Introduce Castellan Credential Objects
This patch introduces the credential class in Castellan. It
includes Credential, Token, Password, Keystone Token, and
Keystone Password classes.
It is the first of several patches which will implement the
"Allow different Keystone Auth Support in Castellan" blueprint.
Other patches will add:
1.) credential factory
2.) barbican key manager logic and tests
3.) documentation on usage
Implements: blueprint remove-keystone-dependency
Change-Id: I4a4a85a108403d832e2bba91c901aaede605168d
Fernando Diaz
8 years ago
0 | # Copyright (c) IBM | |
1 | # All Rights Reserved. | |
2 | # | |
3 | # Licensed under the Apache License, Version 2.0 (the "License"); you may | |
4 | # not use this file except in compliance with the License. You may obtain | |
5 | # a copy of the License at | |
6 | # | |
7 | # http://www.apache.org/licenses/LICENSE-2.0 | |
8 | # | |
9 | # Unless required by applicable law or agreed to in writing, software | |
10 | # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT | |
11 | # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the | |
12 | # License for the specific language governing permissions and limitations | |
13 | # under the License. | |
14 | ||
15 | """ | |
16 | Base Credential Object Class | |
17 | ||
18 | This module defines the Credential class. The Credential class is the base | |
19 | class to represent all credentials which a KeyMaster can use for | |
20 | authenticating. | |
21 | """ | |
22 | ||
23 | import abc | |
24 | ||
25 | import six | |
26 | ||
27 | ||
28 | @six.add_metaclass(abc.ABCMeta) | |
29 | class Credential(object): | |
30 | """Base class to represent all credentials.""" | |
31 | ||
32 | def __init__(self): | |
33 | pass |
0 | # Copyright (c) 2015 IBM | |
1 | # All Rights Reserved. | |
2 | # | |
3 | # Licensed under the Apache License, Version 2.0 (the "License"); you may | |
4 | # not use this file except in compliance with the License. You may obtain | |
5 | # a copy of the License at | |
6 | # | |
7 | # http://www.apache.org/licenses/LICENSE-2.0 | |
8 | # | |
9 | # Unless required by applicable law or agreed to in writing, software | |
10 | # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT | |
11 | # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the | |
12 | # License for the specific language governing permissions and limitations | |
13 | # under the License. | |
14 | """ | |
15 | Keystone Password Credential | |
16 | ||
17 | This module defines the Keystone Password credential. | |
18 | """ | |
19 | from castellan.common.credentials import password | |
20 | ||
21 | ||
22 | class KeystonePassword(password.Password): | |
23 | """This class represents a keystone password credential.""" | |
24 | ||
25 | def __init__(self, password, username=None, user_id=None, | |
26 | user_domain_id=None, user_domain_name=None, trust_id=None, | |
27 | domain_id=None, domain_name=None, project_id=None, | |
28 | project_name=None, project_domain_id=None, | |
29 | project_domain_name=None, reauthenticate=True): | |
30 | """Create a new Keystone Password Credential. | |
31 | ||
32 | :param string password: Password for authentication. | |
33 | :param string username: Username for authentication. | |
34 | :param string user_id: User ID for authentication. | |
35 | :param string user_domain_id: User's domain ID for authentication. | |
36 | :param string user_domain_name: User's domain name for authentication. | |
37 | :param string trust_id: Trust ID for trust scoping. | |
38 | :param string domain_id: Domain ID for domain scoping. | |
39 | :param string domain_name: Domain name for domain scoping. | |
40 | :param string project_id: Project ID for project scoping. | |
41 | :param string project_name: Project name for project scoping. | |
42 | :param string project_domain_id: Project's domain ID for project. | |
43 | :param string project_domain_name: Project's domain name for project. | |
44 | :param bool reauthenticate: Allow fetching a new token if the current | |
45 | one is going to expire. (optional) default True | |
46 | """ | |
47 | ||
48 | self._user_id = user_id | |
49 | self._user_domain_id = user_domain_id | |
50 | self._user_domain_name = user_domain_name | |
51 | self._trust_id = trust_id | |
52 | self._domain_id = domain_id | |
53 | self._domain_name = domain_name | |
54 | self._project_id = project_id | |
55 | self._project_name = project_name | |
56 | self._project_domain_id = project_domain_id | |
57 | self._project_domain_name = project_domain_name | |
58 | self._reauthenticate = reauthenticate | |
59 | ||
60 | super(KeystonePassword, self).__init__(username, | |
61 | password) | |
62 | ||
63 | @property | |
64 | def user_id(self): | |
65 | """This method returns a user_id.""" | |
66 | return self._user_id | |
67 | ||
68 | @property | |
69 | def user_domain_id(self): | |
70 | """This method returns a user_domain_id.""" | |
71 | return self._user_domain_id | |
72 | ||
73 | @property | |
74 | def user_domain_name(self): | |
75 | """This method returns a user_domain_name.""" | |
76 | return self._user_domain_name | |
77 | ||
78 | @property | |
79 | def trust_id(self): | |
80 | """This method returns a trust_id.""" | |
81 | return self._trust_id | |
82 | ||
83 | @property | |
84 | def domain_id(self): | |
85 | """This method returns a domain_id.""" | |
86 | return self._domain_id | |
87 | ||
88 | @property | |
89 | def domain_name(self): | |
90 | """This method returns a domain_name.""" | |
91 | return self._domain_name | |
92 | ||
93 | @property | |
94 | def project_id(self): | |
95 | """This method returns a project_id.""" | |
96 | return self._project_id | |
97 | ||
98 | @property | |
99 | def project_name(self): | |
100 | """This method returns a project_name.""" | |
101 | return self._project_name | |
102 | ||
103 | @property | |
