Merge "add auth token to context"
This commit is contained in:
commit
39ca279703
@ -48,10 +48,14 @@ class NeutronKeystoneContext(wsgi.Middleware):
|
||||
# Use request_id if already set
|
||||
req_id = req.environ.get(request_id.ENV_REQUEST_ID)
|
||||
|
||||
# Get the auth token
|
||||
auth_token = req.headers.get('X_AUTH_TOKEN',
|
||||
req.headers.get('X_STORAGE_TOKEN'))
|
||||
|
||||
# Create a context with the authentication data
|
||||
ctx = context.Context(user_id, tenant_id, roles=roles,
|
||||
user_name=user_name, tenant_name=tenant_name,
|
||||
request_id=req_id)
|
||||
request_id=req_id, auth_token=auth_token)
|
||||
|
||||
# Inject the context...
|
||||
req.environ['neutron.context'] = ctx
|
||||
|
@ -106,7 +106,12 @@ def get_notifier(service=None, host=None, publisher_id=None):
|
||||
|
||||
class RPCDispatcher(rpc_dispatcher.RPCDispatcher):
|
||||
def __call__(self, incoming):
|
||||
LOG.debug('Incoming RPC: ctxt:%s message:%s', incoming.ctxt,
|
||||
# NOTE(yamahata): '***' is chosen for consistency with
|
||||
# openstack.common.strutils.mask_password
|
||||
sanitize_key_list = ('auth_token', )
|
||||
sanitized_ctxt = dict((k, '***' if k in sanitize_key_list else v)
|
||||
for (k, v) in incoming.ctxt.items())
|
||||
LOG.debug('Incoming RPC: ctxt:%s message:%s', sanitized_ctxt,
|
||||
incoming.message)
|
||||
return super(RPCDispatcher, self).__call__(incoming)
|
||||
|
||||
|
@ -39,7 +39,7 @@ class ContextBase(common_context.RequestContext):
|
||||
def __init__(self, user_id, tenant_id, is_admin=None, read_deleted="no",
|
||||
roles=None, timestamp=None, load_admin_roles=True,
|
||||
request_id=None, tenant_name=None, user_name=None,
|
||||
overwrite=True, **kwargs):
|
||||
overwrite=True, auth_token=None, **kwargs):
|
||||
"""Object initialization.
|
||||
|
||||
:param read_deleted: 'no' indicates deleted records are hidden, 'yes'
|
||||
@ -52,7 +52,8 @@ class ContextBase(common_context.RequestContext):
|
||||
:param kwargs: Extra arguments that might be present, but we ignore
|
||||
because they possibly came in from older rpc messages.
|
||||
"""
|
||||
super(ContextBase, self).__init__(user=user_id, tenant=tenant_id,
|
||||
super(ContextBase, self).__init__(auth_token=auth_token,
|
||||
user=user_id, tenant=tenant_id,
|
||||
is_admin=is_admin,
|
||||
request_id=request_id)
|
||||
self.user_name = user_name
|
||||
@ -130,6 +131,7 @@ class ContextBase(common_context.RequestContext):
|
||||
'tenant_name': self.tenant_name,
|
||||
'project_name': self.tenant_name,
|
||||
'user_name': self.user_name,
|
||||
'auth_token': self.auth_token,
|
||||
}
|
||||
|
||||
@classmethod
|
||||
|
@ -95,3 +95,17 @@ class NeutronKeystoneContextTestCase(base.BaseTestCase):
|
||||
self.request.environ[request_id.ENV_REQUEST_ID] = req_id
|
||||
self.request.get_response(self.middleware)
|
||||
self.assertEqual(req_id, self.context.request_id)
|
||||
|
||||
def test_with_auth_token(self):
|
||||
self.request.headers['X_PROJECT_ID'] = 'testtenantid'
|
||||
self.request.headers['X_USER_ID'] = 'testuserid'
|
||||
