Merge "add auth token to context"

This commit is contained in:
Jenkins 2014-08-13 17:33:49 +00:00 committed by Gerrit Code Review
commit 39ca279703
5 changed files with 44 additions and 4 deletions

View File

@ -48,10 +48,14 @@ class NeutronKeystoneContext(wsgi.Middleware):
# Use request_id if already set
req_id = req.environ.get(request_id.ENV_REQUEST_ID)
# Get the auth token
auth_token = req.headers.get('X_AUTH_TOKEN',
req.headers.get('X_STORAGE_TOKEN'))
# Create a context with the authentication data
ctx = context.Context(user_id, tenant_id, roles=roles,
user_name=user_name, tenant_name=tenant_name,
request_id=req_id)
request_id=req_id, auth_token=auth_token)
# Inject the context...
req.environ['neutron.context'] = ctx

View File

@ -106,7 +106,12 @@ def get_notifier(service=None, host=None, publisher_id=None):
class RPCDispatcher(rpc_dispatcher.RPCDispatcher):
def __call__(self, incoming):
LOG.debug('Incoming RPC: ctxt:%s message:%s', incoming.ctxt,
# NOTE(yamahata): '***' is chosen for consistency with
# openstack.common.strutils.mask_password
sanitize_key_list = ('auth_token', )
sanitized_ctxt = dict((k, '***' if k in sanitize_key_list else v)
for (k, v) in incoming.ctxt.items())
LOG.debug('Incoming RPC: ctxt:%s message:%s', sanitized_ctxt,
incoming.message)
return super(RPCDispatcher, self).__call__(incoming)

View File

@ -39,7 +39,7 @@ class ContextBase(common_context.RequestContext):
def __init__(self, user_id, tenant_id, is_admin=None, read_deleted="no",
roles=None, timestamp=None, load_admin_roles=True,
request_id=None, tenant_name=None, user_name=None,
overwrite=True, **kwargs):
overwrite=True, auth_token=None, **kwargs):
"""Object initialization.
:param read_deleted: 'no' indicates deleted records are hidden, 'yes'
@ -52,7 +52,8 @@ class ContextBase(common_context.RequestContext):
:param kwargs: Extra arguments that might be present, but we ignore
because they possibly came in from older rpc messages.
"""
super(ContextBase, self).__init__(user=user_id, tenant=tenant_id,
super(ContextBase, self).__init__(auth_token=auth_token,
user=user_id, tenant=tenant_id,
is_admin=is_admin,
request_id=request_id)
self.user_name = user_name
@ -130,6 +131,7 @@ class ContextBase(common_context.RequestContext):
'tenant_name': self.tenant_name,
'project_name': self.tenant_name,
'user_name': self.user_name,
'auth_token': self.auth_token,
}
@classmethod

View File

@ -95,3 +95,17 @@ class NeutronKeystoneContextTestCase(base.BaseTestCase):
self.request.environ[request_id.ENV_REQUEST_ID] = req_id
self.request.get_response(self.middleware)
self.assertEqual(req_id, self.context.request_id)
def test_with_auth_token(self):
self.request.headers['X_PROJECT_ID'] = 'testtenantid'
self.request.headers['X_USER_ID'] = 'testuserid'
response = self.request.get_response(self.middleware)
self.assertEqual(response.status, '200 OK')
self.assertEqual(self.context.auth_token, 'testauthtoken')
def test_without_auth_token(self):
self.request.headers['X_PROJECT_ID'] = 'testtenantid'
self.request.headers['X_USER_ID'] = 'testuserid'
del self.request.headers['X_AUTH_TOKEN']
self.request.get_response(self.middleware)
self.assertIsNone(self.context.auth_token)

View File

@ -39,6 +39,7 @@ class TestNeutronContext(base.BaseTestCase):
self.assertEqual('tenant_id', ctx.tenant)
self.assertIsNone(ctx.user_name)
self.assertIsNone(ctx.tenant_name)
self.assertIsNone(ctx.auth_token)
def test_neutron_context_create_logs_unknown_kwarg(self):
with mock.patch.object(context.LOG, 'debug') as mock_log:
@ -59,6 +60,11 @@ class TestNeutronContext(base.BaseTestCase):
ctx = context.Context('user_id', 'tenant_id', request_id='req_id_xxx')
self.assertEqual('req_id_xxx', ctx.request_id)
def test_neutron_context_create_with_auth_token(self):
ctx = context.Context('user_id', 'tenant_id',
auth_token='auth_token_xxx')
self.assertEqual('auth_token_xxx', ctx.auth_token)
def test_neutron_context_to_dict(self):
ctx = context.Context('user_id', 'tenant_id')
ctx_dict = ctx.to_dict()
@ -70,6 +76,7 @@ class TestNeutronContext(base.BaseTestCase):
self.assertIsNone(ctx_dict['user_name'])
self.assertIsNone(ctx_dict['tenant_name'])
self.assertIsNone(ctx_dict['project_name'])
self.assertIsNone(ctx_dict['auth_token'])
def test_neutron_context_to_dict_with_name(self):
ctx = context.Context('user_id', 'tenant_id',
@ -79,12 +86,19 @@ class TestNeutronContext(base.BaseTestCase):
self.assertEqual('tenant_name', ctx_dict['tenant_name'])
self.assertEqual('tenant_name', ctx_dict['project_name'])
def test_neutron_context_to_dict_with_auth_token(self):
ctx = context.Context('user_id', 'tenant_id',
auth_token='auth_token_xxx')
ctx_dict = ctx.to_dict()
self.assertEqual('auth_token_xxx', ctx_dict['auth_token'])
def test_neutron_context_admin_to_dict(self):
self.db_api_session.return_value = 'fakesession'
ctx = context.get_admin_context()
ctx_dict = ctx.to_dict()
self.assertIsNone(ctx_dict['user_id'])
self.assertIsNone(ctx_dict['tenant_id'])
self.assertIsNone(ctx_dict['auth_token'])
self.assertIsNotNone(ctx.session)
self.assertNotIn('session', ctx_dict)
@ -93,6 +107,7 @@ class TestNeutronContext(base.BaseTestCase):
ctx_dict = ctx.to_dict()
self.assertIsNone(ctx_dict['user_id'])
self.assertIsNone(ctx_dict['tenant_id'])
self.assertIsNone(ctx_dict['auth_token'])
self.assertFalse(hasattr(ctx, 'session'))
def test_neutron_context_with_load_roles_true(self):