104 | def project_domain_id(self): | |
105 | """This method returns a project_domain_id.""" | |
106 | return self._project_domain_id | |
107 | ||
108 | @property | |
109 | def project_domain_name(self): | |
110 | """This method returns a project_domain_name.""" | |
111 | return self._project_domain_name | |
112 | ||
113 | @property | |
114 | def reauthenticate(self): | |
115 | """This method returns reauthenticate.""" | |
116 | return self._reauthenticate | |
117 | ||
118 | def __eq__(self, other): | |
119 | if isinstance(other, KeystonePassword): | |
120 | return ( | |
121 | self._password == other._password and | |
122 | self._username == other._username and | |
123 | self._user_id == other._user_id and | |
124 | self._user_domain_id == other._user_domain_id and | |
125 | self._user_domain_name == other._user_domain_name and | |
126 | self._trust_id == other._trust_id and | |
127 | self._domain_id == other._domain_id and | |
128 | self._domain_name == other._domain_name and | |
129 | self._project_id == other._project_id and | |
130 | self._project_name == other._project_name and | |
131 | self._project_domain_id == other._project_domain_id and | |
132 | self._project_domain_name == other._project_domain_name and | |
133 | self._reauthenticate == other._reauthenticate) | |
134 | else: | |
135 | return False | |
136 | ||
137 | def __ne__(self, other): | |
138 | result = self.__eq__(other) | |
139 | return not result |
0 | # Copyright (c) 2015 IBM | |
1 | # All Rights Reserved. | |
2 | # | |
3 | # Licensed under the Apache License, Version 2.0 (the "License"); you may | |
4 | # not use this file except in compliance with the License. You may obtain | |
5 | # a copy of the License at | |
6 | # | |
7 | # http://www.apache.org/licenses/LICENSE-2.0 | |
8 | # | |
9 | # Unless required by applicable law or agreed to in writing, software | |
10 | # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT | |
11 | # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the | |
12 | # License for the specific language governing permissions and limitations | |
13 | # under the License. | |
14 | """ | |
15 | Keystone Token Credential | |
16 | ||
17 | This module defines the Keystone Token credential. | |
18 | """ | |
19 | from castellan.common.credentials import token | |
20 | ||
21 | ||
22 | class KeystoneToken(token.Token): | |
23 | """This class represents a keystone token credential.""" | |
24 | ||
25 | def __init__(self, token, trust_id=None, domain_id=None, domain_name=None, | |
26 | project_id=None, project_name=None, project_domain_id=None, | |
27 | project_domain_name=None, reauthenticate=True): | |
28 | """Create a new Keystone Token Credential. | |
29 | ||
30 | :param string token: Token for authentication. The type of token | |
31 | formats accepted are UUID, PKI, and Fernet. | |
32 | :param string trust_id: Trust ID for trust scoping. | |
33 | :param string domain_id: Domain ID for domain scoping. | |
34 | :param string domain_name: Domain name for domain scoping. | |
35 | :param string project_id: Project ID for project scoping. | |
36 | :param string project_name: Project name for project scoping. | |
37 | :param string project_domain_id: Project's domain ID for project. | |
38 | :param string project_domain_name: Project's domain name for project. | |
39 | :param bool reauthenticate: Allow fetching a new token if the current | |
40 | one is going to expire. (optional) default True | |
41 | """ | |
42 | ||
43 | self._trust_id = trust_id | |
44 | self._domain_id = domain_id | |
45 | self._domain_name = domain_name | |
46 | self._project_id = project_id | |
47 | self._project_name = project_name | |
48 | self._project_domain_id = project_domain_id | |
49 | self._project_domain_name = project_domain_name | |
50 | self._reauthenticate = reauthenticate | |
51 | ||
52 | super(KeystoneToken, self).__init__(token) | |
53 | ||
54 | @property | |
55 | def trust_id(self): | |
56 | """This method returns a trust_id.""" | |
57 | return self._trust_id | |
58 | ||
59 | @property | |
60 | def domain_id(self): | |
61 | """This method returns a domain_id.""" | |
62 | return self._domain_id | |
63 | ||
64 | @property | |
65 | def domain_name(self): | |
66 | """This method returns a domain_name.""" | |
67 | return self._domain_name | |
68 | ||
69 | @property | |
70 | def project_id(self): | |
71 | """This method returns a project_id.""" | |
72 | return self._project_id | |
73 | ||
74 | @property | |
75 | def project_name(self): | |
76 | """This method returns a project_name.""" | |
77 | return self._project_name | |
78 | ||
79 | @property | |
80 | def project_domain_id(self): | |
81 | """This method returns a project_domain_id.""" | |
82 | return self._project_domain_id | |
83 | ||
84 | @property | |
85 | def project_domain_name(self): | |
86 | """This method returns a project_domain_name.""" | |
87 | return self._project_domain_name | |
88 | ||
89 | @property | |
90 | def reauthenticate(self): | |
91 | """This method returns reauthenticate.""" | |
92 | return self._reauthenticate | |
93 | ||
94 | def __eq__(self, other): | |
95 | if isinstance(other, KeystoneToken): | |
96 | return ( | |
97 | self._token == other._token and | |
98 | self._trust_id == other._trust_id and | |
99 | self._domain_id == other._domain_id and | |
100 | self._domain_name == other._domain_name and | |
101 | self._project_id == other._project_id and | |
102 | self._project_name == other._project_name and | |
103 | self._project_domain_id == other._project_domain_id and | |
104 | self._project_domain_name == other._project_domain_name and | |
105 | self._reauthenticate == other._reauthenticate) | |
106 | else: | |
107 | return False | |
108 | ||
109 | def __ne__(self, other): | |
110 | result = self.__eq__(other) | |
111 | return not result |
0 | # Copyright (c) 2015 IBM | |