response = self.request.get_response(self.middleware)
|
||||
self.assertEqual(response.status, '200 OK')
|
||||
self.assertEqual(self.context.auth_token, 'testauthtoken')
|
||||
|
||||
def test_without_auth_token(self):
|
||||
self.request.headers['X_PROJECT_ID'] = 'testtenantid'
|
||||
self.request.headers['X_USER_ID'] = 'testuserid'
|
||||
del self.request.headers['X_AUTH_TOKEN']
|
||||
self.request.get_response(self.middleware)
|
||||
self.assertIsNone(self.context.auth_token)
|
||||
|
@ -39,6 +39,7 @@ class TestNeutronContext(base.BaseTestCase):
|
||||
self.assertEqual('tenant_id', ctx.tenant)
|
||||
self.assertIsNone(ctx.user_name)
|
||||
self.assertIsNone(ctx.tenant_name)
|
||||
self.assertIsNone(ctx.auth_token)
|
||||
|
||||
def test_neutron_context_create_logs_unknown_kwarg(self):
|
||||
with mock.patch.object(context.LOG, 'debug') as mock_log:
|
||||
@ -59,6 +60,11 @@ class TestNeutronContext(base.BaseTestCase):
|
||||
ctx = context.Context('user_id', 'tenant_id', request_id='req_id_xxx')
|
||||
self.assertEqual('req_id_xxx', ctx.request_id)
|
||||
|
||||
def test_neutron_context_create_with_auth_token(self):
|
||||
ctx = context.Context('user_id', 'tenant_id',
|
||||
auth_token='auth_token_xxx')
|
||||
self.assertEqual('auth_token_xxx', ctx.auth_token)
|
||||
|
||||
def test_neutron_context_to_dict(self):
|
||||
ctx = context.Context('user_id', 'tenant_id')
|
||||
ctx_dict = ctx.to_dict()
|
||||
@ -70,6 +76,7 @@ class TestNeutronContext(base.BaseTestCase):
|
||||
self.assertIsNone(ctx_dict['user_name'])
|
||||
self.assertIsNone(ctx_dict['tenant_name'])
|
||||
self.assertIsNone(ctx_dict['project_name'])
|
||||
self.assertIsNone(ctx_dict['auth_token'])
|
||||
|
||||
def test_neutron_context_to_dict_with_name(self):
|
||||
ctx = context.Context('user_id', 'tenant_id',
|
||||
@ -79,12 +86,19 @@ class TestNeutronContext(base.BaseTestCase):
|
||||
self.assertEqual('tenant_name', ctx_dict['tenant_name'])
|
||||
self.assertEqual('tenant_name', ctx_dict['project_name'])
|
||||
|
||||
def test_neutron_context_to_dict_with_auth_token(self):
|
||||
ctx = context.Context('user_id', 'tenant_id',
|
||||
auth_token='auth_token_xxx')
|
||||
ctx_dict = ctx.to_dict()
|
||||
self.assertEqual('auth_token_xxx', ctx_dict['auth_token'])
|
||||
|
||||
def test_neutron_context_admin_to_dict(self):
|
||||
self.db_api_session.return_value = 'fakesession'
|
||||
ctx = context.get_admin_context()
|
||||
ctx_dict = ctx.to_dict()
|
||||
self.assertIsNone(ctx_dict['user_id'])
|
||||
self.assertIsNone(ctx_dict['tenant_id'])
|
||||
self.assertIsNone(ctx_dict['auth_token'])
|
||||
self.assertIsNotNone(ctx.session)
|
||||
self.assertNotIn('session', ctx_dict)
|
||||
|
||||
@ -93,6 +107,7 @@ class TestNeutronContext(base.BaseTestCase):
|
||||
ctx_dict = ctx.to_dict()
|
||||
self.assertIsNone(ctx_dict['user_id'])
|
||||
self.assertIsNone(ctx_dict['tenant_id'])
|
||||
self.assertIsNone(ctx_dict['auth_token'])
|
||||
self.assertFalse(hasattr(ctx, 'session'))
|
||||
|
||||
def test_neutron_context_with_load_roles_true(self):
|
||||
|
Loading…
Reference in New Issue
Block a user