Request token authorize
Command doc and tweaks to the code Change-Id: I8f251bf9ca77f16b01a509844e79ddde82048b0d
This commit is contained in:
Steve Martinelli
parent
f8d4dd25b4
commit
d9c217e5bc
@ -6,6 +6,26 @@ Identity v3
|
|||||||
|
|
||||||
`Requires: OS-OAUTH1 extension`
|
`Requires: OS-OAUTH1 extension`
|
||||||
|
|
||||||
|
request token authorize
|
||||||
|
-----------------------
|
||||||
|
|
||||||
|
Authorize a request token
|
||||||
|
|
||||||
|
.. program:: request token authorize
|
||||||
|
.. code:: bash
|
||||||
|
|
||||||
|
os request token authorize
|
||||||
|
--request-key <consumer-key>
|
||||||
|
--role <role>
|
||||||
|
|
||||||
|
.. option:: --request-key <request-key>
|
||||||
|
|
||||||
|
Request token to authorize (ID only) (required)
|
||||||
|
|
||||||
|
.. option:: --role <role>
|
||||||
|
|
||||||
|
Roles to authorize (name or ID) (repeat to set multiple values) (required)
|
||||||
|
|
||||||
request token create
|
request token create
|
||||||
--------------------
|
--------------------
|
||||||
|
|
||||||
|
|||||||
@ -25,7 +25,7 @@ from openstackclient.identity import common
|
|||||||
|
|
||||||
|
|
||||||
class AuthorizeRequestToken(show.ShowOne):
|
class AuthorizeRequestToken(show.ShowOne):
|
||||||
"""Authorize request token"""
|
"""Authorize a request token"""
|
||||||
|
|
||||||
log = logging.getLogger(__name__ + '.AuthorizeRequestToken')
|
log = logging.getLogger(__name__ + '.AuthorizeRequestToken')
|
||||||
|
|
||||||
@ -34,13 +34,16 @@ class AuthorizeRequestToken(show.ShowOne):
|
|||||||
parser.add_argument(
|
parser.add_argument(
|
||||||
'--request-key',
|
'--request-key',
|
||||||
metavar='<request-key>',
|
metavar='<request-key>',
|
||||||
help='Request token key',
|
help='Request token to authorize (ID only) (required)',
|
||||||
required=True
|
required=True
|
||||||
)
|
)
|
||||||
parser.add_argument(
|
parser.add_argument(
|
||||||
'--role-ids',
|
'--role',
|
||||||
metavar='<role-ids>',
|
metavar='<role>',
|
||||||
help='Requested role IDs',
|
action='append',
|
||||||
|
default=[],
|
||||||
|
help='Roles to authorize (name or ID) '
|
||||||
|
'(repeat to set multiple values) (required)',
|
||||||
required=True
|
required=True
|
||||||
)
|
)
|
||||||
return parser
|
return parser
|
||||||
@ -49,17 +52,20 @@ class AuthorizeRequestToken(show.ShowOne):
|
|||||||
self.log.debug('take_action(%s)' % parsed_args)
|
self.log.debug('take_action(%s)' % parsed_args)
|
||||||
identity_client = self.app.client_manager.identity
|
identity_client = self.app.client_manager.identity
|
||||||
|
|
||||||
|
# NOTE(stevemar): We want a list of role ids
|
||||||
roles = []
|
roles = []
|
||||||
for r_id in parsed_args.role_ids.split():
|
for role in parsed_args.role:
|
||||||
roles.append(r_id)
|
role_id = utils.find_resource(
|
||||||
|
identity_client.roles,
|
||||||
|
role,
|
||||||
|
).id
|
||||||
|
roles.append(role_id)
|
||||||
|
|
||||||
verifier_pin = identity_client.oauth1.request_tokens.authorize(
|
verifier_pin = identity_client.oauth1.request_tokens.authorize(
|
||||||
parsed_args.request_key,
|
parsed_args.request_key,
|
||||||
roles)
|
roles)
|
||||||
|
|
||||||
info = {}
|
return zip(*sorted(six.iteritems(verifier_pin._info)))
|
||||||
info.update(verifier_pin._info)
|
|
||||||
return zip(*sorted(six.iteritems(info)))
|
|
||||||
|
|
||||||
|
|
||||||
class CreateAccessToken(show.ShowOne):
|
class CreateAccessToken(show.ShowOne):
|
||||||
|
|||||||
@ -28,6 +28,8 @@ class TestOAuth1(identity_fakes.TestOAuth1):
|
|||||||
self.request_tokens_mock.reset_mock()
|
self.request_tokens_mock.reset_mock()
|
||||||
self.projects_mock = identity_client.projects
|
self.projects_mock = identity_client.projects
|
||||||
self.projects_mock.reset_mock()
|
self.projects_mock.reset_mock()
|
||||||
|
self.roles_mock = identity_client.roles
|
||||||
|
self.roles_mock.reset_mock()
|
||||||
|
|
||||||
|
|
||||||
class TestRequestTokenCreate(TestOAuth1):
|
class TestRequestTokenCreate(TestOAuth1):
|
||||||
@ -85,6 +87,12 @@ class TestRequestTokenAuthorize(TestOAuth1):
|
|||||||
def setUp(self):
|
def setUp(self):
|
||||||
super(TestRequestTokenAuthorize, self).setUp()
|
super(TestRequestTokenAuthorize, self).setUp()
|
||||||
|
|
||||||
|
self.roles_mock.get.return_value = fakes.FakeResource(
|
||||||
|
None,
|
||||||
|
copy.deepcopy(identity_fakes.ROLE),
|
||||||
|
loaded=True,
|
||||||
|
)
|
||||||
|
|
||||||
copied_verifier = copy.deepcopy(identity_fakes.OAUTH_VERIFIER)
|
copied_verifier = copy.deepcopy(identity_fakes.OAUTH_VERIFIER)
|
||||||
resource = fakes.FakeResource(None, copied_verifier, loaded=True)
|
resource = fakes.FakeResource(None, copied_verifier, loaded=True)
|
||||||
self.request_tokens_mock.authorize.return_value = resource
|
self.request_tokens_mock.authorize.return_value = resource
|
||||||
@ -93,11 +101,11 @@ class TestRequestTokenAuthorize(TestOAuth1):
|
|||||||
def test_authorize_request_tokens(self):
|
def test_authorize_request_tokens(self):
|
||||||
arglist = [
|
arglist = [
|
||||||
'--request-key', identity_fakes.request_token_id,
|
'--request-key', identity_fakes.request_token_id,
|
||||||
'--role-ids', identity_fakes.role_id,
|
'--role', identity_fakes.role_name,
|
||||||
]
|
]
|
||||||
verifylist = [
|
verifylist = [
|
||||||
('request_key', identity_fakes.request_token_id),
|
('request_key', identity_fakes.request_token_id),
|
||||||
('role_ids', identity_fakes.role_id),
|
('role', [identity_fakes.role_name]),
|
||||||
]
|
]
|
||||||
parsed_args = self.check_parser(self.cmd, arglist, verifylist)
|
parsed_args = self.check_parser(self.cmd, arglist, verifylist)
|
||||||
columns, data = self.cmd.take_action(parsed_args)
|
columns, data = self.cmd.take_action(parsed_args)
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user