1 | # All Rights Reserved. | |
2 | # | |
3 | # Licensed under the Apache License, Version 2.0 (the "License"); you may | |
4 | # not use this file except in compliance with the License. You may obtain | |
5 | # a copy of the License at | |
6 | # | |
7 | # http://www.apache.org/licenses/LICENSE-2.0 | |
8 | # | |
9 | # Unless required by applicable law or agreed to in writing, software | |
10 | # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT | |
11 | # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the | |
12 | # License for the specific language governing permissions and limitations | |
13 | # under the License. | |
14 | """ | |
15 | Base Password Credential | |
16 | ||
17 | This module defines the Password credential. | |
18 | """ | |
19 | ||
20 | from castellan.common.credentials import credential | |
21 | ||
22 | ||
23 | class Password(credential.Credential): | |
24 | """This class represents a password credential.""" | |
25 | ||
26 | def __init__(self, username, password): | |
27 | """Create a new Password credential. | |
28 | ||
29 | :param string password: Password for authentication. | |
30 | :param string username: Username for authentication. | |
31 | """ | |
32 | ||
33 | self._username = username | |
34 | self._password = password | |
35 | ||
36 | @property | |
37 | def username(self): | |
38 | """This method returns a username.""" | |
39 | return self._username | |
40 | ||
41 | @property | |
42 | def password(self): | |
43 | """This method returns a password.""" | |
44 | return self._password | |
45 | ||
46 | def __eq__(self, other): | |
47 | if isinstance(other, Password): | |
48 | return (self._username == other._username and | |
49 | self._password == other._password) | |
50 | else: | |
51 | return False | |
52 | ||
53 | def __ne__(self, other): | |
54 | result = self.__eq__(other) | |
55 | return not result |
0 | # Copyright (c) 2015 IBM | |
1 | # All Rights Reserved. | |
2 | # | |
3 | # Licensed under the Apache License, Version 2.0 (the "License"); you may | |
4 | # not use this file except in compliance with the License. You may obtain | |
5 | # a copy of the License at | |
6 | # | |
7 | # http://www.apache.org/licenses/LICENSE-2.0 | |
8 | # | |
9 | # Unless required by applicable law or agreed to in writing, software | |
10 | # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT | |
11 | # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the | |
12 | # License for the specific language governing permissions and limitations | |
13 | # under the License. | |
14 | """ | |
15 | Base Token Credential | |
16 | ||
17 | This module defines the Token credential. | |
18 | """ | |
19 | ||
20 | from castellan.common.credentials import credential | |
21 | ||
22 | ||
23 | class Token(credential.Credential): | |
24 | """This class represents a token credential.""" | |
25 | ||
26 | def __init__(self, token): | |
27 | """Create a new Token credential. | |
28 | ||
29 | :param string token: Token for authentication. | |
30 | """ | |
31 | ||
32 | self._token = token | |
33 | ||
34 | @property | |
35 | def token(self): | |
36 | """This method returns a token.""" | |
37 | return self._token | |
38 | ||
39 | def __eq__(self, other): | |
40 | if isinstance(other, Token): | |
41 | return (self._token == other._token) | |
42 | else: | |
43 | return False | |
44 | ||
45 | def __ne__(self, other): | |
46 | result = self.__eq__(other) | |
47 | return not result |
0 | # Copyright (c) 2015 IBM | |
1 | # All Rights Reserved. | |
2 | # | |
3 | # Licensed under the Apache License, Version 2.0 (the "License"); you may | |
4 | # not use this file except in compliance with the License. You may obtain | |
5 | # a copy of the License at | |
6 | # | |
7 | # http://www.apache.org/licenses/LICENSE-2.0 | |
8 | # | |
9 | # Unless required by applicable law or agreed to in writing, software | |
10 | # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT | |
11 | # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the | |
12 | # License for the specific language governing permissions and limitations | |
13 | # under the License. | |
14 | ||
15 | """ | |
16 | Test cases for the keystone password credential | |
17 | """ | |
18 | ||
19 | from castellan.common.credentials import keystone_password | |
20 | from castellan.tests import base | |
21 | ||
22 | ||
23 | class KeystonePasswordTestCase(base.TestCase): | |
24 | ||
25 | def _create_ks_password_credential(self): | |
26 | return keystone_password.KeystonePassword( | |
27 | self.password, | |
28 | username=self.username, | |
29 | user_id=self.user_id, | |
30 | user_domain_id=self.user_domain_id, | |
31 | user_domain_name=self.user_domain_name, | |
32 | trust_id=self.trust_id, | |
33 | domain_id=self.domain_id, | |
34 | domain_name=self.domain_name, | |
35 | project_id=self.project_id, | |
36 | project_name=self.project_name, | |
37 | project_domain_id=self.project_domain_id, | |
38 | project_domain_name=self.project_domain_name, | |
39 | reauthenticate=self.reauthenticate) | |
40 | ||
41 | def setUp(self): | |
42 | self.password = "Pa$$w0rd1", | |
43 | self.username = "admin", | |
44 | self.user_id = "1adb2391c009443aa5224b316d4a06ae", | |
45 | self.user_domain_id = "default", | |
46 | self.user_domain_name = "default", | |
47 | self.trust_id = "14b38a8296f144148138466ce9280940", | |
48 | self.domain_id = "default", | |
49 | self.domain_name = "default", | |
50 | self.project_id = "1099302ec608486f9879ba2466c60720", | |
51 | self.project_name = "demo", | |
52 | self.project_domain_id = "default", | |
53 | self.project_domain_name = "default", | |
54 | self.reauthenticate = True | |
55 | ||
56 | self.ks_password_credential = self._create_ks_password_credential() | |
57 | ||
58 | super(KeystonePasswordTestCase, self).setUp() | |
59 | ||
60 | def test_get_password(self): | |
