'X-Subject-Token': token_id, }, json=token_ref)
|
||||
|
||||
token_data = self.client.tokens.get_token_data(token_id)
|
||||
self.assertQueryStringIs()
|
||||
self.assertNotIn('catalog', token_data['token'])
|
||||
|
||||
access_info = self.client.tokens.validate(token_id,
|
||||
include_catalog=False)
|
||||
|
||||
|
|
|
|||
|
|
@ -84,6 +84,17 @@ class TokenManager(base.Manager):
|
|||
"""
|
||||
return self._get('/tokens/%s' % base.getid(token), 'access')
|
||||
|
||||
def get_token_data(self, token):
|
||||
"""Fetch the data about a token from the identity server.
|
||||
|
||||
:param str token: The token id.
|
||||
|
||||
:rtype: dict
|
||||
"""
|
||||
url = '/tokens/%s' % token
|
||||
resp, body = self.client.get(url)
|
||||
return body
|
||||
|
||||
def validate_access_info(self, token):
|
||||
"""Validate a token.
|
||||
|
||||
|
|
@ -100,10 +111,9 @@ class TokenManager(base.Manager):
|
|||
return token.auth_token
|
||||
return base.getid(token)
|
||||
|
||||
url = '/tokens/%s' % calc_id(token)
|
||||
resp, body = self.client.get(url)
|
||||
access_info = access.AccessInfo.factory(resp=resp, body=body)
|
||||
return access_info
|
||||
token_id = calc_id(token)
|
||||
body = self.get_token_data(token_id)
|
||||
return access.AccessInfo.factory(auth_token=token_id, body=body)
|
||||
|
||||
def get_revoked(self):
|
||||
"""Returns the revoked tokens response.
|
||||
|
|
|
|||
|
|
@ -51,6 +51,25 @@ class TokenManager(object):
|
|||
resp, body = self._client.get('/auth/tokens/OS-PKI/revoked')
|
||||
return body
|
||||
|
||||
@utils.positional.method(1)
|
||||
def get_token_data(self, token, include_catalog=True):
|
||||
"""Fetch the data about a token from the identity server.
|
||||
|
||||
:param str token: The token id.
|
||||
:param bool include_catalog: If False, the response is requested to not
|
||||
include the catalog.
|
||||
|
||||
:rtype: dict
|
||||
"""
|
||||
headers = {'X-Subject-Token': token}
|
||||
|
||||
url = '/auth/tokens'
|
||||
if not include_catalog:
|
||||
url += '?nocatalog'
|
||||
|
||||
resp, body = self._client.get(url, headers=headers)
|
||||
return body
|
||||
|
||||
@utils.positional.method(1)
|
||||
def validate(self, token, include_catalog=True):
|
||||
"""Validate a token.
|
||||
|
|
@ -66,13 +85,5 @@ class TokenManager(object):
|
|||
"""
|
||||
|
||||
token_id = _calc_id(token)
|
||||
headers = {'X-Subject-Token': token_id}
|
||||
|
||||
url = '/auth/tokens'
|
||||
if not include_catalog:
|
||||
url += '?nocatalog'
|
||||
|
||||
resp, body = self._client.get(url, headers=headers)
|
||||
|
||||
access_info = access.AccessInfo.factory(resp=resp, body=body)
|
||||
return access_info
|
||||
body = self.get_token_data(token_id, include_catalog=include_catalog)
|
||||
return access.AccessInfo.factory(auth_token=token_id, body=body)
|
||||
|
|
|
|||
Loading…
Reference in New Issue