openstack/keystonemiddleware
Code Issues Proposed changes

Merge "Change ec2 URLs to v3"

Browse Source
This commit is contained in:
Zuul 2019-12-03 07:54:19 +00:00 committed by Gerrit Code Review
commit 97350d16b1
3 changed files with 17 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
keystonemiddleware/ec2_token.py
View File

@ -31,7 +31,7 @@ from keystonemiddleware.i18n import _
keystone_ec2_opts = [ keystone_ec2_opts = [
cfg.StrOpt('url', cfg.StrOpt('url',
default='http://localhost:5000/v2.0/ec2tokens', default='http://localhost:5000/v3/ec2tokens',
help='URL to get token from ec2 request.'), help='URL to get token from ec2 request.'),
cfg.StrOpt('keyfile', cfg.StrOpt('keyfile',
help='Required if EC2 server requires client certificate.'), help='Required if EC2 server requires client certificate.'),
@ -185,13 +185,8 @@ class EC2Token(object):
msg = _('Error response from keystone: %s') % response.reason msg = _('Error response from keystone: %s') % response.reason
self._logger.debug(msg) self._logger.debug(msg)
return self._ec2_error_response("AuthFailure", msg) return self._ec2_error_response("AuthFailure", msg)
result = response.json()
try: try:
if 'token' in result: token_id = response.headers['x-subject-token']
# NOTE(andrey-mp): response from keystone v3
token_id = response.headers['x-subject-token']
else:
token_id = result['access']['token']['id']
except (AttributeError, KeyError): except (AttributeError, KeyError):
msg = _("Failure parsing response from keystone") msg = _("Failure parsing response from keystone")
self._logger.exception(msg) self._logger.exception(msg)

17
keystonemiddleware/tests/unit/test_ec2_token_middleware.py
View File

@ -23,13 +23,12 @@ from keystonemiddleware.tests.unit import utils
TOKEN_ID = 'fake-token-id' TOKEN_ID = 'fake-token-id'
GOOD_RESPONSE = {'access': {'token': {'id': TOKEN_ID,
'tenant': {'id': 'TENANT_ID'}}}}
EMPTY_RESPONSE = {} EMPTY_RESPONSE = {}
class FakeResponse(object): class FakeResponse(object):
reason = "Test Reason" reason = "Test Reason"
headers = {'x-subject-token': TOKEN_ID}
def __init__(self, json, status_code=400): def __init__(self, json, status_code=400):
self._json = json self._json = json
@ -53,9 +52,9 @@ class EC2TokenMiddlewareTestBase(utils.TestCase):
TEST_PROTOCOL = 'https' TEST_PROTOCOL = 'https'
TEST_HOST = 'fakehost' TEST_HOST = 'fakehost'
TEST_PORT = 35357 TEST_PORT = 35357
TEST_URL = '%s://%s:%d/v2.0/ec2tokens' % (TEST_PROTOCOL, TEST_URL = '%s://%s:%d/v3/ec2tokens' % (TEST_PROTOCOL,
TEST_HOST, TEST_HOST,
TEST_PORT) TEST_PORT)
def setUp(self): def setUp(self):
super(EC2TokenMiddlewareTestBase, self).setUp() super(EC2TokenMiddlewareTestBase, self).setUp()
@ -74,7 +73,7 @@ class EC2TokenMiddlewareTestBase(utils.TestCase):
class EC2TokenMiddlewareTestGood(EC2TokenMiddlewareTestBase): class EC2TokenMiddlewareTestGood(EC2TokenMiddlewareTestBase):
@mock.patch.object( @mock.patch.object(
requests, 'request', requests, 'request',
return_value=FakeResponse(GOOD_RESPONSE, status_code=200)) return_value=FakeResponse(EMPTY_RESPONSE, status_code=200))
def test_protocol_old_versions(self, mock_request): def test_protocol_old_versions(self, mock_request):
req = webob.Request.blank('/test') req = webob.Request.blank('/test')
req.GET['Signature'] = 'test-signature' req.GET['Signature'] = 'test-signature'
@ -85,7 +84,7 @@ class EC2TokenMiddlewareTestGood(EC2TokenMiddlewareTestBase):
self.assertEqual(TOKEN_ID, req.headers['X-Auth-Token']) self.assertEqual(TOKEN_ID, req.headers['X-Auth-Token'])
mock_request.assert_called_with( mock_request.assert_called_with(
'POST', 'http://localhost:5000/v2.0/ec2tokens', 'POST', 'http://localhost:5000/v3/ec2tokens',
data=mock.ANY, headers={'Content-Type': 'application/json'}, data=mock.ANY, headers={'Content-Type': 'application/json'},
verify=True, cert=None) verify=True, cert=None)
@ -105,7 +104,7 @@ class EC2TokenMiddlewareTestGood(EC2TokenMiddlewareTestBase):
@mock.patch.object( @mock.patch.object(
requests, 'request', requests, 'request',
return_value=FakeResponse(GOOD_RESPONSE, status_code=200)) return_value=FakeResponse(EMPTY_RESPONSE, status_code=200))
def test_protocol_v4(self, mock_request): def test_protocol_v4(self, mock_request):
req = webob.Request.blank('/test') req = webob.Request.blank('/test')
auth_str = ( auth_str = (
@ -120,7 +119,7 @@ class EC2TokenMiddlewareTestGood(EC2TokenMiddlewareTestBase):
self.assertEqual(TOKEN_ID, req.headers['X-Auth-Token']) self.assertEqual(TOKEN_ID, req.headers['X-Auth-Token'])
mock_request.assert_called_with( mock_request.assert_called_with(
'POST', 'http://localhost:5000/v2.0/ec2tokens', 'POST', 'http://localhost:5000/v3/ec2tokens',
data=mock.ANY, headers={'Content-Type': 'application/json'}, data=mock.ANY, headers={'Content-Type': 'application/json'},
verify=True, cert=None) verify=True, cert=None)

7
releasenotes/notes/ec2-v2-removal-6a886210cbc9d3e9.yaml Normal file
View File

@ -0,0 +1,7 @@
---
other:
- |
[`bug 1845539 <https://bugs.launchpad.net/keystone/+bug/1845539>`_]
The ec2 'url' config option now defaults to
https://localhost:5000/v3/ec2tokens with the removal of ec2 v2.0 support.
Keystonemiddleware no longer supports ec2tokens using the v2.0 API.