61 | self.assertEqual(self.password, | |
62 | self.ks_password_credential.password) | |
63 | ||
64 | def test_get_username(self): | |
65 | self.assertEqual(self.username, | |
66 | self.ks_password_credential.username) | |
67 | ||
68 | def test_get_user_id(self): | |
69 | self.assertEqual(self.user_id, | |
70 | self.ks_password_credential.user_id) | |
71 | ||
72 | def test_get_user_domain_id(self): | |
73 | self.assertEqual(self.user_domain_id, | |
74 | self.ks_password_credential.user_domain_id) | |
75 | ||
76 | def test_get_user_domain_name(self): | |
77 | self.assertEqual(self.user_domain_name, | |
78 | self.ks_password_credential.user_domain_name) | |
79 | ||
80 | def test_get_trust_id(self): | |
81 | self.assertEqual(self.trust_id, | |
82 | self.ks_password_credential.trust_id) | |
83 | ||
84 | def test_get_domain_id(self): | |
85 | self.assertEqual(self.domain_id, | |
86 | self.ks_password_credential.domain_id) | |
87 | ||
88 | def test_get_domain_name(self): | |
89 | self.assertEqual(self.domain_name, | |
90 | self.ks_password_credential.domain_name) | |
91 | ||
92 | def test_get_project_id(self): | |
93 | self.assertEqual(self.project_id, | |
94 | self.ks_password_credential.project_id) | |
95 | ||
96 | def test_get_project_name(self): | |
97 | self.assertEqual(self.project_name, | |
98 | self.ks_password_credential.project_name) | |
99 | ||
100 | def test_get_project_domain_id(self): | |
101 | self.assertEqual(self.project_domain_id, | |
102 | self.ks_password_credential.project_domain_id) | |
103 | ||
104 | def test_get_project_domain_name(self): | |
105 | self.assertEqual(self.project_domain_name, | |
106 | self.ks_password_credential.project_domain_name) | |
107 | ||
108 | def test_get_reauthenticate(self): | |
109 | self.assertEqual(self.reauthenticate, | |
110 | self.ks_password_credential.reauthenticate) | |
111 | ||
112 | def test___eq__(self): | |
113 | self.assertTrue(self.ks_password_credential == | |
114 | self.ks_password_credential) | |
115 | self.assertTrue(self.ks_password_credential is | |
116 | self.ks_password_credential) | |
117 | ||
118 | self.assertFalse(self.ks_password_credential is None) | |
119 | self.assertFalse(None == self.ks_password_credential) | |
120 | ||
121 | other_ks_password_credential = keystone_password.KeystonePassword( | |
122 | self.password, | |
123 | username=self.username, | |
124 | user_id=self.user_id, | |
125 | user_domain_id=self.user_domain_id, | |
126 | user_domain_name=self.user_domain_name, | |
127 | trust_id=self.trust_id, | |
128 | domain_id=self.domain_id, | |
129 | domain_name=self.domain_name, | |
130 | project_id=self.project_id, | |
131 | project_name=self.project_name, | |
132 | project_domain_id=self.project_domain_id, | |
133 | project_domain_name=self.project_domain_name, | |
134 | reauthenticate=self.reauthenticate) | |
135 | self.assertTrue(self.ks_password_credential == | |
136 | other_ks_password_credential) | |
137 | self.assertFalse(self.ks_password_credential is | |
138 | other_ks_password_credential) | |
139 | ||
140 | def test___ne___none(self): | |
141 | self.assertTrue(self.ks_password_credential is not None) | |
142 | self.assertTrue(None != self.ks_password_credential) | |
143 | ||
144 | def test___ne___password(self): | |
145 | other_password = "wheresmyCat??" | |
146 | ||
147 | other_ks_password_credential = keystone_password.KeystonePassword( | |
148 | other_password, | |
149 | username=self.username, | |
150 | user_id=self.user_id, | |
151 | user_domain_id=self.user_domain_id, | |
152 | user_domain_name=self.user_domain_name, | |
153 | trust_id=self.trust_id, | |
154 | domain_id=self.domain_id, | |
155 | domain_name=self.domain_name, | |
156 | project_id=self.project_id, | |
157 | project_name=self.project_name, | |
158 | project_domain_id=self.project_domain_id, | |
159 | project_domain_name=self.project_domain_name, | |
160 | reauthenticate=self.reauthenticate) | |
161 | ||
162 | self.assertTrue(self.ks_password_credential != | |
163 | other_ks_password_credential) | |
164 | ||
165 | def test___ne___username(self): | |
166 | other_username = "service" | |
167 | ||
168 | other_ks_password_credential = keystone_password.KeystonePassword( | |
169 | self.password, | |
170 | username=other_username, | |
171 | user_id=self.user_id, | |
172 | user_domain_id=self.user_domain_id, | |
173 | user_domain_name=self.user_domain_name, | |
174 | trust_id=self.trust_id, | |
175 | domain_id=self.domain_id, | |
176 | domain_name=self.domain_name, | |
177 | project_id=self.project_id, | |
178 | project_name=self.project_name, | |
179 | project_domain_id=self.project_domain_id, | |
180 | project_domain_name=self.project_domain_name, | |
181 | reauthenticate=self.reauthenticate) | |
182 | ||
183 | self.assertTrue(self.ks_password_credential != | |
184 | other_ks_password_credential) | |
185 | ||
186 | def test___ne___user_id(self): | |
187 | other_user_id = "service" | |
188 | ||
189 | other_ks_password_credential = keystone_password.KeystonePassword( | |
190 | self.password, | |
191 | username=self.username, | |
192 | user_id=other_user_id, | |
193 | user_domain_id=self.user_domain_id, | |
194 | user_domain_name=self.user_domain_name, | |
195 | trust_id=self.trust_id, | |
196 | domain_id=self.domain_id, | |
197 | domain_name=self.domain_name, | |
198 | project_id=self.project_id, | |
199 | project_name=self.project_name, | |
200 | project_domain_id=self.project_domain_id, | |
201 | project_domain_name=self.project_domain_name, | |
202 | reauthenticate=self.reauthenticate) | |
203 | ||
204 | self.assertTrue(self.ks_password_credential != | |
205 | other_ks_password_credential) | |
206 | ||
207 | def test___ne___user_domain_id(self): | |
208 | other_user_domain_id = "domain0" | |
209 | ||
210 | other_ks_password_credential = keystone_password.KeystonePassword( | |
211 | self.password, | |
212 | username=self.username, | |
213 | user_id=self.user_id, | |
214 | user_domain_id=other_user_domain_id, | |
215 | user_domain_name=self.user_domain_name, | |
216 | trust_id=self.trust_id, | |
217 | domain_id=self.domain_id, | |
218 | domain_name=self.domain_name, | |
219 | project_id=self.project_id, | |
220 | project_name=self.project_name, | |
221 | project_domain_id=self.project_domain_id, | |
222 | project_domain_name=self.project_domain_name, | |
223 | reauthenticate=self.reauthenticate) | |
224 | ||
225 | self.assertTrue(self.ks_password_credential != | |
226 | other_ks_password_credential) | |
227 | ||
228 | def test___ne___user_domain_name(self): | |
229 | other_user_domain_name = "domain0" | |
230 | ||
231 | other_ks_password_credential = keystone_password.KeystonePassword( | |
232 | self.password, | |
233 | username=self.username, | |
234 | user_id=self.user_id, | |
235 | user_domain_id=self.domain_id, | |
236 | user_domain_name=other_user_domain_name, | |
237 | trust_id=self.trust_id, | |
238 | domain_id=self.domain_id, | |
239 | domain_name=self.domain_name, | |
240 | project_id=self.project_id, | |
241 | project_name=self.project_name, | |
242 | project_domain_id=self.project_domain_id, | |
243 | project_domain_name=self.project_domain_name, | |
244 | reauthenticate=self.reauthenticate) | |
245 | ||
246 | self.assertTrue(self.ks_password_credential != | |
247 | other_ks_password_credential) | |
248 | ||
249 | def test___ne___trust_id(self): | |
250 | other_trust_id = "00000000000000" | |
251 | ||
252 | other_ks_password_credential = keystone_password.KeystonePassword( | |
253 | self.password, | |
254 | username=self.username, | |
255 | user_id=self.user_id, | |
256 | user_domain_id=self.user_domain_id, | |
257 | user_domain_name=self.user_domain_name, | |
258 | trust_id=other_trust_id, | |
259 | domain_id=self.domain_id, | |
260 | domain_name=self.domain_name, | |
261 | project_id=self.project_id, | |
262 | project_name=self.project_name, | |
263 | project_domain_id=self.project_domain_id, | |
264 | project_domain_name=self.project_domain_name, | |
265 | reauthenticate=self.reauthenticate) | |
266 | ||
267 | self.assertTrue(self.ks_password_credential != | |
268 | other_ks_password_credential) | |
269 | ||
270 | def test___ne___domain_id(self): | |
271 | other_domain_id = "domain0" | |
272 | ||
273 | other_ks_password_credential = keystone_password.KeystonePassword( | |
274 | self.password, | |
275 | username=self.username, | |
276 | user_id=self.user_id, | |
277 | user_domain_id=self.user_domain_id, | |
278 | user_domain_name=self.user_domain_name, | |
279 | trust_id=self.trust_id, | |
280 | domain_id=other_domain_id, | |
281 | domain_name=self.domain_name, | |
282 | project_id=self.project_id, | |
283 | project_name=self.project_name, | |
284 | project_domain_id=self.project_domain_id, | |
285 | project_domain_name=self.project_domain_name, | |
286 | reauthenticate=self.reauthenticate) | |
287 | ||
288 | self.assertTrue(self.ks_password_credential != | |
289 | other_ks_password_credential) | |
290 | ||
291 | def test___ne___domain_name(self): | |
292 | other_domain_name = "domain0" | |
293 | ||
294 | other_ks_password_credential = keystone_password.KeystonePassword( | |
295 | self.password, | |
296 | username=self.username, | |
297 | user_id=self.user_id, | |
298 | user_domain_id=self.user_domain_id, | |
299 | user_domain_name=self.user_domain_name, | |
300 | trust_id=self.trust_id, | |
301 | domain_id=self.domain_id, | |
302 | domain_name=other_domain_name, | |
303 | project_id=self.project_id, | |
304 | project_name=self.project_name, | |
305 | project_domain_id=self.project_domain_id, | |
306 | project_domain_name=self.project_domain_name, | |
307 | reauthenticate=self.reauthenticate) | |
308 | ||
309 | self.assertTrue(self.ks_password_credential != | |
310 | other_ks_password_credential) | |
311 | ||
312 | def test___ne___project_id(self): | |
313 | other_project_id = "00000000000000" | |
314 | ||
315 | other_ks_password_credential = keystone_password.KeystonePassword( | |
316 | self.password, | |
317 | username=self.username, | |
318 | user_id=self.user_id, | |
319 | user_domain_id=self.user_domain_id, | |
320 | user_domain_name=self.user_domain_name, | |
321 | trust_id=self.trust_id, | |
322 | domain_id=self.domain_id, | |
323 | domain_name=self.domain_name, | |
324 | project_id=other_project_id, | |
325 | project_name=self.project_name, | |
326 | project_domain_id=self.project_domain_id, | |
327 | project_domain_name=self.project_domain_name, | |
328 | reauthenticate=self.reauthenticate) | |
329 | ||
330 | self.assertTrue(self.ks_password_credential != | |
331 | other_ks_password_credential) | |
332 | ||
333 | def test___ne___project_name(self): | |
334 | other_project_name = "proj0" | |
335 | ||
336 | other_ks_password_credential = keystone_password.KeystonePassword( | |
337 | self.password, | |
338 | username=self.username, | |
339 | user_id=self.user_id, | |
340 | user_domain_id=self.user_domain_id, | |
341 | user_domain_name=self.user_domain_name, | |
342 | trust_id=self.trust_id, | |
343 | domain_id=self.domain_id, | |
344 | domain_name=self.domain_name, | |
345 | project_id=self.project_id, | |
346 | project_name=other_project_name, | |
347 | project_domain_id=self.project_domain_id, | |
348 | project_domain_name=self.project_domain_name, | |
349 | reauthenticate=self.reauthenticate) | |
350 | ||
351 | self.assertTrue(self.ks_password_credential != | |
352 | other_ks_password_credential) | |
353 | ||
354 | def test___ne___project_domain_id(self): | |
355 | other_project_domain_id = "domain0" | |
356 | ||
357 | other_ks_password_credential = keystone_password.KeystonePassword( | |
358 | self.password, | |
359 | username=self.username, | |
360 | user_id=self.user_id, | |
361 | user_domain_id=self.user_domain_id, | |
362 | user_domain_name=self.user_domain_name, | |
363 | trust_id=self.trust_id, | |
364 | domain_id=self.domain_id, | |
365 | domain_name=self.domain_name, | |
366 | project_id=self.project_id, | |
367 | project_name=self.project_name, | |
368 | project_domain_id=other_project_domain_id, | |
369 | project_domain_name=self.project_domain_name, | |
370 | reauthenticate=self.reauthenticate) | |
371 | ||
372 | self.assertTrue(self.ks_password_credential != | |
373 | other_ks_password_credential) | |
374 | ||
375 | def test___ne___project_domain_name(self): | |
376 | other_project_domain_name = "domain0" | |
377 | ||
378 | other_ks_password_credential = keystone_password.KeystonePassword( | |
379 | self.password, | |
380 | username=self.username, | |
381 | user_id=self.user_id, | |
382 | user_domain_id=self.user_domain_id, | |
383 | user_domain_name=self.user_domain_name, | |
384 | trust_id=self.trust_id, | |
385 | domain_id=self.domain_id, | |
386 | domain_name=self.domain_name, | |
387 | project_id=self.project_id, | |
388 | project_name=self.project_name, | |
389 | project_domain_id=self.project_domain_id, | |
390 | project_domain_name=other_project_domain_name, | |
391 | reauthenticate=self.reauthenticate) | |
392 | ||
393 | self.assertTrue(self.ks_password_credential != | |
394 | other_ks_password_credential) | |
395 | ||
396 | def test___ne___reauthenticate(self): | |
397 | other_reauthenticate = False | |
398 | ||
399 | other_ks_password_credential = keystone_password.KeystonePassword( | |
400 | self.password, | |
401 | username=self.username, | |
402 | user_id=self.user_id, | |
403 | user_domain_id=self.user_domain_id, | |
404 | user_domain_name=self.user_domain_name, | |
405 | trust_id=self.trust_id, | |
406 | domain_id=self.domain_id, | |
407 | domain_name=self.domain_name, | |
408 | project_id=self.project_id, | |
409 | project_name=self.project_name, | |
410 | project_domain_id=self.project_domain_id, | |
411 | project_domain_name=self.project_domain_name, | |
412 | reauthenticate=other_reauthenticate) | |
413 | ||
414 | self.assertTrue(self.ks_password_credential != | |
415 | other_ks_password_credential) |
0 | # Copyright (c) 2015 IBM | |
1 | # All Rights Reserved. | |
2 | # | |
3 | # Licensed under the Apache License, Version 2.0 (the "License"); you may | |
4 | # not use this file except in compliance with the License. You may obtain | |
5 | # a copy of the License at | |
6 | # | |
7 | # http://www.apache.org/licenses/LICENSE-2.0 | |
8 | # | |
9 | # Unless required by applicable law or agreed to in writing, software | |
10 | # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT | |
11 | # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the | |
12 | # License for the specific language governing permissions and limitations | |
13 | # under the License. | |
14 | ||
15 | """ | |
16 | Test cases for the keystone token credential | |
17 | """ | |
18 | ||
19 | from castellan.common.credentials import keystone_token | |
20 | from castellan.tests import base | |
21 | ||
22 | ||
23 | class KeystoneTokenTestCase(base.TestCase): | |
24 | ||
25 | def _create_ks_token_credential(self): | |
26 | return keystone_token.KeystoneToken( | |
27 | self.token, | |
28 | trust_id=self.trust_id, | |
29 | domain_id=self.domain_id, | |
30 | domain_name=self.domain_name, | |
31 | project_id=self.project_id, | |
32 | project_name=self.project_name, | |
33 | project_domain_id=self.project_domain_id, | |
34 | project_domain_name=self.project_domain_name, | |
35 | reauthenticate=self.reauthenticate) | |
36 | ||
37 | def setUp(self): | |
38 | self.token = "8a4aa147d58141c39a7a22905b90ba4e", | |
39 | self.trust_id = "14b38a8296f144148138466ce9280940", | |
40 | self.domain_id = "default", | |
41 | self.domain_name = "default", | |
42 | self.project_id = "1099302ec608486f9879ba2466c60720", | |
43 | self.project_name = "demo", | |
44 | self.project_domain_id = "default", | |
45 | self.project_domain_name = "default", | |
46 | self.reauthenticate = True | |
47 | ||
48 | self.ks_token_credential = self._create_ks_token_credential() | |
49 | ||
50 | super(KeystoneTokenTestCase, self).setUp() | |
51 | ||
52 | def test_get_token(self): | |
53 | self.assertEqual(self.token, | |
54 | self.ks_token_credential.token) | |
55 | ||
56 | def test_get_trust_id(self): | |
57 | self.assertEqual(self.trust_id, | |
58 | self.ks_token_credential.trust_id) | |
59 | ||
60 | def test_get_domain_id(self): | |
61 | self.assertEqual(self.domain_id, | |
62 | self.ks_token_credential.domain_id) | |
63 | ||
64 | def test_get_domain_name(self): | |
65 | self.assertEqual(self.domain_name, | |
66 | self.ks_token_credential.domain_name) | |
67 | ||
68 | def test_get_project_id(self): | |
69 | self.assertEqual(self.project_id, | |
70 | self.ks_token_credential.project_id) | |
71 | ||
72 | def test_get_project_name(self): | |
73 | self.assertEqual(self.project_name, | |
74 | self.ks_token_credential.project_name) | |
75 | ||
76 | def test_get_project_domain_id(self): | |
77 | self.assertEqual(self.project_domain_id, | |
78 | self.ks_token_credential.project_domain_id) | |
79 | ||
80 | def test_get_project_domain_name(self): | |
81 | self.assertEqual(self.project_domain_name, | |
82 | self.ks_token_credential.project_domain_name) | |
83 | ||
84 | def test_get_reauthenticate(self): | |
85 | self.assertEqual(self.reauthenticate, | |
86 | self.ks_token_credential.reauthenticate) | |
87 | ||
88 | def test___eq__(self): | |
89 | self.assertTrue(self.ks_token_credential == | |
90 | self.ks_token_credential) | |
91 | self.assertTrue(self.ks_token_credential is | |
92 | self.ks_token_credential) | |
93 | ||
94 | self.assertFalse(self.ks_token_credential is None) | |
95 | self.assertFalse(None == self.ks_token_credential) | |
96 | ||
97 | other_ks_token_credential = keystone_token.KeystoneToken( | |
98 | self.token, | |
99 | trust_id=self.trust_id, | |
100 | domain_id=self.domain_id, | |
101 | domain_name=self.domain_name, | |
102 | project_id=self.project_id, | |
103 | project_name=self.project_name, | |
104 | project_domain_id=self.project_domain_id, | |
105 | project_domain_name=self.project_domain_name, | |
106 | reauthenticate=self.reauthenticate) | |
107 | self.assertTrue(self.ks_token_credential == | |
108 | other_ks_token_credential) | |
109 | self.assertFalse(self.ks_token_credential is | |
110 | other_ks_token_credential) | |
111 | ||
112 | def test___ne___none(self): | |
113 | self.assertTrue(self.ks_token_credential is not None) | |
114 | self.assertTrue(None != self.ks_token_credential) | |
115 | ||
116 | def test___ne___token(self): | |
117 | other_token = "5c59e3217d3d4dd297589b297aee2a6f" | |
118 | ||
119 | other_ks_token_credential = keystone_token.KeystoneToken( | |
120 | other_token, | |
121 | trust_id=self.trust_id, | |
122 | domain_id=self.domain_id, | |
123 | domain_name=self.domain_name, | |
124 | project_id=self.project_id, | |
125 | project_name=self.project_name, | |
126 | project_domain_id=self.project_domain_id, | |
127 | project_domain_name=self.project_domain_name, | |
128 | reauthenticate=self.reauthenticate) | |
129 | ||
130 | self.assertTrue(self.ks_token_credential != | |
131 | other_ks_token_credential) | |
132 | ||
133 | def test___ne___trust_id(self): | |
134 | other_trust_id = "00000000000000" | |
135 | ||
136 | other_ks_token_credential = keystone_token.KeystoneToken( | |
137 | self.token, | |
138 | trust_id=other_trust_id, | |
139 | domain_id=self.domain_id, | |
140 | domain_name=self.domain_name, | |
141 | project_id=self.project_id, | |
142 | project_name=self.project_name, | |
143 | project_domain_id=self.project_domain_id, | |
144 | project_domain_name=self.project_domain_name, | |
145 | reauthenticate=self.reauthenticate) | |
146 | ||
147 | self.assertTrue(self.ks_token_credential != | |
148 | other_ks_token_credential) | |
149 | ||
150 | def test___ne___domain_id(self): | |
151 | other_domain_id = "domain0" | |
152 | ||
153 | other_ks_token_credential = keystone_token.KeystoneToken( | |
154 | self.token, | |
155 | trust_id=self.trust_id, | |
156 | domain_id=other_domain_id, | |
157 | domain_name=self.domain_name, | |
158 | project_id=self.project_id, | |
159 | project_name=self.project_name, | |
160 | project_domain_id=self.project_domain_id, | |
161 | project_domain_name=self.project_domain_name, | |
162 | reauthenticate=self.reauthenticate) | |
163 | ||
164 | self.assertTrue(self.ks_token_credential != | |
165 | other_ks_token_credential) | |
166 | ||
167 | def test___ne___domain_name(self): | |
168 | other_domain_name = "domain0" | |
169 | ||
170 | other_ks_token_credential = keystone_token.KeystoneToken( | |
171 | self.token, | |
172 | trust_id=self.trust_id, | |
173 | domain_id=self.domain_id, | |
174 | domain_name=other_domain_name, | |
175 | project_id=self.project_id, | |
176 | project_name=self.project_name, | |
177 | project_domain_id=self.project_domain_id, | |
178 | project_domain_name=self.project_domain_name, | |
179 | reauthenticate=self.reauthenticate) | |
180 | ||
181 | self.assertTrue(self.ks_token_credential != | |
182 | other_ks_token_credential) | |
183 | ||
184 | def test___ne___project_id(self): | |
185 | other_project_id = "00000000000000" | |
186 | ||
187 | other_ks_token_credential = keystone_token.KeystoneToken( | |
188 | self.token, | |
189 | trust_id=self.trust_id, | |
190 | domain_id=self.domain_id, | |
191 | domain_name=self.domain_name, | |
192 | project_id=other_project_id, | |
193 | project_name=self.project_name, | |
194 | project_domain_id=self.project_domain_id, | |
195 | project_domain_name=self.project_domain_name, | |
196 | reauthenticate=self.reauthenticate) | |
197 | ||
198 | self.assertTrue(self.ks_token_credential != | |
199 | other_ks_token_credential) | |
200 | ||
201 | def test___ne___project_name(self): | |
202 | other_project_name = "proj0" | |
203 | ||
204 | other_ks_token_credential = keystone_token.KeystoneToken( | |
205 | self.token, | |
206 | trust_id=self.trust_id, | |
207 | domain_id=self.domain_id, | |
208 | domain_name=self.domain_name, | |
209 | project_id=self.project_id, | |
210 | project_name=other_project_name, | |
211 | project_domain_id=self.project_domain_id, | |
212 | project_domain_name=self.project_domain_name, | |
213 | reauthenticate=self.reauthenticate) | |
214 | ||
215 | self.assertTrue(self.ks_token_credential != | |
216 | other_ks_token_credential) | |
217 | ||
218 | def test___ne___project_domain_id(self): | |
219 | other_project_domain_id = "domain0" | |
220 | ||
221 | other_ks_token_credential = keystone_token.KeystoneToken( | |
222 | self.token, | |
223 | trust_id=self.trust_id, | |
224 | domain_id=self.domain_id, | |
225 | domain_name=self.domain_name, | |
226 | project_id=self.project_id, | |
227 | project_name=self.project_name, | |
228 | project_domain_id=other_project_domain_id, | |
229 | project_domain_name=self.project_domain_name, | |
230 | reauthenticate=self.reauthenticate) | |
231 | ||
232 | self.assertTrue(self.ks_token_credential != | |
233 | other_ks_token_credential) | |
234 | ||
235 | def test___ne___project_domain_name(self): | |
236 | other_project_domain_name = "domain0" | |
237 | ||
238 | other_ks_token_credential = keystone_token.KeystoneToken( | |
239 | self.token, | |
240 | trust_id=self.trust_id, | |
241 | domain_id=self.domain_id, | |
242 | domain_name=self.domain_name, | |
243 | project_id=self.project_id, | |
244 | project_name=self.project_name, | |
245 | project_domain_id=self.project_domain_id, | |
246 | project_domain_name=other_project_domain_name, | |
247 | reauthenticate=self.reauthenticate) | |
248 | ||
249 | self.assertTrue(self.ks_token_credential != | |
250 | other_ks_token_credential) | |
251 | ||
252 | def test___ne___reauthenticate(self): | |
253 | other_reauthenticate = False | |
254 | ||
255 | other_ks_token_credential = keystone_token.KeystoneToken( | |
256 | self.token, | |
257 | trust_id=self.trust_id, | |
258 | domain_id=self.domain_id, | |
259 | domain_name=self.domain_name, | |
260 | project_id=self.project_id, | |
261 | project_name=self.project_name, | |
262 | project_domain_id=self.project_domain_id, | |
263 | project_domain_name=self.project_domain_name, | |
264 | reauthenticate=other_reauthenticate) | |
265 | ||
266 | self.assertTrue(self.ks_token_credential != | |
267 | other_ks_token_credential) |
0 | # Copyright (c) 2015 IBM | |
1 | # All Rights Reserved. | |
2 | # | |
3 | # Licensed under the Apache License, Version 2.0 (the "License"); you may | |
4 | # not use this file except in compliance with the License. You may obtain | |
5 | # a copy of the License at | |
6 | # | |
7 | # http://www.apache.org/licenses/LICENSE-2.0 | |
8 | # | |
9 | # Unless required by applicable law or agreed to in writing, software | |
10 | # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT | |
11 | # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the | |
12 | # License for the specific language governing permissions and limitations | |
13 | # under the License. | |
14 | ||
15 | """ | |
16 | Test cases for the password credential | |
17 | """ | |
18 | ||
19 | from castellan.common.credentials import password | |
20 | from castellan.tests import base | |
21 | ||
22 | ||
23 | class PasswordTestCase(base.TestCase): | |
24 | ||
25 | def _create_password_credential(self): | |
26 | return password.Password(self.username, | |
27 | self.password) | |
28 | ||
29 | def setUp(self): | |
30 | self.username = "admin" | |
31 | self.password = "Pa$$w0rd1" | |
32 | ||
33 | self.password_credential = self._create_password_credential() | |
34 | ||
35 | super(PasswordTestCase, self).setUp() | |
36 | ||
37 | def test_get_username(self): | |
38 | self.assertEqual(self.username, self.password_credential.username) | |
39 | ||
40 | def test_get_password(self): | |
41 | self.assertEqual(self.password, self.password_credential.password) | |
42 | ||
43 | def test___eq__(self): | |
44 | self.assertTrue(self.password_credential == self.password_credential) | |
45 | self.assertTrue(self.password_credential is self.password_credential) | |
46 | ||
47 | self.assertFalse(self.password_credential is None) | |
48 | self.assertFalse(None == self.password_credential) | |
49 | ||
50 | other_password_credential = password.Password(self.username, | |
51 | self.password) | |
52 | self.assertTrue(self.password_credential == other_password_credential) | |
53 | self.assertFalse(self.password_credential is other_password_credential) | |
54 | ||
55 | def test___ne___none(self): | |
56 | self.assertTrue(self.password_credential is not None) | |
57 | self.assertTrue(None != self.password_credential) | |
58 | ||
59 | def test___ne___username(self): | |
60 | other_username = "service" | |
61 | other_password_credential = password.Password(other_username, | |
62 | self.password) | |
63 | self.assertTrue(self.password_credential != other_password_credential) | |
64 | ||
65 | def test___ne___password(self): | |
66 | other_password = "i143Cats" | |
67 | other_password_credential = password.Password(self.username, | |
68 | other_password) | |
69 | self.assertTrue(self.password_credential != other_password_credential) |
0 | # Copyright (c) 2015 IBM | |
1 | # All Rights Reserved. | |
2 | # | |
3 | # Licensed under the Apache License, Version 2.0 (the "License"); you may | |
4 | # not use this file except in compliance with the License. You may obtain | |
5 | # a copy of the License at | |
6 | # | |
7 | # http://www.apache.org/licenses/LICENSE-2.0 | |
8 | # | |
9 | # Unless required by applicable law or agreed to in writing, software | |
10 | # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT | |
11 | # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the | |
12 | # License for the specific language governing permissions and limitations | |
13 | # under the License. | |
14 | ||
15 | """ | |
16 | Test cases for the token credential | |
17 | """ | |
18 | ||
19 | from castellan.common.credentials import token | |
20 | from castellan.tests import base | |
21 | ||
22 | ||
23 | class TokenTestCase(base.TestCase): | |
24 | ||
25 | def _create_token_credential(self): | |
26 | return token.Token(self.token) | |
27 | ||
28 | def setUp(self): | |
29 | self.token = "8a4aa147d58141c39a7a22905b90ba4e" | |
30 | self.token_credential = self._create_token_credential() | |
31 | super(TokenTestCase, self).setUp() | |
32 | ||
33 | def test_get_token(self): | |
34 | self.assertEqual(self.token, self.token_credential.token) | |
35 | ||
36 | def test___eq__(self): | |
37 | self.assertTrue(self.token_credential == self.token_credential) | |
38 | self.assertTrue(self.token_credential is self.token_credential) | |
39 | ||
40 | self.assertFalse(self.token_credential is None) | |
41 | self.assertFalse(None == self.token_credential) | |
42 | ||
43 | other_token_credential = token.Token(self.token) | |
44 | self.assertTrue(self.token_credential == other_token_credential) | |
45 | self.assertFalse(self.token_credential is other_token_credential) | |
46 | ||
47 | def test___ne___none(self): | |
48 | self.assertTrue(self.token_credential is not None) | |
49 | self.assertTrue(None != self.token_credential) | |
50 | ||
51 | def test___ne___token(self): | |
52 | other_token = "fe32af1fe47e4744a48254e60ae80012" | |
53 | other_token_credential = token.Token(other_token) | |
54 | self.assertTrue(self.token_credential != other_token_credential) |